<?php

use App\Models\Role;
use App\Models\User;
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Facades\Storage;
use Laravel\Sanctum\Sanctum;

it('requires authentication for avatar upload', function (): void {
    $response = $this->postJson('/api/user/avatar', [
        'file' => UploadedFile::fake()->image('avatar.jpg', 100, 100),
    ]);

    $response->assertStatus(401);
});

it('uploads avatars for authenticated users', function (): void {
    Storage::fake('public');

    $user = User::factory()->create();
    Sanctum::actingAs($user);

    $response = $this->postJson('/api/user/avatar', [
        'file' => UploadedFile::fake()->image('avatar.jpg', 100, 100),
    ]);

    $response->assertOk();
    $path = $response->json('path');

    Storage::disk('public')->assertExists($path);
});

it('replaces existing avatar when uploading a new one', function (): void {
    Storage::fake('public');

    $user = User::factory()->create([
        'avatar_path' => 'avatars/old.png',
    ]);
    Storage::disk('public')->put('avatars/old.png', 'old');

    Sanctum::actingAs($user);
    $response = $this->postJson('/api/user/avatar', [
        'file' => UploadedFile::fake()->image('avatar.jpg', 100, 100),
    ]);

    $response->assertOk();
    Storage::disk('public')->assertMissing('avatars/old.png');
});

it('forbids logo uploads for non-admins', function (): void {
    Storage::fake('public');

    $user = User::factory()->create();
    Sanctum::actingAs($user);

    $response = $this->postJson('/api/uploads/logo', [
        'file' => UploadedFile::fake()->image('logo.png', 200, 200),
    ]);

    $response->assertStatus(403);
});

it('forbids favicon uploads for non-admins', function (): void {
    Storage::fake('public');

    $user = User::factory()->create();
    Sanctum::actingAs($user);

    $response = $this->postJson('/api/uploads/favicon', [
        'file' => UploadedFile::fake()->image('favicon.png', 32, 32),
    ]);

    $response->assertStatus(403);
});

it('uploads logos and favicons as admin', function (): void {
    Storage::fake('public');

    $admin = User::factory()->create();
    $role = Role::firstOrCreate(['name' => 'ROLE_ADMIN'], ['color' => '#111111']);
    $admin->roles()->attach($role);

    Sanctum::actingAs($admin);
    $logo = $this->postJson('/api/uploads/logo', [
        'file' => UploadedFile::fake()->image('logo.png', 200, 200),
    ]);

    $logo->assertOk();
    Storage::disk('public')->assertExists($logo->json('path'));

    $favicon = $this->postJson('/api/uploads/favicon', [
        'file' => UploadedFile::fake()->image('favicon.png', 32, 32),
    ]);

    $favicon->assertOk();
    Storage::disk('public')->assertExists($favicon->json('path'));
});