import requests
import json

# Configuration
BASE_URL = "https://dev-api.oneskyit.com" 
SEARCH_ENDPOINT = f"{BASE_URL}/v3/crud/site_domain/search"
RESTRICTED_ENDPOINT = f"{BASE_URL}/v3/crud/journal/search"

def test_site_domain_exception():
    print("--- Testing site_domain guest access (Exception) ---")
    search_query = {
        "q": "%",  # Match all for testing
        "and": []
    }
    
    try:
        # No Authorization or X-Account-ID headers provided
        response = requests.post(SEARCH_ENDPOINT, json=search_query)
        print(f"Status Code: {response.status_code}")
        
        if response.status_code == 200:
            data = response.json()
            print("SUCCESS: site_domain search allowed without authentication.")
            print(f"Result count: {len(data.get('data', []))}")
        else:
            print(f"FAILED: site_domain search returned {response.status_code}")
            print(response.text)
            
    except Exception as e:
        print(f"Error during site_domain test: {e}")

def test_restricted_search():
    print("\n--- Testing restricted search (Should fail) ---")
    search_query = {"q": "%"}
    
    try:
        response = requests.post(RESTRICTED_ENDPOINT, json=search_query)
        print(f"Status Code: {response.status_code}")
        
        if response.status_code == 403:
            print("SUCCESS: Restricted search was correctly blocked (403 Forbidden).")
        else:
            print(f"FAILED: Restricted search returned {response.status_code} instead of 403.")
            
    except Exception as e:
        print(f"Error during restricted test: {e}")

if __name__ == "__main__":
    test_site_domain_exception()
    test_restricted_search()