const request = require('supertest');

const app = require('../../src/app');

describe('DELETE /v1/fragments', () => {
	// If the request is missing the Authorization header, it should be forbidden
	test('unauthenticated requests are denied', () =>
		request(app).delete('/v1/fragments/randomid').expect(401));

	// If the wrong username/password pair are used (no such user), it should be forbidden
	test('incorrect credentials are unauthorized', () =>
		request(app)
			.delete('/v1/fragments/randomid')
			.auth('invalid@email.com', 'incorrect_password')
			.expect(401));

	// No fragment with the given id
	test('return 404 if invalid id', async () => {
		const deleted = await request(app)
			.delete('/v1/fragments/randomid')
			.auth('user1@email.com', 'password1');

		expect(deleted.statusCode).toBe(404);
	});


	// after deleted successfully, it returns 200
	test('successful delete with auth returns 200', async () => {
		const postRes = await request(app)
			.post('/v1/fragments')
			.auth('user1@email.com', 'password1')
			.set('Content-Type', 'text/plain')
			.send('This is fragment');
            
		const fragmentId =  postRes.body.fragments.id;

		const deleted = await request(app)
			.delete(`/v1/fragments/${fragmentId}`)
			.auth('user1@email.com', 'password1');

		expect(deleted.statusCode).toBe(200);
	});
});