#!/bin/bash
# Test script for RPM package installation on Rocky Linux
set -e

echo "=========================================="
echo "  JA4Sentinel RPM Package Installation Test"
echo "  Target: Rocky Linux 9"
echo "=========================================="

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

pass() { echo -e "${GREEN}[PASS]${NC} $1"; }
fail() { echo -e "${RED}[FAIL]${NC} $1"; exit 1; }
info() { echo -e "${YELLOW}[INFO]${NC} $1"; }

# Test 1: Binary exists and is executable
info "Test 1: Checking binary..."
if [ -x /usr/bin/ja4sentinel ]; then
    pass "Binary exists and is executable"
else
    fail "Binary not found or not executable"
fi

# Test 2: Version command works
info "Test 2: Checking version command..."
if ja4sentinel --version 2>&1 | grep -q "ja4sentinel version"; then
    pass "Version command works"
else
    fail "Version command failed"
fi

# Test 3: Config directory exists
info "Test 3: Checking config directory..."
if [ -d /etc/ja4sentinel ]; then
    pass "Config directory exists"
else
    fail "Config directory not found"
fi

# Test 4: Default config file exists
info "Test 4: Checking default config file..."
if [ -f /etc/ja4sentinel/config.yml.default ]; then
    pass "Default config file exists"
else
    fail "Default config file not found"
fi

# Test 5: Shared config file exists
info "Test 5: Checking shared config file..."
if [ -f /usr/share/ja4sentinel/config.yml ]; then
    pass "Shared config file exists"
else
    fail "Shared config file not found"
fi

# Test 6: Data directories exist
info "Test 6: Checking data directories..."
for dir in /var/lib/ja4sentinel /var/log/ja4sentinel /var/run/ja4sentinel; do
    if [ -d "$dir" ]; then
        pass "Directory $dir exists"
    else
        fail "Directory $dir not found"
    fi
done

# Test 7: Systemd service file exists
info "Test 7: Checking systemd service file..."
if [ -f /usr/lib/systemd/system/ja4sentinel.service ]; then
    pass "Systemd service file exists"
else
    fail "Systemd service file not found"
fi

# Test 8: Service file has correct content
info "Test 8: Checking service file content..."
if grep -q "ExecStart=/usr/bin/ja4sentinel" /usr/lib/systemd/system/ja4sentinel.service; then
    pass "Service file has correct ExecStart"
else
    fail "Service file ExecStart incorrect"
fi

# Test 9: Service file has security settings
info "Test 9: Checking service security settings..."
if grep -q "NoNewPrivileges=yes" /usr/lib/systemd/system/ja4sentinel.service; then
    pass "Service has security hardening"
else
    fail "Service missing security settings"
fi

# Test 10: ja4sentinel user exists
info "Test 10: Checking ja4sentinel user..."
if getent passwd ja4sentinel > /dev/null 2>&1; then
    pass "ja4sentinel user exists"
else
    info "ja4sentinel user not created (expected in container)"
fi

# Test 11: Binary can start (will fail on capture but should init)
info "Test 11: Checking binary initialization..."
if timeout 2 ja4sentinel --config /etc/ja4sentinel/config.yml.default 2>&1 | grep -q "Starting ja4sentinel\|Configuration loaded"; then
    pass "Binary initializes correctly"
else
    info "Binary initialization skipped (expected in container without network caps)"
fi

echo ""
echo "=========================================="
echo -e "${GREEN}  All tests passed!${NC}"
echo "=========================================="