# test mod_md acme terms-of-service handling

from shutil import copyfile

import pytest

from .md_env import MDTestEnv


@pytest.mark.skipif(condition=not MDTestEnv.has_a2md(), reason="no a2md available")
@pytest.mark.skipif(condition=not MDTestEnv.has_acme_server(),
                    reason="no ACME test server configured")
class TestRegAdd:

    @pytest.fixture(autouse=True, scope='function')
    def _method_scope(self, env):
        env.clear_store()

    # test case: list empty store
    def test_md_120_000(self, env):
        assert env.a2md(["list"]).json == env.EMPTY_JOUT

    # test case: list two managed domains
    def test_md_120_001(self, env):
        domains = [ 
            ["test120-001.com", "test120-001a.com", "test120-001b.com"],
            ["greenbytes2.de", "www.greenbytes2.de", "mail.greenbytes2.de"]
        ]
        for dns in domains:
            assert env.a2md(["add"] + dns).exit_code == 0
        #
        # list all store content
        jout = env.a2md(["list"]).json
        assert len(jout['output']) == len(domains)
        domains.reverse()
        for i in range(0, len(jout['output'])):
            env.check_json_contains(jout['output'][i], {
                "name": domains[i][0],
                "domains": domains[i],
                "contacts": [],
                "ca": {
                    "urls": [env.acme_url],
                    "proto": "ACME"
                },
                "state": env.MD_S_INCOMPLETE
            })
        # list md by name
        for dns in ["test120-001.com", "greenbytes2.de"]:
            md = env.a2md(["list", dns]).json['output'][0]
            assert md['name'] == dns

    # test case: validate md state in store
    def test_md_120_002(self, env):
        # check: md without pkey/cert -> INCOMPLETE
        domain = f"test1.{env.http_tld}"
        assert env.a2md(["add", domain]).exit_code == 0
        assert env.a2md(["update", domain, "contacts", "admin@" + domain]).exit_code == 0
        assert env.a2md(["update", domain, "agreement", env.acme_tos]).exit_code == 0
        assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_INCOMPLETE
        # check: valid pkey/cert -> COMPLETE
        cred = env.get_credentials_for_name(domain)[0]
        copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
        copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
        assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_COMPLETE
        # check: expired cert -> EXPIRED
        cred = env.get_credentials_for_name(f"expired.{env.http_tld}")[0]
        copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
        copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
        out = env.a2md(["list", domain]).json['output'][0]
        assert out['state'] == env.MD_S_INCOMPLETE
        assert out['renew'] is True

    # test case: broken cert file
    def test_md_120_003(self, env):
        domain = f"test1.{env.http_tld}"
        assert env.a2md(["add", domain]).exit_code == 0
        assert env.a2md(["update", domain, "contacts", "admin@" + domain]).exit_code == 0
        assert env.a2md(["update", domain, "agreement", env.acme_tos]).exit_code == 0
        # check: valid pkey/cert -> COMPLETE
        cred = env.get_credentials_for_name(domain)[0]
        copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
        copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
        assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_COMPLETE
        # check: replace cert by broken file -> ERROR
        with open(env.store_domain_file(domain, 'pubcert.pem'), 'w') as fd:
            fd.write("dummy\n")
        assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_INCOMPLETE