using Manager.Services; using ManagerService.Controllers; using ManagerService.Data; using ManagerService.DTOs; using ManagerService.Helpers; using ManagerService.Tests.Infrastructure; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging.Abstractions; using System; using System.Collections.Generic; using System.Linq; using Xunit; namespace ManagerService.Tests.Controllers { public class UserControllerTests { private UserController BuildController(MyInfoMateDbContext db, string callerRole = "Manager.superadmin", string callerInstanceId = "inst-test") { var cfg = FakeMongoConfig.Create(); var userService = new UserDatabaseService(cfg); var profileLogic = new ProfileLogic(NullLogger.Instance); var controller = new UserController( NullLogger.Instance, userService, profileLogic, db); FakeUser.SetUser(controller, FakeUser.Create(callerRole, callerInstanceId)); return controller; } private static UserDetailDTO MakeNewUser(string email, string instanceId = "inst-test", UserRole role = UserRole.ContentEditor) => new UserDetailDTO { email = email, firstName = "Test", lastName = "User", instanceId = instanceId, password = "password123", role = role }; // ── GET ────────────────────────────────────────────────────────────── [Fact] public void Get_SuperAdmin_SeesAllInstances() { using var db = DbContextFactory.Create(); db.Users.AddRange( new User { Id = "u1", Email = "a@a.be", Password = "x", LastName = "A", Token = "t1", InstanceId = "inst1" }, new User { Id = "u2", Email = "b@b.be", Password = "x", LastName = "B", Token = "t2", InstanceId = "inst2" } ); db.SaveChanges(); var result = BuildController(db, "Manager.superadmin").Get(); var ok = Assert.IsType(result); var users = Assert.IsAssignableFrom>(ok.Value); Assert.Equal(2, users.Count()); } [Fact] public void Get_InstanceAdmin_SeesOnlyOwnInstance() { using var db = DbContextFactory.Create(); db.Users.AddRange( new User { Id = "u1", Email = "a@a.be", Password = "x", LastName = "A", Token = "t1", InstanceId = "inst-test" }, new User { Id = "u2", Email = "b@b.be", Password = "x", LastName = "B", Token = "t2", InstanceId = "other-inst" } ); db.SaveChanges(); var result = BuildController(db, "Manager.instanceadmin", "inst-test").Get(); var ok = Assert.IsType(result); var users = Assert.IsAssignableFrom>(ok.Value); Assert.Equal(1, users.Count()); Assert.All(users, u => Assert.Equal("inst-test", u.instanceId)); } // ── CREATE ─────────────────────────────────────────────────────────── [Fact] public void CreateUser_DuplicateEmail_Returns409() { using var db = DbContextFactory.Create(); db.Users.Add(new User { Id = "u1", Email = "dup@a.be", Password = "x", LastName = "A", Token = "t1", InstanceId = "inst-test" }); db.SaveChanges(); var result = BuildController(db).CreateUser(MakeNewUser("dup@a.be")); Assert.IsType(result); } [Fact] public void CreateUser_InstanceAdminCreatingInstanceAdmin_Returns403() { // InstanceAdmin (role=1) ne peut pas créer SuperAdmin (role=0) using var db = DbContextFactory.Create(); var result = BuildController(db, "Manager.instanceadmin") .CreateUser(MakeNewUser("new@a.be", role: UserRole.SuperAdmin)); var statusResult = Assert.IsType(result); Assert.Equal(403, statusResult.StatusCode); } [Fact] public void CreateUser_ValidDto_HashesPassword() { using var db = DbContextFactory.Create(); var result = BuildController(db).CreateUser(MakeNewUser("new@a.be")); Assert.IsType(result); var user = db.Users.First(); Assert.NotEqual("password123", user.Password); // doit être haché } [Fact] public void CreateUser_NullPassword_Returns400() { using var db = DbContextFactory.Create(); var dto = new UserDetailDTO { email = "x@x.be", lastName = "X", instanceId = "inst-test", password = null }; var result = BuildController(db).CreateUser(dto); Assert.IsType(result); } // ── UPDATE ─────────────────────────────────────────────────────────── [Fact] public void UpdateUser_UnknownId_Returns404() { using var db = DbContextFactory.Create(); var result = BuildController(db).UpdateUser(new UserDetailDTO { id = "unknown", firstName = "X", lastName = "Y" }); Assert.IsType(result); } [Fact] public void UpdateUser_ExistingUser_UpdatesName() { using var db = DbContextFactory.Create(); db.Users.Add(new User { Id = "u1", Email = "a@a.be", Password = "x", LastName = "Old", Token = "t1", InstanceId = "inst-test" }); db.SaveChanges(); var result = BuildController(db).UpdateUser(new UserDetailDTO { id = "u1", firstName = "New", lastName = "Name" }); Assert.IsType(result); var user = db.Users.First(); Assert.Equal("New", user.FirstName); Assert.Equal("Name", user.LastName); } // ── DELETE ─────────────────────────────────────────────────────────── [Fact] public void DeleteUser_ExistingUser_Returns202() { using var db = DbContextFactory.Create(); db.Users.Add(new User { Id = "u1", Email = "a@a.be", Password = "x", LastName = "A", Token = "t1", InstanceId = "inst-test" }); db.SaveChanges(); var result = BuildController(db).DeleteUser("u1"); var statusResult = Assert.IsType(result); Assert.Equal(202, statusResult.StatusCode); Assert.Equal(0, db.Users.Count()); } [Fact] public void DeleteUser_UnknownId_Returns404() { using var db = DbContextFactory.Create(); var result = BuildController(db).DeleteUser("unknown"); Assert.IsType(result); } } }