<?php

use App\Models\User;

test('admin can access admin routes', function () {
    $admin = User::factory()->admin()->create();

    $response = $this->actingAs($admin)->get('/admin/dashboard');

    $response->assertStatus(200);
});

test('client cannot access admin routes', function () {
    $client = User::factory()->individual()->create();

    $response = $this->actingAs($client)->get('/admin/dashboard');

    $response->assertForbidden();
});

test('company client cannot access admin routes', function () {
    $client = User::factory()->company()->create();

    $response = $this->actingAs($client)->get('/admin/dashboard');

    $response->assertForbidden();
});

test('unauthenticated user redirected to login', function () {
    $response = $this->get('/admin/dashboard');

    $response->assertRedirect(route('login'));
});

test('unauthenticated user redirected to login for client routes', function () {
    $response = $this->get('/client/dashboard');

    $response->assertRedirect(route('login'));
});

test('client can access client routes', function () {
    $client = User::factory()->individual()->create();

    $response = $this->actingAs($client)->get('/client/dashboard');

    $response->assertStatus(200);
});

test('admin cannot access client routes', function () {
    $admin = User::factory()->admin()->create();

    $response = $this->actingAs($admin)->get('/client/dashboard');

    $response->assertForbidden();
});

test('deactivated user logged out on request', function () {
    $user = User::factory()->deactivated()->create();

    // Simulate an authenticated session with deactivated user
    $response = $this->actingAs($user)->get('/client/dashboard');

    $response->assertRedirect(route('login'));
    $this->assertGuest();
});