<?php

namespace Tests\Feature\Comment;

use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\Feature\AuthenticatesUsers;
use Tests\TestCase;

class CommentFlowTest extends TestCase
{
    use AuthenticatesUsers;
    use RefreshDatabase;

    private function createPost(string $cookie, string $title): int
    {
        $response = $this->withCredentials()->withUnencryptedCookie('auth_token', $cookie)
            ->postJson('/api/posts', [
                'title' => $title,
                'body' => 'b',
            ]);
        $response->assertStatus(201);

        return $response->json('post.id');
    }

    public function test_anonymous_can_list_comments(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $response = $this->getJson("/api/posts/{$postId}/comments");
        $response->assertStatus(200);
        $response->assertJsonPath('comments', []);
    }

    public function test_authenticated_user_creates_comment(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $bob = $this->signupAndLogin(
            email: 'bob@example.com',
            displayName: 'bob',
            password: 'longenoughpassword',
        );
        $response = $this->withCredentials()->withUnencryptedCookie('auth_token', $bob['cookie'])
            ->postJson("/api/posts/{$postId}/comments", [
                'body' => 'nice post',
            ]);
        $response->assertStatus(201);
        $response->assertJsonPath('comment.body', 'nice post');
        $response->assertJsonPath('comment.authorDisplayName', 'bob');
    }

    public function test_anonymous_cannot_create_comment(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $this->resetClientState();
        $this->postJson("/api/posts/{$postId}/comments", [
            'body' => 'hi',
        ])->assertStatus(401);
    }

    public function test_create_on_missing_post_returns_404(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $this->withCredentials()->withUnencryptedCookie('auth_token', $alice['cookie'])
            ->postJson('/api/posts/9999/comments', [
                'body' => 'hi',
            ])->assertStatus(404);
    }

    public function test_author_deletes_own_comment(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $bob = $this->signupAndLogin(
            email: 'bob@example.com',
            displayName: 'bob',
            password: 'longenoughpassword',
        );
        $createResponse = $this->withCredentials()->withUnencryptedCookie('auth_token', $bob['cookie'])
            ->postJson("/api/posts/{$postId}/comments", [
                'body' => 'nice',
            ]);
        $commentId = $createResponse->json('comment.id');

        $this->withCredentials()->withUnencryptedCookie('auth_token', $bob['cookie'])
            ->deleteJson("/api/comments/{$commentId}")
            ->assertStatus(204);
    }

    public function test_other_user_cannot_delete_comment(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $bob = $this->signupAndLogin(
            email: 'bob@example.com',
            displayName: 'bob',
            password: 'longenoughpassword',
        );
        $createResponse = $this->withCredentials()->withUnencryptedCookie('auth_token', $bob['cookie'])
            ->postJson("/api/posts/{$postId}/comments", [
                'body' => 'nice',
            ]);
        $commentId = $createResponse->json('comment.id');

        $this->withCredentials()->withUnencryptedCookie('auth_token', $alice['cookie'])
            ->deleteJson("/api/comments/{$commentId}")
            ->assertStatus(403);
    }

    public function test_admin_deletes_any_comment(): void
    {
        $alice = $this->signupAndLogin(
            email: 'alice@example.com',
            displayName: 'alice',
            password: 'longenoughpassword',
        );
        $postId = $this->createPost($alice['cookie'], 'P1');

        $bob = $this->signupAndLogin(
            email: 'bob@example.com',
            displayName: 'bob',
            password: 'longenoughpassword',
        );
        $createResponse = $this->withCredentials()->withUnencryptedCookie('auth_token', $bob['cookie'])
            ->postJson("/api/posts/{$postId}/comments", [
                'body' => 'nice',
            ]);
        $commentId = $createResponse->json('comment.id');

        $this->promoteToAdmin($alice['user']->getId());
        $loginResponse = $this->postJson('/api/login', [
            'email' => 'alice@example.com',
            'password' => 'longenoughpassword',
        ]);
        $aliceCookie = $loginResponse->getCookie('auth_token', false);

        $this->withCredentials()->withUnencryptedCookie('auth_token', $aliceCookie->getValue())
            ->deleteJson("/api/comments/{$commentId}")
            ->assertStatus(204);
    }
}