package integration_test

import (
	"context"
	"fmt"
	"time"

	"github.com/thoas/go-funk"
	"github.com/udacity/graphb"

	"edge-infra.dev/pkg/edge/api/bsl/types"
	"edge-infra.dev/pkg/edge/api/graph/model"
	"edge-infra.dev/pkg/edge/api/middleware"
	"edge-infra.dev/test/framework/integration"
)

func (s *Suite) TestCreateOrUpdateSecretManagerSecret() {
	integration.SkipIf(s.Framework)
	var response struct{ CreateOrUpdateSecretManagerSecret bool }
	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	var secretManagerQuery struct {
		SecretManagerSecret model.SecretManagerResponse
	}
	getSecretManagerSecrets1 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
	s.NotNil(secretManagerQuery.SecretManagerSecret)
	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
	s.NotNil(secretManagerQuery.SecretManagerSecret.Updated)
	s.Equal(1, len(secretManagerQuery.SecretManagerSecret.Values))
	s.Equal("dockerconfigjson", secretManagerQuery.SecretManagerSecret.Values[0].Key)
	s.NotEmpty(secretManagerQuery.SecretManagerSecret.Values[0].Value)
	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)

	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250002"},
		{Key: "docker-password", Value: "password12"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
	var secretManagerQuery2 struct {
		SecretManagerSecret model.SecretManagerResponse
	}
	getSecretManagerSecrets2 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery2)
	s.NotNil(secretManagerQuery2.SecretManagerSecret)
	s.Equal(name, secretManagerQuery2.SecretManagerSecret.Name)
	s.Equal(1, len(secretManagerQuery2.SecretManagerSecret.Values))
	s.Equal("dockerconfigjson", secretManagerQuery2.SecretManagerSecret.Values[0].Key)
	s.NotEmpty(secretManagerQuery2.SecretManagerSecret.Values[0].Value)
	//compare values to ensure secret was updated
	s.NotEqual(secretManagerQuery2.SecretManagerSecret.Values[0].Value, secretManagerQuery.SecretManagerSecret.Values[0].Value)
}

func (s *Suite) TestDeleteSecretManagerSecretDocker() {
	integration.SkipIf(s.Framework)
	var response struct{ CreateOrUpdateSecretManagerSecret bool }
	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	var deleteResponse struct{ DeleteSecretManagerSecret bool }
	deleteMutation := deleteSecretManagerSecretMutation(testOrgBannerEdgeID, name)
	ResolverClient.MustPost(deleteMutation, &deleteResponse)
	s.NotNil(deleteResponse.DeleteSecretManagerSecret)
	s.Equal(true, deleteResponse.DeleteSecretManagerSecret)
}

func (s *Suite) TestDeleteSecretManagerSecretHelm() {
	integration.SkipIf(s.Framework)
	var response struct{ CreateOrUpdateSecretManagerSecret bool }
	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge-helm", "helm-repository", "tenant", []model.KeyValues{
		{Key: "helmUrl", Value: "http://ncredge.com"},
		{Key: "username", Value: "test1"},
		{Key: "password", Value: "password1"},
		{Key: "helm_repo_name", Value: "test-helm-repo"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	var deleteResponse struct{ DeleteSecretManagerSecret bool }
	deleteMutation := deleteSecretManagerSecretMutation(testOrgBannerEdgeID, name)
	ResolverClient.MustPost(deleteMutation, &deleteResponse)
	s.NotNil(deleteResponse.DeleteSecretManagerSecret)
	s.Equal(true, deleteResponse.DeleteSecretManagerSecret)
}

func (s *Suite) TestGetSecretManagerSecret() {
	integration.SkipIf(s.Framework)
	var response struct{ CreateOrUpdateSecretManagerSecret bool }
	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	var secretManagerQuery struct {
		SecretManagerSecret model.SecretManagerResponse
	}
	// getValues: false
	getSecretManagerSecrets1 := getSecretManagerSecret(name, testOrgBannerEdgeID, false)
	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
	s.NotNil(secretManagerQuery.SecretManagerSecret)
	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
	s.Nil(secretManagerQuery.SecretManagerSecret.Updated)
	s.Equal(0, len(secretManagerQuery.SecretManagerSecret.Values))
	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)

	// getValues: true
	getSecretManagerSecrets2 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery)
	s.NotNil(secretManagerQuery.SecretManagerSecret)
	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
	s.NotNil(secretManagerQuery.SecretManagerSecret.Updated)
	s.Equal(1, len(secretManagerQuery.SecretManagerSecret.Values))
	s.Equal("dockerconfigjson", secretManagerQuery.SecretManagerSecret.Values[0].Key)
	s.NotEmpty(secretManagerQuery.SecretManagerSecret.Values[0].Value)
	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)
}

func (s *Suite) TestSecretManagerSecrets() {
	integration.SkipIf(s.Framework)

	var response struct{ CreateOrUpdateSecretManagerSecret bool }
	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	name2 := fmt.Sprintf("test-get-secret-manager-true-list2-%d", time.Now().UnixNano())
	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name2, "edge", "docker-registry", "tenant", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	name3 := fmt.Sprintf("test-get-secret-manager-no-owner-%d", time.Now().UnixNano())
	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name3, "edge", "docker-registry", "edge", []model.KeyValues{
		{Key: "docker-username", Value: "jd250001"},
		{Key: "docker-password", Value: "password1"},
		{Key: "docker-server", Value: "https://example.com"},
	})
	ResolverClient.MustPost(mutation, &response)
	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)

	var secretManagerQuery struct {
		SecretManagerSecrets []*model.SecretManagerResponse
	}
	// getValues: false
	getSecretManagerSecrets1 := getSecretManagerSecrets(testOrgBannerEdgeID, false)
	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
	s.NotNil(secretManagerQuery.SecretManagerSecrets)
	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)

	secret1 := funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
	secret2 := funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}

	s.Equal(name, secretManagerQuery.SecretManagerSecrets[0].Name)
	s.Equal(name2, secretManagerQuery.SecretManagerSecrets[1].Name)
	for _, secret := range secretManagerQuery.SecretManagerSecrets {
		s.Equal("tenant", *secret.Owner)
		s.Equal("test-org", secret.Project)
		s.NotNil(secret.Created)
		s.Nil(secret.Updated)
		s.Equal(0, len(secret.Values))
		s.Equal("docker-registry", *secret.Type)
		s.Equal("tenant", *secret.Workload)
	}
	// getValues: true
	getSecretManagerSecrets2 := getSecretManagerSecrets(testOrgBannerEdgeID, true)
	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery)
	s.NotNil(secretManagerQuery.SecretManagerSecrets)
	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)
	secret1 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
	secret2 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}

	s.Equal(secretManagerQuery.SecretManagerSecrets[0].Name, name)
	s.Equal(secretManagerQuery.SecretManagerSecrets[1].Name, name2)
	for _, secret := range secretManagerQuery.SecretManagerSecrets {
		s.Equal("tenant", *secret.Owner)
		s.Equal("test-org", secret.Project)
		s.NotNil(secret.Created)
		s.NotNil(secret.Updated)
		s.Equal(1, len(secret.Values))
		s.Equal("docker-registry", *secret.Type)
		s.Equal("tenant", *secret.Workload)
	}
	// no owner filter passed in
	c := middleware.NewContext(context.Background(), &types.AuthUser{
		Organization: "test-org",
	})
	typeArg := "docker-registry"
	secretManagerQuery.SecretManagerSecrets, err = s.Resolver.Query().SecretManagerSecrets(c, testOrgBannerEdgeID, nil, &typeArg, false)
	s.NotNil(secretManagerQuery.SecretManagerSecrets)
	s.Nil(err)
	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)
	secret1 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
	secret2 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}

	s.Equal(name, secretManagerQuery.SecretManagerSecrets[0].Name)
	s.Equal(name2, secretManagerQuery.SecretManagerSecrets[1].Name)
	for _, secret := range secretManagerQuery.SecretManagerSecrets {
		s.Equal("tenant", *secret.Owner)
		s.Equal("test-org", secret.Project)
		s.Equal("docker-registry", *secret.Type)
		s.Equal("tenant", *secret.Workload)
	}
}

func createOrUpdateSecretManagerSecretMutation(bannerEdgeID, name, workload, _type, owner string, keyValues []model.KeyValues) string { //nolint: unparam
	args := []graphb.Argument{
		graphb.ArgumentString("bannerEdgeId", bannerEdgeID),
		graphb.ArgumentString("name", name),
		graphb.ArgumentString("type", _type),
		graphb.ArgumentString("owner", owner),
	}
	var valuesArgs [][]graphb.Argument
	for _, kv := range keyValues {
		elem := graphb.ArgumentCustomTypeSliceElem(graphb.ArgumentString("key", kv.Key), graphb.ArgumentString("value", kv.Value))
		valuesArgs = append(valuesArgs, elem)
	}
	args = append(args, graphb.ArgumentCustomTypeSlice("values", valuesArgs...))
	if workload != "" {
		args = append(args, graphb.ArgumentString("workload", workload))
	}
	return MustParse(graphb.Query{
		Type: graphb.TypeMutation,
		Fields: []*graphb.Field{
			{
				Name:      "createOrUpdateSecretManagerSecret",
				Arguments: args,
			},
		},
	})
}

func getSecretManagerSecret(name, bannerEdgeID string, getValues bool) string { //nolint: unparam
	args := []graphb.Argument{
		graphb.ArgumentString("name", name),
		graphb.ArgumentString("bannerEdgeId", bannerEdgeID),
		graphb.ArgumentBool("getValues", getValues),
	}
	fields := []*graphb.Field{graphb.NewField("values", graphb.OfFields("key", "value"))}
	return MustParse(graphb.Query{
		Type: graphb.TypeQuery,
		Fields: []*graphb.Field{
			{
				Name:      "secretManagerSecret",
				Arguments: args,
				Fields:    append(fields, graphb.Fields("name", "project", "created", "updated", "type", "workload", "owner")...),
			},
		},
	})
}

func getSecretManagerSecrets(banner string, getValues bool) string {
	args := []graphb.Argument{
		graphb.ArgumentString("bannerEdgeId", banner),
		graphb.ArgumentBool("getValues", getValues),
	}
	fields := []*graphb.Field{graphb.NewField("values", graphb.OfFields("key", "value"))}
	return MustParse(graphb.Query{
		Type: graphb.TypeQuery,
		Fields: []*graphb.Field{
			{
				Name:      "secretManagerSecrets",
				Arguments: args,
				Fields:    append(fields, graphb.Fields("name", "project", "created", "updated", "type", "workload", "owner")...),
			},
		},
	})
}

func deleteSecretManagerSecretMutation(banner, name string) string {
	return MustParse(graphb.Query{
		Type: graphb.TypeMutation,
		Fields: []*graphb.Field{
			{
				Name: "deleteSecretManagerSecret",
				Arguments: []graphb.Argument{
					graphb.ArgumentString("bannerEdgeId", banner),
					graphb.ArgumentString("name", name),
				},
			},
		},
	})
}