import { describe, it, expect, beforeEach, vi } from 'vitest'; import { canEdit, isLoggedIn, getRole, authGuard, roleGuard } from '../../js/auth-state.js'; describe('auth-state', () => { beforeEach(() => { localStorage.clear(); }); it('canEdit allows admin and supervisor only', () => { localStorage.setItem('qdb_role', 'admin'); expect(canEdit()).toBe(true); localStorage.setItem('qdb_role', 'supervisor'); expect(canEdit()).toBe(true); localStorage.setItem('qdb_role', 'coach'); expect(canEdit()).toBe(false); }); it('isLoggedIn checks token', () => { expect(isLoggedIn()).toBe(false); localStorage.setItem('qdb_token', 't'); expect(isLoggedIn()).toBe(true); }); it('authGuard redirects when logged out', () => { const navigate = vi.fn(); const handler = vi.fn(); const guarded = authGuard(navigate, handler); guarded({}); expect(navigate).toHaveBeenCalledWith('#/login'); expect(handler).not.toHaveBeenCalled(); }); it('roleGuard redirects coach from admin routes', () => { localStorage.setItem('qdb_token', 't'); localStorage.setItem('qdb_role', 'coach'); const navigate = vi.fn(); const handler = vi.fn(); roleGuard(navigate, ['admin', 'supervisor'], handler)({}); expect(navigate).toHaveBeenCalledWith('#/'); }); });