MODE=TAP,20

# Test creating deleting bindings.

BEGINPERL

my $mech;

subtest 'Login' => sub {
    plan tests => 4;

    $mech = webui_login(
        username => 'user2',
        password => 'user2',
        url      => "http://$webhost",
    );
};

$mech->follow_link( text_regex => qr/View My Details/ );

(my $principal_id = $mech->uri()) =~ s/^.*&id=(\d+)$/$1/;

my $edit_url = $mech->uri();

$mech->follow_link( text_regex => qr/Create Collection/ );
my $create_collection_url = $mech->uri();

# Create 3 binds for testing deletion.
# 0 = Delete by the principal who created it.
# 1 = Try to delete by another principal
# 2 = Try to delete by another principal
my @col_id;
my @binding_id;

for (my $i = 0; $i < 3; $i++) {
    $col_id[$i] = create_collection($mech, $create_collection_url, $i);
    $binding_id[$i] = create_binding($mech, $edit_url, $i, "/user2/test_binding_collection_$i/");
}

#$mech->save_content("$save_location/$case-A", binmode => ':utf8');

# Delete our first binding.
$mech->get("http://$webhost/admin.php?action=edit&t=principal&id=$principal_id&bind_id=" . $binding_id[0] . "&subaction=delete_bind_in");
$mech->follow_link( text_regex => qr/Confirm Deletion of the Binding/ );

$mech->content_contains(
    'Binding deleted',
    'Binding deleted message displayed'
);

#diag("Saved content of B to $save_location/$case-B");
#$mech->save_content("$save_location/$case-B", binmode => ':utf8');

my $mech_other;
subtest 'Login as user1' => sub {
    plan tests => 4;

    $mech_other = webui_login(
        username => 'user1',
        password => 'user1',
        url      => "http://$webhost",
    );
};

$mech_other->follow_link( text_regex => qr/View My Details/ );
(my $other_principal_id = $mech_other->uri()) =~ s/^.*&id=(\d+)$/$1/;

# Try delete binding as another user, should be rejected.
$mech_other->get("http://$webhost/admin.php?action=edit&t=principal&id=$principal_id&bind_id=" . $binding_id[1] . "&subaction=delete_bind_in");
$mech_other->follow_link( text_regex => qr/Confirm Deletion of the Binding/ );

$mech_other->content_contains(
    'You are not allowed to delete bindings for this principal.',
    'Binding deletion error displayed when specifying other principal and their bind'
);

#diag("Saved content of C to $save_location/$case-C");
#$mech_other->save_content("$save_location/$case-C", binmode => ':utf8');


# Try delete other users binding as us, should be rejected.
$mech_other->get("http://$webhost/admin.php?action=edit&t=principal&id=$other_principal_id&bind_id=" . $binding_id[2] . "&subaction=delete_bind_in");
$mech_other->follow_link( text_regex => qr/Confirm Deletion of the Binding/ );

$mech_other->content_contains(
    'Binding deletion failed.',
    'Binding deletion error display when specifying our principal and their collection'
);

#diag("Saved content of D to $save_location/$case-D");
#$mech_other->save_content("$save_location/$case-D", binmode => ':utf8');

sub create_collection {
    my ($mech, $create_url, $i) = @_;

    $mech->get($create_url);

    # Create a collection
    $mech->submit_form_ok(
        {
            form_number => 1,
            button      => 'submit',
            fields      => {
                collection_name  => "test_binding_collection_$i",
                dav_displayname  => "Test binding_Collection $i",
                description      => "Description for Binding Collection $i",
            },
        }, "Create collection - $i"
    );

    $mech->content_contains(
        'Creating new Collection.',
        "Collection created message displayed - $i"
    );

    if ($mech->content() =~ /Collection ID:.*?(\d+)/m) {
        return $1;
    }
}



sub create_binding {
    my ($mech, $create_url, $i, $collection) = @_;

    $mech->get($create_url);

    # Create a binding
    $mech->submit_form_ok(
        {
            form_number => 4,
            button      => 'bindingrow',
            fields      => {
                dav_name        => "/user2/binding$i",
                dav_displayname => "Binding $i",
                source          => $collection,
            },
        }, "Create binding - $i"
    );

    $mech->content_contains(
        'Creating new binding for this principal',
        "Binding created message displayed - $i"
    );

    if ($mech->content() =~ m,^(?:<tbody>|</tr>)<tr class="r\d+"><td class="left">(\d+)</td>\s*<td style="white-space:nowrap;">$collection</td>,m) {
        pass("Binding with collection path displayed - $i");
        return $1;
    }
}

ENDPERL


# Check that the state of the following collections:
# 0 = Deleted
# 1 = Exists
# 2 = Exists
# Hard as the ticket ID will change... Exclude that from the query.
BEGINQUERY
SELECT d.dav_name, d.dav_displayname, c.dav_name
FROM dav_binding AS d LEFT JOIN collection AS c ON (d.bound_source_id = c.collection_id)
WHERE d.dav_name like '/user2/binding%'
ORDER BY d.dav_name;
ENDQUERY