import { GET, PUT, DELETE } from './route';
import { NextRequest } from 'next/server';

jest.mock('@/lib/auth', () => ({
  auth: jest.fn(),
}));

jest.mock('@/lib/auth/permissions', () => ({
  hasPermission: jest.fn(),
}));

jest.mock('@/db', () => ({
  db: {
    select: jest.fn().mockReturnValue({
      from: jest.fn().mockReturnValue({
        where: jest.fn().mockReturnValue({
          limit: jest.fn().mockResolvedValue([{
            id: 'test-user-id',
            email: 'test@example.com',
            name: 'Test User',
            role: 'admin',
          }]),
        }),
      }),
    }),
    update: jest.fn().mockReturnValue({
      set: jest.fn().mockReturnValue({
        where: jest.fn().mockReturnValue({
          returning: jest.fn().mockResolvedValue([{
            id: 'test-user-id',
            email: 'updated@example.com',
            name: 'Updated User',
          }]),
        }),
      }),
    }),
    delete: jest.fn().mockReturnValue({
      where: jest.fn().mockResolvedValue(undefined),
    }),
  },
}));

describe('/api/admin/users/[id]', () => {
  beforeEach(() => {
    jest.clearAllMocks();
  });

  describe('GET', () => {
    it('should return 401 if not authenticated', async () => {
      const request = new NextRequest('http://localhost/api/admin/users/test-id');
      const response = await GET(request, { params: Promise.resolve({ id: 'test-id' }) });
      const data = await response.json();
      
      expect(response.status).toBe(401);
      expect(data.error).toBe('未授权');
    });

    it('should return 403 if no permission', async () => {
      const { auth } = require('@/lib/auth');
      const { hasPermission } = require('@/lib/auth/permissions');
      
      auth.mockResolvedValue({ user: { role: 'viewer' } });
      hasPermission.mockReturnValue(false);
      
      const request = new NextRequest('http://localhost/api/admin/users/test-id');
      const response = await GET(request, { params: Promise.resolve({ id: 'test-id' }) });
      const data = await response.json();
      
      expect(response.status).toBe(403);
      expect(data.error).toBe('无权限');
    });

    it('should return user if authenticated and has permission', async () => {
      const { auth } = require('@/lib/auth');
      const { hasPermission } = require('@/lib/auth/permissions');
      
      auth.mockResolvedValue({ user: { role: 'admin' } });
      hasPermission.mockReturnValue(true);
      
      const request = new NextRequest('http://localhost/api/admin/users/test-id');
      const response = await GET(request, { params: Promise.resolve({ id: 'test-id' }) });
      const data = await response.json();
      
      expect(response.status).toBe(200);
      expect(data.user).toBeDefined();
    });
  });

  describe('PUT', () => {
    it('should return 401 if not authenticated', async () => {
      const { auth } = require('@/lib/auth');
      auth.mockResolvedValue(null);
      
      const request = new NextRequest('http://localhost/api/admin/users/test-id', {
        method: 'PUT',
        body: JSON.stringify({ name: 'Updated User' }),
      });
      const response = await PUT(request, { params: Promise.resolve({ id: 'test-id' }) });
      const data = await response.json();
      
      expect(response.status).toBe(401);
      expect(data.error).toBe('未授权');
    });
  });

  describe('DELETE', () => {
    it('should return 401 if not authenticated', async () => {
      const { auth } = require('@/lib/auth');
      auth.mockResolvedValue(null);
      
      const request = new NextRequest('http://localhost/api/admin/users/test-id', {
        method: 'DELETE',
      });
      const response = await DELETE(request, { params: Promise.resolve({ id: 'test-id' }) });
      const data = await response.json();
      
      expect(response.status).toBe(401);
      expect(data.error).toBe('未授权');
    });
  });
});