'use strict';

const assert = require('assert');
const nconf = require('nconf');
const request = require('request-promise-native');
const db = require('./mocks/databasemock');

const user = require('../src/user');
const groups = require('../src/groups');
const utils = require('../src/utils');

const helpers = require('./helpers');

describe('Middlewares', () => {
	describe('expose', () => {
		let adminUid;

		before(async () => {
			adminUid = await user.create({ username: 'admin', password: '123456' });
			await groups.join('administrators', adminUid);
		});

		it('should expose res.locals.isAdmin = false', (done) => {
			const middleware = require('../src/middleware');
			const resMock = { locals: {} };
			middleware.exposeAdmin({}, resMock, () => {
				assert.strictEqual(resMock.locals.isAdmin, false);
				done();
			});
		});

		it('should expose res.locals.isAdmin = true', (done) => {
			const middleware = require('../src/middleware');
			const reqMock = { user: { uid: adminUid } };
			const resMock = { locals: {} };
			middleware.exposeAdmin(reqMock, resMock, () => {
				assert.strictEqual(resMock.locals.isAdmin, true);
				done();
			});
		});

		it('should expose privileges in res.locals.privileges and isSelf=true', (done) => {
			const middleware = require('../src/middleware');
			const reqMock = { user: { uid: adminUid }, params: { uid: adminUid } };
			const resMock = { locals: {} };
			middleware.exposePrivileges(reqMock, resMock, () => {
				assert(resMock.locals.privileges);
				assert.strictEqual(resMock.locals.privileges.isAdmin, true);
				assert.strictEqual(resMock.locals.privileges.isGmod, false);
				assert.strictEqual(resMock.locals.privileges.isPrivileged, true);
				assert.strictEqual(resMock.locals.privileges.isSelf, true);
				done();
			});
		});

		it('should expose privileges in res.locals.privileges and isSelf=false', (done) => {
			const middleware = require('../src/middleware');
			const reqMock = { user: { uid: 0 }, params: { uid: adminUid } };
			const resMock = { locals: {} };
			middleware.exposePrivileges(reqMock, resMock, () => {
				assert(resMock.locals.privileges);
				assert.strictEqual(resMock.locals.privileges.isAdmin, false);
				assert.strictEqual(resMock.locals.privileges.isGmod, false);
				assert.strictEqual(resMock.locals.privileges.isPrivileged, false);
				assert.strictEqual(resMock.locals.privileges.isSelf, false);
				done();
			});
		});

		it('should expose privilege set', (done) => {
			const middleware = require('../src/middleware');
			const reqMock = { user: { uid: adminUid } };
			const resMock = { locals: {} };
			middleware.exposePrivilegeSet(reqMock, resMock, () => {
				assert(resMock.locals.privileges);
				assert.deepStrictEqual(resMock.locals.privileges, {
					chat: true,
					'upload:post:image': true,
					'upload:post:file': true,
					signature: true,
					invite: true,
					'group:create': true,
					'search:content': true,
					'search:users': true,
					'search:tags': true,
					'view:users': true,
					'view:tags': true,
					'view:groups': true,
					'local:login': true,
					ban: true,
					mute: true,
					'view:users:info': true,
					'admin:dashboard': true,
					'admin:categories': true,
					'admin:privileges': true,
					'admin:admins-mods': true,
					'admin:users': true,
					'admin:groups': true,
					'admin:tags': true,
					'admin:settings': true,
					superadmin: true,
				});
				done();
			});
		});
	});

	describe('cache-control header', () => {
		let uid;
		let jar;

		before(async () => {
			uid = await user.create({ username: 'testuser', password: '123456' });
			({ jar } = await helpers.loginUser('testuser', '123456'));
		});

		it('should be absent on non-existent routes, for guests', async () => {
			const res = await request(`${nconf.get('url')}/${utils.generateUUID()}`, {
				simple: false,
				resolveWithFullResponse: true,
			});

			assert.strictEqual(res.statusCode, 404);
			assert(!Object.keys(res.headers).includes('cache-control'));
		});

		it('should be set to "private" on non-existent routes, for logged in users', async () => {
			const res = await request(`${nconf.get('url')}/${utils.generateUUID()}`, {
				simple: false,
				resolveWithFullResponse: true,
				jar,
			});

			assert.strictEqual(res.statusCode, 404);
			assert(Object.keys(res.headers).includes('cache-control'));
			assert.strictEqual(res.headers['cache-control'], 'private');
		});

		it('should be absent on regular routes, for guests', async () => {
			const res = await request(nconf.get('url'), {
				simple: false,
				resolveWithFullResponse: true,
			});

			assert.strictEqual(res.statusCode, 200);
			assert(!Object.keys(res.headers).includes('cache-control'));
		});

		it('should be absent on api routes, for guests', async () => {
			const res = await request(`${nconf.get('url')}/api`, {
				simple: false,
				resolveWithFullResponse: true,
			});

			assert.strictEqual(res.statusCode, 200);
			assert(!Object.keys(res.headers).includes('cache-control'));
		});

		it('should be set to "private" on regular routes, for logged-in users', async () => {
			const res = await request(nconf.get('url'), {
				simple: false,
				resolveWithFullResponse: true,
				jar,
			});

			assert.strictEqual(res.statusCode, 200);
			assert(Object.keys(res.headers).includes('cache-control'));
			assert.strictEqual(res.headers['cache-control'], 'private');
		});

		it('should be set to "private" on api routes, for logged-in users', async () => {
			const res = await request(`${nconf.get('url')}/api`, {
				simple: false,
				resolveWithFullResponse: true,
				jar,
			});

			assert.strictEqual(res.statusCode, 200);
			assert(Object.keys(res.headers).includes('cache-control'));
			assert.strictEqual(res.headers['cache-control'], 'private');
		});

		it('should be set to "private" on apiv3 routes, for logged-in users', async () => {
			const res = await request(`${nconf.get('url')}/api/v3/users/${uid}`, {
				simple: false,
				resolveWithFullResponse: true,
				jar,
			});

			assert.strictEqual(res.statusCode, 200);
			assert(Object.keys(res.headers).includes('cache-control'));
			assert.strictEqual(res.headers['cache-control'], 'private');
		});
	});
});