# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'set'

module Contrast
  module Config
    # Common Configuration settings. Those in this section pertain to the
    # rule mode of a single protect rule in the Agent.
    class ProtectRuleConfiguration < BaseConfiguration
      attr_accessor :enable, :mode, :disable_system_commands, :detect_custom_code_accessing_system_files

      def initialize hsh = {}
        @enable = traverse_config(hsh, :enable)
        @mode = traverse_config(hsh, :mode)
        @disable_system_commands = traverse_config(hsh, :disable_system_commands)
        @detect_custom_code_accessing_system_files = traverse_config(hsh, :detect_custom_code_accessing_system_files)
        @configuration_map = {}
        build_configuration_map
      end

      # To convert the user input mode from config to a standard format used by TS & SR, we need to convert the given
      # String to its Contrast::Api::Settings::ProtectionRule::Mode equivalent. If a nonsense value is provided, it'll
      # be treated the same as disabling the rule.
      #
      # @return [Contrast::Api::Settings::ProtectionRule::Mode, nil]
      def applicable_mode
        return unless mode

        case mode
        when 'permit'
          Contrast::Api::Settings::ProtectionRule::Mode::PERMIT
        when 'block_at_perimeter'
          Contrast::Api::Settings::ProtectionRule::Mode::BLOCK_AT_PERIMETER
        when 'block'
          Contrast::Api::Settings::ProtectionRule::Mode::BLOCK
        when 'monitor'
          Contrast::Api::Settings::ProtectionRule::Mode::MONITOR
        else
          Contrast::Api::Settings::ProtectionRule::Mode::NO_ACTION
        end
      end

      def [] key
        send(key.to_sym)
      end

      # Traverse the given entity to build out the configuration graph.
      #
      # The values will be either a hash, indicating internal nodes to
      # traverse, or a value to set or the EMPTY_VALUE symbol, indicating a
      # leaf node.
      #
      # The spec_key are the Contrast defined keys based on the instance variables of
      # a given configuration.
      def traverse_config values, spec_key
        internal_nodes = values.cs__respond_to?(:has_key?)
        val = internal_nodes ? value_from_key_config(spec_key, values) : nil
        val == EMPTY_VALUE ? nil : val
      end

      def build_configuration_map
        instance_variables.each do |key|
          str_key = key.to_s.tr('@', '')
          next if str_key == 'configuration_map'

          @configuration_map[str_key] = send(str_key.to_sym)
        end
      end
    end
  end
end