SIG-CM2.0/tests/SIGCM2.Application.Tests/Infrastructure/RefreshTokenRepositoryTests.cs

using Dapper;
using Microsoft.Data.SqlClient;
using Respawn;
using SIGCM2.Domain.Entities;
using SIGCM2.Infrastructure.Persistence;

namespace SIGCM2.Application.Tests.Infrastructure;

/// <summary>
/// Integration tests for RefreshTokenRepository against SIGCM2_Test.
/// Uses Respawn to reset the DB between test classes; the repository opens its own
/// connections so transaction-scoped isolation would block on FK locks.
/// </summary>
[Collection("Database")]
public class RefreshTokenRepositoryTests : IAsyncLifetime
{
    private const string ConnectionString =
        "Server=TECNICA3;Database=SIGCM2_Test;User Id=desarrollo;Password=desarrollo2026;TrustServerCertificate=True;";

    private SqlConnection _connection = null!;
    private Respawner _respawner = null!;
    private RefreshTokenRepository _repository = null!;
    private int _testUserId;

    public async Task InitializeAsync()
    {
        _connection = new SqlConnection(ConnectionString);
        await _connection.OpenAsync();

        _respawner = await Respawner.CreateAsync(_connection, new RespawnerOptions
        {
            DbAdapter = DbAdapter.SqlServer,
            // Rol is a lookup table seeded by migration V003 — never wipe or Usuario FK breaks.
            TablesToIgnore =
            [
                new Respawn.Graph.Table("dbo", "Rol"),
                new Respawn.Graph.Table("dbo", "Permiso"),
                new Respawn.Graph.Table("dbo", "RolPermiso"),
                // UDT-010: *_History tables are system-versioned — engine rejects direct DELETE.
                new Respawn.Graph.Table("dbo", "Usuario_History"),
                new Respawn.Graph.Table("dbo", "Rol_History"),
                new Respawn.Graph.Table("dbo", "Permiso_History"),
                new Respawn.Graph.Table("dbo", "RolPermiso_History"),
                // ADM-001 (V011): Medio + Seccion are temporal — history tables cannot be directly deleted.
                new Respawn.Graph.Table("dbo", "Medio_History"),
                new Respawn.Graph.Table("dbo", "Seccion_History"),
                // ADM-008 (V013): PuntoDeVenta is temporal; SecuenciaComprobante is NOT temporal (AD8 revisitado).
                new Respawn.Graph.Table("dbo", "PuntoDeVenta_History"),
            ]
        });

        await _respawner.ResetAsync(_connection);
        await SeedRolCanonicalAsync();
        await SeedTestUserAsync();

        _testUserId = await _connection.QuerySingleAsync<int>(
            "SELECT Id FROM dbo.Usuario WHERE Username = 'test_rt_user'");

        var factory = new SqlConnectionFactory(ConnectionString);
        _repository = new RefreshTokenRepository(factory);
    }

    public async Task DisposeAsync()
    {
        await _respawner.ResetAsync(_connection);
        await _connection.CloseAsync();
        await _connection.DisposeAsync();
    }

    private async Task SeedRolCanonicalAsync()
    {
        const string sql = """
            SET QUOTED_IDENTIFIER ON;
            MERGE dbo.Rol AS t
            USING (VALUES
                ('admin', N'Administrador', N'Supervisor total'),
                ('cajero', N'Cajero', N'Mostrador contado'),
                ('operador_ctacte', N'Operador Cta Cte', N'Cuenta corriente'),
                ('picadora', N'Picadora/Correctora', N'Edición de textos'),
                ('jefe_publicidad', N'Jefe de Publicidad', N'Supervisión de pauta'),
                ('productor', N'Productor', N'Carga restringida'),
                ('diagramacion', N'Diagramación/Taller', N'Solo lectura pauta'),
                ('reportes', N'Reportes', N'Solo lectura reportes')
            ) AS s (Codigo, Nombre, Descripcion)
            ON t.Codigo = s.Codigo
            WHEN NOT MATCHED BY TARGET THEN
                INSERT (Codigo, Nombre, Descripcion, Activo)
                VALUES (s.Codigo, s.Nombre, s.Descripcion, 1);
            """;
        await _connection.ExecuteAsync(sql);
    }

    private async Task SeedTestUserAsync()
    {
        await _connection.ExecuteAsync("""
            SET QUOTED_IDENTIFIER ON;
            IF NOT EXISTS (SELECT 1 FROM dbo.Usuario WHERE Username = 'test_rt_user')
                INSERT INTO dbo.Usuario (Username, PasswordHash, Nombre, Apellido, Rol, PermisosJson, Activo)
                VALUES ('test_rt_user', '$2a$12$testhash', 'Test', 'User', 'admin', '["*"]', 1);
            """);
    }

    private static RefreshToken BuildToken(int usuarioId, string hash = "test_hash_abc123xyz", bool expired = false)
    {
        var now = DateTime.UtcNow;
        var ttl = expired ? TimeSpan.FromSeconds(1) : TimeSpan.FromDays(7);
        return RefreshToken.IssueForNewFamily(usuarioId, hash, now.AddHours(-1), ttl, "10.0.0.1", "TestAgent");
    }

    [Fact]
    public async Task AddAsync_PersistsAndReturnsId()
    {
        var token = BuildToken(_testUserId, "unique_hash_persist_" + Guid.NewGuid().ToString("N")[..8]);

        var id = await _repository.AddAsync(token);

        Assert.True(id > 0);
    }

    [Fact]
    public async Task AddAsync_DuplicateHash_Throws()
    {
        var hash = "duplicate_hash_" + Guid.NewGuid().ToString("N")[..8];
        var token1 = BuildToken(_testUserId, hash);
        var token2 = BuildToken(_testUserId, hash);

        await _repository.AddAsync(token1);

        await Assert.ThrowsAnyAsync<Exception>(() => _repository.AddAsync(token2));
    }

    [Fact]
    public async Task GetByHashAsync_RoundTripsAllFields()
    {
        var hash = "roundtrip_hash_" + Guid.NewGuid().ToString("N")[..8];
        var token = BuildToken(_testUserId, hash);

        await _repository.AddAsync(token);
        var retrieved = await _repository.GetByHashAsync(hash);

        Assert.NotNull(retrieved);
        Assert.Equal(_testUserId, retrieved.UsuarioId);
        Assert.Equal(hash, retrieved.TokenHash);
        Assert.Equal(token.FamilyId, retrieved.FamilyId);
        Assert.Null(retrieved.RevokedAt);
        Assert.Null(retrieved.ReplacedById);
    }

    [Fact]
    public async Task GetByHashAsync_NonExistentHash_ReturnsNull()
    {
        var result = await _repository.GetByHashAsync("does_not_exist_hash_abc");
        Assert.Null(result);
    }

    [Fact]
    public async Task RevokeAsync_SetsRevokedAtAndReplacedById()
    {
        var hash = "revoke_test_" + Guid.NewGuid().ToString("N")[..8];
        var token = BuildToken(_testUserId, hash);

        var id = await _repository.AddAsync(token);
        var revokedAt = DateTime.UtcNow;
        await _repository.RevokeAsync(id, replacedById: null, revokedAt: revokedAt);

        var retrieved = await _repository.GetByHashAsync(hash);

        Assert.NotNull(retrieved?.RevokedAt);
        Assert.Null(retrieved.ReplacedById);
    }

    [Fact]
    public async Task RevokeFamilyAsync_OnlyAffectsMatchingFamily()
    {
        var hash1 = "family_a_" + Guid.NewGuid().ToString("N")[..8];
        var hash2 = "family_b_" + Guid.NewGuid().ToString("N")[..8];

        var tokenA = BuildToken(_testUserId, hash1);
        var tokenB = BuildToken(_testUserId, hash2);

        await _repository.AddAsync(tokenA);
        await _repository.AddAsync(tokenB);

        var count = await _repository.RevokeFamilyAsync(tokenA.FamilyId, DateTime.UtcNow);

        Assert.Equal(1, count);

        var retrievedA = await _repository.GetByHashAsync(hash1);
        var retrievedB = await _repository.GetByHashAsync(hash2);

        Assert.NotNull(retrievedA?.RevokedAt);
        Assert.Null(retrievedB?.RevokedAt);
    }

    [Fact]
    public async Task RevokeAllActiveForUserAsync_DoesNotTouchAlreadyRevoked()
    {
        var hash1 = "user_active_" + Guid.NewGuid().ToString("N")[..8];
        var hash2 = "user_revoked_" + Guid.NewGuid().ToString("N")[..8];

        var tokenActive = BuildToken(_testUserId, hash1);
        var tokenAlreadyRevoked = BuildToken(_testUserId, hash2);

        var idActive = await _repository.AddAsync(tokenActive);
        var idRevoked = await _repository.AddAsync(tokenAlreadyRevoked);
        await _repository.RevokeAsync(idRevoked, null, DateTime.UtcNow.AddMinutes(-5));

        var count = await _repository.RevokeAllActiveForUserAsync(_testUserId, DateTime.UtcNow);

        Assert.Equal(1, count);

        var retrievedActive = await _repository.GetByHashAsync(hash1);
        Assert.NotNull(retrievedActive?.RevokedAt);
    }
}