src/test/java/com/dalab/autodelete/controller/DeletionConfigControllerTest.java

package com.dalab.autodelete.controller;

import com.dalab.autodelete.dto.DeletionConfigDTO;
import com.dalab.autodelete.service.IDeletionConfigService;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.http.MediaType;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.web.servlet.MockMvc;

import java.util.ArrayList;

import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.*;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;

@WebMvcTest(DeletionConfigController.class)
class DeletionConfigControllerTest {

    @Autowired
    private MockMvc mockMvc;

    @MockBean
    private IDeletionConfigService deletionConfigService;

    @Autowired
    private ObjectMapper objectMapper;

    private DeletionConfigDTO sampleConfigDTO;

    @BeforeEach
    void setUp() {
        sampleConfigDTO = DeletionConfigDTO.builder()
                .enabled(true)
                .softDeleteByDefault(true)
                .defaultSoftDeleteRetentionDays(30L)
                .requireApprovalForHardDelete(true)
                .requireApprovalForSoftDelete(false)
                .notificationEmailsOnError(new ArrayList<>()) 
                .build();
    }

    @Test
    @WithMockUser(authorities = "ADMIN")
    void getDeletionConfiguration_AsAdmin_ShouldReturnConfig() throws Exception {
        when(deletionConfigService.getDeletionConfig()).thenReturn(sampleConfigDTO);

        mockMvc.perform(get("/api/v1/deletion/config"))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.enabled").value(true))
                .andExpect(jsonPath("$.softDeleteByDefault").value(true));
    }

    @Test
    @WithMockUser(authorities = "CDO")
    void getDeletionConfiguration_AsCDO_ShouldReturnConfig() throws Exception {
        when(deletionConfigService.getDeletionConfig()).thenReturn(sampleConfigDTO);

        mockMvc.perform(get("/api/v1/deletion/config"))
                .andExpect(status().isOk());
    }
    
    @Test
    @WithMockUser(authorities = "VIEWER") // A regular user should not access this
    void getDeletionConfiguration_AsUser_ShouldBeForbidden() throws Exception {
        mockMvc.perform(get("/api/v1/deletion/config"))
                .andExpect(status().isForbidden());
    }

    @Test
    @WithMockUser(authorities = "ADMIN")
    void updateDeletionConfiguration_AsAdmin_ShouldReturnOk() throws Exception {
        doNothing().when(deletionConfigService).updateDeletionConfig(any(DeletionConfigDTO.class));

        mockMvc.perform(put("/api/v1/deletion/config")
                        .with(csrf())
                        .contentType(MediaType.APPLICATION_JSON)
                        .content(objectMapper.writeValueAsString(sampleConfigDTO)))
                .andExpect(status().isOk());

        verify(deletionConfigService, times(1)).updateDeletionConfig(any(DeletionConfigDTO.class));
    }

    @Test
    @WithMockUser(authorities = "CDO")
    void updateDeletionConfiguration_AsCDO_ShouldBeForbidden() throws Exception {
        mockMvc.perform(put("/api/v1/deletion/config")
                        .with(csrf())
                        .contentType(MediaType.APPLICATION_JSON)
                        .content(objectMapper.writeValueAsString(sampleConfigDTO)))
                .andExpect(status().isForbidden());
    }
     @Test
    @WithMockUser(authorities = "ADMIN")
    void updateDeletionConfiguration_WithNullBody_AsAdmin_ShouldReturnBadRequest() throws Exception {
        // Simulate service throwing IllegalArgumentException for null DTO
        doThrow(new IllegalArgumentException("DTO cannot be null")).when(deletionConfigService).updateDeletionConfig(null);

        mockMvc.perform(put("/api/v1/deletion/config")
                        .with(csrf())
                        .contentType(MediaType.APPLICATION_JSON)
                        /* .content(objectMapper.writeValueAsString(null)) */) // Sending empty content or invalid content
                .andExpect(status().isBadRequest()); // Spring typically handles invalid JSON or missing body as 400
    }
}