<?php

namespace Tests\Feature\Auth;

use App\Models\Tenant;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Hash;
use Tests\TestCase;

class TenantProfileApiTest extends TestCase
{
    use RefreshDatabase;

    public function test_me_endpoint_returns_user_and_tenant_payload(): void
    {
        $tenant = Tenant::factory()->create([
            'name' => 'Test Tenant GmbH',
            'slug' => 'test-tenant',
            'event_credits_balance' => 12,
            'features' => ['custom_branding' => true],
        ]);

        $user = User::factory()->create([
            'tenant_id' => $tenant->id,
            'role' => 'tenant_admin',
            'password' => Hash::make('secret-password'),
            'email' => 'tenant@example.com',
            'name' => 'Max Mustermann',
        ]);

        $login = $this->postJson('/api/v1/tenant-auth/login', [
            'login' => 'tenant@example.com',
            'password' => 'secret-password',
        ]);

        $login->assertOk()->assertJsonStructure(['token', 'token_type', 'abilities']);

        $token = $login->json('token');

        $me = $this->withHeader('Authorization', 'Bearer '.$token)->getJson('/api/v1/tenant-auth/me');

        $me->assertOk();
        $me->assertJsonFragment([
            'id' => $user->id,
            'email' => 'tenant@example.com',
            'role' => 'tenant_admin',
            'tenant_id' => $tenant->id,
        ]);

        $me->assertJsonFragment([
            'name' => 'Test Tenant GmbH',
            'slug' => 'test-tenant',
            'event_credits_balance' => 12,
        ]);

        $data = $me->json();
        $this->assertEquals('Max Mustermann', data_get($data, 'user.name'));
        $this->assertContains('tenant-admin', $data['abilities']);
    }

    public function test_me_requires_valid_token(): void
    {
        $response = $this->getJson('/api/v1/tenant-auth/me');

        $response->assertStatus(401);
    }
}