# frozen_string_literal: true

require 'spec_helper'

describe Projects::ClustersController do
  set(:project) { create(:project) }

  it_behaves_like 'cluster metrics' do
    let(:user) { create(:user) }
    let(:clusterable) { project }

    let(:cluster) do
      create(:cluster, :project, :provided_by_gcp, projects: [project])
    end

    let(:metrics_params) do
      {
        namespace_id: project.namespace,
        project_id: project,
        id: cluster
      }
    end

    before do
      clusterable.add_maintainer(user)
    end

    context 'with inappropriate requests' do
      context 'with annoymous user' do
        before do
          sign_out(user)
        end

        it 'redirects to signin page' do
          get :prometheus_proxy, params: prometheus_proxy_params

          expect(response).to redirect_to(new_user_session_path)
        end
      end

      context 'with invalid clusterable id' do
        before do
          sign_in(user)
        end

        let(:other_clusterable) { create(:project) }

        it 'returns 404' do
          get :prometheus_proxy, params: prometheus_proxy_params(id: other_clusterable.id)

          expect(response).to have_gitlab_http_status(:not_found)
        end
      end
    end

    describe 'security' do
      let(:prometheus_adapter) { double(:prometheus_adapter, can_query?: true, query: nil) }

      before do
        sign_in(user)
        allow(controller).to receive(:prometheus_adapter).and_return(prometheus_adapter)
      end

      it { expect { go }.to be_allowed_for(:admin) }
      it { expect { go }.to be_allowed_for(:owner).of(clusterable) }
      it { expect { go }.to be_allowed_for(:maintainer).of(clusterable) }
      it { expect { go }.to be_denied_for(:developer).of(clusterable) }
      it { expect { go }.to be_denied_for(:reporter).of(clusterable) }
      it { expect { go }.to be_denied_for(:guest).of(clusterable) }
      it { expect { go }.to be_denied_for(:user) }
      it { expect { go }.to be_denied_for(:external) }
    end
  end

  private

  def prometheus_proxy_params(params = {})
    {
      id: cluster.id.to_s,
      namespace_id: project.namespace.full_path,
      project_id: project.name,
      proxy_path: 'query',
      query: '1'
    }.merge(params)
  end
end