using System.Collections.Generic;
using System.Linq;
using AutoFixture;
using Flexitime.Objects;
using FlexitimeAPI.Helpers;
using FluentAssertions;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Moq;
using Xunit;

namespace FlexitimeApi.UnitTests
{
    public class AuthorizeAttributeTests
    {
        private readonly Fixture _f = new();

        [Fact]
        public void AuthorizeAttribute_Should_AuthorizeWithNoExplicitPermissions()
        {
            var sut = new AuthorizeAttribute();
            var mockUser = _f.Build<User>()
                .Without(x => x.Permissions)
                .Without(x => x.Groups)
                .Without(x => x.Team)
                .Create();
            var ctx = SetupContext(mockUser);
            sut.OnAuthorization(ctx);

            ctx.Result.Should().BeNull();
        }

        [Fact]
        public void AuthorizeAttribute_ShouldNot_AuthorizeWhenUserHasInvalidPermission()
        {
            var mockUser = _f.Build<User>()
                .With(x => x.Permissions,
                    _f.Build<Permission>().With(y => y.Tag, "g.x").Without(y => y.Application).CreateMany(1).ToList())
                .Without(x => x.Groups)
                .Without(x => x.Team)
                .Create();

            var ctx = SetupContext(mockUser);

            var sut = new AuthorizeAttribute {Permissions = new[] {"u.w"}};
            
            sut.OnAuthorization(ctx);

            ctx.Result.Should().BeOfType<JsonResult>();
            var actual = ctx.Result as JsonResult;
            actual.StatusCode.Should().Be(401);
        }

        [Fact]
        public void AuthorizeAttribute_Should_AuthorizeWithCorrectExplicitPermission()
        {
            var mockUser = _f.Build<User>()
                .With(x => x.Permissions,
                    _f.Build<Permission>().With(y => y.Tag, "g.x").Without(y => y.Application).CreateMany(1).ToList())
                .Without(x => x.Groups)
                .Without(x => x.Team)
                .Create();

            var ctx = SetupContext(mockUser);

            var sut = new AuthorizeAttribute {Permissions = new[] {"g.x"}};
            
            sut.OnAuthorization(ctx);

            ctx.Result.Should().BeNull();
        }

        private AuthorizationFilterContext SetupContext(User mockUser)
        {
            var httpContextMock = new Mock<HttpContext>();
            httpContextMock
                .Setup(a => a.Request.Headers["Authorization"])
                .Returns("mock WRONG apikey");

            httpContextMock.SetupGet(x => x.Items)
                .Returns(new Dictionary<object, object?> {{"User", mockUser}});

            ActionContext fakeActionContext =
                new ActionContext(httpContextMock.Object,
                    new Microsoft.AspNetCore.Routing.RouteData(),
                    new Microsoft.AspNetCore.Mvc.Abstractions.ActionDescriptor());

            var ret = new AuthorizationFilterContext(fakeActionContext, 
                new List<IFilterMetadata>());

            return ret;
        }
    }
}