require 'rails_helper'

describe Admin::UsersController, :type => :controller do

  before(:each) do
    activate_authlogic
    @user = SpudUserSession.create(FactoryGirl.build(:spud_user, :super_admin => true))
    @role = FactoryGirl.create(:spud_role)
    Spud::Core.admin_applications += [{:name => 'Test', :key => :test}]
    Spud::Core.permissions.push(SpudPermission.new('admin.test.full_access', 'Test', [:test]))
  end
  
  describe 'index' do
    it "should return an array of users" do
      2.times {|x| FactoryGirl.create(:spud_user) }
      get :index
      
      expect(assigns(:spud_users).count).to be > 1
    end
    
    it "should not return any users if there are no users" do
      get :index
      
      expect(assigns(:spud_users).count).to eq(1) # the currently logged in user is the only user
    end
    
    it "should not allow access to users with NO permissions" do
      SpudUserSession.create(FactoryGirl.build(:spud_user, :super_admin => false))
      get :index
      
      expect(response.code).to eq("403")
      expect(response).to render_template('layouts/admin/error_page')
    end
    
    it "should allow access to users with the correct permissions" do
      u = FactoryGirl.create(:spud_user, :super_admin => false)
      @role.permission_tags = ['admin.users.full_access']
      @role.save()
      u.role = @role
      SpudUserSession.create(u)
      get :index
      
      expect(response).to be_success
    end

    it "should not allow access to users without a role, and redirect to render error page if the user has no permissions" do
      u = FactoryGirl.create(:spud_user, :super_admin => false)
      u.role = nil
      SpudUserSession.create(u)
      get :index
      
      expect(response.code).to eq("403")
      expect(response).to render_template('layouts/admin/error_page')
    end

    it "should not allow access to users with a role that contains no permissions, and render error page if the users has no other admin modules" do
      u = FactoryGirl.create(:spud_user, :super_admin => false)
      u.role = @role
      @role.spud_role_permissions = []
      SpudUserSession.create(u)
      get :index
      
      expect(response.code).to eq("403")
      expect(response).to render_template('layouts/admin/error_page')
    end
    
    it "should not allow access to users without permission and render error page if the users has other admin modules" do
      u = FactoryGirl.create(:spud_user, :super_admin => false)
      @role.permission_tags = ['admin.test.full_access']
      u.role = @role
      SpudUserSession.create(u)
      get :index
      
      expect(response.code).to eq("403")
      expect(response).to render_template('layouts/admin/error_page')
    end
  end
  
  describe 'show' do
    it "should respond successfully" do
      user = FactoryGirl.create(:spud_user)
      get :show, :id => user.id
      expect(response).to be_success
    end
  end
  
  describe 'new' do
    it "should render the form" do
      get :new, :format => :html
      expect(response).to be_success
    end
  end
  
  describe 'create' do
    context "HTML format" do
      it "should create a new user with a valid form submission" do
        expect {
          post :create, :spud_user => FactoryGirl.attributes_for(:spud_user)
        }.to change(SpudUser, :count).by(1)
        expect(response).to be_success
      end
    
      it "should not create a user with an invalid form entry" do
        expect {
          post :create, :spud_user => FactoryGirl.attributes_for(:spud_user, :email => nil)
        }.to_not change(SpudUser, :count)
      end
    end    
  end
  
  describe 'edit' do
    context "HTML format" do
      it "should load the correct user for the edit form" do
        user = FactoryGirl.create(:spud_user)
        get :edit, :id => user.id
      
        expect(assigns(:user).id).to eq(user.id)
      end
    end
  end
  
  describe 'update' do
    it "should update the email when the first name attribute is changed" do
      user = FactoryGirl.create(:spud_user)
      new_name = "Adam"
      expect {
        put :update, :id => user.id, :spud_user => user.attributes.merge!(:first_name => new_name)
        user.reload
      }.to change(user, :first_name).to(new_name)
    end
    
    it "should redirect to the admin users show view after a successful update" do
      user = FactoryGirl.create(:spud_user)
      put :update, :id => user.id, :spud_user => user.attributes.merge!(:first_name => "Adam")
      
      expect(response).to redirect_to(admin_user_path(user))
    end
  end
  
  describe 'destroy' do
    it "should destroy the user" do
      user = FactoryGirl.create(:spud_user)
      expect {
        delete :destroy, :id => user.id
      }.to change(SpudUser, :count).by(-1)
      expect(response).to be_redirect
    end
    
    it "should destroy the user with the wrong id" do
      user = FactoryGirl.create(:spud_user)
      expect {
        delete :destroy, :id => "23532"
      }.to_not change(SpudUser, :count)
      expect(response).to be_redirect
    end
  end
end