import pytest
from fastapi import status

from tests.utils.auth_test_fixtures import (
    admin_user_client,
    db_session,
    non_admin_user_client,
)


def test_protected_route_admin_access(db_session, admin_user_client):
    """Test that admin users can access the protected route"""
    response = admin_user_client.get("/playlist/protected")
    assert response.status_code == status.HTTP_200_OK
    data = response.json()
    assert "access to support resources" in data["message"]
    assert "testadmin" in data["message"]


def test_protected_route_non_admin_access(db_session, non_admin_user_client):
    """Test that non-admin users can access the protected route
    (just requires authentication)"""
    response = non_admin_user_client.get("/playlist/protected")
    assert response.status_code == status.HTTP_200_OK
    data = response.json()
    assert "access to support resources" in data["message"]
    assert "testuser" in data["message"]


def test_protected_route_no_auth():
    """Test that unauthenticated users cannot access the protected route"""
    from fastapi import FastAPI
    from fastapi.testclient import TestClient

    from app.routers.playlist import router as playlist_router

    app = FastAPI()
    app.include_router(playlist_router)
    client = TestClient(app)

    response = client.get("/playlist/protected")
    assert response.status_code == status.HTTP_401_UNAUTHORIZED
    assert "Not authenticated" in response.json()["detail"]