using System.Linq;
using Microsoft.AspNetCore.Authorization;
using StellaOps.Auth.Abstractions;
using StellaOps.Auth.ServerIntegration;
using Xunit;

namespace StellaOps.Auth.ServerIntegration.Tests;

public class StellaOpsResourceServerPoliciesTests
{
    [Fact]
    public void AddObservabilityResourcePolicies_RegistersExpectedPolicies()
    {
        var options = new AuthorizationOptions();

        options.AddObservabilityResourcePolicies();

        AssertPolicy(options, StellaOpsResourceServerPolicies.ObservabilityRead, StellaOpsScopes.ObservabilityRead);
        AssertPolicy(options, StellaOpsResourceServerPolicies.ObservabilityIncident, StellaOpsScopes.ObservabilityIncident);
        AssertPolicy(options, StellaOpsResourceServerPolicies.TimelineRead, StellaOpsScopes.TimelineRead);
        AssertPolicy(options, StellaOpsResourceServerPolicies.TimelineWrite, StellaOpsScopes.TimelineWrite);
        AssertPolicy(options, StellaOpsResourceServerPolicies.EvidenceCreate, StellaOpsScopes.EvidenceCreate);
        AssertPolicy(options, StellaOpsResourceServerPolicies.EvidenceRead, StellaOpsScopes.EvidenceRead);
        AssertPolicy(options, StellaOpsResourceServerPolicies.EvidenceHold, StellaOpsScopes.EvidenceHold);
        AssertPolicy(options, StellaOpsResourceServerPolicies.AttestRead, StellaOpsScopes.AttestRead);
        AssertPolicy(options, StellaOpsResourceServerPolicies.ExportViewer, StellaOpsScopes.ExportViewer);
        AssertPolicy(options, StellaOpsResourceServerPolicies.ExportOperator, StellaOpsScopes.ExportOperator);
        AssertPolicy(options, StellaOpsResourceServerPolicies.ExportAdmin, StellaOpsScopes.ExportAdmin);
    }

    private static void AssertPolicy(AuthorizationOptions options, string policyName, string expectedScope)
    {
        var policy = options.GetPolicy(policyName);
        Assert.NotNull(policy);

        var requirement = Assert.Single(policy!.Requirements.OfType<StellaOpsScopeRequirement>());
        Assert.Equal(new[] { expectedScope }, requirement.RequiredScopes);
    }
}