import { describe, expect, it } from 'vitest';

import { canAccessRoute, getDefaultRouteForRole, getWorkspaceRole } from './workspace-access';

describe('workspace access policy', () => {
  const operationsSession = {
    role: 'internal',
    role_name: 'Operations',
    permissions: ['view_mix_calculator', 'use_mix_calculator', 'save_mix_calculator_session'],
    name: 'Ops User',
    email: 'ops@example.com',
    token: 'token'
  };

  const adminSession = {
    role: 'internal',
    role_name: 'Admin',
    permissions: ['view_dashboard', 'view_mix_calculator', 'use_mix_calculator'],
    name: 'Admin User',
    email: 'admin@example.com',
    token: 'token'
  };

  it('classifies operations users and sends them to mix calculator by default', () => {
    expect(getWorkspaceRole(operationsSession)).toBe('operations');
    expect(getDefaultRouteForRole(operationsSession)).toBe('/mix-calculator/new');
  });

  it('prevents operations users from opening the dashboard route', () => {
    expect(canAccessRoute(operationsSession, '/')).toBe(false);
    expect(canAccessRoute(operationsSession, '/mix-calculator')).toBe(true);
  });

  it('keeps dashboard access for admins', () => {
    expect(getWorkspaceRole(adminSession)).toBe('admin');
    expect(canAccessRoute(adminSession, '/')).toBe(true);
  });
});