/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.sling.clam.it.tests;

import java.io.IOException;

import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;

import org.apache.sling.clam.it.support.RecordingJcrPropertyScanResultHandler;
import org.apache.sling.clam.result.JcrPropertyScanResultHandler;
import org.apache.sling.resource.presence.ResourcePresence;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.ops4j.pax.exam.Configuration;
import org.ops4j.pax.exam.Option;
import org.ops4j.pax.exam.junit.PaxExam;
import org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy;
import org.ops4j.pax.exam.spi.reactors.PerClass;
import org.ops4j.pax.exam.util.Filter;

import static io.restassured.RestAssured.given;
import static java.util.concurrent.TimeUnit.MINUTES;
import static java.util.concurrent.TimeUnit.SECONDS;
import static org.apache.sling.testing.paxexam.SlingOptions.slingCommonsPermissionsSling;
import static org.apache.sling.testing.paxexam.SlingOptions.slingJcrJackrabbitUsermanager;
import static org.apache.sling.testing.paxexam.SlingOptions.slingResourcePresence;
import static org.apache.sling.testing.paxexam.SlingOptions.slingStarterContent;
import static org.awaitility.Awaitility.with;
import static org.ops4j.pax.exam.CoreOptions.options;
import static org.ops4j.pax.exam.cm.ConfigurationAdminOptions.factoryConfiguration;

@RunWith(PaxExam.class)
@ExamReactorStrategy(PerClass.class)
public class ClamJcrScanServletIT extends ClamTestSupport {

    @Inject
    @Filter(value = "(path=/content/starter/img/sling-logo.svg)", timeout = 300000)
    private ResourcePresence resourcePresence;

    private static final String URL_TEMPLATE = "http://localhost:%s/system/clam-jcr-scan";

    private static final String AUTHORIZED_USER_USERNAME = "alice";

    private static final String AUTHORIZED_USER_PASSWORD = "foo";

    private static final String UNAUTHORIZED_USER_USERNAME = "bob";

    private static final String UNAUTHORIZED_USER_PASSWORD = "bar";

    @Configuration
    public Option[] configuration() {
        return options(
            baseConfiguration(),
            clamdConfiguration(),
            slingResourcePresence(),
            factoryConfiguration("org.apache.sling.resource.presence.internal.ResourcePresenter")
                .put("path", "/content/starter/img/sling-logo.svg")
                .asOption(),
            slingStarterContent(),
            slingJcrJackrabbitUsermanager(),
            factoryConfiguration("org.apache.sling.jcr.repoinit.RepositoryInitializer")
                .put("scripts", new String[]{
                    "create group sling-clam-scan\n" +
                    String.format("create user %s with password %s\n", UNAUTHORIZED_USER_USERNAME, UNAUTHORIZED_USER_PASSWORD) +
                    String.format("create user %s with password %s\n", AUTHORIZED_USER_USERNAME, AUTHORIZED_USER_PASSWORD) +
                    String.format("add %s to group sling-clam-scan\n", AUTHORIZED_USER_USERNAME) +
                    "create path (sling:Folder) /libs/sling/permissions/sling/clam/scan\n" +
                    "set ACL for sling-clam-scan\nallow jcr:read on /libs/sling/permissions/sling/clam/scan\nend\n"
                })
                .asOption(),
            // Sling Commons Permissions Sling
            slingCommonsPermissionsSling(),
            factoryConfiguration("org.apache.sling.commons.permissions.sling.internal.SlingPermissionsService")
                .put("path", "/libs/sling/permissions")
                .asOption(),
            factoryConfiguration("org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment")
                .put("whitelist.bundles", new String[]{
                    "org.apache.sling.commons.permissions.sling"
                })
                .asOption()
        );
    }

    @Test
    public void testAuthentication() throws Exception {
        final String url = String.format(URL_TEMPLATE, httpPort());
        given()
            .when()
            .post(url)
            .then()
            .statusCode(HttpServletResponse.SC_UNAUTHORIZED);
    }

    @Test
    public void testNonAuthorized() throws Exception {
        final String url = String.format(URL_TEMPLATE, httpPort());
        given()
            .auth()
            .basic(UNAUTHORIZED_USER_USERNAME, UNAUTHORIZED_USER_PASSWORD)
            .param("path", "/content/starter")
            .when()
            .post(url)
            .then()
            .statusCode(HttpServletResponse.SC_FORBIDDEN);
    }

    @Test
    public void testAuthorized() throws Exception {
        final String url = String.format(URL_TEMPLATE, httpPort());
        given()
            .auth()
            .basic(AUTHORIZED_USER_USERNAME, AUTHORIZED_USER_PASSWORD)
            .param("path", "/content/starter")
            .when()
            .post(url)
            .then()
            .statusCode(HttpServletResponse.SC_OK);
    }

    @Test
    public void test() throws IOException {
        final RecordingJcrPropertyScanResultHandler scanResultHandler = new RecordingJcrPropertyScanResultHandler();
        bundleContext.registerService(JcrPropertyScanResultHandler.class, scanResultHandler, null);

        final String url = String.format(URL_TEMPLATE, httpPort());
        given()
            .auth()
            .basic(AUTHORIZED_USER_USERNAME, AUTHORIZED_USER_PASSWORD)
            .param("path", "/content/starter")
            .when()
            .post(url)
            .then()
            .statusCode(HttpServletResponse.SC_OK);

        with()
            .pollInterval(10, SECONDS)
            .then()
            .await()
            .alias("counting results")
            .atMost(1, MINUTES)
            .until(() -> scanResultHandler.getResults().size() == 8);
    }

}