package model

import (
	"testing"
	"time"
)

func TestAccountTypeConstants(t *testing.T) {
	if AccountTypeHuman != "human" {
		t.Errorf("AccountTypeHuman = %q, want %q", AccountTypeHuman, "human")
	}
	if AccountTypeSystem != "system" {
		t.Errorf("AccountTypeSystem = %q, want %q", AccountTypeSystem, "system")
	}
}

func TestAccountStatusConstants(t *testing.T) {
	if AccountStatusActive != "active" {
		t.Errorf("AccountStatusActive = %q, want %q", AccountStatusActive, "active")
	}
	if AccountStatusInactive != "inactive" {
		t.Errorf("AccountStatusInactive = %q, want %q", AccountStatusInactive, "inactive")
	}
	if AccountStatusDeleted != "deleted" {
		t.Errorf("AccountStatusDeleted = %q, want %q", AccountStatusDeleted, "deleted")
	}
}

func TestTokenRecordIsRevoked(t *testing.T) {
	now := time.Now()

	notRevoked := &TokenRecord{}
	if notRevoked.IsRevoked() {
		t.Error("expected token with nil RevokedAt to not be revoked")
	}

	revoked := &TokenRecord{RevokedAt: &now}
	if !revoked.IsRevoked() {
		t.Error("expected token with RevokedAt set to be revoked")
	}
}

func TestTokenRecordIsExpired(t *testing.T) {
	past := time.Now().Add(-time.Hour)
	future := time.Now().Add(time.Hour)

	expired := &TokenRecord{ExpiresAt: past}
	if !expired.IsExpired() {
		t.Error("expected token with past ExpiresAt to be expired")
	}

	valid := &TokenRecord{ExpiresAt: future}
	if valid.IsExpired() {
		t.Error("expected token with future ExpiresAt to not be expired")
	}
}

func TestAuditEventConstants(t *testing.T) {
	// Spot-check a few to ensure they are not empty strings.
	events := []string{
		EventLoginOK,
		EventLoginFail,
		EventLoginTOTPFail,
		EventTokenIssued,
		EventTokenRenewed,
		EventTokenRevoked,
		EventTokenExpired,
		EventAccountCreated,
		EventAccountUpdated,
		EventAccountDeleted,
		EventRoleGranted,
		EventRoleRevoked,
		EventTOTPEnrolled,
		EventTOTPRemoved,
		EventPGCredAccessed,
		EventPGCredUpdated,
	}
	for _, e := range events {
		if e == "" {
			t.Errorf("audit event constant is empty string")
		}
	}
}