const chai = require('chai');
const chaiHttp = require('chai-http');
const express = require('express');
import { SetupApp } from '../../../app';
import * as helpers from './helpers';

async function init() {
    chai.use(chaiHttp);
    const app = express();
    const knex = await helpers.initTestDB();

    SetupApp(app, knex, '');

    // Login as a test user.
    var agent = chai.request.agent(app);
    return agent;
}

describe('Auth registration password and email constraints', () => {
    it('are enforced', async done => {
        let req = await init();
        try {
            await helpers.createUser(req, "someone", "password1A!", 400); //no valid email
            await helpers.createUser(req, "someone@email.com", "password1A", 400); //no special char
            await helpers.createUser(req, "someone@email.com", "password1!", 400); //no capital letter
            await helpers.createUser(req, "someone@email.com", "passwordA!", 400); //no number
            await helpers.createUser(req, "someone@email.com", "Ϭassword1A!", 400); //non-ASCII in password
            await helpers.createUser(req, "Ϭomeone@email.com", "password1A!", 400); //non-ASCII in email
            await helpers.createUser(req, "someone@email.com", "pass1A!", 400); //password too short
            await helpers.createUser(req, "someone@email.com", "password1A!", 200);
        } finally {
            req.close();
            done();
        }
    });
});

describe('Auth login access for users', () => {
    it('is correctly enforced', async done => {
        let req = await init();
        try {
            await helpers.createUser(req, "someone@email.com", "password1A!", 200);
            await helpers.createUser(req, "someoneelse@other.com", "password2B!", 200);
            await helpers.login(req, "someone@email.com", "password2B!", 401);
            await helpers.login(req, "someoneelse@other.com", "password1A!", 401);
            await helpers.login(req, "someone@email.com", "password1A!", 200);
            await helpers.login(req, "someoneelse@other.com", "password2B!", 200);
        } finally {
            req.close();
            done();
        }
    });
});

describe('Auth access to objects', () => {
    it('is only possible when logged in', async done => {
        let req = await init();
        try {
            await helpers.createUser(req, "someone@email.com", "password1A!", 200);
            await helpers.login(req, "someone@email.com", "password1A!", 200);

            await helpers.createTag(req, { name: "Tag1" }, 200, { id: 1 });
            await helpers.createArtist(req, { name: "Artist1" }, 200, { id: 1} );
            await helpers.createAlbum(req, { name: "Album1" }, 200, { id: 1 });
            await helpers.createSong(req, { title: "Song1" }, 200, { id: 1 });

            await helpers.checkTag(req, 1, 200);
            await helpers.checkAlbum(req, 1, 200);
            await helpers.checkArtist(req, 1, 200);
            await helpers.checkSong(req, 1, 200);

            await helpers.logout(req, 200);

            await helpers.checkTag(req, 1, 401);
            await helpers.checkAlbum(req, 1, 401);
            await helpers.checkArtist(req, 1, 401);
            await helpers.checkSong(req, 1, 401);
        } finally {
            req.close();
            done();
        }
    });
});

describe('Auth access to user objects', () => {
    it('is restricted to each user', async done => {
        let req = await init();
        try {
            await helpers.createUser(req, "someone@email.com", "password1A!", 200);
            await helpers.createUser(req, "someoneelse@other.com", "password2B!", 200);
            
            await helpers.login(req, "someone@email.com", "password1A!", 200);
            await helpers.createTag(req, { name: "Tag1" }, 200, { id: 1 });
            await helpers.createArtist(req, { name: "Artist1" }, 200, { id: 1} );
            await helpers.createAlbum(req, { name: "Album1" }, 200, { id: 1 });
            await helpers.createSong(req, { title: "Song1" }, 200, { id: 1 });
            await helpers.logout(req, 200);

            await helpers.login(req, "someoneelse@other.com", "password2B!", 200);
            await helpers.createTag(req, { name: "Tag2" }, 200, { id: 2 });
            await helpers.createArtist(req, { name: "Artist2" }, 200, { id: 2 } );
            await helpers.createAlbum(req, { name: "Album2" }, 200, { id: 2 });
            await helpers.createSong(req, { title: "Song2" }, 200, { id: 2 });
            await helpers.logout(req, 200);

            await helpers.login(req, "someone@email.com", "password1A!", 200);
            await helpers.checkTag(req, 2, 404);
            await helpers.checkAlbum(req, 2, 404);
            await helpers.checkArtist(req, 2, 404);
            await helpers.checkSong(req, 2, 404);
            await helpers.checkTag(req, 1, 200);
            await helpers.checkAlbum(req, 1, 200);
            await helpers.checkArtist(req, 1, 200);
            await helpers.checkSong(req, 1, 200);
            await helpers.logout(req, 200);

            await helpers.login(req, "someoneelse@other.com", "password2B!", 200);
            await helpers.checkTag(req, 1, 404);
            await helpers.checkAlbum(req, 1, 404);
            await helpers.checkArtist(req, 1, 404);
            await helpers.checkSong(req, 1, 404);
            await helpers.checkTag(req, 2, 200);
            await helpers.checkAlbum(req, 2, 200);
            await helpers.checkArtist(req, 2, 200);
            await helpers.checkSong(req, 2, 200);
            await helpers.logout(req, 200);
        } finally {
            req.close();
            done();
        }
    });
});