<?php
namespace App\Tests;

use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
use App\Factory\CharacterFactory;
use App\Factory\DojoFactory;
use App\Factory\UserFactory;
use Zenstruck\Foundry\Test\Factories;
use Zenstruck\Foundry\Test\ResetDatabase;
use DateTimeZone;

class CharacterTest extends ApiTestCase
{
    use ResetDatabase, Factories;

    private function generateAuthToken(string $authName)
    {
        $sign_seed = sodium_base642bin($_ENV['AUTH_SEED'], SODIUM_BASE64_VARIANT_ORIGINAL);
        $sign_pair = sodium_crypto_sign_seed_keypair($sign_seed);
        $sign_secret = sodium_crypto_sign_secretkey($sign_pair);
        $now = new \DateTimeImmutable("now", new DateTimeZone("UTC"));
        $message = $authName . "|" . $now->format("c");

        return sodium_bin2base64(sodium_crypto_sign($message, $sign_secret), SODIUM_BASE64_VARIANT_URLSAFE);
    }

    /**
     * Requirement: A user should be able see all characters from a dojo, but only the public fields!
     */
    public function testRetrieveCharactersFromDojoPublic(): void
    {
        $requestUser = UserFactory::createOne();
        $dojo = DojoFactory::createOne();
        CharacterFactory::createMany(4, [
            'dojo' => $dojo
        ]);
        CharacterFactory::createMany(10);

        $response = static::createClient()->request('GET', '/api/dojo/' . $dojo->id . '/characters',
            [
                'headers' => [
                    'accept' => 'application/json',
                    'X-AUTH-TOKEN' => $this->generateAuthToken($requestUser->authName)
                ]
            ]);

        $this->assertResponseStatusCodeSame(200);

        // Because test fixtures are automatically loaded between each test, you can assert on them
        $this->assertCount(4, $response->toArray());

        $this->assertNotEquals("[[],[],[],[]]", $response->getContent());

        $chars = $response->toArray();
        $this->assertArrayHasKey('name', $chars[0]);
        $this->assertArrayHasKey('dojo', $chars[0]);
        $this->assertArrayNotHasKey('strength', $chars[0]); // not accessible via this route
        $this->assertArrayNotHasKey('constitution', $chars[0]); // not accessible via this route
        $this->assertArrayNotHasKey('agility', $chars[0]); // not accessible via this route
        $this->assertArrayNotHasKey('techniques', $chars[0]); // not accessible via this route
    }

    /**
     * Requirement: A user should be able see all characters from a dojo, but only the public fields!
     */
    public function testRetrieveCharactersFromOwnDojoDetail(): void
    {
        $dojo = DojoFactory::createOne([
            'owner' => UserFactory::createOne()
        ]);
        CharacterFactory::createMany(4, [
            'dojo' => $dojo
        ]);
        CharacterFactory::createMany(10);

        $response = static::createClient()->request('GET', '/api/dojo/characters',
            [
                'headers' => [
                    'accept' => 'application/json',
                    'X-AUTH-TOKEN' => $this->generateAuthToken($dojo->getOwner()->authName)
                ]
            ]);

        $this->assertResponseStatusCodeSame(200);

        // Because test fixtures are automatically loaded between each test, you can assert on them
        $this->assertCount(4, $response->toArray());

        $this->assertNotEquals("[[],[],[],[]]", $response->getContent());

        $chars = $response->toArray();
        $this->assertArrayHasKey('name', $chars[0]);
        $this->assertArrayHasKey('dojo', $chars[0]);
        $this->assertArrayHasKey('strength', $chars[0]); // not accessible via this route
        $this->assertArrayHasKey('constitution', $chars[0]); // not accessible via this route
        $this->assertArrayHasKey('agility', $chars[0]); // not accessible via this route
        $this->assertArrayHasKey('techniques', $chars[0]); // not accessible via this route
    }
}