jest.mock("uuid", () => ({
	v4: jest.fn(() => "mocked-uuid"),
}));

jest.mock("@noble/post-quantum/ml-kem.js", () => ({
	ml_kem768: {
		keygen: jest.fn(),
		encapsulate: jest.fn(),
		decapsulate: jest.fn(),
	},
}));

jest.mock("jose", () => ({
	SignJWT: jest.fn().mockReturnValue({
		setProtectedHeader: jest.fn().mockReturnThis(),
		setIssuedAt: jest.fn().mockReturnThis(),
		setExpirationTime: jest.fn().mockReturnThis(),
		sign: jest.fn().mockResolvedValue("mocked-jwt"),
	}),
	jwtVerify: jest.fn(),
}));

import { CACHE_MANAGER } from "@nestjs/cache-manager";
import { Test, TestingModule } from "@nestjs/testing";
import { AuthService } from "../auth/auth.service";
import { AuthGuard } from "../auth/guards/auth.guard";
import { RolesGuard } from "../auth/guards/roles.guard";
import { AuthenticatedRequest } from "../common/interfaces/request.interface";
import { UsersController } from "./users.controller";
import { UsersService } from "./users.service";

describe("UsersController", () => {
	let controller: UsersController;
	let usersService: UsersService;
	let authService: AuthService;

	const mockUsersService = {
		findAll: jest.fn(),
		findPublicProfile: jest.fn(),
		findOneWithPrivateData: jest.fn(),
		exportUserData: jest.fn(),
		update: jest.fn(),
		updateAvatar: jest.fn(),
		updateConsent: jest.fn(),
		remove: jest.fn(),
	};

	const mockAuthService = {
		generateTwoFactorSecret: jest.fn(),
		enableTwoFactor: jest.fn(),
		disableTwoFactor: jest.fn(),
	};

	const mockCacheManager = {
		get: jest.fn(),
		set: jest.fn(),
	};

	beforeEach(async () => {
		const module: TestingModule = await Test.createTestingModule({
			controllers: [UsersController],
			providers: [
				{ provide: UsersService, useValue: mockUsersService },
				{ provide: AuthService, useValue: mockAuthService },
				{ provide: CACHE_MANAGER, useValue: mockCacheManager },
			],
		})
			.overrideGuard(AuthGuard)
			.useValue({ canActivate: () => true })
			.overrideGuard(RolesGuard)
			.useValue({ canActivate: () => true })
			.compile();

		controller = module.get<UsersController>(UsersController);
		usersService = module.get<UsersService>(UsersService);
		authService = module.get<AuthService>(AuthService);
	});

	it("should be defined", () => {
		expect(controller).toBeDefined();
	});

	describe("findAll", () => {
		it("should call usersService.findAll", async () => {
			await controller.findAll(10, 0);
			expect(usersService.findAll).toHaveBeenCalledWith(10, 0);
		});
	});

	describe("findPublicProfile", () => {
		it("should call usersService.findPublicProfile", async () => {
			await controller.findPublicProfile("testuser");
			expect(usersService.findPublicProfile).toHaveBeenCalledWith("testuser");
		});
	});

	describe("findMe", () => {
		it("should call usersService.findOneWithPrivateData", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.findMe(req);
			expect(usersService.findOneWithPrivateData).toHaveBeenCalledWith(
				"user-uuid",
			);
		});
	});

	describe("exportMe", () => {
		it("should call usersService.exportUserData", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.exportMe(req);
			expect(usersService.exportUserData).toHaveBeenCalledWith("user-uuid");
		});
	});

	describe("updateMe", () => {
		it("should call usersService.update", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			const dto = { displayName: "New Name" };
			await controller.updateMe(req, dto);
			expect(usersService.update).toHaveBeenCalledWith("user-uuid", dto);
		});
	});

	describe("updateAvatar", () => {
		it("should call usersService.updateAvatar", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			const file = {} as Express.Multer.File;
			await controller.updateAvatar(req, file);
			expect(usersService.updateAvatar).toHaveBeenCalledWith("user-uuid", file);
		});
	});

	describe("updateConsent", () => {
		it("should call usersService.updateConsent", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			const dto = { termsVersion: "1.0", privacyVersion: "1.0" };
			await controller.updateConsent(req, dto);
			expect(usersService.updateConsent).toHaveBeenCalledWith(
				"user-uuid",
				"1.0",
				"1.0",
			);
		});
	});

	describe("removeMe", () => {
		it("should call usersService.remove", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.removeMe(req);
			expect(usersService.remove).toHaveBeenCalledWith("user-uuid");
		});
	});

	describe("removeAdmin", () => {
		it("should call usersService.remove", async () => {
			await controller.removeAdmin("target-uuid");
			expect(usersService.remove).toHaveBeenCalledWith("target-uuid");
		});
	});

	describe("setup2fa", () => {
		it("should call authService.generateTwoFactorSecret", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.setup2fa(req);
			expect(authService.generateTwoFactorSecret).toHaveBeenCalledWith(
				"user-uuid",
			);
		});
	});

	describe("enable2fa", () => {
		it("should call authService.enableTwoFactor", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.enable2fa(req, "token123");
			expect(authService.enableTwoFactor).toHaveBeenCalledWith(
				"user-uuid",
				"token123",
			);
		});
	});

	describe("disable2fa", () => {
		it("should call authService.disableTwoFactor", async () => {
			const req = { user: { sub: "user-uuid" } } as AuthenticatedRequest;
			await controller.disable2fa(req, "token123");
			expect(authService.disableTwoFactor).toHaveBeenCalledWith(
				"user-uuid",
				"token123",
			);
		});
	});
});