from django.test import override_settings
from rest_framework import status
from rest_framework.exceptions import ErrorDetail

from userausfall.ldap import LDAPManager
from userausfall.rest_api.tests.trust_bridges import TrustBridgeMixin
from userausfall.rest_api.tests.userausfall import get_url, UserausfallAPITestCase


@override_settings(USERAUSFALL_LDAP_IS_TEST=True)
class UserTestCase(TrustBridgeMixin, UserausfallAPITestCase):
    def setUp(self) -> None:
        self.ldap = LDAPManager()

    def tearDown(self) -> None:
        self.ldap.drop_test_connection()

    def test_retrieve_user(self):
        """Retrieve the details of the current user."""
        url = "/users/{pk}/"
        self.authenticate_user()
        response = self.client.get(self.get_api_url(url, pk=self.user.pk))
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertDictEqual(
            response.data,
            {
                "id": self.user.id,
                "trust_bridge": None,
                "url": get_url(response, "user", self.user),
            },
        )

    def test_activate_user(self):
        """Create the ldap account for the current user."""
        url = "/users/{pk}/activate/"
        self.create_trust_bridge(is_trusted=True)
        self.authenticate_user()
        response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
        self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
        self.assertTrue(self.user.has_ldap_account())

    def test_activate_user_with_invalid_password(self):
        """Create the ldap account for the current user with an invalid password."""
        url = "/users/{pk}/activate/"
        self.create_trust_bridge(is_trusted=True)
        self.authenticate_user()
        response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": "invalid"})
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertDictEqual(
            response.data, {"password": [ErrorDetail("Password does not match the user's password", code="invalid")]}
        )

    def test_activate_user_without_trust_bridge(self):
        """Create the ldap account for the current user without a trust bridge."""
        url = "/users/{pk}/activate/"
        self.authenticate_user()
        response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertDictEqual(
            response.data, {"non_field_errors": [ErrorDetail("User has no trusted trust bridge", code="invalid")]}
        )

    def test_activate_user_with_untrusted_trust_bridge(self):
        """Create the ldap account for the current user with an untrusted trust bridge."""
        url = "/users/{pk}/activate/"
        self.create_trust_bridge(is_trusted=False)
        self.authenticate_user()
        response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
        self.assertDictEqual(
            response.data, {"non_field_errors": [ErrorDetail("User has no trusted trust bridge", code="invalid")]}
        )