const models = require('vn-loopback/server/server').models;
const ForbiddenError = require('vn-loopback/util/forbiddenError');

describe('loopback model VnUser', () => {
    it('should return true if the user has the given role', async() => {
        let result = await models.VnUser.hasRole(1, 'employee');

        expect(result).toBeTruthy();
    });

    it('should return false if the user doesnt have the given role', async() => {
        let result = await models.VnUser.hasRole(1, 'administrator');

        expect(result).toBeFalsy();
    });

    describe('userSecurity', () => {
        const itManagementId = 115;
        const hrId = 37;
        const employeeId = 1;

        it('should check if you are the same user', async() => {
            const ctx = {options: {accessToken: {userId: employeeId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should check for higher privileges', async() => {
            const ctx = {options: {accessToken: {userId: itManagementId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should check if you have medium privileges and the user email is not verified', async() => {
            const ctx = {options: {accessToken: {userId: hrId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should throw an error if you have medium privileges and the users email is verified', async() => {
            const tx = await models.VnUser.beginTransaction({});
            const ctx = {options: {accessToken: {userId: hrId}}};
            try {
                const options = {transaction: tx};
                const userToUpdate = await models.VnUser.findById(1, null, options);
                userToUpdate.updateAttribute('emailVerified', 1, options);

                await models.VnUser.userSecurity(ctx, employeeId, options);
                await tx.rollback();
            } catch (error) {
                await tx.rollback();

                expect(error).toEqual(new ForbiddenError());
            }
        });
    });
});