package object

import (
	"crypto/ecdsa"
	"strconv"
	"testing"

	objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
	cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
	oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
	sessiontest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session/test"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/storagegroup"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
	"github.com/stretchr/testify/require"
)

func blankValidObject(key *ecdsa.PrivateKey) *object.Object {
	var idOwner user.ID
	user.IDFromKey(&idOwner, key.PublicKey)

	obj := object.New()
	obj.SetContainerID(cidtest.ID())
	obj.SetOwnerID(&idOwner)

	return obj
}

type testNetState struct {
	epoch uint64
}

func (s testNetState) CurrentEpoch() uint64 {
	return s.epoch
}

type testLockSource struct {
	m map[oid.Address]bool
}

func (t testLockSource) IsLocked(address oid.Address) (bool, error) {
	return t.m[address], nil
}

func TestFormatValidator_Validate(t *testing.T) {
	const curEpoch = 13

	ls := testLockSource{
		m: make(map[oid.Address]bool),
	}

	v := NewFormatValidator(
		WithNetState(testNetState{
			epoch: curEpoch,
		}),
		WithLockSource(ls),
	)

	ownerKey, err := keys.NewPrivateKey()
	require.NoError(t, err)

	t.Run("nil input", func(t *testing.T) {
		require.Error(t, v.Validate(nil, true))
	})

	t.Run("nil identifier", func(t *testing.T) {
		obj := object.New()

		require.ErrorIs(t, v.Validate(obj, false), errNilID)
	})

	t.Run("nil container identifier", func(t *testing.T) {
		obj := object.New()
		obj.SetID(oidtest.ID())

		require.ErrorIs(t, v.Validate(obj, true), errNilCID)
	})

	t.Run("unsigned object", func(t *testing.T) {
		obj := object.New()
		obj.SetContainerID(cidtest.ID())
		obj.SetID(oidtest.ID())

		require.Error(t, v.Validate(obj, false))
	})

	t.Run("correct w/ session token", func(t *testing.T) {
		var idOwner user.ID
		user.IDFromKey(&idOwner, ownerKey.PrivateKey.PublicKey)

		tok := sessiontest.Object()
		err := tok.Sign(ownerKey.PrivateKey)
		require.NoError(t, err)

		obj := object.New()
		obj.SetContainerID(cidtest.ID())
		obj.SetSessionToken(tok)
		obj.SetOwnerID(&idOwner)

		require.NoError(t, object.SetIDWithSignature(ownerKey.PrivateKey, obj))

		require.NoError(t, v.Validate(obj, false))
	})

	t.Run("correct w/o session token", func(t *testing.T) {
		obj := blankValidObject(&ownerKey.PrivateKey)

		require.NoError(t, object.SetIDWithSignature(ownerKey.PrivateKey, obj))

		require.NoError(t, v.Validate(obj, false))
	})

	t.Run("tombstone content", func(t *testing.T) {
		obj := object.New()
		obj.SetType(object.TypeTombstone)
		obj.SetContainerID(cidtest.ID())

		_, err := v.ValidateContent(obj)
		require.Error(t, err) // no tombstone content

		content := object.NewTombstone()
		content.SetMembers([]oid.ID{oidtest.ID()})

		data, err := content.Marshal()
		require.NoError(t, err)

		obj.SetPayload(data)

		_, err = v.ValidateContent(obj)
		require.Error(t, err) // no members in tombstone

		content.SetMembers([]oid.ID{oidtest.ID()})

		data, err = content.Marshal()
		require.NoError(t, err)

		obj.SetPayload(data)

		_, err = v.ValidateContent(obj)
		require.Error(t, err) // no expiration epoch in tombstone

		var expirationAttribute object.Attribute
		expirationAttribute.SetKey(objectV2.SysAttributeExpEpoch)
		expirationAttribute.SetValue(strconv.Itoa(10))

		obj.SetAttributes(expirationAttribute)

		_, err = v.ValidateContent(obj)
		require.Error(t, err) // different expiration values

		id := oidtest.ID()

		content.SetExpirationEpoch(10)
		content.SetMembers([]oid.ID{id})
		data, err = content.Marshal()
		require.NoError(t, err)

		obj.SetPayload(data)

		contentGot, err := v.ValidateContent(obj)
		require.NoError(t, err) // all good

		require.EqualValues(t, []oid.ID{id}, contentGot.Objects())
		require.Equal(t, object.TypeTombstone, contentGot.Type())
	})

	t.Run("storage group content", func(t *testing.T) {
		obj := object.New()
		obj.SetType(object.TypeStorageGroup)

		t.Run("empty payload", func(t *testing.T) {
			_, err := v.ValidateContent(obj)
			require.Error(t, err)
		})

		var content storagegroup.StorageGroup
		content.SetExpirationEpoch(1) // some non-default value

		t.Run("empty members", func(t *testing.T) {
			data, err := content.Marshal()
			require.NoError(t, err)

			obj.SetPayload(data)

			_, err = v.ValidateContent(obj)
			require.ErrorIs(t, err, errEmptySGMembers)
		})

		t.Run("non-unique members", func(t *testing.T) {
			id := oidtest.ID()

			content.SetMembers([]oid.ID{id, id})

			data, err := content.Marshal()
			require.NoError(t, err)

			obj.SetPayload(data)

			_, err = v.ValidateContent(obj)
			require.Error(t, err)
		})

		t.Run("correct SG", func(t *testing.T) {
			ids := []oid.ID{oidtest.ID(), oidtest.ID()}
			content.SetMembers(ids)

			data, err := content.Marshal()
			require.NoError(t, err)

			obj.SetPayload(data)

			content, err := v.ValidateContent(obj)
			require.NoError(t, err)

			require.EqualValues(t, ids, content.Objects())
			require.Equal(t, object.TypeStorageGroup, content.Type())
		})
	})

	t.Run("expiration", func(t *testing.T) {
		fn := func(val string) *object.Object {
			obj := blankValidObject(&ownerKey.PrivateKey)

			var a object.Attribute
			a.SetKey(objectV2.SysAttributeExpEpoch)
			a.SetValue(val)

			obj.SetAttributes(a)

			require.NoError(t, object.SetIDWithSignature(ownerKey.PrivateKey, obj))

			return obj
		}

		t.Run("invalid attribute value", func(t *testing.T) {
			val := "text"
			err := v.Validate(fn(val), false)
			require.Error(t, err)
		})

		t.Run("expired object", func(t *testing.T) {
			val := strconv.FormatUint(curEpoch-1, 10)
			obj := fn(val)

			t.Run("non-locked", func(t *testing.T) {
				err := v.Validate(obj, false)
				require.ErrorIs(t, err, errExpired)
			})

			t.Run("locked", func(t *testing.T) {
				var addr oid.Address
				oID, _ := obj.ID()
				cID, _ := obj.ContainerID()

				addr.SetContainer(cID)
				addr.SetObject(oID)
				ls.m[addr] = true

				err := v.Validate(obj, false)
				require.NoError(t, err)
			})
		})

		t.Run("alive object", func(t *testing.T) {
			val := strconv.FormatUint(curEpoch, 10)
			err := v.Validate(fn(val), true)
			require.NoError(t, err)
		})
	})

	t.Run("attributes", func(t *testing.T) {
		t.Run("duplication", func(t *testing.T) {
			obj := blankValidObject(&ownerKey.PrivateKey)

			var a1 object.Attribute
			a1.SetKey("key1")
			a1.SetValue("val1")

			var a2 object.Attribute
			a2.SetKey("key2")
			a2.SetValue("val2")

			obj.SetAttributes(a1, a2)

			err := v.checkAttributes(obj)
			require.NoError(t, err)

			a2.SetKey(a1.Key())
			obj.SetAttributes(a1, a2)

			err = v.checkAttributes(obj)
			require.Equal(t, errDuplAttr, err)
		})

		t.Run("empty value", func(t *testing.T) {
			obj := blankValidObject(&ownerKey.PrivateKey)

			var a object.Attribute
			a.SetKey("key")

			obj.SetAttributes(a)

			err := v.checkAttributes(obj)
			require.Equal(t, errEmptyAttrVal, err)
		})
	})
}