/*
 * (C) Copyright 2017 Nuxeo (http://nuxeo.com/) and others.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * Contributors:
 *     Funsho David
 *
 */

package org.nuxeo.ecm.core.io.download;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.nuxeo.ecm.core.api.Blob;
import org.nuxeo.ecm.core.api.Blobs;
import org.nuxeo.ecm.core.api.CoreSession;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.api.blobholder.BlobHolder;
import org.nuxeo.ecm.core.api.impl.UserPrincipal;
import org.nuxeo.ecm.core.api.local.ClientLoginModule;
import org.nuxeo.ecm.core.api.local.LoginStack;
import org.nuxeo.ecm.core.test.CoreFeature;
import org.nuxeo.runtime.api.Framework;
import org.nuxeo.runtime.test.runner.Deploy;
import org.nuxeo.runtime.test.runner.Features;
import org.nuxeo.runtime.test.runner.FeaturesRunner;

import javax.inject.Inject;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.Principal;
import java.util.Collections;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

/**
 * @since 9.1
 */
@RunWith(FeaturesRunner.class)
@Features(CoreFeature.class)
@Deploy("org.nuxeo.ecm.core.io")
public class TestAnonymousDownload {

    protected class TestHttpServletRequestWrapper extends HttpServletRequestWrapper {

        protected final Principal principal;

        public TestHttpServletRequestWrapper(HttpServletRequest request, Principal principal) {
            super(request);
            this.principal = principal;
        }

        @Override
        public Principal getUserPrincipal() {
            return principal;
        }

    }

    @Inject
    protected DownloadService downloadService;

    @Inject
    protected CoreSession session;

    @Test
    public void testAnonymousDownload() throws Exception {

        String repositoryName = "test";
        String baseUrl = "http://localhost:8080/nuxeo/";
        Framework.getProperties().setProperty("nuxeo.url", baseUrl);

        DocumentModel doc = session.createDocumentModel("/", "MyDoc", "File");

        String blobValue = "Hello World";
        Blob blob = Blobs.createBlob(blobValue);
        String blobFilename = "blob.txt";
        blob.setFilename(blobFilename);

        BlobHolder bh = doc.getAdapter(BlobHolder.class);
        bh.setBlob(blob);
        doc = session.createDocument(doc);
        session.save();

        String path = "nxfile/" + repositoryName + "/" + doc.getId() + "/blobholder:0/" + blobFilename;

        ByteArrayOutputStream out = new ByteArrayOutputStream();
        HttpServletRequest request = mock(HttpServletRequest.class);
        when(request.getMethod()).thenReturn("GET");

        HttpServletResponse response = mock(HttpServletResponse.class);
        ServletOutputStream sos = new ServletOutputStream() {
            @Override
            public void write(int b) throws IOException {
                out.write(b);
            }
        };
        @SuppressWarnings("resource")
        PrintWriter printWriter = new PrintWriter(sos);
        when(response.getOutputStream()).thenReturn(sos);
        when(response.getWriter()).thenReturn(printWriter);

        // anonymous principal
        NuxeoPrincipal anonymous = new UserPrincipal("johndoe", null, true, false);

        // do tests while logged in
        LoginStack loginStack = ClientLoginModule.getThreadLocalLogin();
        loginStack.push(anonymous, null, null);

        try {
            downloadService.handleDownload(new TestHttpServletRequestWrapper(request, anonymous), response, baseUrl,
                    path);
            fail("The user has to authenticate before downloading the blob");
        } catch (IOException e) {
            assertEquals("Authentication is needed for downloading the blob", e.getCause().getMessage());
            NuxeoPrincipal principal = new UserPrincipal("johnnotdoe", Collections.singletonList("members"), false,
                    false);
            loginStack.push(principal, null, null);
            try {
                downloadService.handleDownload(new TestHttpServletRequestWrapper(request, principal), response, baseUrl,
                        path);
                assertEquals(blobValue, out.toString());
            } catch (IOException ioe) {
                fail("The user should be able to download the blob");
            } finally {
                loginStack.pop();
            }
        } finally {
            loginStack.pop();
        }
    }

}