Turnpike/handle_settings_test.go

package main

import (
	"net/http"
	"net/http/httptest"
	"testing"
)

func TestGetSettings(t *testing.T) {
	app := testApp(t)
	admin := testAdminUser(t, app)
	token := testToken(t, app, admin)
	mux := testMux(app)

	req := testAuthRequest("GET", "/api/settings", nil, token)
	w := httptest.NewRecorder()
	mux.ServeHTTP(w, req)

	if w.Code != http.StatusOK {
		t.Fatalf("status = %d", w.Code)
	}
	result := parseJSON(t, w)
	if result["smtp_host"] == nil {
		t.Error("missing smtp_host key")
	}
}

func TestUpdateSettings(t *testing.T) {
	app := testApp(t)
	admin := testAdminUser(t, app)
	token := testToken(t, app, admin)
	mux := testMux(app)

	req := testAuthRequest("PUT", "/api/settings", map[string]any{
		"smtp_host":     "smtp.example.com",
		"smtp_port":     587,
		"smtp_password": "secret",
		"base_url":      "https://turnpike.example.com",
	}, token)
	w := httptest.NewRecorder()
	mux.ServeHTTP(w, req)

	if w.Code != http.StatusOK {
		t.Fatalf("status = %d\nbody: %s", w.Code, w.Body.String())
	}
	result := parseJSON(t, w)
	if result["smtp_host"] != "smtp.example.com" {
		t.Errorf("smtp_host = %v", result["smtp_host"])
	}
	if result["smtp_password"] != "***" {
		t.Errorf("smtp_password = %v, want '***'", result["smtp_password"])
	}
	if result["base_url"] != "https://turnpike.example.com" {
		t.Errorf("base_url = %v", result["base_url"])
	}
}

func TestResetTickets(t *testing.T) {
	app := testApp(t)
	admin := testAdminUser(t, app)
	token := testToken(t, app, admin)
	mux := testMux(app)

	p1, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})
	p2, _ := app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})
	app.createTicket(Ticket{ParticipantID: &p1.ID, Name: "Titania", Source: "manual"})
	app.createTicket(Ticket{ParticipantID: &p2.ID, Name: "Oberon", Source: "manual"})

	w := httptest.NewRecorder()
	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))

	if w.Code != 200 {
		t.Fatalf("status = %d: %s", w.Code, w.Body.String())
	}
	result := parseJSON(t, w)
	if result["deleted"] != float64(2) {
		t.Fatalf("deleted = %v, want 2", result["deleted"])
	}

	tickets, _ := app.listTickets(nil, "")
	if len(tickets) != 0 {
		t.Fatalf("tickets remaining = %d, want 0", len(tickets))
	}
}

func TestResetTicketsRequiresAdmin(t *testing.T) {
	app := testApp(t)
	gate := testUserWithRoles(t, app, "Snug", []string{"gatekeeper"}, []int{})
	token := testToken(t, app, gate)
	mux := testMux(app)

	w := httptest.NewRecorder()
	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))

	if w.Code != 403 {
		t.Fatalf("status = %d, want 403", w.Code)
	}
}

func TestResetDepartmentsCascadesShifts(t *testing.T) {
	app := testApp(t)
	admin := testAdminUser(t, app)
	token := testToken(t, app, admin)
	mux := testMux(app)

	dept, _ := app.createDepartment(Department{Name: "Rangers"})
	app.createShift(Shift{DepartmentID: dept.ID, Day: "2026-03-01", StartTime: "09:00", EndTime: "12:00", Capacity: 5})

	shifts, _ := app.listShifts(nil, "", "")
	if len(shifts) != 1 {
		t.Fatalf("shifts before reset = %d, want 1", len(shifts))
	}

	w := httptest.NewRecorder()
	mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-departments", nil, token))

	if w.Code != 200 {
		t.Fatalf("status = %d: %s", w.Code, w.Body.String())
	}

	depts, _ := app.listDepartments("")
	if len(depts) != 0 {
		t.Fatalf("departments remaining = %d, want 0", len(depts))
	}

	shifts, _ = app.listShifts(nil, "", "")
	if len(shifts) != 0 {
		t.Fatalf("shifts should cascade-delete, remaining = %d", len(shifts))
	}
}

func TestSettingsNonAdminRejected(t *testing.T) {
	app := testApp(t)
	gate := testUserWithRoles(t, app, "Quince", []string{"gatekeeper"}, []int{})
	token := testToken(t, app, gate)
	mux := testMux(app)

	req := testAuthRequest("GET", "/api/settings", nil, token)
	w := httptest.NewRecorder()
	mux.ServeHTTP(w, req)

	if w.Code != http.StatusForbidden {
		t.Errorf("status = %d, want 403", w.Code)
	}
}
Added tests, shift 'delete'. Fixed overnight shifts, sync, error handling. 2026-03-03 12:50:24 -06:00			`package main`

			`import (`
			`"net/http"`
			`"net/http/httptest"`
			`"testing"`
			`)`

			`func TestGetSettings(t *testing.T) {`
			`app := testApp(t)`
			`admin := testAdminUser(t, app)`
			`token := testToken(t, app, admin)`
			`mux := testMux(app)`

			`req := testAuthRequest("GET", "/api/settings", nil, token)`
			`w := httptest.NewRecorder()`
			`mux.ServeHTTP(w, req)`

			`if w.Code != http.StatusOK {`
			`t.Fatalf("status = %d", w.Code)`
			`}`
			`result := parseJSON(t, w)`
			`if result["smtp_host"] == nil {`
			`t.Error("missing smtp_host key")`
			`}`
			`}`

			`func TestUpdateSettings(t *testing.T) {`
			`app := testApp(t)`
			`admin := testAdminUser(t, app)`
			`token := testToken(t, app, admin)`
			`mux := testMux(app)`

			`req := testAuthRequest("PUT", "/api/settings", map[string]any{`
			`"smtp_host": "smtp.example.com",`
			`"smtp_port": 587,`
			`"smtp_password": "secret",`
			`"base_url": "https://turnpike.example.com",`
			`}, token)`
			`w := httptest.NewRecorder()`
			`mux.ServeHTTP(w, req)`

			`if w.Code != http.StatusOK {`
			`t.Fatalf("status = %d\nbody: %s", w.Code, w.Body.String())`
			`}`
			`result := parseJSON(t, w)`
			`if result["smtp_host"] != "smtp.example.com" {`
			`t.Errorf("smtp_host = %v", result["smtp_host"])`
			`}`
			`if result["smtp_password"] != "***" {`
			`t.Errorf("smtp_password = %v, want '***'", result["smtp_password"])`
			`}`
			`if result["base_url"] != "https://turnpike.example.com" {`
			`t.Errorf("base_url = %v", result["base_url"])`
			`}`
			`}`

Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`func TestResetTickets(t *testing.T) {`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00			`app := testApp(t)`
			`admin := testAdminUser(t, app)`
			`token := testToken(t, app, admin)`
			`mux := testMux(app)`

Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`p1, _ := app.createParticipant(Participant{PreferredName: "Titania", Email: "titania@example.com"})`
			`p2, _ := app.createParticipant(Participant{PreferredName: "Oberon", Email: "oberon@example.com"})`
			`app.createTicket(Ticket{ParticipantID: &p1.ID, Name: "Titania", Source: "manual"})`
			`app.createTicket(Ticket{ParticipantID: &p2.ID, Name: "Oberon", Source: "manual"})`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00
			`w := httptest.NewRecorder()`
Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00
			`if w.Code != 200 {`
			`t.Fatalf("status = %d: %s", w.Code, w.Body.String())`
			`}`
			`result := parseJSON(t, w)`
			`if result["deleted"] != float64(2) {`
			`t.Fatalf("deleted = %v, want 2", result["deleted"])`
			`}`

Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`tickets, _ := app.listTickets(nil, "")`
			`if len(tickets) != 0 {`
			`t.Fatalf("tickets remaining = %d, want 0", len(tickets))`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00			`}`
			`}`

Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`func TestResetTicketsRequiresAdmin(t *testing.T) {`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00			`app := testApp(t)`
Refactored user/volunteer/participant identity. 2026-03-10 14:08:00 -05:00			`gate := testUserWithRoles(t, app, "Snug", []string{"gatekeeper"}, []int{})`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00			`token := testToken(t, app, gate)`
			`mux := testMux(app)`

			`w := httptest.NewRecorder()`
Cleaned up old Attendees model. Updated tests. 2026-03-04 15:27:03 -06:00			`mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-tickets", nil, token))`
Switched to path routing. Added data management. 2026-03-03 19:55:35 -06:00
			`if w.Code != 403 {`
			`t.Fatalf("status = %d, want 403", w.Code)`
			`}`
			`}`

			`func TestResetDepartmentsCascadesShifts(t *testing.T) {`
			`app := testApp(t)`
			`admin := testAdminUser(t, app)`
			`token := testToken(t, app, admin)`
			`mux := testMux(app)`

			`dept, _ := app.createDepartment(Department{Name: "Rangers"})`
			`app.createShift(Shift{DepartmentID: dept.ID, Day: "2026-03-01", StartTime: "09:00", EndTime: "12:00", Capacity: 5})`

			`shifts, _ := app.listShifts(nil, "", "")`
			`if len(shifts) != 1 {`
			`t.Fatalf("shifts before reset = %d, want 1", len(shifts))`
			`}`

			`w := httptest.NewRecorder()`
			`mux.ServeHTTP(w, testAuthRequest("POST", "/api/settings/reset-departments", nil, token))`

			`if w.Code != 200 {`
			`t.Fatalf("status = %d: %s", w.Code, w.Body.String())`
			`}`

			`depts, _ := app.listDepartments("")`
			`if len(depts) != 0 {`
			`t.Fatalf("departments remaining = %d, want 0", len(depts))`
			`}`

			`shifts, _ = app.listShifts(nil, "", "")`
			`if len(shifts) != 0 {`
			`t.Fatalf("shifts should cascade-delete, remaining = %d", len(shifts))`
			`}`
			`}`

Added tests, shift 'delete'. Fixed overnight shifts, sync, error handling. 2026-03-03 12:50:24 -06:00			`func TestSettingsNonAdminRejected(t *testing.T) {`
			`app := testApp(t)`
Refactored user/volunteer/participant identity. 2026-03-10 14:08:00 -05:00			`gate := testUserWithRoles(t, app, "Quince", []string{"gatekeeper"}, []int{})`
Added tests, shift 'delete'. Fixed overnight shifts, sync, error handling. 2026-03-03 12:50:24 -06:00			`token := testToken(t, app, gate)`
			`mux := testMux(app)`

			`req := testAuthRequest("GET", "/api/settings", nil, token)`
			`w := httptest.NewRecorder()`
			`mux.ServeHTTP(w, req)`

			`if w.Code != http.StatusForbidden {`
			`t.Errorf("status = %d, want 403", w.Code)`
			`}`
			`}`