package info_test

import (
	"context"
	"fmt"
	"os"
	"testing"

	"github.com/stretchr/testify/require"
	corev1 "k8s.io/api/core/v1"
	"k8s.io/apimachinery/pkg/api/errors"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/runtime"
	"k8s.io/apimachinery/pkg/types"
	"k8s.io/client-go/rest"
	"sigs.k8s.io/controller-runtime/pkg/client"

	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
	clientgoscheme "k8s.io/client-go/kubernetes/scheme"

	edgeinfo "edge-infra.dev/config/components/info"
	"edge-infra.dev/pkg/edge/info"
	"edge-infra.dev/pkg/k8s/rbac"
	"edge-infra.dev/pkg/k8s/runtime/sap"
	"edge-infra.dev/test/f2"
	"edge-infra.dev/test/f2/x/ktest"
)

var f f2.Framework

func TestMain(m *testing.M) {
	f = f2.New(
		context.Background(),
		f2.WithExtensions(
			ktest.New(ktest.WithScheme(createScheme())),
		)).Teardown()
	os.Exit(f.Run(m))
}

func TestEdgeInfoConfigMap(t *testing.T) {
	var (
		unauthorized client.Client
		err          error
	)

	feature := f2.NewFeature("Edge Info Configmap").
		Setup("initialize unauthorized client and apply configmap", func(ctx f2.Context, t *testing.T) f2.Context {
			k := ktest.FromContextT(ctx, t)
			ucfg := rest.CopyConfig(k.Env.Config)
			ucfg.Impersonate = rest.ImpersonationConfig{
				Groups:   []string{rbac.AllAuthenticated},
				UserName: fmt.Sprintf("system:serviceaccount:%s:default", k.Namespace),
			}
			unauthorized, err = client.New(ucfg, client.Options{})
			require.NoError(t, err)
			rbac, err := edgeinfo.RBAC()
			require.NoError(t, err)
			mgr, err := sap.NewResourceManagerFromConfig(
				k.Env.Config,
				client.Options{},
				sap.Owner{Field: "edge-framework-edge-info", Group: "edge-framework"},
			)
			require.NoError(t, err)
			_, err = mgr.ApplyAll(ctx, rbac, sap.ApplyOptions{WaitTimeout: k.Env.Config.Timeout})
			require.NoError(t, err)
			err = k.Client.Create(ctx, emptyMap())
			require.NoError(t, err)
			return ctx
		}).
		Test("test RBAC Read", func(ctx f2.Context, t *testing.T) f2.Context {
			err := unauthorized.Get(ctx, configMapKey(), &corev1.ConfigMap{})
			require.NoError(t, err)
			return ctx
		}).
		Test("test RBAC Create", func(ctx f2.Context, t *testing.T) f2.Context {
			badGuyMap := badGuyMap()
			err := unauthorized.Create(ctx, badGuyMap)
			require.Error(t, err)
			require.True(t, errors.IsForbidden(err))
			return ctx
		}).
		Test("test RBAC Update", func(ctx f2.Context, t *testing.T) f2.Context {
			badGuyMap := badGuyMap()
			err := unauthorized.Update(ctx, badGuyMap)
			require.Error(t, err)
			require.True(t, errors.IsForbidden(err))
			return ctx
		}).
		Test("test RBAC Delete", func(ctx f2.Context, t *testing.T) f2.Context {
			err := unauthorized.Delete(ctx, emptyMap())
			require.Error(t, err)
			require.True(t, errors.IsForbidden(err))
			return ctx
		}).Feature()
	f.Test(t, feature)
}

func createScheme() *runtime.Scheme {
	scheme := runtime.NewScheme()
	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
	return scheme
}

// TODO: delete configmap on test cleanup

// TODO: move this into the actual package
func configMapKey() types.NamespacedName {
	return types.NamespacedName{
		Name:      info.EdgeConfigMapName,
		Namespace: info.EdgeConfigMapNS,
	}
}

func badGuyMap() *corev1.ConfigMap {
	cm := emptyMap()
	cm.Data = map[string]string{
		"foo": "fighter",
	}

	return cm
}

// TODO: move this into the actual package
func emptyMap() *corev1.ConfigMap {
	return &corev1.ConfigMap{
		ObjectMeta: metav1.ObjectMeta{
			Name: info.EdgeConfigMapName, Namespace: info.EdgeConfigMapNS,
		},
		Data: map[string]string{},
	}
}