require "rails_helper"

RSpec.describe AccountAuthPolicy, type: :policy  do
  subject { described_class }

  let(:account_auth) { build(:account_auth) }
  let(:member_account_auth) { create(:account_auth, account: user.primary_account) }
  let(:non_member_account_auth) { create(:account_auth) }
  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }

  context "for an associate" do
    let(:user) { create(:user, :associate) }

    permissions :create? do
      it { is_expected.not_to permit(user_context, AccountAuth) }
    end
    permissions :update? do
      it { is_expected.not_to permit(user_context, account_auth) }
    end
    permissions :destroy? do
      it { is_expected.not_to permit(user_context, account_auth) }
    end

    permissions ".scope" do
      subject { Pundit.policy_scope!(user_context, AccountAuth) }
      
      it { is_expected.to be_empty }
    end
  end

  context "for a manager" do
    let(:user) { create(:user, :manager) }

    permissions :create? do
      it { is_expected.not_to permit(user_context, AccountAuth) }
    end
    permissions :update? do
      it { is_expected.not_to permit(user_context, account_auth) }
    end
    permissions :destroy? do
      it { is_expected.not_to permit(user_context, account_auth) }
    end

    permissions ".scope" do
      subject { Pundit.policy_scope!(user_context, AccountAuth) }
      
      it { is_expected.to be_empty }
    end
  end

  context "for an account manager" do
    let(:user) { create(:user, :account_manager) }

    permissions :create? do
      it { is_expected.to permit(user_context, AccountAuth) }
    end
    permissions :update? do
      it { is_expected.to permit(user_context, account_auth) }
    end
    permissions :destroy? do
      it { is_expected.to permit(user_context, account_auth) }
    end

    permissions ".scope" do
      subject { Pundit.policy_scope!(user_context, AccountAuth) }
      
      it { is_expected.to include(member_account_auth) }
      it { is_expected.not_to include(non_member_account_auth) }
    end
  end

  context "for an admin" do
    let(:user) { create(:user, :admin) }

    permissions :create? do
      it { is_expected.to permit(user_context, AccountAuth) }
    end
    permissions :update? do
      it { is_expected.to permit(user_context, account_auth) }
    end
    permissions :destroy? do
      it { is_expected.to permit(user_context, account_auth) }
    end

    permissions ".scope" do
      subject { Pundit.policy_scope!(user_context, AccountAuth) }
      
      it { is_expected.to include(member_account_auth) }
      it { is_expected.to include(non_member_account_auth) }
    end
  end
end