import { test, expect } from '../fixtures';

test.describe('PATCH /auth/kyc — KYC verification (admin only)', () => {
  test('rejects unauthenticated KYC update', async ({ request }) => {
    const res = await request.patch('auth/kyc', {
      data: {
        userId: 'some-user-id',
        kycStatus: 'VERIFIED',
      },
    });

    expect(res.status()).toBe(401);
  });

  test('rejects KYC update from non-admin user', async ({ authedRequest }) => {
    const res = await authedRequest.patch('auth/kyc', {
      data: {
        userId: 'some-user-id',
        kycStatus: 'VERIFIED',
      },
    });

    expect(res.ok()).toBeFalsy();
    expect([401, 403]).toContain(res.status());
  });

  test('rejects KYC update with invalid status', async ({ authedRequest }) => {
    const res = await authedRequest.patch('auth/kyc', {
      data: {
        userId: 'some-user-id',
        kycStatus: 'INVALID_STATUS',
      },
    });

    expect(res.ok()).toBeFalsy();
    expect([400, 401, 403]).toContain(res.status());
  });
});