import { sanitizeDiscountCode } from '../features/order-ship/utils/sanitizeDiscountCode';

describe( 'sanitizeDiscountCode', () => {
	// ---- Positive tests ----

	it( 'passes through a clean alphanumeric code unchanged', () => {
		expect( sanitizeDiscountCode( 'SAVE10' ) ).toBe( 'SAVE10' );
	} );

	it( 'allows hyphens and underscores', () => {
		expect( sanitizeDiscountCode( 'MY_CODE-123' ) ).toBe( 'MY_CODE-123' );
	} );

	it( 'trims leading and trailing whitespace', () => {
		expect( sanitizeDiscountCode( '  HELLO  ' ) ).toBe( 'HELLO' );
	} );

	it( 'accepts exactly 50 characters without truncating', () => {
		const input = 'A'.repeat( 50 );
		expect( sanitizeDiscountCode( input ) ).toBe( input );
	} );

	it( 'accepts mixed case alphanumeric', () => {
		expect( sanitizeDiscountCode( 'AbCd1234' ) ).toBe( 'AbCd1234' );
	} );

	// ---- Negative tests ----

	it( 'returns empty string for undefined', () => {
		expect( sanitizeDiscountCode( undefined ) ).toBe( '' );
	} );

	it( 'returns empty string for null (type-cast)', () => {
		expect( sanitizeDiscountCode( null as any ) ).toBe( '' );
	} );

	it( 'returns empty string for whitespace-only input', () => {
		expect( sanitizeDiscountCode( '   ' ) ).toBe( '' );
	} );

	it( 'strips special characters from XSS attempt', () => {
		expect( sanitizeDiscountCode( '<script>alert(1)</script>' ) ).toBe( 'scriptalert1script' );
	} );

	it( 'strips SQL-injection-style characters', () => {
		expect( sanitizeDiscountCode( "'; DROP TABLE--" ) ).toBe( 'DROPTABLE--' );
	} );

	it( 'truncates input longer than 50 characters', () => {
		const input = 'A'.repeat( 60 );
		expect( sanitizeDiscountCode( input ) ).toHaveLength( 50 );
	} );

	it( 'strips percent-encoded characters', () => {
		expect( sanitizeDiscountCode( 'CODE%20TEST' ) ).toBe( 'CODE20TEST' );
	} );
} );