import pytest

from l4d2web.app import create_app
from l4d2web.auth import hash_password
from l4d2web.db import init_db, session_scope
from l4d2web.models import User


@pytest.fixture
def admin_client(tmp_path, monkeypatch):
    db_url = f"sqlite:///{tmp_path/'overlay.db'}"
    monkeypatch.setenv("DATABASE_URL", db_url)
    app = create_app({"TESTING": True, "DATABASE_URL": db_url, "SECRET_KEY": "test"})
    init_db()

    with session_scope() as session:
        admin = User(username="admin", password_digest=hash_password("secret"), admin=True)
        session.add(admin)
        session.flush()
        admin_id = admin.id

    client = app.test_client()
    with client.session_transaction() as sess:
        sess["user_id"] = admin_id
        sess["csrf_token"] = "test-token"
    return client


def test_admin_can_create_overlay(admin_client) -> None:
    response = admin_client.post(
        "/admin/overlays",
        data={"name": "standard", "path": "/opt/l4d2/overlays/standard"},
        headers={"X-CSRF-Token": "test-token"},
    )
    assert response.status_code == 302


def test_overlay_path_must_be_under_root(admin_client) -> None:
    response = admin_client.post(
        "/admin/overlays",
        data={"name": "bad", "path": "/tmp/bad"},
        headers={"X-CSRF-Token": "test-token"},
    )
    assert response.status_code == 400