-- Test contact_iban
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;

begin;

select plan(21);

set search_path to numerus, auth, public;

select has_table('contact_iban');
select has_pk('contact_iban' );
select table_privs_are('contact_iban', 'guest', array []::text[]);
select table_privs_are('contact_iban', 'invoicer', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('contact_iban', 'admin', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('contact_iban', 'authenticator', array []::text[]);

select has_column('contact_iban', 'contact_id');
select col_is_pk('contact_iban', 'contact_id');
select col_is_fk('contact_iban', 'contact_id');
select fk_ok('contact_iban', 'contact_id', 'contact', 'contact_id');
select col_type_is('contact_iban', 'contact_id', 'integer');
select col_not_null('contact_iban', 'contact_id');
select col_hasnt_default('contact_iban', 'contact_id');

select has_column('contact_iban', 'iban');
select col_type_is('contact_iban', 'iban', 'iban');
select col_not_null('contact_iban', 'iban');
select col_hasnt_default('contact_iban', 'iban');


set client_min_messages to warning;
truncate contact_iban cascade;
truncate contact cascade;
truncate company_user cascade;
truncate payment_method cascade;
truncate company cascade;
truncate auth."user" cascade;
reset client_min_messages;

set constraints "company_default_payment_method_id_fkey" deferred;

insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
     , (5, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;

insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code, default_payment_method_id)
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', 'ES', 'EUR', 222)
     , (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', 'FR', 'USD', 444)
;

insert into payment_method (payment_method_id, company_id, name, instructions)
values (444, 4, 'cash', 'cash')
     , (222, 2, 'cash', 'cash')
;

set constraints "company_default_payment_method_id_fkey" immediate;

insert into company_user (company_id, user_id)
values (2, 1)
     , (4, 5)
;

insert into contact (contact_id, company_id, name)
values (6, 2, 'C1')
     , (8, 4, 'C2')
     , (9, 4, 'C3')
;

insert into contact_iban (contact_id, iban)
values (6, 'NL35INGB5262865534')
     , (8, 'MT47JQRS54557143744629565915326')
;

prepare contact_data as
select company_id, iban::text
from contact
join contact_iban using (contact_id)
order by company_id, iban;

set role invoicer;
select is_empty('contact_data', 'Should show no data when cookie is not set yet');
reset role;

select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog');
select bag_eq(
	'contact_data',
	$$ values (2, 'NL35INGB5262865534')
	$$,
	'Should only list contacts of the companies where demo@tandem.blog is user of'
);
reset role;

select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog');
select bag_eq(
	'contact_data',
	$$ values (4, 'MT47JQRS54557143744629565915326')
	$$,
	'Should only list contacts of the companies where admin@tandem.blog is user of'
);
reset role;

select set_cookie('not-a-cookie');
select throws_ok(
	'contact_data',
	'42501', 'permission denied for table contact',
	'Should not allow select to guest users'
);
reset role;

select *
from finish();

rollback;