from random import random

from flask import url_for

from app.api.base import check_sudo_mode_is_active
from app.db import Session
from app.models import ApiKey
from tests.api.utils import get_new_user_and_api_key


def test_enter_sudo_mode(flask_client):
    user, api_key = get_new_user_and_api_key()
    password = f"passwd-{random()}"
    user.set_password(password)
    Session.commit()

    r = flask_client.patch(
        url_for("api.enter_sudo"),
        headers={"Authentication": api_key.code},
        json={"password": "invalid"},
    )

    assert r.status_code == 403
    assert not check_sudo_mode_is_active(ApiKey.get(id=api_key.id))

    r = flask_client.patch(
        url_for("api.enter_sudo"),
        headers={"Authentication": api_key.code},
        json={"password": password},
    )

    assert r.status_code == 200
    assert r.json == {"ok": True}
    assert check_sudo_mode_is_active(ApiKey.get(id=api_key.id))