import json
import re
from pathlib import Path
from unittest import mock

from click.testing import CliRunner

from cvelib.cli import cli

DEFAULT_OPTS = ["-o", "test_org", "-u", "test_user", "-a", "test_api_key"]


@mock.patch("cvelib.cli.CveApi.show_cve_id")
@mock.patch("cvelib.cli.CveApi.show_cve_record")
def test_cve_id_show(show_cve_record, show_cve_id):
    show_cve_id.return_value = {
        "cve_id": "CVE-2099-1000",
        "cve_year": "2099",
        "owning_cna": "acme",
        "requested_by": {"cna": "acme", "user": "jack@example.com"},
        "reserved": "2021-01-14T18:35:17.928Z",
        "state": "RESERVED",
        "time": {"created": "2021-01-14T18:35:17.469Z", "modified": "2021-01-14T18:35:17.929Z"},
    }

    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-1000"])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "CVE-2099-1000\n"
        "├─ State:\tRESERVED\n"
        "├─ Owning CNA:\tacme\n"
        "├─ Reserved by:\tjack@example.com (acme)\n"
        "├─ Reserved on:\tThu Jan 14 18:35:17 2021 +0000\n"
        "└─ Updated on:\tThu Jan 14 18:35:17 2021 +0000\n"
    )
    assert not show_cve_record.called


@mock.patch("cvelib.cli.CveApi.show_cve_id")
@mock.patch("cvelib.cli.CveApi.show_cve_record")
def test_reserved_not_owned_cve_id(show_cve_record, show_cve_id):
    show_cve_id.return_value = {
        "cve_id": "CVE-2099-0001",
        "cve_year": "2099",
        "owning_cna": "[REDACTED]",
        "state": "RESERVED",
    }

    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-0001"])
    assert result.exit_code == 0, result.output
    assert result.output == "CVE-2099-0001\n├─ State:\tRESERVED\n└─ Owning CNA:\t[REDACTED]\n"
    assert not show_cve_record.called


@mock.patch("cvelib.cli.CveApi.show_cve_id")
@mock.patch("cvelib.cli.CveApi.show_cve_record")
def test_published_not_owned_cve_id(show_cve_record, show_cve_id):
    show_cve_id.return_value = {
        "cve_id": "CVE-2099-0001",
        "cve_year": "2099",
        "owning_cna": "acme",
        "dateUpdated": "2000-02-08T17:22:07.669Z",
        "state": "PUBLISHED",
    }

    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-0001"])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "CVE-2099-0001\n"
        "├─ State:\tPUBLISHED\n"
        "├─ Owning CNA:\tacme\n"
        "└─ Updated on:\tTue Feb  8 17:22:07 2000 +0000\n"
    )
    assert not show_cve_record.called


@mock.patch("cvelib.cli.CveApi.show_cve_id")
@mock.patch("cvelib.cli.CveApi.show_cve_record")
def test_cve_show_full(show_cve_record, show_cve_id):
    show_cve_id.return_value = {
        "cve_id": "CVE-2099-1000",
        "cve_year": "2099",
        "owning_cna": "acme",
        "requested_by": {"cna": "acme", "user": "jack@example.com"},
        "reserved": "2021-01-14T18:35:17.928Z",
        "state": "RESERVED",
        "time": {"created": "2021-01-14T18:35:17.469Z", "modified": "2021-01-14T18:35:17.929Z"},
    }
    show_cve_record.return_value = {
        "containers": {
            "cna": {
                "providerMetadata": {
                    "dateUpdated": "2022-09-27T15:29:12.964Z",
                    "orgId": "65fe0718-9a55-4e29-8e61-d4ddf6d83e28",
                    "shortName": "acme",
                },
                "rejectedReasons": [{"lang": "en", "value": "text"}],
            }
        },
        "cveMetadata": {
            "assignerOrgId": "65fe0718-9a55-4e29-8e61-d4ddf6d83e28",
            "assignerShortName": "acme",
            "cveId": "CVE-2099-1000",
            "dateRejected": "2022-09-27T15:26:42.117Z",
            "dateReserved": "2021-01-14T18:35:17.469Z",
            "dateUpdated": "2022-09-27T15:29:12.964Z",
            "state": "REJECTED",
        },
        "dataType": "CVE_RECORD",
        "dataVersion": "5.0",
    }

    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-1000", "--show-record"])
    assert result.exit_code == 0, result.output
    printed_cve_id, _, printed_cve_record = result.output.partition("-----")
    assert printed_cve_id == (
        "CVE-2099-1000\n"
        "├─ State:\tRESERVED\n"
        "├─ Owning CNA:\tacme\n"
        "├─ Reserved by:\tjack@example.com (acme)\n"
        "├─ Reserved on:\tThu Jan 14 18:35:17 2021 +0000\n"
        "└─ Updated on:\tThu Jan 14 18:35:17 2021 +0000\n"
    )
    # Don't bother checking the data since we provide it as a fixture anyway. Simply check that a
    # JSON is displayed and the length of the printed string is something reasonable.
    assert printed_cve_record.startswith("\n{")
    assert len(printed_cve_record) > 100


@mock.patch("cvelib.cli.CveApi.show_cve_id")
@mock.patch("cvelib.cli.CveApi.show_cve_record")
def test_cve_show_adp(show_cve_record, show_cve_id):
    show_cve_id.return_value = {
        "cve_id": "CVE-2099-1000",
        "cve_year": "2099",
        "owning_cna": "acme",
        "requested_by": {"cna": "acme", "user": "jack@example.com"},
        "reserved": "2021-01-14T18:35:17.928Z",
        "state": "PUBLISHED",
        "time": {"created": "2021-01-14T18:35:17.469Z", "modified": "2021-01-14T18:35:17.929Z"},
    }
    show_cve_record.return_value = {
        "containers": {
            "cna": {
                "providerMetadata": {
                    "dateUpdated": "2022-09-27T15:29:12.964Z",
                    "orgId": "65fe0718-9a55-4e29-8e61-d4ddf6d83e28",
                    "shortName": "acme",
                },
                "references": [{"url": "https://example.com"}],
            },
            "adp": [
                {
                    "providerMetadata": {
                        "dateUpdated": "2022-09-27T15:29:12.964Z",
                        "orgId": "12345678-9a55-4e29-8e61-d4ddf6d83e28",
                        "shortName": "alice-corp",
                    },
                    "references": [{"url": "https://example.com/alice"}],
                },
                {
                    "providerMetadata": {
                        "dateUpdated": "2022-09-27T15:29:12.964Z",
                        "orgId": "87654321-9a55-4e29-8e61-d4ddf6d83e28",
                        "shortName": "bob-corp",
                    },
                    "references": [{"url": "https://example.com/bob"}],
                },
            ],
        },
        "cveMetadata": {
            "assignerOrgId": "65fe0718-9a55-4e29-8e61-d4ddf6d83e28",
            "assignerShortName": "acme",
            "cveId": "CVE-2099-1000",
            "dateRejected": "2022-09-27T15:26:42.117Z",
            "dateReserved": "2021-01-14T18:35:17.469Z",
            "dateUpdated": "2022-09-27T15:29:12.964Z",
            "state": "PUBLISHED",
        },
        "dataType": "CVE_RECORD",
        "dataVersion": "5.0",
    }

    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-1000", "--show-adp"])
    assert result.exit_code == 0, result.output
    _, _, printed_cve_record = result.output.partition("-----")
    # Don't bother checking the data since we provide it as a fixture anyway. Simply check that both
    # ADP containers are present.
    assert "alice-corp ADP data:" in printed_cve_record
    assert "bob-corp ADP data:" in printed_cve_record

    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-1000", "--show-adp", "bob-corp"])
    assert result.exit_code == 0, result.output
    _, _, printed_cve_record = result.output.partition("-----")
    assert "alice-corp ADP data:" not in printed_cve_record
    assert "bob-corp ADP data:" in printed_cve_record

    result = runner.invoke(cli, DEFAULT_OPTS + ["show", "CVE-2099-1000", "--show-adp", "random"])
    assert result.exit_code == 0, result.output
    _, _, printed_cve_record = result.output.partition("-----")
    assert printed_cve_record.strip() == "CVE record does not contain ADP data from org(s): random."


def test_cve_list():
    cves = [
        {
            "cve_id": "CVE-2021-3001",
            "cve_year": "2021",
            "owning_cna": "acme",
            "requested_by": {"cna": "acme", "user": "bob"},
            "reserved": "2021-01-14T18:32:19.405Z",
            "state": "RESERVED",
            "time": {
                "created": "2021-01-14T18:32:19.409Z",
                "modified": "2021-01-14T18:32:19.409Z",
            },
        },
        {
            "cve_id": "CVE-2021-3002",
            "cve_year": "2021",
            "owning_cna": "acme",
            "requested_by": {"cna": "acme", "user": "ann"},
            "reserved": "2021-01-14T18:32:57.955Z",
            "state": "PUBLISHED",
            "time": {
                "created": "2021-01-14T18:32:57.956Z",
                "modified": "2021-01-14T18:32:57.956Z",
            },
        },
        {
            "cve_id": "CVE-2021-3003",
            "cve_year": "2021",
            "owning_cna": "acme",
            "requested_by": {"cna": "corp", "user": "eve"},
            "reserved": "2021-01-14T18:34:50.916Z",
            "state": "REJECTED",
            "time": {
                "created": "2021-01-14T18:34:50.917Z",
                "modified": "2021-01-14T18:34:50.917Z",
            },
        },
    ]
    with mock.patch("cvelib.cli.CveApi.list_cves") as list_cves:
        list_cves.return_value = cves
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["list"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "CVE ID          STATE       OWNING CNA   RESERVED BY   RESERVED ON\n"
            "CVE-2021-3001   RESERVED    acme         bob (acme)    "
            "Thu Jan 14 18:32:19 2021 +0000\n"
            "CVE-2021-3002   PUBLISHED   acme         ann (acme)    "
            "Thu Jan 14 18:32:57 2021 +0000\n"
            "CVE-2021-3003   REJECTED    acme         eve (corp)    "
            "Thu Jan 14 18:34:50 2021 +0000\n"
        )
        result = runner.invoke(cli, DEFAULT_OPTS + ["list", "--no-header"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "CVE-2021-3001   RESERVED    acme   bob (acme)   Thu Jan 14 18:32:19 2021 +0000\n"
            "CVE-2021-3002   PUBLISHED   acme   ann (acme)   Thu Jan 14 18:32:57 2021 +0000\n"
            "CVE-2021-3003   REJECTED    acme   eve (corp)   Thu Jan 14 18:34:50 2021 +0000\n"
        )


def test_count():
    count_response = {"totalCount": 123}
    with mock.patch("cvelib.cli.CveApi.count_cves") as count_cves:
        count_cves.return_value = count_response

        # No state filter
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["count"])
        assert result.exit_code == 0, result.output
        assert result.output == "Total CVE records: 123\n"
        count_cves.assert_called_with(state=None)

        # With state filter
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["count", "--state", "published"])
        assert result.exit_code == 0, result.output
        assert result.output == "Total CVE records in PUBLISHED state: 123\n"
        count_cves.assert_called_with(state="PUBLISHED")

        # Raw output
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["count", "--raw"])
        assert result.exit_code == 0, result.output
        assert json.loads(result.output) == count_response


class TestCvePublish:
    cve_id = "CVE-2001-0635"
    cna_dict = {
        "affected": [
            {
                "cpes": ["cpe:/o:redhat:linux:7.1"],
                "defaultStatus": "affected",
                "product": "Red Hat Linux",
                "vendor": "Red Hat",
            }
        ],
        "descriptions": [
            {
                "lang": "en",
                "value": "There would be words here if this was real data.",
            }
        ],
        "providerMetadata": {
            "orgId": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "shortName": "test_org",
        },
        "references": [
            {
                "name": cve_id,
                "url": f"https://access.redhat.com/security/cve/{cve_id}",
            },
            {
                "name": f"bz#1616605: {cve_id} security flaw",
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616605",
            },
        ],
    }
    cve_response_data = {
        "containers": {"cna": cna_dict},
        "cveMetadata": {
            "assignerOrgId": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "assignerShortName": "test_org",
            "cveId": cve_id,
            "datePublished": "2022-05-02T00:00:00Z",
            "dateUpdated": "2021-06-29T12:33:52.892Z",
            "dateReserved": "2021-06-29T12:33:52.892Z",
            "requesterUserId": "cb55b254-cf8f-46f6-bfbf-fc1d71ba439a",
            "state": "PUBLISHED",
        },
        "dataType": "CVE_RECORD",
        "dataVersion": "5.0",
    }

    @mock.patch("cvelib.cli.CveApi.publish")
    @mock.patch("cvelib.cli.CveApi.update_published")
    def test_cve_publish(self, update_published, publish):
        cna_text = json.dumps(self.cna_dict)
        response_dict = {
            "created": self.cve_response_data,
            "message": f"{self.cve_id} record was successfully created.",
        }
        publish.return_value = response_dict

        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["publish", self.cve_id, "--cve-json", cna_text])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "Published the following CVE:\n"
            "\n"
            f"{self.cve_id}\n"
            "├─ State:\tPUBLISHED\n"
            "├─ Owning CNA:\ttest_org\n"
            "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
            "└─ Updated on:\tTue Jun 29 12:33:52 2021 +0000\n"
            f"\nAPI response: {self.cve_id} record was successfully created.\n"
        )
        assert not update_published.called

    @mock.patch("cvelib.cli.CveApi.publish")
    @mock.patch("cvelib.cli.CveApi.update_published")
    def test_cve_publish_from_file(self, update_published, publish, tmp_path):
        with open(tmp_path / "cve.json", "w+") as cve_json_file:
            cve_json_file.write(json.dumps(self.cna_dict))

        response_dict = {
            "created": self.cve_response_data,
            "message": f"{self.cve_id} record was successfully created.",
        }
        publish.return_value = response_dict

        runner = CliRunner()
        result = runner.invoke(
            cli, DEFAULT_OPTS + ["publish", self.cve_id, "--cve-json-file", cve_json_file.name]
        )
        assert result.exit_code == 0, result.output
        assert result.output == (
            "Published the following CVE:\n"
            "\n"
            f"{self.cve_id}\n"
            "├─ State:\tPUBLISHED\n"
            "├─ Owning CNA:\ttest_org\n"
            "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
            "└─ Updated on:\tTue Jun 29 12:33:52 2021 +0000\n"
            f"\nAPI response: {self.cve_id} record was successfully created.\n"
        )
        assert not update_published.called


@mock.patch("cvelib.cli.CveApi.publish_adp")
def test_adp_publish(publish_adp):
    adp_text = json.dumps({"references": [{"url": "https://example.com/hello"}]})
    response_dict = {
        "updated": {
            "cveMetadata": {
                "assignerOrgId": "uuid",
                "assignerShortName": "test_org",
                "cveId": "CVE-2001-0635",
                "datePublished": "2022-05-02T00:00:00Z",
                "dateUpdated": "2021-06-29T12:33:52.892Z",
                "dateReserved": "2021-06-29T12:33:52.892Z",
                "state": "PUBLISHED",
            }
        },
        # Omit the rest of the API response message since it may change in the future.
        "message": "CVE-2001-0635 record had a replacement ADP container...",
    }
    publish_adp.return_value = response_dict

    runner = CliRunner()
    result = runner.invoke(
        cli, DEFAULT_OPTS + ["publish-adp", "CVE-2001-0635", "--adp-json", adp_text]
    )
    assert result.exit_code == 0, result.output
    assert result.output == (
        "Published an ADP container for:\n"
        "\n"
        "CVE-2001-0635\n"
        "├─ State:\tPUBLISHED\n"
        "├─ Owning CNA:\ttest_org\n"
        "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
        "└─ Updated on:\tTue Jun 29 12:33:52 2021 +0000\n"
        "\nAPI response: CVE-2001-0635 record had a replacement ADP container...\n"
    )


@mock.patch("cvelib.cli.CveApi.reject")
@mock.patch("cvelib.cli.CveApi.update_rejected")
@mock.patch("cvelib.cli.CveApi.move_to_rejected")
def test_cve_reject_with_record(move_to_rejected, update_rejected, reject):
    cve_id = "CVE-2001-0635"
    cna_dict = {
        "providerMetadata": {
            "orgId": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "shortName": "test_org",
        },
        "rejectedReasons": [
            {
                "lang": "en",
                "value": "There would be words here if this was real data.",
            },
        ],
    }

    cve_dict = {
        "containers": {"cna": cna_dict},
        "cveMetadata": {
            "assignerOrgId": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "assignerShortName": "test_org",
            "cveId": cve_id,
            "dateRejected": "2022-05-02T00:00:00Z",
            "dateUpdated": "2022-05-02T00:00:00Z",
            "dateReserved": "2021-06-29T12:33:52.892Z",
            "requesterUserId": "cb55b254-cf8f-46f6-bfbf-fc1d71ba439a",
            "state": "REJECTED",
        },
        "dataType": "CVE_RECORD",
        "dataVersion": "5.0",
    }
    cna_text = json.dumps(cna_dict)
    response_dict = {"created": cve_dict, "message": f"{cve_id} record was successfully created."}

    reject.return_value = response_dict
    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["reject", cve_id, "--cve-json", cna_text])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "Rejected the following CVE:\n"
        "\n"
        f"{cve_id}\n"
        "├─ State:\tREJECTED\n"
        "├─ Owning CNA:\ttest_org\n"
        "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
        "└─ Updated on:\tMon May  2 00:00:00 2022 +0000\n"
        f"\nAPI response: {cve_id} record was successfully created.\n"
    )
    assert not update_rejected.called
    assert not move_to_rejected.called


@mock.patch("cvelib.cli.CveApi.reject")
@mock.patch("cvelib.cli.CveApi.update_rejected")
@mock.patch("cvelib.cli.CveApi.move_to_rejected")
def test_cve_reject_without_record(move_to_rejected, update_rejected, reject):
    cve_id = "CVE-2099-1000"
    reject_response = {
        "updated": {
            "cve_id": "CVE-2099-1000",
            "cve_year": "2099",
            "owning_cna": "acme",
            "requested_by": {"cna": "acme", "user": "jack@example.com"},
            "reserved": "2021-06-29T12:33:52.892Z",
            "state": "REJECTED",
            "time": {"created": "2021-06-29T12:33:52.892Z", "modified": "2021-06-29T12:33:52.892Z"},
        },
        "message": f"{cve_id} record was successfully updated.",
    }

    move_to_rejected.return_value = reject_response
    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["reject", cve_id])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "Rejected the following CVE:\n"
        "\n"
        f"{cve_id}\n"
        "├─ State:\tREJECTED\n"
        "├─ Owning CNA:\tacme\n"
        "├─ Reserved by:\tjack@example.com (acme)\n"
        "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
        "└─ Updated on:\tTue Jun 29 12:33:52 2021 +0000\n"
    )
    assert not update_rejected.called
    assert not reject.called


@mock.patch("cvelib.cli.CveApi.move_to_reserved")
def test_cve_undo_reject(move_to_reserved):
    cve_id = "CVE-2099-1000"
    reserved_response = {
        "updated": {
            "cve_id": "CVE-2099-1000",
            "cve_year": "2099",
            "owning_cna": "acme",
            "requested_by": {"cna": "acme", "user": "jack@example.com"},
            "reserved": "2021-06-29T12:33:52.892Z",
            "state": "RESERVED",
            "time": {"created": "2021-06-29T12:33:52.892Z", "modified": "2021-06-29T12:33:52.892Z"},
        },
        "message": f"{cve_id} record was successfully updated.",
    }

    move_to_reserved.return_value = reserved_response
    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["undo-reject", cve_id])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "Moved the following CVE to reserved:\n"
        "\n"
        f"{cve_id}\n"
        "├─ State:\tRESERVED\n"
        "├─ Owning CNA:\tacme\n"
        "├─ Reserved by:\tjack@example.com (acme)\n"
        "├─ Reserved on:\tTue Jun 29 12:33:52 2021 +0000\n"
        "└─ Updated on:\tTue Jun 29 12:33:52 2021 +0000\n"
    )


@mock.patch("cvelib.cli.CveApi.transfer")
def test_cve_transfer(transfer):
    cve_id = "CVE-2023-1234"
    response = {
        "updated": {
            "cve_id": "CVE-2023-1234",
            "cve_year": "2023",
            "owning_cna": "new-cna",
            "requested_by": {"cna": "old-cna", "user": "test@example.com"},
            "reserved": "2021-01-14T18:35:17.469Z",
            "state": "RESERVED",
            "time": {"created": "2021-01-14T18:35:17.469Z", "modified": "2021-01-14T18:35:17.469Z"},
        },
        "message": f"{cve_id} owning_cna updated",
    }

    transfer.return_value = response
    runner = CliRunner()
    result = runner.invoke(cli, DEFAULT_OPTS + ["transfer", cve_id, "--new-cna", "new-cna"])
    assert result.exit_code == 0, result.output
    assert result.output == (
        "Successfully transferred the following CVE:\n"
        "\n"
        f"{cve_id}\n"
        "├─ State:\tRESERVED\n"
        "├─ Owning CNA:\tnew-cna\n"
        "├─ Reserved by:\ttest@example.com (old-cna)\n"
        "├─ Reserved on:\tThu Jan 14 18:35:17 2021 +0000\n"
        "└─ Updated on:\tThu Jan 14 18:35:17 2021 +0000\n"
    )
    transfer.assert_called_once_with(cve_id, "new-cna")


@mock.patch("cvelib.cli.CveApi.transfer")
def test_cve_transfer_raw_output(transfer):
    cve_id = "CVE-2023-1234"
    response = {
        "updated": {
            "cve_id": "CVE-2023-1234",
            "owning_cna": "new-cna",
            "state": "RESERVED",
        },
        "message": f"{cve_id} owning_cna updated",
    }

    transfer.return_value = response
    runner = CliRunner()
    result = runner.invoke(
        cli, DEFAULT_OPTS + ["transfer", cve_id, "--new-cna", "new-cna", "--raw"]
    )
    assert result.exit_code == 0, result.output
    assert json.loads(result.output) == response
    transfer.assert_called_once_with(cve_id, "new-cna")


@mock.patch("cvelib.cli.CveApi.transfer")
def test_cve_transfer_interactive_confirm(transfer):
    cve_id = "CVE-2023-1234"
    transfer_response = {
        "updated": {
            "cve_id": "CVE-2023-1234",
            "owning_cna": "new-cna",
            "state": "RESERVED",
        },
        "message": f"{cve_id} owning_cna updated",
    }

    transfer.return_value = transfer_response
    runner = CliRunner()
    result = runner.invoke(
        cli, DEFAULT_OPTS + ["-i", "transfer", cve_id, "--new-cna", "new-cna"], input="y\n"
    )
    assert result.exit_code == 0, result.output
    assert "You are about to transfer ownership of CVE-2023-1234 to CNA new-cna" in result.output
    assert "Do you want to continue?" in result.output
    transfer.assert_called_once_with(cve_id, "new-cna")


@mock.patch("cvelib.cli.CveApi.transfer")
def test_cve_transfer_interactive_abort(transfer):
    cve_id = "CVE-2023-1234"

    runner = CliRunner()
    result = runner.invoke(
        cli, DEFAULT_OPTS + ["-i", "transfer", cve_id, "--new-cna", "new-cna"], input="n\n"
    )
    assert result.exit_code == 0, result.output
    assert "You are about to transfer ownership of CVE-2023-1234 to CNA new-cna" in result.output
    assert "Do you want to continue?" in result.output
    assert "Exiting..." in result.output
    transfer.assert_not_called()


def test_quota():
    quota = {"id_quota": 100, "total_reserved": 10, "available": 90}
    with mock.patch("cvelib.cli.CveApi.quota") as get_quota:
        get_quota.return_value = quota
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["quota"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "CNA quota for test_org:\n├─ Limit:\t100\n├─ Reserved:\t10\n└─ Available:\t90\n"
        )


def test_reserve():
    reserved_cves = {
        "cve_ids": [
            {
                "requested_by": {"cna": "test_org", "user": "test_user@test_org.com"},
                "cve_id": "CVE-2021-20001",
                "cve_year": "2021",
                "state": "RESERVED",
                "owning_cna": "test_org",
                "reserved": "2021-05-24T18:14:34.987Z",
            },
            {
                "requested_by": {"cna": "test_org", "user": "test_user@test_org.com"},
                "cve_id": "CVE-2021-20002",
                "cve_year": "2021",
                "state": "RESERVED",
                "owning_cna": "test_org",
                "reserved": "2021-05-24T18:14:34.988Z",
            },
        ],
        "meta": {
            "remaining_quota": 10,
        },
    }
    with mock.patch("cvelib.cli.CveApi.reserve") as reserve:
        reserve.return_value = reserved_cves
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["reserve", "-y", "2021", "2"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "Reserved the following CVE ID(s):\n"
            "\n"
            "CVE-2021-20001\n"
            "├─ State:\tRESERVED\n"
            "├─ Owning CNA:\ttest_org\n"
            "├─ Reserved by:\ttest_user@test_org.com (test_org)\n"
            "└─ Reserved on:\tMon May 24 18:14:34 2021 +0000\n"
            "CVE-2021-20002\n"
            "├─ State:\tRESERVED\n"
            "├─ Owning CNA:\ttest_org\n"
            "├─ Reserved by:\ttest_user@test_org.com (test_org)\n"
            "└─ Reserved on:\tMon May 24 18:14:34 2021 +0000\n"
            "\n"
            "Remaining quota: 10\n"
        )


def test_active_user_show():
    user_data = {
        "UUID": "ac821fed-cbfa-47ab-bcde-822d759c7902",
        "active": True,
        "authority": {"active_roles": ["ADMIN"]},
        "name": {
            "first": "Test",
            "last": "User",
        },
        "org_UUID": "304d44d8-3dd1-475d-83c1-5cbefb92b780",
        "time": {"created": "2021-04-22T02:09:08.823Z", "modified": "2021-04-22T02:09:08.823Z"},
        "username": "test@user",
    }
    with mock.patch("cvelib.cli.CveApi.show_user") as show_user:
        show_user.return_value = user_data
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["user"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "Test User — test@user\n"
            "├─ Active:\tYes\n"
            "├─ Roles:\tADMIN\n"
            "├─ Created:\tThu Apr 22 02:09:08 2021 +0000\n"
            "└─ Modified:\tThu Apr 22 02:09:08 2021 +0000\n"
        )


def test_inactive_user_show():
    user_data = {
        "UUID": "ac821fed-cbfa-47ab-bcde-822d759c7902",
        "active": False,
        "authority": {"active_roles": []},
        "name": {
            "first": "",
            "last": "",
        },
        "org_UUID": "304d44d8-3dd1-475d-83c1-5cbefb92b780",
        "time": {"created": "2021-04-22T02:09:08.823Z", "modified": "2021-04-22T02:09:08.823Z"},
        "username": "test@user",
    }
    with mock.patch("cvelib.cli.CveApi.show_user") as show_user:
        show_user.return_value = user_data
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["user"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "test@user\n"
            "├─ Active:\tNo\n"
            "├─ Roles:\tNone\n"
            "├─ Created:\tThu Apr 22 02:09:08 2021 +0000\n"
            "└─ Modified:\tThu Apr 22 02:09:08 2021 +0000\n"
        )


def test_reset_key():
    api_key = {"API-secret": "foo-key"}
    with mock.patch("cvelib.cli.CveApi.reset_api_key") as reset_api_key:
        reset_api_key.return_value = api_key
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["user", "reset-key", "-u", "test_user"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "New API key for test_user:\n\n"
            "foo-key\n\n"
            "Make sure to copy your new API key; you won't be able to access it again!\n"
        )


def test_user_list():
    users = [
        {
            "UUID": "fe12571e-4a47-4272-9cc4-c61802c05356",
            "active": True,
            "authority": {"active_roles": ["ADMIN"]},
            "name": {"first": "Hello", "last": "World"},
            "org_UUID": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "time": {"created": "2021-05-26T19:27:44.567Z", "modified": "2021-05-26T19:28:52.766Z"},
            "username": "hello@world",
        },
        {
            "UUID": "cb55b254-cf8f-46f6-bfbf-fc1d71ba439a",
            "active": False,
            "authority": {"active_roles": []},
            "name": {"first": "Foo"},
            "org_UUID": "19f229d4-f3d5-4605-bf93-521fa4499c06",
            "time": {"created": "2021-05-26T19:27:24.366Z", "modified": "2021-05-26T19:32:57.857Z"},
            "username": "foo",
        },
    ]
    with mock.patch("cvelib.cli.CveApi.list_users") as list_users:
        list_users.return_value = users
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["org", "users"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "USERNAME      NAME          ROLES   ACTIVE   CREATED                          "
            "MODIFIED\n"
            "foo           Foo           None    No       Wed May 26 19:27:24 2021 +0000   "
            "Wed May 26 19:32:57 2021 +0000\n"
            "hello@world   Hello World   ADMIN   Yes      Wed May 26 19:27:44 2021 +0000   "
            "Wed May 26 19:28:52 2021 +0000\n"
        )


def test_show_org():
    org = {
        "UUID": "19f229d4-f3d5-4605-bf93-521fa4499c06",
        "authority": {"active_roles": ["CNA"]},
        "name": "Test Org",
        "policies": {"id_quota": 1000},
        "short_name": "test_org",
        "time": {"created": "2021-04-21T02:09:07.389Z", "modified": "2021-04-21T02:09:07.389Z"},
    }
    with mock.patch("cvelib.cli.CveApi.show_org") as show_org:
        show_org.return_value = org
        runner = CliRunner()
        result = runner.invoke(cli, DEFAULT_OPTS + ["org"])
        assert result.exit_code == 0, result.output
        assert result.output == (
            "Test Org — test_org\n"
            "├─ Roles:\tCNA\n"
            "├─ Created:\tWed Apr 21 02:09:07 2021 +0000\n"
            "└─ Modified:\tWed Apr 21 02:09:07 2021 +0000\n"
        )


def test_validate_good():
    runner = CliRunner()
    example_cve_file = str(Path(__file__).parent / "data/CVEv5_basic-example.json")
    result = runner.invoke(
        cli, ["validate", "--cve-json-file", example_cve_file, "--schema-type", "full"]
    )
    assert result.exit_code == 0, result.output
    assert result.output == "CVE record is valid!\n"


def test_validate_bad():
    runner = CliRunner()
    result = runner.invoke(cli, ["validate", "--cve-json", '{"bad": "record"}'])
    assert result.exit_code == 1
    assert re.search("^Schema validation .* failed:\n", result.output)


def test_exit_on_help():
    with mock.patch("cvelib.cli.CveApi.show_org") as show_org:
        show_org.return_value = {}
        runner = CliRunner()
        result = runner.invoke(cli, ["org", "--help"])
        assert result.exit_code == 0, result.output
        # The command is named after the function that is called.
        assert result.output.startswith("Usage: cli org")