crewli/api/tests/Feature/FormBuilder/Purposes/PurposeSchemaLifecycleTest.php

<?php

declare(strict_types=1);

namespace Tests\Feature\FormBuilder\Purposes;

use App\Enums\FormBuilder\FormFieldType;
use App\Enums\FormBuilder\FormPurpose;
use App\Exceptions\FormBuilder\PurposeRequirementsNotMetException;
use App\Models\FormBuilder\FormField;
use App\Models\FormBuilder\FormSchema;
use App\Models\Organisation;
use App\Models\User;
use App\Services\FormBuilder\FormSchemaService;
use Database\Seeders\RoleSeeder;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;

/**
 * Smoke-tests for the seven v1.0 purposes. Each purpose must support
 * create → publish end-to-end (with required bindings present). The two
 * purposes that declare required bindings (`event_registration`,
 * `supplier_intake`) also have negative tests that assert the pre-publish
 * guard fires.
 */
final class PurposeSchemaLifecycleTest extends TestCase
{
    use RefreshDatabase;

    private Organisation $org;

    private User $actor;

    private FormSchemaService $service;

    protected function setUp(): void
    {
        parent::setUp();
        $this->seed(RoleSeeder::class);

        $this->org = Organisation::factory()->create();
        $this->actor = User::factory()->create();
        $this->org->users()->attach($this->actor, ['role' => 'org_admin']);
        $this->actor->assignRole('org_admin');
        setPermissionsTeamId($this->org->id);

        $this->service = $this->app->make(FormSchemaService::class);
    }

    /** @return iterable<string, array{FormPurpose}> */
    public static function purposeProvider(): iterable
    {
        foreach (FormPurpose::cases() as $case) {
            yield $case->value => [$case];
        }
    }

    /** @dataProvider purposeProvider */
    public function test_create_and_publish_succeeds_for_purpose(FormPurpose $purpose): void
    {
        $schema = $this->service->create(
            $this->org,
            [
                'name' => 'Schema '.$purpose->value,
                'purpose' => $purpose->value,
            ],
            $this->actor,
        );
        $this->seedRequiredBindings($schema, $purpose);

        $published = $this->service->publish($schema->fresh('fields'), $this->actor);

        $this->assertTrue((bool) $published->is_published);
        $this->assertSame($purpose->value, $published->purpose->value ?? $published->purpose);
    }

    public function test_event_registration_without_required_bindings_fails_publish(): void
    {
        $schema = $this->service->create(
            $this->org,
            ['name' => 'ER', 'purpose' => FormPurpose::EVENT_REGISTRATION->value],
            $this->actor,
        );

        try {
            $this->service->publish($schema->fresh('fields'), $this->actor);
            $this->fail('Expected PurposeRequirementsNotMetException');
        } catch (PurposeRequirementsNotMetException $e) {
            $this->assertSame('event_registration', $e->purposeSlug);
            $this->assertSame(
                ['person.email', 'person.first_name', 'person.last_name'],
                $e->missingBindings,
            );
        }
    }

    public function test_supplier_intake_without_company_name_binding_fails_publish(): void
    {
        $schema = $this->service->create(
            $this->org,
            ['name' => 'SI', 'purpose' => FormPurpose::SUPPLIER_INTAKE->value],
            $this->actor,
        );

        try {
            $this->service->publish($schema->fresh('fields'), $this->actor);
            $this->fail('Expected PurposeRequirementsNotMetException');
        } catch (PurposeRequirementsNotMetException $e) {
            $this->assertSame('supplier_intake', $e->purposeSlug);
            $this->assertSame(['company.name'], $e->missingBindings);
        }
    }

    public function test_event_registration_partial_bindings_reports_only_missing(): void
    {
        $schema = $this->service->create(
            $this->org,
            ['name' => 'ER-partial', 'purpose' => FormPurpose::EVENT_REGISTRATION->value],
            $this->actor,
        );
        $this->addBindingField($schema, 'person', 'email', 'email');

        try {
            $this->service->publish($schema->fresh('fields'), $this->actor);
            $this->fail('Expected PurposeRequirementsNotMetException');
        } catch (PurposeRequirementsNotMetException $e) {
            $this->assertSame(
                ['person.first_name', 'person.last_name'],
                $e->missingBindings,
            );
        }
    }

    private function seedRequiredBindings(FormSchema $schema, FormPurpose $purpose): void
    {
        if ($purpose === FormPurpose::EVENT_REGISTRATION) {
            // RFC v1.1 §3 Q8 addendum: event_registration needs
            // default_crowd_type_id (RequiresDefaultCrowdType guard).
            $crowdType = \App\Models\CrowdType::factory()->create([
                'organisation_id' => $schema->organisation_id,
            ]);
            $schema->default_crowd_type_id = $crowdType->id;
            $schema->save();
        }

        match ($purpose) {
            FormPurpose::EVENT_REGISTRATION => [
                // WS-6 publish guards require: identity_key flag on email,
                // EMAIL field type present, unique trust levels per target.
                $this->addBindingField($schema, 'person', 'email', 'email', FormFieldType::EMAIL, isIdentityKey: true, trustLevel: 80),
                $this->addBindingField($schema, 'person', 'first_name', 'first_name', trustLevel: 70),
                $this->addBindingField($schema, 'person', 'last_name', 'last_name', trustLevel: 60),
            ],
            FormPurpose::SUPPLIER_INTAKE => [
                $this->addBindingField($schema, 'company', 'name', 'company_name', isIdentityKey: true, trustLevel: 80),
            ],
            default => null,
        };
    }

    private function addBindingField(
        FormSchema $schema,
        string $entity,
        string $column,
        string $slug,
        FormFieldType $fieldType = FormFieldType::TEXT,
        bool $isIdentityKey = false,
        int $trustLevel = 50,
    ): FormField {
        $field = FormField::factory()->create([
            'form_schema_id' => $schema->id,
            'field_type' => $fieldType->value,
            'slug' => $slug,
            'label' => ucfirst($slug),
        ]);
        \App\Models\FormBuilder\FormFieldBinding::factory()
            ->forField($field)
            ->entityOwned($entity, $column)
            ->create([
                'is_identity_key' => $isIdentityKey,
                'trust_level' => $trustLevel,
            ]);

        return $field;
    }
}