import { eq } from 'drizzle-orm';
import { getMediaStatus } from '../src/actions/media';
import { db } from '../src/db';
import { users } from '../src/db/schema/auth';
import { media } from '../src/db/schema/media';
import { resources } from '../src/db/schema/resource';

async function upsertUser(email: string, name: string) {
  const [existing] = await db.select().from(users).where(eq(users.email, email)).limit(1);

  if (existing) {
    return existing;
  }

  const [created] = await db.insert(users).values({
    email,
    name,
    passwordHash: 'test_password_hash',
  }).returning();

  return created;
}

async function runTest() {
  console.log('🔐 Testing media permission checks...');

  const owner = await upsertUser('media-owner@ekb.com', 'Media Owner');
  const outsider = await upsertUser('media-outsider@ekb.com', 'Media Outsider');

  const [latestCompletedMedia] = await db
    .select()
    .from(media)
    .where(eq(media.status, 'completed'))
    .limit(1);

  if (!latestCompletedMedia?.metadata) {
    console.error('❌ No completed media found. Run npm run test:media-pipeline first.');
    process.exit(1);
  }

  const pathSuffix = `${Date.now()}-permission-test.mp4`;
  const [resource] = await db.insert(resources).values({
    name: 'permission-test.mp4',
    path: `/media/${pathSuffix}`,
    type: 'file',
    ownerId: owner.id,
  }).returning();

  const [ownedMedia] = await db.insert(media).values({
    resourceId: resource.id,
    filename: 'permission-test.mp4',
    storageKey: `uploads/${pathSuffix}`,
    mimeType: 'video/mp4',
    size: BigInt(1),
    status: 'completed',
    metadata: latestCompletedMedia.metadata,
  }).returning();

  const ownerStatus = await getMediaStatus(ownedMedia.id, {
    auth: { userId: owner.id, groupIds: [] },
  });

  if (!ownerStatus?.hlsUrl) {
    console.error('❌ Owner did not receive playback URL.');
    process.exit(1);
  }

  try {
    await getMediaStatus(ownedMedia.id, {
      auth: { userId: outsider.id, groupIds: [] },
    });
    console.error('❌ Outsider unexpectedly received media access.');
    process.exit(1);
  } catch (error) {
    const message = error instanceof Error ? error.message : String(error);
    if (!message.includes('No matching permission')) {
      throw error;
    }
  }

  console.log('✅ Media permission checks passed.');
  process.exit(0);
}

runTest().catch((error) => {
  console.error('❌ Test failed with error:', error);
  process.exit(1);
});