using System;
using System.Threading.Tasks;
using Bit.Api.Controllers;
using Bit.Api.Models.Request.Organizations;
using Bit.Api.Test.AutoFixture.Attributes;
using Bit.Core.Entities;
using Bit.Core.Models.Data.Organizations.Policies;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;

namespace Bit.Api.Test.Controllers
{
    [ControllerCustomize(typeof(OrganizationUsersController))]
    [SutProviderCustomize]
    public class OrganizationUsersControllerTests
    {
        [Theory]
        [BitAutoData]
        public async Task Accept_RequiresKnownUser(Guid orgId, Guid orgUserId, OrganizationUserAcceptRequestModel model,
            SutProvider<OrganizationUsersController> sutProvider)
        {
            sutProvider.GetDependency<IUserService>().GetUserByPrincipalAsync(default).ReturnsForAnyArgs((User)null);

            await Assert.ThrowsAsync<UnauthorizedAccessException>(() => sutProvider.Sut.Accept(orgId, orgUserId, model));
        }

        [Theory]
        [BitAutoData]
        public async Task Accept_NoMasterPasswordReset(Guid orgId, Guid orgUserId,
            OrganizationUserAcceptRequestModel model, User user, SutProvider<OrganizationUsersController> sutProvider)
        {
            sutProvider.GetDependency<IUserService>().GetUserByPrincipalAsync(default).ReturnsForAnyArgs(user);

            await sutProvider.Sut.Accept(orgId, orgUserId, model);

            await sutProvider.GetDependency<IOrganizationService>().Received(1)
                .AcceptUserAsync(orgUserId, user, model.Token, sutProvider.GetDependency<IUserService>());
            await sutProvider.GetDependency<IOrganizationService>().DidNotReceiveWithAnyArgs()
                .UpdateUserResetPasswordEnrollmentAsync(default, default, default, default);
        }

        [Theory]
        [BitAutoData]
        public async Task Accept_RequireMasterPasswordReset(Guid orgId, Guid orgUserId,
            OrganizationUserAcceptRequestModel model, User user, SutProvider<OrganizationUsersController> sutProvider)
        {
            var policy = new Policy
            {
                Enabled = true,
                Data = CoreHelpers.ClassToJsonData(new ResetPasswordDataModel { AutoEnrollEnabled = true, }),
            };
            sutProvider.GetDependency<IUserService>().GetUserByPrincipalAsync(default).ReturnsForAnyArgs(user);
            sutProvider.GetDependency<IPolicyRepository>().GetByOrganizationIdTypeAsync(orgId,
                Core.Enums.PolicyType.ResetPassword).Returns(policy);

            await sutProvider.Sut.Accept(orgId, orgUserId, model);

            await sutProvider.GetDependency<IOrganizationService>().Received(1)
                .AcceptUserAsync(orgUserId, user, model.Token, sutProvider.GetDependency<IUserService>());
            await sutProvider.GetDependency<IOrganizationService>().Received(1)
                .UpdateUserResetPasswordEnrollmentAsync(orgId, user.Id, model.ResetPasswordKey, user.Id);
        }
    }
}