package adminroles_test

import (
	"testing"

	"github.com/fiskerinc/cloud-services/pkg/adminroles"
	"github.com/fiskerinc/cloud-services/pkg/testhelper"
)

const testRole = "7bcdcdb2-3279-44bf-a998-771bab4b33e1"
const missingPermission = "missing permission"

func TestCheck(t *testing.T) {
	type testCase struct {
		Name          string
		Roles         []string
		ExpectedError string
	}

	tests := []testCase{
		{
			Name:          "Nil roles",
			Roles:         nil,
			ExpectedError: missingPermission,
		},
		{
			Name:          "Empty roles",
			Roles:         []string{},
			ExpectedError: missingPermission,
		},
		{
			Name:          "Bad role",
			Roles:         []string{"XXXXXXXXXXXXX"},
			ExpectedError: "Key: '[0]' Error:Field validation for '[0]' failed on the 'uuid' tag",
		},
		{
			Name:  "Bad role 2",
			Roles: []string{testRole, "YYYYYY", "ZZZZZZZ"},
			ExpectedError: `Key: '[1]' Error:Field validation for '[1]' failed on the 'uuid' tag
Key: '[2]' Error:Field validation for '[2]' failed on the 'uuid' tag`,
		},
		{
			Name:          "Good",
			Roles:         []string{testRole},
			ExpectedError: "",
		},
	}

	checker := adminroles.RolesChecker{
		RequiredRoles: []string{testRole},
	}
	for _, test := range tests {
		err := checker.Check(test.Roles)
		if err != nil && err.Error() != test.ExpectedError {
			t.Errorf(testhelper.TestErrorTemplate, test.Name, test.ExpectedError, err.Error())
		}
		if test.ExpectedError == "" && err != nil {
			t.Errorf(testhelper.TestErrorTemplate, test.Name, test.ExpectedError, err.Error())
		}
	}
}

func TestCheckGroup(t *testing.T) {

	type testCase struct {
		Name          string
		Groups        string
		ExpectedError string
	}

	tests := []testCase{
		{
			Name:          "No groups",
			Groups:        "",
			ExpectedError: missingPermission,
		},
		{
			Name:          "No groups 2",
			Groups:        "    ",
			ExpectedError: missingPermission,
		},
		{
			Name:          "Does not have group",
			Groups:        "[8d8278a5-9c0e-4c7f-918a-811fd1d236e4, 6c3cf98d-0ada-48c6-ae94-b171cfa275fc, 56ef4bec-d739-4ddf-a003-ecc813085b8d, efcc3025-e2d8-4212-8227-805c7be39d2c, 5515a98f-4668-4121-8e8d-fee2825699cf, 86956a2f-8d46-47ff-9b29-f99079ae3c1d, c4d4361c-8882-47b4-8641-fd3ab68ae722]",
			ExpectedError: missingPermission,
		},
		{
			Name:          "Partial role id",
			Groups:        "[7bcdcdb2-3279-44bf-a998]",
			ExpectedError: "Key: '[0]' Error:Field validation for '[0]' failed on the 'uuid' tag",
		},
		{
			Name:   "Bad group ids",
			Groups: "[[8d8278a59c0e4c7f918a811fd1d236e4, 6c3cf98d-0ada-48c6-ae94-b171cfa275fcXXXXXXX]",
			ExpectedError: `Key: '[0]' Error:Field validation for '[0]' failed on the 'uuid' tag
Key: '[1]' Error:Field validation for '[1]' failed on the 'uuid' tag`,
		},
		{
			Name:          "Has permission",
			Groups:        "[8d8278a5-9c0e-4c7f-918a-811fd1d236e4, 6c3cf98d-0ada-48c6-ae94-b171cfa275fc, 56ef4bec-d739-4ddf-a003-ecc813085b8d, efcc3025-e2d8-4212-8227-805c7be39d2c, 5515a98f-4668-4121-8e8d-fee2825699cf, 86956a2f-8d46-47ff-9b29-f99079ae3c1d, c4d4361c-8882-47b4-8641-fd3ab68ae722, 7bcdcdb2-3279-44bf-a998-771bab4b33e1]",
			ExpectedError: "",
		},
	}

	checker := adminroles.RolesChecker{
		RequiredRoles: []string{testRole},
	}
	for _, test := range tests {
		err := checker.CheckGroups(test.Groups)
		if err != nil && err.Error() != test.ExpectedError {
			t.Errorf(testhelper.TestErrorTemplate, test.Name, test.ExpectedError, err.Error())
		}
		if test.ExpectedError == "" && err != nil {
			t.Errorf(testhelper.TestErrorTemplate, test.Name, test.ExpectedError, err.Error())
		}
	}
}