package vulnscan

import (
	"encoding/json"
	"testing"
)

func TestParseCVSS(t *testing.T) {
	v := OSVVuln{
		ID: "CVE-2024-0001",
		Severity: []Severity{
			{Type: "CVSS_V3", Score: "7.5"},
		},
	}
	score := parseCVSS(v)
	if score != 7.5 {
		t.Errorf("expected 7.5, got %f", score)
	}
}

func TestParseCVSS_NoScore(t *testing.T) {
	v := OSVVuln{
		ID: "GHSA-xxxx",
	}
	score := parseCVSS(v)
	if score != 0 {
		t.Errorf("expected 0 for no severity, got %f", score)
	}
}

func TestExtractFixedVersion(t *testing.T) {
	v := OSVVuln{
		Affected: []Affected{
			{
				Ranges: []AffectedRange{
					{
						Events: []RangeEvent{
							{Introduced: "0"},
							{Fixed: "1.2.3"},
						},
					},
				},
			},
		},
	}
	fixed := extractFixedVersion(v)
	if fixed != "1.2.3" {
		t.Errorf("expected 1.2.3, got %s", fixed)
	}
}

func TestExtractFixedVersion_None(t *testing.T) {
	v := OSVVuln{}
	fixed := extractFixedVersion(v)
	if fixed != "" {
		t.Errorf("expected empty, got %s", fixed)
	}
}

func TestTruncateStr(t *testing.T) {
	if truncateStr("short", 10) != "short" {
		t.Error("should not truncate short strings")
	}
	if truncateStr("this is a long string", 10) != "this is a ..." {
		t.Errorf("got %q", truncateStr("this is a long string", 10))
	}
}

func TestNewClient(t *testing.T) {
	c := NewClient()
	if c.baseURL != defaultOSVAPI {
		t.Errorf("baseURL = %s, want %s", c.baseURL, defaultOSVAPI)
	}
}

func TestQueryRequest_Marshal(t *testing.T) {
	body := QueryRequest{
		Package: PackageID{PURL: "pkg:golang/github.com/foo/bar@v1.0.0"},
		Version: "v1.0.0",
	}
	data, err := json.Marshal(body)
	if err != nil {
		t.Fatalf("marshal: %v", err)
	}
	// Ensure it produces valid JSON.
	if len(data) == 0 {
		t.Error("empty JSON")
	}
}