using StellaOps.VulnExplorer.Api.Models;

namespace StellaOps.VulnExplorer.Api.Data;

internal static class SampleData
{
    private static readonly VulnSummary[] summaries =
    {
        new(
            Id: "vuln-0001",
            Severity: "HIGH",
            Score: 8.2,
            Kev: true,
            Exploitability: "known",
            FixAvailable: true,
            CveIds: new[] { "CVE-2025-0001" },
            Purls: new[] { "pkg:maven/org.example/app@1.2.3" },
            PolicyVersion: "policy-main",
            RationaleId: "rat-0001"),
        new(
            Id: "vuln-0002",
            Severity: "MEDIUM",
            Score: 5.4,
            Kev: false,
            Exploitability: "unknown",
            FixAvailable: false,
            CveIds: new[] { "CVE-2024-2222" },
            Purls: new[] { "pkg:npm/foo@4.5.6" },
            PolicyVersion: "policy-main",
            RationaleId: "rat-0002")
    };

    private static readonly VulnDetail[] details =
    {
        new(
            Id: "vuln-0001",
            Severity: "HIGH",
            Score: 8.2,
            Kev: true,
            Exploitability: "known",
            FixAvailable: true,
            CveIds: summaries[0].CveIds,
            Purls: summaries[0].Purls,
            Summary: "Example vulnerable library with RCE.",
            AffectedPackages: new[]
            {
                new PackageAffect("pkg:maven/org.example/app", new[] { "1.2.3" })
            },
            AdvisoryRefs: new[]
            {
                new AdvisoryRef("https://example.com/advisory/0001", "Upstream advisory")
            },
            Rationale: new PolicyRationale("rat-0001", "High severity RCE with known exploit; fix available"),
            Paths: new[] { "/src/app/Program.cs", "/src/lib/utils/net.cs" },
            Evidence: new[]
            {
                new EvidenceRef("sbom", "sbom-0001", "Inventory evidence"),
                new EvidenceRef("vex", "vex-0001", "Vendor statement")
            },
            FirstSeen: DateTimeOffset.Parse("2025-01-01T00:00:00Z"),
            LastSeen: DateTimeOffset.Parse("2025-11-01T00:00:00Z"),
            PolicyVersion: summaries[0].PolicyVersion,
            RationaleId: summaries[0].RationaleId,
            Provenance: new EvidenceProvenance("ledger-1", "evidence-1")),
        new(
            Id: "vuln-0002",
            Severity: "MEDIUM",
            Score: 5.4,
            Kev: false,
            Exploitability: "unknown",
            FixAvailable: false,
            CveIds: summaries[1].CveIds,
            Purls: summaries[1].Purls,
            Summary: "Prototype pollution risk.",
            AffectedPackages: new[]
            {
                new PackageAffect("pkg:npm/foo", new[] { "4.5.6" })
            },
            AdvisoryRefs: Array.Empty<AdvisoryRef>(),
            Rationale: new PolicyRationale("rat-0002", "Medium severity; no exploit observed; fix unavailable"),
            Paths: new[] { "/app/node_modules/foo/index.js" },
            Evidence: new[]
            {
                new EvidenceRef("sbom", "sbom-0002", "Inventory evidence")
            },
            FirstSeen: DateTimeOffset.Parse("2024-06-10T00:00:00Z"),
            LastSeen: DateTimeOffset.Parse("2025-08-15T00:00:00Z"),
            PolicyVersion: summaries[1].PolicyVersion,
            RationaleId: summaries[1].RationaleId,
            Provenance: new EvidenceProvenance("ledger-2", "evidence-2"))
    };

    public static IReadOnlyList<VulnSummary> Summaries => summaries;

    public static bool TryGetDetail(string id, out VulnDetail? detail)
    {
        detail = details.FirstOrDefault(d => string.Equals(d.Id, id, StringComparison.Ordinal));
        return detail is not null;
    }
}