-- Test change_password
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;

begin;

select plan(14);

set search_path to numerus, auth, public;

select has_function('numerus', 'change_password', array ['text']);
select function_lang_is('numerus', 'change_password', array ['text'], 'sql');
select function_returns('numerus', 'change_password', array ['text'], 'void');
select is_definer('numerus', 'change_password', array ['text']);
select volatility_is('numerus', 'change_password', array ['text'], 'volatile');
select function_privs_are('numerus', 'change_password', array ['text'], 'guest', array []::text[]);
select function_privs_are('numerus', 'change_password', array ['text'], 'invoicer', array ['EXECUTE']);
select function_privs_are('numerus', 'change_password', array ['text'], 'admin', array ['EXECUTE']);
select function_privs_are('numerus', 'change_password', array ['text'], 'authenticator', array []::text[]);

set client_min_messages to warning;
truncate auth."user" cascade;
reset client_min_messages;

insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
     , (9, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;

select lives_ok( $$ select change_password('another') $$, 'Should run even without current user' );

select isnt_empty (
	$$ select * from auth."user" where password = crypt('test', password) $$,
	'Should not have changed any password'
);

select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog');

select lives_ok( $$ select change_password('another') $$, 'Should run with the correct user' );

reset role;

select isnt_empty (
	$$ select * from auth."user" where email = 'demo@tandem.blog' and password = crypt('another', password) $$,
	'Should have changed the password of the current user'
);

select isnt_empty (
	$$ select * from auth."user" where email = 'admin@tandem.blog' and password = crypt('test', password) $$,
	'Should not have changed any other password'
);

select *
from finish();

rollback;