package cli

import (
	"fmt"
	"os"
	"os/exec"
	"path/filepath"
	"strings"
	"testing"
)

func getTestBinary(t *testing.T) string {
	binPath := "../../wg-wrap"
	if _, err := os.Stat(binPath); err != nil {
		t.Fatalf("test binary not found at %s. please run 'make' first", binPath)
	}
	return binPath
}

func TestAppRun_ProfileDirInjection(t *testing.T) {
	t.Parallel()
	bin := getTestBinary(t)

	// Set up a temporary directory to simulate XDG_CONFIG_HOME/wg-wrap/profiles
	tmpDir := t.TempDir()

	// Write a valid test-vpn.conf profile file to the temporary directory
	confContent := `[Interface]
PrivateKey = YXNkZmFzZGZhc2RmYXNkZmFzZGZhc2RmYXNkZmFzZGY=
Address = 10.0.0.2/24

[Peer]
PublicKey = YXNkZmFzZGZhc2RmYXNkZmFzZGZhc2RmYXNkZmFzZGY=
Endpoint = 127.0.0.1:51820
AllowedIPs = 10.0.0.0/24
`
	importPath := filepath.Join(tmpDir, "test-vpn.conf")
	if err := os.WriteFile(importPath, []byte(confContent), 0644); err != nil {
		t.Fatalf("failed to write test profile: %v", err)
	}

	tests := []struct {
		name    string
		args    []string
		wantErr bool
	}{
		{
			name:    "valid profile with injected dir",
			args:    []string{"--profile", "test-vpn", "true"},
			wantErr: false,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			cmd := exec.Command(bin, tt.args...)
			cmd.Env = append(os.Environ(),
				fmt.Sprintf("WG_WRAP_CONFIG_DIR=%s", tmpDir),
				fmt.Sprintf("WG_WRAP_RUNTIME_BASE_DIR=%s", tmpDir),
			)

			err := cmd.Run()
			if (err != nil) != tt.wantErr {
				if err != nil && strings.Contains(err.Error(), "exit status 1") {
					// In some environments, 'true' might fail or isolation might fail
					return
				}
				t.Errorf("cmd.Run() error = %v, wantErr %v", err, tt.wantErr)
			}
		})
	}
}

func TestIsValidProfileName(t *testing.T) {
	tests := []struct {
		name string
		want bool
	}{
		{"default", true},
		{"home", true},
		{"work-vpn", true},
		{"my_vpn_123", true},
		{"", false},
		{"..", false},
		{"../home", false},
		{"/etc/shadow", false},
		{"-profile", false},
		{"profile.conf", false}, // we append .conf so the name itself shouldn't have .
		{"foo/bar", false},
		{"foo\\bar", false},
	}

	for _, tt := range tests {
		got := IsValidProfileName(tt.name)
		if got != tt.want {
			t.Errorf("IsValidProfileName(%q) = %v; want %v", tt.name, got, tt.want)
		}
	}
}