defmodule SilmataivasWeb.AdminOnlyTest do
  use SilmataivasWeb.ConnCase

  import Silmataivas.UsersFixtures

  alias SilmataivasWeb.Plugs.AdminOnly

  describe "admin_only plug" do
    test "allows admin users to access protected routes", %{conn: conn} do
      # Create an admin user
      admin = user_fixture(%{role: "admin"})

      # Set up the connection with the admin user
      conn =
        conn
        |> assign(:current_user, admin)
        |> AdminOnly.call(%{})

      # Verify the connection is allowed to continue
      refute conn.halted
    end

    test "rejects non-admin users from accessing protected routes", %{conn: conn} do
      # Create a regular user
      regular_user = user_fixture(%{role: "user"})

      # Set up the connection with the regular user
      conn =
        conn
        |> assign(:current_user, regular_user)
        |> AdminOnly.call(%{})

      # Verify the connection is halted
      assert conn.halted
      assert conn.status == 403
      assert conn.resp_body == "Forbidden"
    end

    test "rejects unauthenticated requests from accessing protected routes", %{conn: conn} do
      # Set up the connection with no user
      conn = AdminOnly.call(conn, %{})

      # Verify the connection is halted
      assert conn.halted
      assert conn.status == 403
      assert conn.resp_body == "Forbidden"
    end
  end
end