<?php

declare(strict_types=1);

use App\Support\Verification\TenantPermissionCheckClusters;

it('maps configured permission rows to provider requirement keys', function (): void {
    $roleDefinitionRow = [
        'key' => 'RoleManagement.Read.Directory',
        'type' => 'application',
        'description' => null,
        'features' => ['directory-role-definitions'],
        'status' => 'missing',
        'details' => null,
    ];

    $groupRow = [
        'key' => 'Group.Read.All',
        'type' => 'application',
        'description' => null,
        'features' => ['directory-groups'],
        'status' => 'missing',
        'details' => null,
    ];

    expect(TenantPermissionCheckClusters::requirementKeysForPermissionRow($roleDefinitionRow))
        ->toContain('provider.directory_role_definitions', 'permissions.admin_consent')
        ->and(TenantPermissionCheckClusters::requirementKeysForPermissionRow($groupRow))
        ->toContain('permissions.directory_groups', 'permissions.admin_consent')
        ->and(TenantPermissionCheckClusters::rowsForRequirementKey([$roleDefinitionRow, $groupRow], 'provider.directory_role_definitions'))
        ->toHaveCount(1);
});