<?php

use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\DB;

uses(RefreshDatabase::class);

it('admin can open username moderation page', function () {
    $admin = User::factory()->create(['role' => 'admin']);

    $this->actingAs($admin)
        ->get('/admin/usernames/moderation')
        ->assertOk();
});

it('non-admin cannot open username moderation page', function () {
    $user = User::factory()->create(['role' => 'user']);

    $this->actingAs($user)
        ->get('/admin/usernames/moderation')
        ->assertStatus(403);
});

it('queues similarity-flagged onboarding username for manual approval', function () {
    $user = User::factory()->create([
        'onboarding_step' => 'password',
    ]);

    $response = $this->actingAs($user)->from('/setup/username')->post('/setup/username', [
        'username' => 'admin1',
    ]);

    $response->assertSessionHasErrors('username');

    $this->assertDatabaseHas('username_approval_requests', [
        'user_id' => $user->id,
        'requested_username' => 'admin1',
        'context' => 'onboarding_username',
        'status' => 'pending',
    ]);
});

it('admin can approve queued onboarding username and allow retry', function () {
    $admin = User::factory()->create(['role' => 'admin']);
    $user = User::factory()->create([
        'onboarding_step' => 'password',
        'username' => 'before_approval',
    ]);

    $this->actingAs($user)->post('/setup/username', [
        'username' => 'support1',
    ])->assertSessionHasErrors('username');

    $requestId = (int) DB::table('username_approval_requests')
        ->where('user_id', $user->id)
        ->where('requested_username', 'support1')
        ->where('context', 'onboarding_username')
        ->where('status', 'pending')
        ->value('id');

    $this->actingAs($admin)
        ->postJson("/api/admin/usernames/{$requestId}/approve", ['note' => 'Allowed'])
        ->assertOk()
        ->assertJsonFragment(['status' => 'approved']);

    $response = $this->actingAs($user)->post('/setup/username', [
        'username' => 'support1',
    ]);

    $response->assertRedirect('/@support1');
    $this->assertDatabaseHas('users', [
        'id' => $user->id,
        'username' => 'support1',
        'onboarding_step' => 'complete',
    ]);
});

it('approving profile-update request applies the username rename', function () {
    $admin = User::factory()->create(['role' => 'moderator']);
    $user = User::factory()->create([
        'username' => 'old_name',
        'username_changed_at' => now()->subDays(120),
    ]);

    $this->actingAs($user)
        ->patch('/profile', [
            'username' => 'admin1',
            'name' => $user->name,
            'email' => $user->email,
        ])
        ->assertSessionHasErrors('username');

    $requestId = (int) DB::table('username_approval_requests')
        ->where('user_id', $user->id)
        ->where('requested_username', 'admin1')
        ->where('context', 'profile_update')
        ->where('status', 'pending')
        ->value('id');

    $this->actingAs($admin)
        ->postJson("/api/admin/usernames/{$requestId}/approve")
        ->assertOk()
        ->assertJsonFragment(['status' => 'approved']);

    $this->assertDatabaseHas('users', [
        'id' => $user->id,
        'username' => 'admin1',
    ]);

    $this->assertDatabaseHas('username_history', [
        'user_id' => $user->id,
        'old_username' => 'old_name',
    ]);
});