# Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/

require 'rails_helper'

RSpec.describe 'User email verify endpoint', authenticated_as: false, type: :request do
  context 'when user verifies via email' do
    let(:user)   { create(:user, verified: false) }
    let(:params) { { token: token } }

    shared_examples 'returning unprocessable entity' do |message|
      it 'returns unprocessable entity' do
        expect(response).to have_http_status(:unprocessable_entity).and have_attributes(body: include(message))
      end
    end

    shared_examples 'returning success' do
      it 'returns success' do
        expect(response).to have_http_status(:ok)
      end
    end

    before do
      disable_user_create_account if defined?(disable_user_create_account)
      post api_v1_users_email_verify_path, params: params
    end

    context 'with disabled user signup' do
      let(:token) { User.signup_new_token(user)[:token].token } # NB: Don't ask!

      let(:disable_user_create_account) do
        Setting.set('user_create_account', false)
      end

      it_behaves_like 'returning unprocessable entity', 'This feature is not enabled.'
    end

    context 'with a valid token' do
      let(:token) { User.signup_new_token(user)[:token].token } # NB: Don't ask!

      it_behaves_like 'returning success'
    end

    context 'without a token parameter' do
      let(:params) { { foo: 'bar' } }

      it_behaves_like 'returning unprocessable entity', 'No token!'
    end

    context 'with an invalid token' do
      let(:token) { SecureRandom.urlsafe_base64(48) }

      it_behaves_like 'returning unprocessable entity', 'The provided token is invalid.'
    end
  end
end