package tests

import (
	"testing"
)

func TestOrgLoadMiddleware(t *testing.T) {
	ensureUsers(t)

	var orgID string

	// 1. User1 Creates Org (Owner)
	t.Run("User1 Creates Org", func(t *testing.T) {
		resp := doRequest(t, "POST", "/api/orgs", map[string]string{
			"code":        "test_org_load_mw",
			"name":        "Test Org Load Middleware",
			"description": "Created by User1 for Middleware Test",
		}, User1Token)

		assertStatus(t, resp, 200)

		var data struct {
			ID string `json:"id"`
		}
		decodeResponse(t, resp, &data)
		orgID = data.ID
	})

	if orgID == "" {
		t.Fatal("Failed to create org, skipping remaining tests")
	}

	// 2. User1 Get Org Details (Success)
	t.Run("User1 Get Org Details", func(t *testing.T) {
		resp := doRequest(t, "GET", "/api/orgs/"+orgID, nil, User1Token)
		assertStatus(t, resp, 200)

		var data OrgResp
		decodeResponse(t, resp, &data)
		if data.Name != "Test Org Load Middleware" {
			t.Errorf("Expected name 'Test Org Load Middleware', got '%s'", data.Name)
		}
	})

	// 3. User1 Update Org (Success)
	t.Run("User1 Update Org", func(t *testing.T) {
		resp := doRequest(t, "PATCH", "/api/orgs/"+orgID, map[string]string{
			"name": "Updated Org Middleware",
		}, User1Token)
		assertStatus(t, resp, 200)
	})

	// 4. User2 Get Org Details (Fail - 403 Forbidden)
	t.Run("User2 Get Org Details (Fail)", func(t *testing.T) {
		resp := doRequest(t, "GET", "/api/orgs/"+orgID, nil, User2Token)

		// Expect 403 or 404 depending on implementation of LoadOrg
		// Usually 403 if authenticated but not authorized
		if resp.Code == 200 {
			t.Errorf("Expected error code (403/404), got 200")
		} else {
			// Optional: check specific error code in body
			var errResp BaseResp
			decodeResponse(t, resp, &errResp)
			// e.g. 40300 or similar
			if errResp.Code < 40000 {
				t.Logf("Got error code: %d, msg: %s", errResp.Code, errResp.Msg)
			}
		}
	})

	// 5. User1 adds User2 as Member
	t.Run("User1 adds User2 as Member", func(t *testing.T) {
		resp := doRequest(t, "POST", "/api/orgs/"+orgID+"/members", map[string]string{
			"user_id": User2ID,
			"role":    "member",
		}, User1Token)
		assertStatus(t, resp, 200)
	})

	// 6. User2 Get Org Details (Success - Now Member)
	t.Run("User2 Get Org Details (Success)", func(t *testing.T) {
		resp := doRequest(t, "GET", "/api/orgs/"+orgID, nil, User2Token)
		assertStatus(t, resp, 200)

		var data OrgResp
		decodeResponse(t, resp, &data)
		if data.Name != "Updated Org Middleware" {
			t.Errorf("Expected name 'Updated Org Middleware', got '%s'", data.Name)
		}
	})
}