<?php

use App\Models\User;
use App\Models\Workspace;
use App\Models\WorkspaceMembership;

it('denies non-members with not-found semantics for workspace-scoped routes', function () {
    $user = User::factory()->create();
    $workspace = Workspace::factory()->create();

    $this->actingAs($user);

    $this->get("/admin/w/{$workspace->getKey()}/ping")
        ->assertNotFound();
});

it('allows members to access workspace-scoped routes', function () {
    $user = User::factory()->create();
    $workspace = Workspace::factory()->create();
    WorkspaceMembership::factory()->for($workspace)->for($user)->create(['role' => 'owner']);

    $this->actingAs($user);

    $this->get("/admin/w/{$workspace->getKey()}/ping")
        ->assertNoContent();
});

it('redirects members from the workspace root into the admin panel', function () {
    $user = User::factory()->create();
    $workspace = Workspace::factory()->create();
    WorkspaceMembership::factory()->for($workspace)->for($user)->create(['role' => 'owner']);

    $this->actingAs($user);

    $this->get("/admin/w/{$workspace->getKey()}")
        ->assertRedirect('/admin/tenants');
});

it('denies non-members with not-found semantics for the workspace root', function () {
    $user = User::factory()->create();
    $workspace = Workspace::factory()->create();

    $this->actingAs($user);

    $this->get("/admin/w/{$workspace->getKey()}")
        ->assertNotFound();
});