# frozen_string_literal: true
require 'json'
require 'openssl'

module NoradBeacon
  class Result
    attr_reader :nid, :sir, :status, :output, :title, :description, :signature

    # I'm making this value a constant to reinforce the idea that it should *never* change. If it
    # does, all ignore rules in the Norad database will be invalidated.
    SIGNATURE_DIGEST = OpenSSL::Digest::SHA256

    # rubocop:disable ParameterLists
    def initialize(nid, status, output, title, description, sir = 'unevaluated', text_to_fingerprint = nil)
      @nid = nid.to_s
      @sir = cvss_to_sir(sir)
      @status = status.to_s
      @output = output.to_s
      @title = title.to_s
      @description = description.to_s
      @signature = compute_signature(text_to_fingerprint)
    end
    # rubocop:enable ParameterLists

    def to_json(*a)
      {
        nid: nid,
        sir: sir,
        status: status,
        output: output,
        title: title,
        description: description,
        signature: signature
      }.to_json(*a)
    end

    private

    def cvss_to_sir(sir)
      return sir if sir !~ /\A\d+\.?\d*\z/
      case sir.to_f
      when 0.0..3.9 then return 'low'
      when 4.0..6.9 then return 'medium'
      when 7.0..8.9 then return 'high'
      when 9.0..10.0 then return 'critical'
      else
        return 'unevaluated'
      end
    end

    def compute_signature(text_to_fingerprint)
      # If no specialized text to fingerprint was provided, use the raw output
      SIGNATURE_DIGEST.new.update("#{nid}#{title}#{text_to_fingerprint || output}").hexdigest
    end
  end
end