#!/usr/bin/env bats
# Comprehensive unit tests for encryption-setup.sh hook

# Add bats library to BATS_LIB_PATH
export BATS_LIB_PATH="/usr/lib/bats-core"

load 'bats-support/load'
load 'bats-assert/load'
load 'bats-file/load'
load '../test_helper/common.bash'

setup() {
    export TEST_ROOT="${TEST_TEMP_DIR}/encryption-setup"
    mkdir -p "${TEST_ROOT}"
}

@test "encryption-setup.sh exists and is executable" {
    assert_file_exists "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"
    assert [ -x "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh" ]
}

@test "encryption-setup.sh creates LUKS2 configuration" {
    # Source the script
    source "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"

    # Mock cryptsetup
    cryptsetup() {
        echo "cryptsetup $@"
        return 0
    }
    export -f cryptsetup

    # Create test config
    local config_file="${TEST_ROOT}/crypttab"
    create_luks2_config "$config_file"

    assert_file_exists "$config_file"
    assert_file_contains "$config_file" "luks"
}

@test "encryption-setup.sh configures cryptsetup-initramfs" {
    source "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"

    local config_file="${TEST_ROOT}/initramfs.conf"
    configure_cryptsetup_initramfs "$config_file"

    assert_file_exists "$config_file"
}

@test "encryption-setup.sh creates key management scripts" {
    source "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"

    local script_dir="${TEST_ROOT}/scripts"
    mkdir -p "$script_dir"

    create_check_encryption_script "$script_dir/check-encryption.sh"
    assert_file_exists "$script_dir/check-encryption.sh"
    assert [ -x "$script_dir/check-encryption.sh" ]

    create_manage_keys_script "$script_dir/manage-encryption-keys.sh"
    assert_file_exists "$script_dir/manage-encryption-keys.sh"
    assert [ -x "$script_dir/manage-encryption-keys.sh" ]
}

@test "encryption-setup.sh creates systemd service" {
    source "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"

    local systemd_dir="${TEST_ROOT}/systemd"
    mkdir -p "$systemd_dir"

    create_encryption_service "$systemd_dir"
    assert_file_exists "$systemd_dir/knel-encryption-status.service"
}

@test "encryption-setup.sh script is valid bash" {
    run bash -n "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh"
    assert_success
}