import pytest

from pyramid.testing import DummyRequest

from . import app_config, dbsession, get_example_user  # noqa: F401


def test_crypt_context_to_settings():
    from ordr.security import crypt_context_settings_to_string
    settings = {
        'no_prefix': 'should not appear',
        'prefix.something': 'left unchanged',
        'prefix.schemes': 'adjust list',
        'prefix.depreceated': 'do, not, adjust, this, list'
        }
    result = crypt_context_settings_to_string(settings, 'prefix.')
    expected_lines = {
        '[passlib]',
        'something = left unchanged',
        'schemes = adjust,list',
        'depreceated = do, not, adjust, this, list',
        }
    assert set(result.split('\n')) == expected_lines


def test_authentication_policy_authenticated_user_id_no_user():
    from ordr.security import AuthenticationPolicy
    ap = AuthenticationPolicy('')
    request = DummyRequest(user=None)
    assert ap.authenticated_userid(request) is None
    

def test_authentication_policy_authenticated_user_id_with_user():
    from ordr.security import AuthenticationPolicy
    from ordr.models import User
    ap = AuthenticationPolicy('')
    request = DummyRequest(user=User(id=123))
    assert ap.authenticated_userid(request) == 123


def test_authentication_policy_effective_principals_no_user():
    from ordr.security import AuthenticationPolicy
    from pyramid.security import Everyone
    request = DummyRequest(user=None)
    ap = AuthenticationPolicy('')
    result = ap.effective_principals(request)
    assert result == [Everyone]
    
    
def test_authentication_policy_effective_principals_with_user():
    from ordr.security import AuthenticationPolicy
    from ordr.models import User, Role
    from pyramid.security import Authenticated, Everyone
    ap = AuthenticationPolicy('')
    user = User(id=123, role=Role.PURCHASER)
    request = DummyRequest(user=user)
    result = ap.effective_principals(request)
    expected = [
        Everyone,
        Authenticated,
        'user:123',
        'role:purchaser',
        'role:user'
        ]
    assert result == expected


@pytest.mark.parametrize(  # noqa: F811
    'uauid,role_name', [
        (3, 'USER'),
        (4, 'PURCHASER'),
        (5, 'ADMIN'),
        ]
    )
def test_get_user_returns_user(dbsession, uauid, role_name):
    from ordr.security import get_user
    from ordr.models import Role
    # this is a dirty hack, but DummyRequest does not accept setting an
    # unauthenticated_userid
    from pyramid.testing import DummyResource
    request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
    user_role = Role[role_name]
    user = get_example_user(user_role)
    dbsession.add(user)
    dbsession.flush()
    assert get_user(request) == user


@pytest.mark.parametrize(  # noqa: F811
    'uauid,role_name', [
        (1, 'UNVALIDATED'),
        (2, 'NEW'),
        (6, 'INACTIVE'),
        (2, 'USER'),
        (None, 'USER'),
        ]
    )
def test_get_user_returns_none(dbsession, uauid, role_name):
    from ordr.security import get_user
    from ordr.models import Role
    # this is a dirty hack, but DummyRequest does not accept setting an
    # unauthenticated_userid
    from pyramid.testing import DummyResource
    request = DummyResource(unauthenticated_userid=uauid, dbsession=dbsession)
    user_role = Role[role_name]
    user = get_example_user(user_role)
    dbsession.add(user)
    dbsession.flush()
    assert get_user(request) is None