from unittest.mock import Mock

from device_trust import CrossSignedOnlyPolicy


class TestCrossSignedOnlyPolicy:
    def setup_method(self):
        self.policy = CrossSignedOnlyPolicy()

    def _make_device(self, device_id, user_id, extra_sig_keys=None):
        device = Mock()
        device.device_id = device_id
        sigs = {f"ed25519:{device_id}": "self_sig"}
        if extra_sig_keys:
            for k, v in extra_sig_keys.items():
                sigs[k] = v
        device.signatures = {user_id: sigs}
        return device

    def test_should_trust_cross_signed(self):
        device = self._make_device(
            "DEV1", "@alice:example.com",
            extra_sig_keys={"ed25519:MASTER_KEY": "cross_sig"},
        )
        assert self.policy.should_trust("@alice:example.com", device) is True

    def test_should_not_trust_self_signed_only(self):
        device = self._make_device("DEV1", "@alice:example.com")
        assert self.policy.should_trust("@alice:example.com", device) is False

    def test_should_not_trust_no_signatures(self):
        device = Mock()
        device.device_id = "DEV1"
        device.signatures = None
        assert self.policy.should_trust("@alice:example.com", device) is False

    def test_should_not_trust_empty_user_sigs(self):
        device = Mock()
        device.device_id = "DEV1"
        device.signatures = {"@alice:example.com": {}}
        assert self.policy.should_trust("@alice:example.com", device) is False

    def test_should_not_trust_missing_user_in_sigs(self):
        device = Mock()
        device.device_id = "DEV1"
        device.signatures = {"@bob:example.com": {"ed25519:OTHER": "sig"}}
        assert self.policy.should_trust("@alice:example.com", device) is False

    def test_should_not_trust_no_signatures_attr(self):
        device = Mock(spec=[])
        device.device_id = "DEV1"
        assert self.policy.should_trust("@alice:example.com", device) is False