defmodule MvWeb.UserLive.FormTest do use MvWeb.ConnCase, async: true import Phoenix.LiveViewTest # Helper to setup authenticated connection and live view defp setup_live_view(conn, path) do conn = conn_with_oidc_user(conn, %{email: "admin@example.com"}) live(conn, path) end describe "new user form - display" do test "shows correct form elements", %{conn: conn} do {:ok, view, html} = setup_live_view(conn, "/users/new") assert html =~ "New User" assert html =~ "Email" assert html =~ "Set Password" assert has_element?(view, "form#user-form[phx-submit='save']") assert has_element?(view, "input[name='user[email]']") assert has_element?(view, "input[type='checkbox'][name='set_password']") end test "hides password fields initially", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") refute has_element?(view, "input[name='user[password]']") refute has_element?(view, "input[name='user[password_confirmation]']") end test "shows password fields when checkbox toggled", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> element("input[name='set_password']") |> render_click() assert has_element?(view, "input[name='user[password]']") assert has_element?(view, "input[name='user[password_confirmation]']") assert render(view) =~ "Password requirements" end end describe "new user form - creation" do test "creates user without password", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> form("#user-form", user: %{email: "newuser@example.com"}) |> render_submit() assert_redirected(view, "/users") end test "creates user with password when enabled", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> element("input[name='set_password']") |> render_click() view |> form("#user-form", user: %{ email: "passworduser@example.com", password: "securepassword123", password_confirmation: "securepassword123" } ) |> render_submit() assert_redirected(view, "/users") end test "stores user data correctly", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> form("#user-form", user: %{email: "storetest@example.com"}) |> render_submit() user = Ash.get!( Mv.Accounts.User, [email: Ash.CiString.new("storetest@example.com")], domain: Mv.Accounts ) assert to_string(user.email) == "storetest@example.com" assert is_nil(user.hashed_password) end test "stores password when provided", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> element("input[name='set_password']") |> render_click() view |> form("#user-form", user: %{ email: "passwordstoretest@example.com", password: "securepassword123", password_confirmation: "securepassword123" } ) |> render_submit() user = Ash.get!( Mv.Accounts.User, [email: Ash.CiString.new("passwordstoretest@example.com")], domain: Mv.Accounts ) assert user.hashed_password != nil assert String.starts_with?(user.hashed_password, "$2b$") end end describe "new user form - validation" do test "shows error for duplicate email", %{conn: conn} do _existing_user = create_test_user(%{email: "existing@example.com"}) {:ok, view, _html} = setup_live_view(conn, "/users/new") html = view |> form("#user-form", user: %{email: "existing@example.com"}) |> render_submit() assert html =~ "has already been taken" end test "shows error for short password", %{conn: conn} do {:ok, view, _html} = setup_live_view(conn, "/users/new") view |> element("input[name='set_password']") |> render_click() html = view |> form("#user-form", user: %{ email: "test@example.com", password: "123", password_confirmation: "123" } ) |> render_submit() assert html =~ "length must be greater than or equal to 8" end end describe "edit user form - display" do test "shows correct form elements for existing user", %{conn: conn} do user = create_test_user(%{email: "editme@example.com"}) {:ok, view, html} = setup_live_view(conn, "/users/#{user.id}/edit") assert html =~ "Edit User" assert html =~ "Change Password" assert has_element?(view, "input[name='user[email]'][value='editme@example.com']") assert html =~ "Check 'Change Password' above to set a new password for this user" end test "shows admin password fields when enabled", %{conn: conn} do user = create_test_user(%{email: "editme@example.com"}) {:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit") view |> element("input[name='set_password']") |> render_click() assert has_element?(view, "input[name='user[password]']") refute has_element?(view, "input[name='user[password_confirmation]']") assert render(view) =~ "Admin Note" end end describe "edit user form - updates" do test "updates email without changing password", %{conn: conn} do user = create_test_user(%{email: "old@example.com"}) original_password = user.hashed_password {:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit") view |> form("#user-form", user: %{email: "new@example.com"}) |> render_submit() assert_redirected(view, "/users") updated_user = Ash.reload!(user, domain: Mv.Accounts) assert to_string(updated_user.email) == "new@example.com" assert updated_user.hashed_password == original_password end test "admin sets new password for user", %{conn: conn} do user = create_test_user(%{email: "user@example.com"}) original_password = user.hashed_password {:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit") view |> element("input[name='set_password']") |> render_click() view |> form("#user-form", user: %{ email: "user@example.com", password: "newadminpassword123" } ) |> render_submit() assert_redirected(view, "/users") updated_user = Ash.reload!(user, domain: Mv.Accounts) assert updated_user.hashed_password != original_password assert String.starts_with?(updated_user.hashed_password, "$2b$") end end describe "edit user form - validation" do test "shows error for duplicate email", %{conn: conn} do _existing_user = create_test_user(%{email: "taken@example.com"}) user_to_edit = create_test_user(%{email: "original@example.com"}) {:ok, view, _html} = setup_live_view(conn, "/users/#{user_to_edit.id}/edit") html = view |> form("#user-form", user: %{email: "taken@example.com"}) |> render_submit() assert html =~ "has already been taken" end test "shows error for invalid password", %{conn: conn} do user = create_test_user(%{email: "user@example.com"}) {:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit") view |> element("input[name='set_password']") |> render_click() result = view |> form("#user-form", user: %{ email: "user@example.com", password: "123" } ) |> render_submit() case result do {:error, {:live_redirect, %{to: "/users"}}} -> flunk("Expected validation error but form was submitted successfully") html when is_binary(html) -> assert html =~ "must have length of at least 8" end end end describe "internationalization" do test "shows German labels", %{conn: conn} do conn = conn_with_oidc_user(conn, %{email: "admin_de@example.com"}) conn = Plug.Test.init_test_session(conn, locale: "de") {:ok, _view, html} = live(conn, "/users/new") assert html =~ "Neuer Benutzer" assert html =~ "E-Mail" assert html =~ "Passwort setzen" end test "shows English labels", %{conn: conn} do conn = conn_with_oidc_user(conn, %{email: "admin_en@example.com"}) Gettext.put_locale(MvWeb.Gettext, "en") {:ok, _view, html} = live(conn, "/users/new") assert html =~ "New User" assert html =~ "Email" assert html =~ "Set Password" end test "shows different labels for edit vs new", %{conn: conn} do user = create_test_user(%{email: "test@example.com"}) conn = conn_with_oidc_user(conn, %{email: "admin@example.com"}) {:ok, _view, new_html} = live(conn, "/users/new") {:ok, _view, edit_html} = live(conn, "/users/#{user.id}/edit") assert new_html =~ "Set Password" assert edit_html =~ "Change Password" end end end