"""Integration tests for profile update functionality.""" from flask import url_for def test_profile_update_get_shows_form(client, auth_participant): """GET shows edit form with current values.""" response = client.get(url_for("participant.profile_edit")) assert response.status_code == 200 assert auth_participant.name.encode() in response.data assert b"Edit Your Profile" in response.data def test_profile_update_post_success(client, auth_participant, db): """POST updates profile successfully.""" response = client.post( url_for("participant.profile_edit"), data={"name": "Updated Name", "gift_ideas": "Updated ideas"}, follow_redirects=True, ) assert response.status_code == 200 assert b"profile has been updated" in response.data # Verify database db.session.refresh(auth_participant) assert auth_participant.name == "Updated Name" assert auth_participant.gift_ideas == "Updated ideas" def test_profile_update_name_change(client, auth_participant, db): """Name updates in database.""" original_name = auth_participant.name client.post( url_for("participant.profile_edit"), data={"name": "New Name", "gift_ideas": ""}, follow_redirects=True, ) db.session.refresh(auth_participant) assert auth_participant.name == "New Name" assert auth_participant.name != original_name def test_profile_update_locked_after_matching( client, exchange_factory, participant_factory ): """Profile edit blocked after matching.""" exchange = exchange_factory(state="matched") participant = participant_factory(exchange=exchange) with client.session_transaction() as session: session["user_id"] = participant.id session["user_type"] = "participant" session["exchange_id"] = exchange.id response = client.get(url_for("participant.profile_edit"), follow_redirects=True) assert b"profile is locked" in response.data def test_profile_update_form_validation_empty_name(client, auth_participant): """Empty name shows validation error.""" # auth_participant fixture sets up the session _ = auth_participant # Mark as used response = client.post( url_for("participant.profile_edit"), data={"name": "", "gift_ideas": "Test"} ) assert response.status_code == 200 assert ( b"Name is required" in response.data or b"This field is required" in response.data ) def test_profile_update_requires_auth(client): """Profile edit requires authentication.""" response = client.get(url_for("participant.profile_edit"), follow_redirects=False) assert response.status_code == 403 def test_profile_update_strips_whitespace(client, auth_participant, db): """Whitespace is stripped from name and gift ideas.""" client.post( url_for("participant.profile_edit"), data={"name": " Spaces ", "gift_ideas": " Gift "}, follow_redirects=True, ) db.session.refresh(auth_participant) assert auth_participant.name == "Spaces" assert auth_participant.gift_ideas == "Gift" def test_dashboard_shows_edit_link_when_allowed(client, auth_participant): """Dashboard shows edit profile link when editing is allowed.""" response = client.get( url_for("participant.dashboard", id=auth_participant.exchange_id) ) assert response.status_code == 200 assert b"Edit Profile" in response.data def test_dashboard_hides_edit_link_after_matching( client, exchange_factory, participant_factory ): """Dashboard hides edit profile link after matching.""" exchange = exchange_factory(state="matched") participant = participant_factory(exchange=exchange) with client.session_transaction() as session: session["user_id"] = participant.id session["user_type"] = "participant" session["exchange_id"] = exchange.id response = client.get(url_for("participant.dashboard", id=exchange.id)) assert response.status_code == 200 # Edit link should not be present assert b"Edit Profile" not in response.data