import { describe, it, expect } from 'vitest'
import { requireAuth } from '../../server/utils/authHelpers.js'

function mockEvent(user = null) {
  return { context: { user } }
}

describe('authHelpers', () => {
  it('requireAuth throws 401 when no user', () => {
    const event = mockEvent()
    expect(() => requireAuth(event)).toThrow()
    try {
      requireAuth(event)
    }
    catch (e) {
      expect(e.statusCode).toBe(401)
    }
  })

  it('requireAuth returns user when set', () => {
    const user = { id: '1', identifier: 'a@b.com', role: 'member' }
    const event = mockEvent(user)
    expect(requireAuth(event)).toEqual(user)
  })

  it('requireAuth with adminOrLeader throws 403 for member', () => {
    const event = mockEvent({ id: '1', identifier: 'a', role: 'member' })
    expect(() => requireAuth(event, { role: 'adminOrLeader' })).toThrow()
    try {
      requireAuth(event, { role: 'adminOrLeader' })
    }
    catch (e) {
      expect(e.statusCode).toBe(403)
    }
  })

  it('requireAuth with adminOrLeader returns user for admin', () => {
    const user = { id: '1', identifier: 'a', role: 'admin' }
    expect(requireAuth(mockEvent(user), { role: 'adminOrLeader' })).toEqual(user)
  })

  it('requireAuth with adminOrLeader returns user for leader', () => {
    const user = { id: '1', identifier: 'a', role: 'leader' }
    expect(requireAuth(mockEvent(user), { role: 'adminOrLeader' })).toEqual(user)
  })

  it('requireAuth with admin throws 403 for leader', () => {
    const event = mockEvent({ id: '1', identifier: 'a', role: 'leader' })
    try {
      requireAuth(event, { role: 'admin' })
    }
    catch (e) {
      expect(e.statusCode).toBe(403)
    }
  })

  it('requireAuth with admin returns user for admin', () => {
    const user = { id: '1', identifier: 'a', role: 'admin' }
    expect(requireAuth(mockEvent(user), { role: 'admin' })).toEqual(user)
  })
})