import { describe, it, expect } from 'vitest';
import { timingSafeEqual, isAdmin } from '../src/security';

describe('timingSafeEqual', () => {
  it('returns true for equal strings', () => {
    expect(timingSafeEqual('abc123', 'abc123')).toBe(true);
    expect(timingSafeEqual('secret-token', 'secret-token')).toBe(true);
  });

  it('returns false for different strings', () => {
    expect(timingSafeEqual('abc123', 'abc124')).toBe(false);
    expect(timingSafeEqual('short', 'longer')).toBe(false);
  });

  it('returns false for null/undefined', () => {
    expect(timingSafeEqual(null, 'abc')).toBe(false);
    expect(timingSafeEqual('abc', null)).toBe(false);
    expect(timingSafeEqual(null, null)).toBe(false);
    expect(timingSafeEqual(undefined, 'abc')).toBe(false);
    expect(timingSafeEqual('abc', undefined)).toBe(false);
    expect(timingSafeEqual(undefined, undefined)).toBe(false);
  });

  it('returns false for empty string vs non-empty', () => {
    expect(timingSafeEqual('', 'abc')).toBe(false);
    expect(timingSafeEqual('abc', '')).toBe(false);
  });
});

describe('isAdmin', () => {
  const adminIds = '123456,789012,345678';

  it('returns true for admin IDs', () => {
    expect(isAdmin('123456', adminIds)).toBe(true);
    expect(isAdmin('789012', adminIds)).toBe(true);
    expect(isAdmin('345678', adminIds)).toBe(true);
  });

  it('returns true for numeric admin ID', () => {
    expect(isAdmin(123456, adminIds)).toBe(true);
  });

  it('returns false for non-admin IDs', () => {
    expect(isAdmin('999999', adminIds)).toBe(false);
    expect(isAdmin('000000', adminIds)).toBe(false);
  });

  it('returns false when adminIds is undefined', () => {
    expect(isAdmin('123456', undefined)).toBe(false);
  });

  it('returns false when adminIds is empty', () => {
    expect(isAdmin('123456', '')).toBe(false);
  });

  it('handles whitespace in admin ID list', () => {
    expect(isAdmin('123', '123, 456, 789')).toBe(true);
    expect(isAdmin('456', '123, 456, 789')).toBe(true);
  });
});