"""Tests for pass (проходка) management."""
import pytest
import sqlite3
import time
import secrets
from tests.conftest import auth_headers
import auth


class TestPassActivate:
    """Test /auth/pass/activate endpoint."""

    def test_activate_valid_pass(self, client, logged_in_user):
        """Create a pass code and activate it."""
        pass_code = f"TEST-PASS-{secrets.token_hex(4)}"
        
        # Create a pass in DB (use auth.AUTH_DB which is patched by conftest)
        conn = sqlite3.connect(str(auth.AUTH_DB))
        conn.execute(
            "INSERT INTO passes (code, is_active, max_uses, uses) VALUES (?, 1, 1, 0)",
            (pass_code,)
        )
        conn.commit()
        conn.close()
        
        resp = client.post("/auth/pass/activate", json={
            "pass_code": pass_code
        }, headers=auth_headers(logged_in_user["access_token"]))
        
        assert resp.status_code == 200
        data = resp.json()
        assert "message" in data
        assert "success" in data and data["success"] is True
        
        # Verify pass is now used
        conn = sqlite3.connect(str(auth.AUTH_DB))
        row = conn.execute("SELECT uses, activated_by FROM passes WHERE code = ?", (pass_code,)).fetchone()
        conn.close()
        assert row[0] == 1

    def test_activate_invalid_pass(self, client, logged_in_user):
        resp = client.post("/auth/pass/activate", json={
            "pass_code": "NONEXISTENT-CODE"
        }, headers=auth_headers(logged_in_user["access_token"]))
        assert resp.status_code == 404

    def test_activate_already_used_pass(self, client, logged_in_user):
        """Create an already-used pass."""
        pass_code = f"USED-PASS-{secrets.token_hex(4)}"
        
        conn = sqlite3.connect(str(auth.AUTH_DB))
        conn.execute(
            "INSERT INTO passes (code, is_active, max_uses, uses) VALUES (?, 1, 1, 1)",
            (pass_code,)
        )
        conn.commit()
        conn.close()
        
        resp = client.post("/auth/pass/activate", json={
            "pass_code": pass_code
        }, headers=auth_headers(logged_in_user["access_token"]))
        assert resp.status_code in (400, 404)  # 400 for max uses reached, 404 for not found

    def test_activate_pass_empty_code(self, client, logged_in_user):
        resp = client.post("/auth/pass/activate", json={
            "pass_code": ""
        }, headers=auth_headers(logged_in_user["access_token"]))
        assert resp.status_code == 422


class TestPassMyStatus:
    """Test /auth/pass/my endpoint."""

    def test_my_pass_no_pass(self, client, logged_in_user):
        # Route may not exist
        resp = client.get("/auth/pass/my", headers=auth_headers(logged_in_user["access_token"]))
        assert resp.status_code in (200, 404)
        if resp.status_code == 200:
            data = resp.json()
            assert "has_active" in data
            assert data["has_active"] is False