using SharepointToolbox.Core.Models;

namespace SharepointToolbox.Tests.Models;

/// <summary>
/// Unit tests for PermissionSummaryBuilder and SimplifiedPermissionEntry.
/// SIMP-02: Validates summary aggregation, risk-level grouping, distinct user counting,
/// and SimplifiedPermissionEntry wrapping behavior.
/// </summary>
public class PermissionSummaryBuilderTests
{
    private static PermissionEntry MakeEntry(string permLevels, string users = "User1", string logins = "user1@test.com") =>
        new PermissionEntry(
            ObjectType: "Site",
            Title: "Test",
            Url: "https://test.sharepoint.com",
            HasUniquePermissions: true,
            Users: users,
            UserLogins: logins,
            PermissionLevels: permLevels,
            GrantedThrough: "Direct Permissions",
            PrincipalType: "User");

    [Fact]
    public void Build_ReturnsAllFourRiskLevels()
    {
        var entries = SimplifiedPermissionEntry.WrapAll(new[]
        {
            MakeEntry("Full Control"),
            MakeEntry("Contribute"),
            MakeEntry("Read"),
            MakeEntry("View Only")
        });

        var summaries = PermissionSummaryBuilder.Build(entries);

        Assert.Equal(4, summaries.Count);
        Assert.Contains(summaries, s => s.RiskLevel == RiskLevel.High && s.Count == 1);
        Assert.Contains(summaries, s => s.RiskLevel == RiskLevel.Medium && s.Count == 1);
        Assert.Contains(summaries, s => s.RiskLevel == RiskLevel.Low && s.Count == 1);
        Assert.Contains(summaries, s => s.RiskLevel == RiskLevel.ReadOnly && s.Count == 1);
    }

    [Fact]
    public void Build_EmptyCollection_ReturnsZeroCounts()
    {
        var summaries = PermissionSummaryBuilder.Build(Array.Empty<SimplifiedPermissionEntry>());

        Assert.Equal(4, summaries.Count);
        Assert.All(summaries, s => Assert.Equal(0, s.Count));
    }

    [Fact]
    public void Build_CountsDistinctUsers()
    {
        var entries = SimplifiedPermissionEntry.WrapAll(new[]
        {
            MakeEntry("Full Control", "Alice", "alice@test.com"),
            MakeEntry("Full Control", "Bob", "bob@test.com"),
            MakeEntry("Full Control", "Alice", "alice@test.com"),  // duplicate user
        });

        var summaries = PermissionSummaryBuilder.Build(entries);
        var high = summaries.Single(s => s.RiskLevel == RiskLevel.High);

        Assert.Equal(3, high.Count);          // 3 entries
        Assert.Equal(2, high.DistinctUsers);   // 2 distinct users
    }

    [Fact]
    public void SimplifiedPermissionEntry_WrapAll_PreservesInner()
    {
        var original = MakeEntry("Contribute");
        var wrapped = SimplifiedPermissionEntry.WrapAll(new[] { original });

        Assert.Single(wrapped);
        Assert.Same(original, wrapped[0].Inner);
        Assert.Equal("Contribute", wrapped[0].PermissionLevels);
        Assert.Equal(RiskLevel.Medium, wrapped[0].RiskLevel);
        Assert.Contains("Can edit", wrapped[0].SimplifiedLabels);
    }
}