<?php

namespace Tests\Feature\Admin;

use App\Models\User;
use App\Models\Role;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Hash;
use Tests\TestCase;

class ProfileManagementTest extends TestCase
{
    use RefreshDatabase;

    protected function setUp(): void
    {
        parent::setUp();

        // Seed permissions and roles
        $this->artisan('db:seed', ['--class' => 'PermissionSeeder']);
        $this->artisan('db:seed', ['--class' => 'RoleSeeder']);
    }

    public function test_profile_page_is_accessible_to_authenticated_users()
    {
        $user = User::factory()->create();
        $user->roles()->attach(Role::where('slug', 'editor')->first());

        $response = $this->actingAs($user)->get(route('admin.profile.edit'));

        $response->assertStatus(200);
        $response->assertSee('data-component="Profile"', false);
    }

    public function test_user_can_update_profile_information()
    {
        $user = User::factory()->create([
            'name' => 'Old Name',
            'email' => 'old@example.test',
        ]);
        $user->roles()->attach(Role::where('slug', 'editor')->first());

        $response = $this->actingAs($user)->put(route('admin.profile.update'), [
            'name' => 'New Name',
            'email' => 'new@example.test',
        ]);

        $response->assertRedirect(route('admin.profile.edit'));
        $this->assertDatabaseHas('users', [
            'id' => $user->id,
            'name' => 'New Name',
            'email' => 'new@example.test',
        ]);
    }

    public function test_user_can_update_password()
    {
        $user = User::factory()->create([
            'password' => Hash::make('old-password'),
        ]);
        $user->roles()->attach(Role::where('slug', 'editor')->first());

        $response = $this->actingAs($user)->put(route('admin.profile.update'), [
            'name' => $user->name,
            'email' => $user->email,
            'current_password' => 'old-password',
            'new_password' => 'new-secure-password',
            'new_password_confirmation' => 'new-secure-password',
        ]);

        $response->assertRedirect(route('admin.profile.edit'));
        $this->assertTrue(Hash::check('new-secure-password', $user->fresh()->password));
    }

    public function test_protected_user_cannot_update_email()
    {
        $user = User::factory()->create([
            'name' => 'Admin User',
            'email' => 'admin@example.test',
            'is_protected' => true,
        ]);
        $user->roles()->attach(Role::where('slug', 'admin')->first());

        $response = $this->actingAs($user)->put(route('admin.profile.update'), [
            'name' => 'Changed Name',
            'email' => 'changed@example.test',
        ]);

        $response->assertSessionHasErrors(['error']);
        $this->assertEquals('admin@example.test', $user->fresh()->email);
    }

    public function test_protected_user_can_update_name_with_same_email()
    {
        $user = User::factory()->create([
            'name' => 'Admin User',
            'email' => 'admin@example.test',
            'is_protected' => true,
        ]);
        $user->roles()->attach(Role::where('slug', 'admin')->first());

        $response = $this->actingAs($user)->put(route('admin.profile.update'), [
            'name' => 'Lead Admin',
            'email' => 'admin@example.test', // Simulating readonly field sent back
        ]);

        $response->assertRedirect(route('admin.profile.edit'));
        $this->assertDatabaseHas('users', [
            'id' => $user->id,
            'name' => 'Lead Admin',
            'email' => 'admin@example.test',
        ]);
    }
}