import { api, API_CLIENT } from '../../../utils/api.ts';
import * as asserts from 'jsr:@std/assert';
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../helpers.ts';
import { generateTotp } from '@stdext/crypto/totp';

Deno.test({
	name: 'API - ROOMS - Update',
	permissions: {
		env: true,
		read: true,
		write: true,
		net: true
	},
	fn: async () => {
		let test_server_info: EPHEMERAL_SERVER | null = null;
		try {
			test_server_info = await get_ephemeral_listen_server();
			const client: API_CLIENT = api({
				prefix: '/api',
				hostname: test_server_info.hostname,
				port: test_server_info.port
			});

			const user_info = await get_new_user(client);

			await set_user_permissions(client, user_info.user, user_info.session, [...user_info.user.permissions, 'rooms.create']);

			const new_room = await client.fetch('/rooms', {
				method: 'POST',
				headers: {
					'x-session_id': user_info.session.id,
					'x-totp': await generateTotp(user_info.session.secret)
				},
				json: {
					name: 'test update room'
				}
			});

			asserts.assert(new_room);

			const other_user_info = await get_new_user(client);

			try {
				const _permission_denied_room = await client.fetch(`/rooms/${new_room.id}`, {
					method: 'PUT',
					headers: {
						'x-session_id': other_user_info.session.id,
						'x-totp': await generateTotp(other_user_info.session.secret)
					},
					json: {
						name: 'this should not be allowed'
					}
				});

				asserts.fail('allowed updating a room owned by someone else');
			} catch (error) {
				asserts.assertEquals((error as Error).cause, 'permission_denied');
			}

			const updated_by_owner_room = await client.fetch(`/rooms/${new_room.id}`, {
				method: 'PUT',
				headers: {
					'x-session_id': user_info.session.id,
					'x-totp': await generateTotp(user_info.session.secret)
				},
				json: {
					topic: 'this is a new topic',
					permissions: {
						...new_room.permissions,
						write: [...new_room.permissions.write, other_user_info.user.id]
					}
				}
			});

			asserts.assert(updated_by_owner_room);
			asserts.assertEquals(updated_by_owner_room.topic, 'this is a new topic');
			asserts.assertEquals(updated_by_owner_room.permissions.write, [user_info.user.id, other_user_info.user.id]);

			const updated_by_other_user_room = await client.fetch(`/rooms/${new_room.id}`, {
				method: 'PUT',
				headers: {
					'x-session_id': other_user_info.session.id,
					'x-totp': await generateTotp(other_user_info.session.secret)
				},
				json: {
					topic: 'this is a newer topic'
				}
			});

			asserts.assert(updated_by_other_user_room);
			asserts.assertEquals(updated_by_other_user_room.topic, 'this is a newer topic');
			asserts.assertEquals(updated_by_other_user_room.permissions.write, [user_info.user.id, other_user_info.user.id]);
		} finally {
			if (test_server_info) {
				await test_server_info?.server?.stop();
			}
		}
	}
});