<?php

use App\Models\Role;
use App\Models\User;

/** @var \Tests\TestCase $this */
it('blocks non-permitted users from admin panel', function () {
    $user = User::factory()->create();
    $this->actingAs($user);
    $this->get(route('admin.users.index'))->assertForbidden();
});

it('allows manage-settings permission to view admin panel', function () {
    $admin = User::factory()->create();
    $role = Role::firstOrCreate(['slug' => 'admin'], ['name' => 'Administrator']);
    $admin->roles()->syncWithoutDetaching([$role->id]);
    $this->actingAs($admin);
    $this->get(route('admin.users.index'))->assertSuccessful();
});

it('can assign roles to a user', function () {
    $admin = User::factory()->create();
    $role = Role::firstOrCreate(['slug' => 'admin'], ['name' => 'Administrator']);
    $admin->roles()->sync([$role->id]);

    $target = User::factory()->create();
    $staffRole = Role::firstOrCreate(['slug' => 'staff'], ['name' => 'Staff']);

    $this->actingAs($admin);
    $this->put(route('admin.users.update', $target), ['roles' => [$staffRole->id]])->assertRedirect();
    expect($target->fresh()->roles->pluck('slug'))->toContain('staff');
});