"""
.. module: lemur.endpoints.models
    :platform: unix
    :synopsis: This module contains all of the models need to create an authority within Lemur.
    :copyright: (c) 2018 by Netflix Inc., see AUTHORS for more
    :license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
import arrow
from sqlalchemy.orm import relationship
from sqlalchemy.ext.associationproxy import association_proxy
from sqlalchemy import Column, Integer, String, Boolean, ForeignKey
from sqlalchemy.ext.hybrid import hybrid_property
from sqlalchemy.sql.expression import case

from sqlalchemy_utils import ArrowType

from lemur.database import db

from lemur.models import policies_ciphers


BAD_CIPHERS = [
    'Protocol-SSLv3',
    'Protocol-SSLv2',
    'Protocol-TLSv1'
]


class Cipher(db.Model):
    __tablename__ = 'ciphers'
    id = Column(Integer, primary_key=True)
    name = Column(String(128), nullable=False)

    @hybrid_property
    def deprecated(self):
        return self.name in BAD_CIPHERS

    @deprecated.expression
    def deprecated(cls):
        return case(
            [
                (cls.name in BAD_CIPHERS, True)
            ],
            else_=False
        )


class Policy(db.Model):
    ___tablename__ = 'policies'
    id = Column(Integer, primary_key=True)
    name = Column(String(128), nullable=True)
    ciphers = relationship('Cipher', secondary=policies_ciphers, backref='policy')


class Endpoint(db.Model):
    __tablename__ = 'endpoints'
    id = Column(Integer, primary_key=True)
    owner = Column(String(128))
    name = Column(String(128))
    dnsname = Column(String(256))
    type = Column(String(128))
    active = Column(Boolean, default=True)
    port = Column(Integer)
    policy_id = Column(Integer, ForeignKey('policy.id'))
    policy = relationship('Policy', backref='endpoint')
    certificate_id = Column(Integer, ForeignKey('certificates.id'))
    source_id = Column(Integer, ForeignKey('sources.id'))
    sensitive = Column(Boolean, default=False)
    source = relationship('Source', back_populates='endpoints')
    last_updated = Column(ArrowType, default=arrow.utcnow, nullable=False)
    date_created = Column(ArrowType, default=arrow.utcnow, onupdate=arrow.utcnow, nullable=False)

    replaced = association_proxy('certificate', 'replaced')

    @property
    def issues(self):
        issues = []

        for cipher in self.policy.ciphers:
            if cipher.deprecated:
                issues.append({'name': 'deprecated cipher', 'value': '{0} has been deprecated consider removing it.'.format(cipher.name)})

        if self.certificate.expired:
            issues.append({'name': 'expired certificate', 'value': 'There is an expired certificate attached to this endpoint consider replacing it.'})

        if self.certificate.revoked:
            issues.append({'name': 'revoked', 'value': 'There is a revoked certificate attached to this endpoint consider replacing it.'})

        return issues

    def __repr__(self):
        return "Endpoint(name={name})".format(name=self.name)