# frozen_string_literal: true
require 'test_helper'

class UserPolicyTest < PolicyAssertions::Test
  test 'should require current_user' do
    assert_raise Pundit::NotAuthorizedError do
      UserPolicy.new(nil, User.first).view?
    end
  end

  test 'should allow admin to scope' do
    scope = UserPolicy::Scope.new(users(:admin), User).resolve
    assert_equal User.count, scope.count
  end

  test 'non admins can only scope themselves' do
    %i(manager reviewer recruiter).each do |role|
      scope = UserPolicy::Scope.new(users(role), User).resolve
      assert_equal 1, scope.count, "Scope did not have 1 result for #{role}"
      assert_equal users(role), scope.first, "Scope did not contain self for #{role}"
    end
  end

  # view?
  test 'admin can view any user role' do
    assert_permit users(:admin), users(:admin), 'view?'
    assert_permit users(:admin), users(:manager), 'view?'
    assert_permit users(:admin), users(:reviewer), 'view?'
    assert_permit users(:admin), users(:recruiter), 'view?'
  end

  test 'manager can only view herself' do
    assert_permit users(:manager), users(:manager), 'view?'

    refute_permit users(:manager), users(:admin), 'view?'
    refute_permit users(:manager), users(:reviewer), 'view?'
    refute_permit users(:manager), users(:recruiter), 'view?'
  end

  test 'reviewer can only view herself' do
    assert_permit users(:reviewer), users(:reviewer), 'view?'

    refute_permit users(:reviewer), users(:admin), 'view?'
    refute_permit users(:reviewer), users(:manager), 'view?'
    refute_permit users(:reviewer), users(:recruiter), 'view?'
  end

  test 'recruiter can only view herself' do
    assert_permit users(:recruiter), users(:recruiter), 'view?'

    refute_permit users(:recruiter), users(:admin), 'view?'
    refute_permit users(:recruiter), users(:manager), 'view?'
    refute_permit users(:recruiter), users(:reviewer), 'view?'
  end

  # update?
  test 'admin can update any user role' do
    assert_permit users(:admin), users(:admin), 'update?'
    assert_permit users(:admin), users(:manager), 'update?'
    assert_permit users(:admin), users(:reviewer), 'update?'
    assert_permit users(:admin), users(:recruiter), 'update?'
  end

  test 'manager can only update herself' do
    assert_permit users(:manager), users(:manager), 'update?'

    refute_permit users(:manager), users(:admin), 'update?'
    refute_permit users(:manager), users(:reviewer), 'update?'
    refute_permit users(:manager), users(:recruiter), 'update?'
  end

  test 'reupdateer can only update herself' do
    assert_permit users(:reviewer), users(:reviewer), 'update?'

    refute_permit users(:reviewer), users(:admin), 'update?'
    refute_permit users(:reviewer), users(:manager), 'update?'
    refute_permit users(:reviewer), users(:recruiter), 'update?'
  end

  test 'recruiter can only update herself' do
    assert_permit users(:recruiter), users(:recruiter), 'update?'

    refute_permit users(:recruiter), users(:admin), 'update?'
    refute_permit users(:recruiter), users(:manager), 'update?'
    refute_permit users(:recruiter), users(:reviewer), 'update?'
  end

  # create
  test 'only admin can create users' do
    assert_permit users(:admin), User, 'create?'

    refute_permit users(:manager), User, 'create?'
    refute_permit users(:reviewer), User, 'create?'
    refute_permit users(:recruiter), User, 'create?'
  end
end