EventHubBack/test/api/users/user_calendar_by_id_tests.erl

%%%-------------------------------------------------------------------
%%% @doc Тесты клиентского API для работы с конкретным календарём.
%%% Покрывает GET, PUT, DELETE /v1/calendars/:id.
%%% @end
%%%-------------------------------------------------------------------
-module(user_calendar_by_id_tests).
-include_lib("eunit/include/eunit.hrl").

-export([test/0]).

-spec test() -> ok.
test() ->
  ct:pal("=== User Calendar By ID Tests ==="),
  Token = api_test_runner:get_user_token(),
  OtherToken = api_test_runner:register_and_login(
    api_test_runner:unique_email(<<"other">>), <<"pass">>),

  % Создаём календарь для тестов
  #{<<"id">> := CalId} = api_test_runner:client_post(<<"/v1/calendars">>, Token,
    #{title => <<"TestCal">>, type => <<"personal">>}),

  test_get_calendar(Token, CalId),
  test_get_calendar_unauthorized(CalId),
  test_get_calendar_not_found(Token),
  test_update_calendar(Token, CalId),
  test_update_calendar_forbidden(OtherToken, CalId),
  test_delete_calendar(Token, CalId),
  test_delete_calendar_forbidden(OtherToken, CalId),

  ct:pal("=== All user calendar by id tests passed ==="),
  ok.

test_get_calendar(Token, CalId) ->
  ct:pal("  TEST: Get calendar by ID"),
  Path = <<"/v1/calendars/", CalId/binary>>,
  Cal = api_test_runner:client_get(Path, Token),
  ?assertEqual(CalId, maps:get(<<"id">>, Cal)),
  ?assert(maps:is_key(<<"title">>, Cal)),
  ct:pal("    OK: ~s", [maps:get(<<"title">>, Cal)]).

test_get_calendar_unauthorized(CalId) ->
  ct:pal("  TEST: Get calendar without token (401)"),
  Path = <<"/v1/calendars/", CalId/binary>>,
  Resp = api_test_runner:client_request(get, Path, <<>>),
  ?assertMatch({ok, 401, _, _}, Resp),
  ct:pal("    OK: got 401").

test_get_calendar_not_found(Token) ->
  ct:pal("  TEST: Get non-existent calendar (404)"),
  Resp = api_test_runner:client_request(get, <<"/v1/calendars/fakeid">>, Token),
  ?assertMatch({ok, 404, _, _}, Resp),
  ct:pal("    OK: got 404").

test_update_calendar(Token, CalId) ->
  ct:pal("  TEST: Update calendar"),
  Path = <<"/v1/calendars/", CalId/binary>>,
  Updated = api_test_runner:client_put(Path, Token,
    #{title => <<"Updated">>, description => <<"New desc">>}),
  ?assertEqual(<<"Updated">>, maps:get(<<"title">>, Updated)),
  ?assertEqual(<<"New desc">>, maps:get(<<"description">>, Updated)),
  ct:pal("    OK").

test_update_calendar_forbidden(OtherToken, CalId) ->
  ct:pal("  TEST: Update calendar by non-owner (403)"),
  Path = <<"/v1/calendars/", CalId/binary>>,
  Resp = api_test_runner:client_request(put, Path, OtherToken,
    jsx:encode(#{title => <<"fail">>})),
  ?assertMatch({ok, 403, _, _}, Resp),
  ct:pal("    OK: got 403").

test_delete_calendar(Token, CalId) ->
  ct:pal("  TEST: Delete calendar (soft-delete)"),
  Path = <<"/v1/calendars/", CalId/binary>>,
  Resp = api_test_runner:client_request(delete, Path, Token),
  ?assertMatch({ok, 200, _, _}, Resp),
  ct:pal("    OK: deleted").

test_delete_calendar_forbidden(OtherToken, CalId) ->
  % Первый раз мы уже удалили, но проверим на другом календаре
  ct:pal("  TEST: Delete calendar by non-owner (403)"),
  % Создадим новый календарь владельцем Token, попробуем удалить OtherToken
  #{<<"id">> := NewCalId} = api_test_runner:client_post(<<"/v1/calendars">>, api_test_runner:get_user_token(),
    #{title => <<"ForbiddenDel">>, type => <<"personal">>}),
  Path = <<"/v1/calendars/", NewCalId/binary>>,
  Resp = api_test_runner:client_request(delete, Path, OtherToken),
  ?assertMatch({ok, 403, _, _}, Resp),
  ct:pal("    OK: got 403").