package e2e

// TestUserRegistrationFlow tests the complete user registration flow.
func (s *E2ETestSuite) TestUserRegistrationFlow() {
	mutation := `
		mutation Register($input: RegisterInput!) {
			register(input: $input) {
				token
				user {
					id
					username
					email
					role
				}
			}
		}
	`

	variables := map[string]interface{}{
		"input": map[string]interface{}{
			"username":  "newuser",
			"email":     "newuser@test.com",
			"password":  "password123",
			"firstName": "New",
			"lastName":  "User",
		},
	}

	resp := s.executeGraphQL(mutation, variables, "")
	s.Require().NotNil(resp)
	s.Require().NotNil(resp["data"])
	s.Require().Nil(resp["errors"])

	register := resp["data"].(map[string]interface{})["register"].(map[string]interface{})
	token := register["token"].(string)
	s.NotEmpty(token)

	user := register["user"].(map[string]interface{})
	s.Equal("newuser", user["username"])
	s.Equal("newuser@test.com", user["email"])
	s.Equal("READER", user["role"])

	var count int64
	s.DB.Table("users").Where("username = ?", "newuser").Count(&count)
	s.Equal(int64(1), count)
}

// TestUserLoginFlow tests login and authenticated "me" query.
func (s *E2ETestSuite) TestUserLoginFlow() {
	mutation := `
		mutation Login($input: LoginInput!) {
			login(input: $input) {
				token
				user { id username email role }
			}
		}
	`
	variables := map[string]interface{}{
		"input": map[string]interface{}{
			"email":    "admin@tercul.com",
			"password": "admin123",
		},
	}

	resp := s.executeGraphQL(mutation, variables, "")
	s.Require().NotNil(resp["data"])
	s.Require().Nil(resp["errors"])

	login := resp["data"].(map[string]interface{})["login"].(map[string]interface{})
	token := login["token"].(string)
	s.NotEmpty(token)

	meQuery := `query { me { id username email role } }`
	meResp := s.executeGraphQL(meQuery, nil, token)
	s.Require().NotNil(meResp["data"])
	s.Require().Nil(meResp["errors"])

	me := meResp["data"].(map[string]interface{})["me"].(map[string]interface{})
	s.Equal("admin", me["username"])
	s.Equal("admin@tercul.com", me["email"])
	s.Equal("ADMIN", me["role"])
}

// TestInvalidCredentials tests login failure with incorrect password.
func (s *E2ETestSuite) TestInvalidCredentials() {
	mutation := `
		mutation Login($input: LoginInput!) {
			login(input: $input) {
				token
			}
		}
	`
	variables := map[string]interface{}{
		"input": map[string]interface{}{
			"email":    "admin@tercul.com",
			"password": "wrongpassword",
		},
	}

	resp := s.executeGraphQL(mutation, variables, "")
	s.Require().NotNil(resp)
	s.Require().NotNil(resp["errors"], "expected GraphQL errors")
}

// TestUnauthenticatedAccess tests that "me" requires authentication.
func (s *E2ETestSuite) TestUnauthenticatedAccess() {
	query := `query { me { id username } }`
	resp := s.executeGraphQL(query, nil, "")
	s.Require().NotNil(resp)
	s.Require().NotNil(resp["errors"], "expected authentication error")
}