import { ForbiddenException } from '@nestjs/common';
import { describe, expect, it, vi } from 'vitest';
import { ConversationsController } from '../conversations/conversations.controller.js';
import { MissionsController } from '../missions/missions.controller.js';
import { ProjectsController } from '../projects/projects.controller.js';
import { TasksController } from '../tasks/tasks.controller.js';

function createBrain() {
  return {
    conversations: {
      findAll: vi.fn(),
      findById: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
      remove: vi.fn(),
      findMessages: vi.fn(),
      addMessage: vi.fn(),
    },
    projects: {
      findAll: vi.fn(),
      findById: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
      remove: vi.fn(),
    },
    missions: {
      findAll: vi.fn(),
      findById: vi.fn(),
      findByProject: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
      remove: vi.fn(),
    },
    tasks: {
      findAll: vi.fn(),
      findById: vi.fn(),
      findByProject: vi.fn(),
      findByMission: vi.fn(),
      findByStatus: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
      remove: vi.fn(),
    },
  };
}

describe('Resource ownership checks', () => {
  it('forbids access to another user conversation', async () => {
    const brain = createBrain();
    brain.conversations.findById.mockResolvedValue({ id: 'conv-1', userId: 'user-2' });
    const controller = new ConversationsController(brain as never);

    await expect(controller.findOne('conv-1', { id: 'user-1' })).rejects.toBeInstanceOf(
      ForbiddenException,
    );
  });

  it('forbids access to another user project', async () => {
    const brain = createBrain();
    brain.projects.findById.mockResolvedValue({ id: 'project-1', ownerId: 'user-2' });
    const controller = new ProjectsController(brain as never);

    await expect(controller.findOne('project-1', { id: 'user-1' })).rejects.toBeInstanceOf(
      ForbiddenException,
    );
  });

  it('forbids access to a mission owned by another project owner', async () => {
    const brain = createBrain();
    brain.missions.findById.mockResolvedValue({ id: 'mission-1', projectId: 'project-1' });
    brain.projects.findById.mockResolvedValue({ id: 'project-1', ownerId: 'user-2' });
    const controller = new MissionsController(brain as never);

    await expect(controller.findOne('mission-1', { id: 'user-1' })).rejects.toBeInstanceOf(
      ForbiddenException,
    );
  });

  it('forbids access to a task owned by another project owner', async () => {
    const brain = createBrain();
    brain.tasks.findById.mockResolvedValue({ id: 'task-1', projectId: 'project-1' });
    brain.projects.findById.mockResolvedValue({ id: 'project-1', ownerId: 'user-2' });
    const controller = new TasksController(brain as never);

    await expect(controller.findOne('task-1', { id: 'user-1' })).rejects.toBeInstanceOf(
      ForbiddenException,
    );
  });
});