import os
import pickle
from io import BytesIO

import pytest

from sigal.gallery import Gallery
from sigal.plugins.encrypt import endec
from sigal.plugins.encrypt.encrypt import cache_key
from sigal.utils import init_plugins

CURRENT_DIR = os.path.dirname(__file__)


def get_key_tag(settings):
    options = settings["encrypt_options"]
    key = endec.kdf_gen_key(
        options["password"], options["kdf_salt"], options["kdf_iters"]
    )
    tag = options["gcm_tag"].encode("utf-8")
    return (key, tag)


def test_encrypt(settings, tmpdir, disconnect_signals, caplog):
    settings["source"] = os.path.join(settings["source"], "encryptTest")
    settings["destination"] = str(tmpdir)
    settings["plugins"] = ["sigal.plugins.encrypt"]

    init_plugins(settings)
    gal = Gallery(settings, ncpu=1)

    with pytest.raises(ValueError, match="no encrypt_options in settings"):
        gal.build()

    settings["encrypt_options"] = {}

    gal = Gallery(settings, ncpu=1)

    with pytest.raises(ValueError, match="no password provided"):
        gal.build()

    settings["encrypt_options"] = {
        "password": "password",
        "ask_password": True,
        "encrypt_symlinked_originals": False,
    }

    gal = Gallery(settings, ncpu=1)
    gal.build()

    # check the encrypt cache exists
    cachePath = os.path.join(settings["destination"], ".encryptCache")
    assert os.path.isfile(cachePath)

    encryptCache = None
    with open(cachePath, "rb") as cacheFile:
        encryptCache = pickle.load(cacheFile)
    assert isinstance(encryptCache, dict)

    testAlbum = gal.albums["."]
    key, tag = get_key_tag(settings)

    for media in testAlbum:
        # check if sizes are stored in cache
        assert cache_key(media) in encryptCache
        assert "size" in encryptCache[cache_key(media)]
        assert "thumb_size" in encryptCache[cache_key(media)]
        assert "encrypted" in encryptCache[cache_key(media)]

        encryptedImages = [media.dst_path, media.thumb_path]
        if settings["keep_orig"]:
            encryptedImages.append(
                os.path.join(settings["destination"], media.path, media.big)
            )

        # check if images are encrypted by trying to decrypt
        for image in encryptedImages:
            with open(image, "rb") as infile:
                with BytesIO() as outfile:
                    endec.decrypt(key, infile, outfile, tag)

    # check static files have been copied
    static = os.path.join(settings["destination"], "static")
    assert os.path.isfile(os.path.join(static, "decrypt.js"))
    assert os.path.isfile(os.path.join(static, "keycheck.txt"))
    assert os.path.isfile(os.path.join(settings["destination"], "sw.js"))

    # check keycheck file
    with open(
        os.path.join(settings["destination"], "static", "keycheck.txt"), "rb"
    ) as infile:
        with BytesIO() as outfile:
            endec.decrypt(key, infile, outfile, tag)

    caplog.clear()
    caplog.set_level("DEBUG")
    gal = Gallery(settings, ncpu=1)
    gal.build()
    # Doesn't work on Actions ...
    # assert 'Loaded cache with 34 entries' in caplog.messages
    # assert 'Loaded encryption cache with 27 entries' in caplog.messages