import { expect, test } from '@playwright/test';

const username = process.env.TEST_USERNAME;
const password = process.env.TEST_PASSWORD;

test.beforeEach(async ({ page }) => {
  test.skip(!username || !password, 'TEST_USERNAME/TEST_PASSWORD not set');
  await page.goto('/login');
  await page.getByLabel(/username/i).fill(username!);
  await page.getByLabel(/password/i).fill(password!);
  await page.getByRole('button', { name: /sign in|log in/i }).click();
  await expect(page).toHaveURL(/\/(?!login)/, { timeout: 10_000 });
});

test('admin can fetch the audit CSV export', async ({ page, request }) => {
  const csv = await request.get('/api/admin/audit/events.csv');
  expect(csv.status()).toBe(200);
  expect(csv.headers()['content-type']).toContain('text/csv');
  const body = await csv.text();
  expect(body.split('\n')[0]).toContain('createdAt');
  expect(body.split('\n')[0]).toContain('eventType');
});