// __tests__/integration/dashboard.test.js
// ... imports ...
describe("GET /dashboard (My Forms)", () => {
	let userToken;
	let userId;
	beforeEach(async () => {
		// Create user and login to get token
		const user = await User.create({
			email: "dash@example.com",
			password: "Password123!",
			is_verified: 1,
		});
		userId = user.id;
		const loginRes = await request(app)
			.post("/api/auth/login")
			.send({ email: "dash@example.com", password: "Password123!" });
		userToken = loginRes.body.data.accessToken;

		// Create some forms for this user
		await pool.query(
			"INSERT INTO forms (uuid, user_id, name) VALUES ($1, $2, $3), ($4, $2, $5)",
			[
				require("uuid").v4(),
				userId,
				"My First Form",
				require("uuid").v4(),
				"My Second Form",
			]
		);
		// Create a form for another user
		const otherUser = await User.create({
			email: "other@example.com",
			password: "Password123!",
		});
		await pool.query(
			"INSERT INTO forms (uuid, user_id, name) VALUES ($1, $2, $3)",
			[require("uuid").v4(), otherUser.id, "Other Users Form"]
		);
	});

	it("should list forms owned by the authenticated user", async () => {
		const res = await request(app)
			.get("/dashboard")
			.set("Authorization", `Bearer ${userToken}`); // Or handle session if dashboard uses sessions

		// If dashboard uses sessions, you need to manage login via supertest's agent:
		// const agent = request.agent(app);
		// await agent.post('/api/auth/login').send({ email: 'dash@example.com', password: 'Password123!' });
		// const res = await agent.get('/dashboard');

		expect(res.statusCode).toEqual(200);
		// For EJS, you'd check for HTML content:
		expect(res.text).toContain("My First Form");
		expect(res.text).toContain("My Second Form");
		expect(res.text).not.toContain("Other Users Form");
	});
	// ... more dashboard tests for create, settings, submissions view, API keys...
});