const request = require('supertest');
const app = require('../src/server');
const { requireRole } = require('../middleware/role.middleware');

describe('Role Middleware', () => {
  // Test for a route that requires 'admin' role
  it('should deny access to users without admin role', async () => {
    const response = await request(app)
      .get('/admin/users')
      .set('Authorization', 'Bearer invalid-token');
    
    expect(response.status).toBe(401);
  });

  // Test for a route that requires 'moderator' role
  it('should deny access to users without moderator role', async () => {
    const response = await request(app)
      .get('/moderator/reports')
      .set('Authorization', 'Bearer invalid-token');
    
    expect(response.status).toBe(401);
  });

  // Test for a route that requires 'user' role
  it('should deny access to users without user role', async () => {
    const response = await request(app)
      .get('/profile')
      .set('Authorization', 'Bearer invalid-token');
    
    expect(response.status).toBe(401);
  });
});