# frozen_string_literal: true

require "test_helper"

class ExpiredRulesCleanupJobTest < ActiveJob::TestCase
  test "disables expired rules" do
    expired_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      expires_at: 1.hour.ago,
      enabled: true
    )

    active_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "192.168.0.0/16" },
      expires_at: 1.hour.from_now,
      enabled: true
    )

    count = ExpiredRulesCleanupJob.perform_now

    assert_equal 1, count
    assert_not expired_rule.reload.enabled?
    assert active_rule.reload.enabled?
  end

  test "does not affect rules without expiration" do
    permanent_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      expires_at: nil,
      enabled: true
    )

    ExpiredRulesCleanupJob.perform_now

    assert permanent_rule.reload.enabled?
  end

  test "does not affect already disabled rules" do
    disabled_expired_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      expires_at: 1.hour.ago,
      enabled: false
    )

    count = ExpiredRulesCleanupJob.perform_now

    assert_equal 0, count
    assert_not disabled_expired_rule.reload.enabled?
  end

  test "updates updated_at timestamp when disabling" do
    expired_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      expires_at: 1.hour.ago,
      enabled: true
    )

    original_updated_at = expired_rule.updated_at

    sleep 0.01 # Ensure time passes

    ExpiredRulesCleanupJob.perform_now

    assert expired_rule.reload.updated_at > original_updated_at
  end

  test "deletes old disabled rules when running at 1am" do
    old_disabled_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      enabled: false
    )
    old_disabled_rule.update_column(:updated_at, 31.days.ago)

    recent_disabled_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "192.168.0.0/16" },
      enabled: false
    )

    Time.stub :current, Time.current.change(hour: 1) do
      ExpiredRulesCleanupJob.perform_now
    end

    assert_raises(ActiveRecord::RecordNotFound) { old_disabled_rule.reload }
    assert_nothing_raised { recent_disabled_rule.reload }
  end

  test "does not delete old rules when not running at 1am" do
    old_disabled_rule = Rule.create!(
      rule_type: "network_v4",
      action: "deny",
      conditions: { cidr: "10.0.0.0/8" },
      enabled: false
    )
    old_disabled_rule.update_column(:updated_at, 31.days.ago)

    Time.stub :current, Time.current.change(hour: 10) do
      ExpiredRulesCleanupJob.perform_now
    end

    assert_nothing_raised { old_disabled_rule.reload }
  end

  test "returns count of disabled rules" do
    3.times do |i|
      Rule.create!(
        rule_type: "network_v4",
        action: "deny",
        conditions: { cidr: "10.#{i}.0.0/16" },
        expires_at: 1.hour.ago,
        enabled: true
      )
    end

    count = ExpiredRulesCleanupJob.perform_now

    assert_equal 3, count
  end

  test "returns zero when no expired rules" do
    count = ExpiredRulesCleanupJob.perform_now

    assert_equal 0, count
  end
end