using System.Text.Json;
using Shouldly;
using Xunit;

namespace ZB.MOM.WW.OtOpcUa.Admin.Tests;

/// <summary>
///     Regression coverage for Admin-004 — the committed <c>appsettings.json</c> must carry no
///     plaintext secrets. The <c>ConfigDb</c> connection string and the LDAP
///     <c>ServiceAccountPassword</c> are supplied at runtime via user-secrets (dev) or
///     environment variables (prod); the checked-in file holds only empty placeholders.
/// </summary>
[Trait("Category", "Unit")]
public sealed class AppSettingsSecretHygieneTests
{
    private static JsonDocument LoadAdminAppSettings()
    {
        // Walk up from the test assembly to the repo root (the dir holding the .slnx) and
        // read the SOURCE appsettings.json — not a bin/ copy — so the test asserts on what
        // is actually committed.
        var dir = AppContext.BaseDirectory;
        while (dir is not null && !File.Exists(Path.Combine(dir, "ZB.MOM.WW.OtOpcUa.slnx")))
            dir = Path.GetDirectoryName(dir);

        dir.ShouldNotBeNull("could not locate the repo root (ZB.MOM.WW.OtOpcUa.slnx)");
        var path = Path.Combine(dir, "src", "Server", "ZB.MOM.WW.OtOpcUa.Admin", "appsettings.json");
        File.Exists(path).ShouldBeTrue($"Admin appsettings.json not found at {path}");

        return JsonDocument.Parse(File.ReadAllText(path));
    }

    [Fact]
    public void ConfigDb_connection_string_is_an_empty_placeholder()
    {
        using var doc = LoadAdminAppSettings();

        var connectionString = doc.RootElement
            .GetProperty("ConnectionStrings")
            .GetProperty("ConfigDb")
            .GetString();

        connectionString.ShouldBeNullOrEmpty(
            "the ConfigDb connection string must not be committed — supply it via user-secrets " +
            "or the ConnectionStrings__ConfigDb environment variable (Admin-004)");
    }

    [Fact]
    public void Ldap_service_account_password_is_an_empty_placeholder()
    {
        using var doc = LoadAdminAppSettings();

        var password = doc.RootElement
            .GetProperty("Authentication")
            .GetProperty("Ldap")
            .GetProperty("ServiceAccountPassword")
            .GetString();

        password.ShouldBeNullOrEmpty(
            "the LDAP ServiceAccountPassword must not be committed (Admin-004)");
    }

    [Fact]
    public void No_known_dev_secret_literals_appear_anywhere_in_appsettings()
    {
        var dir = AppContext.BaseDirectory;
        while (dir is not null && !File.Exists(Path.Combine(dir, "ZB.MOM.WW.OtOpcUa.slnx")))
            dir = Path.GetDirectoryName(dir);
        dir.ShouldNotBeNull();

        var raw = File.ReadAllText(Path.Combine(
            dir, "src", "Server", "ZB.MOM.WW.OtOpcUa.Admin", "appsettings.json"));

        // The exact secret literals the review (Admin-004) flagged must be gone entirely —
        // not relocated to another key, not present as a comment.
        raw.ShouldNotContain("OtOpcUaDev_2026!");
        raw.ShouldNotContain("serviceaccount123");
        raw.ShouldNotContain("User Id=sa");
    }
}