import json
from mikromon import db
from mikromon.models import User, Role, RoleName, Dashboard
from mikromon.security.passwords import hash_password

def _login(client, email, password):
    return client.post("/auth/login", data={"email":email,"password":password}, follow_redirects=False)

def test_api_me_requires_login(client, app):
    r = client.get("/api/v1/me")
    assert r.status_code in (302, 401)

def test_dashboard_acl(client, app):
    with app.app_context():
        user_role = Role.query.filter_by(name=RoleName.USER.value).first()
            if not user_role:
                user_role = Role(name=RoleName.USER.value)
                db.session.add(user_role); db.session.commit()
        u1 = User(email="a@example.com", password_hash=hash_password("Password123!"), role_id=user_role.id)
        u2 = User(email="b@example.com", password_hash=hash_password("Password123!"), role_id=user_role.id)
        db.session.add_all([u1,u2]); db.session.commit()
        d = Dashboard(owner_id=u1.id, name="D1", description="")
        db.session.add(d); db.session.commit()
        did = d.id
    _login(client, "b@example.com", "Password123!")
    r = client.get(f"/api/v1/dashboards/{did}")
    assert r.status_code == 403