#!/bin/bash

# Quality Rails Verification Script
# Tests that enforcement actually works

echo "═══════════════════════════════════════════"
echo "Quality Rails Enforcement Verification"
echo "═══════════════════════════════════════════"
echo ""

PASSED=0
FAILED=0

# Test 1: Type error blocked
echo "Test 1: Type errors should be blocked..."
echo "const x: string = 123;" > test-file.ts
git add test-file.ts 2>/dev/null
if git commit -m "Test commit" 2>&1 | grep -q "error"; then
  echo "✅ PASS: Type errors blocked"
  ((PASSED++))
else
  echo "❌ FAIL: Type errors NOT blocked"
  ((FAILED++))
fi
git reset HEAD test-file.ts 2>/dev/null
rm test-file.ts 2>/dev/null

# Test 2: any type blocked
echo ""
echo "Test 2: 'any' types should be blocked..."
echo "const x: any = 123;" > test-file.ts
git add test-file.ts 2>/dev/null
if git commit -m "Test commit" 2>&1 | grep -q "no-explicit-any"; then
  echo "✅ PASS: 'any' types blocked"
  ((PASSED++))
else
  echo "❌ FAIL: 'any' types NOT blocked"
  ((FAILED++))
fi
git reset HEAD test-file.ts 2>/dev/null
rm test-file.ts 2>/dev/null

# Test 3a: gitleaks binary must be present
echo ""
echo "Test 3a: gitleaks must be installed..."
if command -v gitleaks &> /dev/null; then
  echo "✅ PASS: gitleaks found ($(gitleaks version 2>/dev/null || echo 'unknown version'))"
  PASSED=$((PASSED + 1))
else
  echo "❌ FAIL: gitleaks is NOT installed — secret scanning will not work"
  echo "  Install: https://github.com/gitleaks/gitleaks#installing"
  FAILED=$((FAILED + 1))
fi

# Test 3b: gitleaks detects a planted AWS key
echo ""
echo "Test 3b: gitleaks should detect planted AWS key..."
if command -v gitleaks &> /dev/null; then
  echo 'aws_access_key_id = AKIAIOSFODNN7REALKEY' > gitleaks-test-secret.txt
  git add gitleaks-test-secret.txt 2>/dev/null
  if gitleaks git --pre-commit --staged --redact 2>&1 | grep -q -i "leak\|finding"; then
    echo "✅ PASS: gitleaks detected planted secret"
    PASSED=$((PASSED + 1))
  else
    echo "❌ FAIL: gitleaks did NOT detect planted secret"
    FAILED=$((FAILED + 1))
  fi
  git reset HEAD gitleaks-test-secret.txt 2>/dev/null
  rm gitleaks-test-secret.txt 2>/dev/null
else
  echo "⚠ SKIP: gitleaks not installed (Test 3a already failed)"
fi

# Test 4: Lint error blocked
echo ""
echo "Test 4: Lint errors should be blocked..."
echo "const x=123" > test-file.ts  # Missing semicolon
git add test-file.ts 2>/dev/null
if git commit -m "Test commit" 2>&1 | grep -q "prettier"; then
  echo "✅ PASS: Lint errors blocked"
  ((PASSED++))
else
  echo "❌ FAIL: Lint errors NOT blocked"
  ((FAILED++))
fi
git reset HEAD test-file.ts 2>/dev/null
rm test-file.ts 2>/dev/null

# Summary
echo ""
echo "═══════════════════════════════════════════"
echo "Verification Summary"
echo "═══════════════════════════════════════════"
echo "✅ Passed: $PASSED"
echo "❌ Failed: $FAILED"
echo ""

if [ $FAILED -eq 0 ]; then
  echo "🎉 All tests passed! Quality enforcement is working."
  exit 0
else
  echo "⚠ Some tests failed. Review configuration."
  exit 1
fi