package server

import (
	"context"
	"strings"
	"testing"
	"time"

	"scm.bstein.dev/bstein/soteria/internal/config"
)

func TestRefreshB2UsageRecordsCredentialResolutionErrors(t *testing.T) {
	srv := &Server{
		cfg: &config.Config{
			B2Enabled:     true,
			B2ScanTimeout: time.Second,
		},
		client:  &fakeKubeClient{},
		metrics: newTelemetry(),
	}

	srv.refreshB2Usage(context.Background())

	usage := srv.getB2Usage()
	if !usage.Enabled || usage.Error == "" || !strings.Contains(usage.Error, "B2 endpoint is not configured") {
		t.Fatalf("expected B2 credential resolution error snapshot, got %#v", usage)
	}
	if usage.ScannedAt == "" {
		t.Fatalf("expected failed refresh to record scanned timestamp, got %#v", usage)
	}
	if srv.metrics.b2ScanSuccess != 0 || srv.metrics.b2ScanTimestamp == 0 {
		t.Fatalf("expected failed B2 scan metrics to be recorded, got success=%f timestamp=%f", srv.metrics.b2ScanSuccess, srv.metrics.b2ScanTimestamp)
	}
}

func TestRefreshB2UsageRecordsScanErrorsAfterCredentialsResolve(t *testing.T) {
	srv := &Server{
		cfg: &config.Config{
			B2Enabled:         true,
			B2Endpoint:        "https://",
			B2AccessKeyID:     "atlas-key",
			B2SecretAccessKey: "atlas-secret",
			B2ScanTimeout:     time.Second,
		},
		client:  &fakeKubeClient{},
		metrics: newTelemetry(),
	}

	srv.refreshB2Usage(context.Background())

	usage := srv.getB2Usage()
	if usage.Endpoint != "https://" {
		t.Fatalf("expected resolved endpoint to be preserved in failed snapshot, got %#v", usage)
	}
	if usage.Error == "" || !strings.Contains(usage.Error, "S3 endpoint host is empty") {
		t.Fatalf("expected B2 scan error snapshot, got %#v", usage)
	}
	if usage.ScannedAt == "" || usage.ScanDurationMS < 0 {
		t.Fatalf("expected scan metadata on failure, got %#v", usage)
	}
	if srv.metrics.b2ScanSuccess != 0 || srv.metrics.b2ScanDurationSeconds < 0 {
		t.Fatalf("expected failure metrics after scan error, got success=%f duration=%f", srv.metrics.b2ScanSuccess, srv.metrics.b2ScanDurationSeconds)
	}
}