using System.Reflection;
using JobTrackerApi.Controllers;
using Xunit;

namespace JobTrackerApi.Tests;

public sealed class AttachmentsControllerTests
{
    [Fact]
    public void Controller_requires_local_authorization()
    {
        var attribute = typeof(AttachmentsController).GetCustomAttribute<Microsoft.AspNetCore.Authorization.AuthorizeAttribute>();
        Assert.NotNull(attribute);
        Assert.Equal("local", attribute!.AuthenticationSchemes);
    }

    [Fact]
    public void Allowed_extensions_include_common_document_and_image_formats()
    {
        var field = typeof(AttachmentsController).GetField("AllowedExtensions", BindingFlags.NonPublic | BindingFlags.Static);
        Assert.NotNull(field);

        var allowed = Assert.IsAssignableFrom<System.Collections.IEnumerable>(field!.GetValue(null));
        var values = allowed.Cast<string>().ToHashSet(StringComparer.OrdinalIgnoreCase);

        Assert.Contains(".pdf", values);
        Assert.Contains(".docx", values);
        Assert.Contains(".png", values);
        Assert.DoesNotContain(".exe", values);
    }

    [Fact]
    public void Max_file_size_limit_is_10_mb()
    {
        var field = typeof(AttachmentsController).GetField("MaxFileSizeBytes", BindingFlags.NonPublic | BindingFlags.Static);
        Assert.NotNull(field);
        Assert.Equal(10 * 1024 * 1024, (long)field!.GetValue(null)!);
    }
}