<?php

namespace Tests\Feature\Admin;

use App\Models\Role;
use App\Models\User;
use Database\Seeders\RoleSeeder;
use Database\Seeders\PermissionSeeder;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;

class RoleManagementTest extends TestCase
{
    use RefreshDatabase;

    protected User $admin;

    protected function setUp(): void
    {
        parent::setUp();
        $this->seed(PermissionSeeder::class);
        $this->seed(RoleSeeder::class);
        $this->admin = User::factory()->create();
        $this->admin->roles()->attach(Role::where('slug', 'admin')->first());
    }

    public function test_admin_can_view_roles_index(): void
    {
        $response = $this->actingAs($this->admin)->get('/loom/roles');

        $response->assertStatus(200);
        $response->assertSee('Admin');
        $response->assertSee('Editor');
    }

    public function test_admin_has_all_permissions(): void
    {
        $adminRole = Role::where('slug', 'admin')->first();
        // Admin role itself should have 0 permissions in DB now, as it's hardcoded in User model/middleware
        $this->assertEquals(0, $adminRole->permissions()->count());

        // But the admin user should have all permissions
        $this->assertTrue($this->admin->hasPermission('upload-themes'));
        $this->assertTrue($this->admin->hasPermission('upload-media'));
        $this->assertTrue($this->admin->hasPermission('non-existent-permission-should-also-be-true-for-admin'));
    }

    public function test_editor_has_default_permissions(): void
    {
        $editor = Role::where('slug', 'editor')->first();
        $this->assertTrue($editor->permissions->contains('slug', 'view-pages'));
        $this->assertFalse($editor->permissions->contains('slug', 'view-users'));
        $this->assertFalse($editor->permissions->contains('slug', 'delete-users'));
    }

    public function test_author_has_default_permissions(): void
    {
        $author = Role::where('slug', 'author')->first();
        $this->assertTrue($author->permissions->contains('slug', 'view-pages'));
        $this->assertFalse($author->permissions->contains('slug', 'view-users'));
    }

    public function test_admin_can_create_role(): void
    {
        $response = $this->actingAs($this->admin)->post('/loom/roles', [
            'name' => 'Test Role',
            'slug' => 'test-role',
            'description' => 'A test role description',
        ]);

        $response->assertRedirect('/loom/roles');
        $this->assertDatabaseHas('roles', ['slug' => 'test-role']);
    }

    public function test_admin_can_update_role(): void
    {
        $role = Role::create([
            'name' => 'Old Name',
            'slug' => 'old-slug',
            'is_protected' => false,
        ]);

        $response = $this->actingAs($this->admin)->put("/loom/roles/{$role->id}", [
            'name' => 'New Name',
            'slug' => 'new-slug',
            'description' => 'Updated description',
        ]);

        $response->assertRedirect('/loom/roles');
        $this->assertDatabaseHas('roles', [
            'id' => $role->id,
            'name' => 'New Name',
            'slug' => 'new-slug',
        ]);
    }

    public function test_admin_cannot_update_protected_role(): void
    {
        $role = Role::where('slug', 'admin')->first();

        $response = $this->actingAs($this->admin)->put("/loom/roles/{$role->id}", [
            'name' => 'New Admin Name',
            'slug' => 'new-admin-slug',
        ]);

        $response->assertSessionHasErrors();
        $this->assertDatabaseHas('roles', [
            'id' => $role->id,
            'slug' => 'admin',
        ]);
    }

    public function test_admin_can_delete_role(): void
    {
        $role = Role::create([
            'name' => 'Delete Me',
            'slug' => 'delete-me',
            'is_protected' => false,
        ]);

        $response = $this->actingAs($this->admin)->delete("/loom/roles/{$role->id}");

        $response->assertRedirect('/loom/roles');
        $this->assertDatabaseMissing('roles', ['id' => $role->id]);
    }

    public function test_admin_cannot_delete_protected_role(): void
    {
        $role = Role::where('slug', 'admin')->first();

        $response = $this->actingAs($this->admin)->delete("/loom/roles/{$role->id}");

        $response->assertSessionHasErrors();
        $this->assertDatabaseHas('roles', ['id' => $role->id]);
    }

    public function test_admin_can_toggle_permission_via_ajax(): void
    {
        $role = Role::create([
            'name' => 'Custom Editor',
            'slug' => 'custom-editor-test',
            'is_protected' => false,
        ]);

        $permission = \App\Models\Permission::create([
            'name' => 'Test Permission',
            'slug' => 'test-permission',
            'resource' => 'test',
            'action' => 'view',
        ]);

        // Grant permission
        $response = $this->actingAs($this->admin)
            ->postJson("/loom/roles/{$role->id}/permissions", [
                'permission_id' => $permission->id,
                'active' => 'on',
            ]);

        $response->assertStatus(200);
        $response->assertJsonPath('success', true);
        $this->assertTrue($role->fresh()->permissions->contains($permission->id));

        // Revoke permission
        $response = $this->actingAs($this->admin)
            ->postJson("/loom/roles/{$role->id}/permissions", [
                'permission_id' => $permission->id,
            ]);

        $response->assertStatus(200);
        $response->assertJsonPath('success', true);
        $this->assertFalse($role->fresh()->permissions->contains($permission->id));
    }
}