sinon = require('sinon')
chai = require('chai')
should = chai.should()
expect = chai.expect
modulePath = "../../../../app/js/Features/User/UserController.js"
SandboxedModule = require('sandboxed-module')
events = require "events"
MockResponse = require "../helpers/MockResponse"
MockRequest = require "../helpers/MockRequest"
ObjectId = require("mongojs").ObjectId
assert = require("assert")

describe "UserController", ->
	beforeEach ->
		@user_id = "323123"

		@user =
			_id:@user_id
			save: sinon.stub().callsArgWith(0)
			ace:{}

		@req =
			user: {}
			session:
				destroy:->
				user :
					_id : @user_id
					email:"old@something.com"
			body:{}

		@UserDeleter =
			deleteUser: sinon.stub().callsArgWith(1)
		@UserGetter =
			getUser: sinon.stub().callsArgWith(1, null, @user)
		@User =
			findById: sinon.stub().callsArgWith(1, null, @user)
		@NewsLetterManager =
			unsubscribe: sinon.stub().callsArgWith(1)
		@UserRegistrationHandler =
			registerNewUser: sinon.stub()
		@AuthenticationController =
			establishUserSession: sinon.stub().callsArg(2)
			getLoggedInUserId: sinon.stub().returns(@user._id)
			getSessionUser: sinon.stub().returns(@req.session.user)
			setInSessionUser: sinon.stub()
		@AuthenticationManager =
			authenticate: sinon.stub()
			setUserPassword: sinon.stub()
		@ReferalAllocator =
			allocate:sinon.stub()
		@SubscriptionDomainHandler =
			autoAllocate:sinon.stub()
		@UserUpdater =
			changeEmailAddress:sinon.stub()
		@settings =
			siteUrl: "sharelatex.example.com"
		@UserHandler =
			populateGroupLicenceInvite:sinon.stub().callsArgWith(1)
		@UserSessionsManager =
			trackSession: sinon.stub()
			untrackSession: sinon.stub()
			revokeAllUserSessions: sinon.stub().callsArgWith(2, null)
		@SudoModeHandler =
			clearSudoMode: sinon.stub()
		@UserController = SandboxedModule.require modulePath, requires:
			"./UserGetter": @UserGetter
			"./UserDeleter": @UserDeleter
			"./UserUpdater":@UserUpdater
			"../../models/User": User:@User
			'../Newsletter/NewsletterManager':@NewsLetterManager
			"./UserRegistrationHandler":@UserRegistrationHandler
			"../Authentication/AuthenticationController": @AuthenticationController
			"../Authentication/AuthenticationManager": @AuthenticationManager
			"../Referal/ReferalAllocator":@ReferalAllocator
			"../Subscription/SubscriptionDomainHandler":@SubscriptionDomainHandler
			"./UserHandler":@UserHandler
			"./UserSessionsManager": @UserSessionsManager
			"../SudoMode/SudoModeHandler": @SudoModeHandler
			"settings-sharelatex": @settings
			"logger-sharelatex":
				log:->
				err:->
			"metrics-sharelatex": inc:->

		@res =
			send: sinon.stub()
			sendStatus: sinon.stub()
			json: sinon.stub()
		@next = sinon.stub()

	describe 'tryDeleteUser', ->

		beforeEach ->
			@req.body.password = 'wat'
			@req.logout = sinon.stub()
			@req.session.destroy = sinon.stub().callsArgWith(0, null)
			@AuthenticationController.getLoggedInUserId = sinon.stub().returns(@user._id)
			@AuthenticationManager.authenticate = sinon.stub().callsArgWith(2, null, @user)
			@UserDeleter.deleteUser = sinon.stub().callsArgWith(1, null)

		it 'should send 200', (done) ->
			@res.sendStatus = (code) =>
				code.should.equal 200
				done()
			@UserController.tryDeleteUser @req, @res, @next

		it 'should try to authenticate user', (done) ->
			@res.sendStatus = (code) =>
				@AuthenticationManager.authenticate.callCount.should.equal 1
				@AuthenticationManager.authenticate.calledWith({_id: @user._id}, @req.body.password).should.equal true
				done()
			@UserController.tryDeleteUser @req, @res, @next

		it 'should delete the user', (done) ->
			@res.sendStatus = (code) =>
				@UserDeleter.deleteUser.callCount.should.equal 1
				@UserDeleter.deleteUser.calledWith(@user._id).should.equal true
				done()
			@UserController.tryDeleteUser @req, @res, @next

		describe 'when no password is supplied', ->

			beforeEach ->
				@req.body.password = ''

			it 'should return 403', (done) ->
				@res.sendStatus = (code) =>
					code.should.equal 403
					done()
				@UserController.tryDeleteUser @req, @res, @next

		describe 'when authenticate produces an error', ->

			beforeEach ->
				@AuthenticationManager.authenticate = sinon.stub().callsArgWith(2, new Error('woops'))

			it 'should call next with an error', (done) ->
				@next = (err) =>
					expect(err).to.not.equal null
					expect(err).to.be.instanceof Error
					done()
				@UserController.tryDeleteUser @req, @res, @next

		describe 'when authenticate does not produce a user', ->

			beforeEach ->
				@AuthenticationManager.authenticate = sinon.stub().callsArgWith(2, null, null)

			it 'should return 403', (done) ->
				@res.sendStatus = (code) =>
					code.should.equal 403
					done()
				@UserController.tryDeleteUser @req, @res, @next

		describe 'when deleteUser produces an error', ->

			beforeEach ->
				@UserDeleter.deleteUser = sinon.stub().callsArgWith(1, new Error('woops'))

			it 'should call next with an error', (done) ->
				@next = (err) =>
					expect(err).to.not.equal null
					expect(err).to.be.instanceof Error
					done()
				@UserController.tryDeleteUser @req, @res, @next

		describe 'when session.destroy produces an error', ->

			beforeEach ->
				@req.session.destroy = sinon.stub().callsArgWith(0, new Error('woops'))

			it 'should call next with an error', (done) ->
				@next = (err) =>
					expect(err).to.not.equal null
					expect(err).to.be.instanceof Error
					done()
				@UserController.tryDeleteUser @req, @res, @next

	describe "unsubscribe", ->

		it "should send the user to unsubscribe", (done)->
			@res.send = (code)=>
				@NewsLetterManager.unsubscribe.calledWith(@user).should.equal true
				done()
			@UserController.unsubscribe @req, @res

	describe "updateUserSettings", ->
		beforeEach ->
			@newEmail = "hello@world.com"
			@req.externalAuthenticationSystemUsed = sinon.stub().returns(false)

		it "should call save", (done)->
			@req.body = {}
			@res.sendStatus = (code)=>
				@user.save.called.should.equal true
				done()
			@UserController.updateUserSettings @req, @res

		it "should set the first name", (done)->
			@req.body =
				first_name: "bobby  "
			@res.sendStatus = (code)=>
				@user.first_name.should.equal "bobby"
				done()
			@UserController.updateUserSettings @req, @res

		it "should set the role", (done)->
			@req.body =
				role: "student"
			@res.sendStatus = (code)=>
				@user.role.should.equal "student"
				done()
			@UserController.updateUserSettings @req, @res

		it "should set the institution", (done)->
			@req.body =
				institution: "MIT"
			@res.sendStatus = (code)=>
				@user.institution.should.equal "MIT"
				done()
			@UserController.updateUserSettings @req, @res

		it "should set some props on ace", (done)->
			@req.body =
				theme: "something"
			@res.sendStatus = (code)=>
				@user.ace.theme.should.equal "something"
				done()
			@UserController.updateUserSettings @req, @res

		it "should send an error if the email is 0 len", (done)->
			@req.body.email = ""
			@res.sendStatus = (code)->
				code.should.equal 400
				done()
			@UserController.updateUserSettings @req, @res

		it "should send an error if the email does not contain an @", (done)->
			@req.body.email = "bob at something dot com"
			@res.sendStatus = (code)->
				code.should.equal 400
				done()
			@UserController.updateUserSettings @req, @res

		it "should call the user updater with the new email and user _id", (done)->
			@req.body.email = @newEmail.toUpperCase()
			@UserUpdater.changeEmailAddress.callsArgWith(2)
			@res.sendStatus = (code)=>
				code.should.equal 200
				@UserUpdater.changeEmailAddress.calledWith(@user_id, @newEmail).should.equal true
				done()
			@UserController.updateUserSettings @req, @res

		it "should update the email on the session", (done)->
			@req.body.email = @newEmail.toUpperCase()
			@UserUpdater.changeEmailAddress.callsArgWith(2)
			callcount = 0
			@User.findById = (id, cb)=>
				if ++callcount == 2
					@user.email = @newEmail
				cb(null, @user)
			@res.sendStatus = (code)=>
				code.should.equal 200
				@AuthenticationController.setInSessionUser.calledWith(
					@req, {email: @newEmail, first_name: undefined, last_name: undefined}
				).should.equal true
				done()
			@UserController.updateUserSettings @req, @res

		it "should call populateGroupLicenceInvite", (done)->
			@req.body.email = @newEmail.toUpperCase()
			@UserUpdater.changeEmailAddress.callsArgWith(2)
			@res.sendStatus = (code)=>
				code.should.equal 200
				@UserHandler.populateGroupLicenceInvite.calledWith(@user).should.equal true
				done()
			@UserController.updateUserSettings @req, @res

		describe 'when using an external auth source', ->

			beforeEach ->
				@UserUpdater.changeEmailAddress.callsArgWith(2)
				@newEmail = 'someone23@example.com'
				@req.externalAuthenticationSystemUsed = sinon.stub().returns(true)

			it 'should not set a new email', (done) ->
				@req.body.email = @newEmail
				@res.sendStatus = (code)=>
					code.should.equal 200
					@UserUpdater.changeEmailAddress.calledWith(@user_id, @newEmail).should.equal false
					done()
				@UserController.updateUserSettings @req, @res

	describe "logout", ->

		it "should destroy the session", (done)->

			@req.session.destroy = sinon.stub().callsArgWith(0)
			@res.redirect = (url)=>
				url.should.equal "/login"
				@req.session.destroy.called.should.equal true
				done()

			@UserController.logout @req, @res

		it 'should clear sudo-mode', (done) ->
			@req.session.destroy = sinon.stub().callsArgWith(0)
			@SudoModeHandler.clearSudoMode = sinon.stub()
			@res.redirect = (url)=>
				url.should.equal "/login"
				@SudoModeHandler.clearSudoMode.callCount.should.equal 1
				@SudoModeHandler.clearSudoMode.calledWith(@user._id).should.equal true
				done()

			@UserController.logout @req, @res


	describe "register", ->
		beforeEach ->
			@UserRegistrationHandler.registerNewUserAndSendActivationEmail = sinon.stub().callsArgWith(1, null, @user, @url = "mock/url")
			@req.body.email = @user.email = @email = "email@example.com"
			@UserController.register @req, @res

		it "should register the user and send them an email", ->
			@UserRegistrationHandler.registerNewUserAndSendActivationEmail
				.calledWith(@email)
				.should.equal true

		it "should return the user and activation url", ->
			@res.json
				.calledWith({
					email: @email,
					setNewPasswordUrl: @url
				})
				.should.equal true

	describe 'clearSessions', ->

		it 'should call revokeAllUserSessions', (done) ->
			@UserController.clearSessions @req, @res
			@UserSessionsManager.revokeAllUserSessions.callCount.should.equal 1
			done()

		it 'send a 201 response', (done) ->
			@res.sendStatus = (status) =>
				status.should.equal 201
				done()
			@UserController.clearSessions @req, @res

		describe 'when revokeAllUserSessions produces an error', ->

			it 'should call next with an error', (done) ->
				@UserSessionsManager.revokeAllUserSessions.callsArgWith(2, new Error('woops'))
				next = (err) =>
					expect(err).to.not.equal null
					expect(err).to.be.instanceof Error
					done()
				@UserController.clearSessions @req, @res, next

	describe "changePassword", ->

		it "should check the old password is the current one at the moment", (done)->
			@AuthenticationManager.authenticate.callsArgWith(2)
			@req.body =
				currentPassword: "oldpasshere"
			@res.send = =>
				@AuthenticationManager.authenticate.calledWith(_id:@user._id, "oldpasshere").should.equal true
				@AuthenticationManager.setUserPassword.called.should.equal false
				done()
			@UserController.changePassword @req, @res


		it "it should not set the new password if they do not match", (done)->
			@AuthenticationManager.authenticate.callsArgWith(2, null, {})
			@req.body =
				newPassword1: "1"
				newPassword2: "2"
			@res.send = =>
				@AuthenticationManager.setUserPassword.called.should.equal false
				done()
			@UserController.changePassword @req, @res

		it "should set the new password if they do match", (done)->
			@AuthenticationManager.authenticate.callsArgWith(2, null, @user)
			@AuthenticationManager.setUserPassword.callsArgWith(2)
			@req.body =
				newPassword1: "newpass"
				newPassword2: "newpass"
			@res.send = =>
				@AuthenticationManager.setUserPassword.calledWith(@user._id, "newpass").should.equal true
				done()
			@UserController.changePassword @req, @res