# Gimmecert.  If not, see <http://www.gnu.org/licenses/>.

#

from .base import run_command

def test_status_command_available_with_help():

    # John has used Gimmecert for issuing server and client

    # certificates in one of his projects. Since the project has been

    # quite hectic, he has started to loose track of all the different

    # server and client certificates he has issued. He realises that

    # initialised. In spite of this, the tool reports success, and

    # informs John that Gimmecert has not been initialised yet.

    assert exit_code == 0

    assert "CA hierarchy has not been initialised in current directory." in stdout

    # John is interested in finding out a bit more about what

    # certificates have been already issued in one of the projects he

    # had initialised before.

    tmpdir.chdir()

    run_command('gimmecert', 'server', 'myserver1', '-k', 'rsa:1024')

    run_command('gimmecert', 'server', 'myserver2', 'myservice.example.com', 'myotherservice.example.com')

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver3.key.pem",

                "-subj", "/CN=myserver3", "-out", "myserver3.csr.pem")

    run_command('gimmecert', 'server', '--csr', 'myserver3.csr.pem', 'myserver3')

    # hierarchy. First thing he can see is information about the

    # default key algorithm in use. This is followed by the hierarchy

    # tree presented using indentation. Each CA is listed with its

    # full subject DN, as well as not before and not after dates. In

    # addition, the final CA in chain is marked as end entity issuing

    # CA.

    index_ca_1 = stdout_lines.index("CN=My Project Level 1 CA")  # Should not raise

    index_ca_2 = stdout_lines.index("CN=My Project Level 2 CA")  # Should not raise

    index_ca_3 = stdout_lines.index("CN=My Project Level 3 CA [END ENTITY ISSUING CA]")  # Should not raise

    assert index_default_key_algorithm < index_ca_1

    assert index_ca_1 < index_ca_2

    assert stdout_lines[index_myserver1+3] == "    Key algorithm: 1024-bit RSA"

    assert stdout_lines[index_myserver1+4] == "    Private key: .gimmecert/server/myserver1.key.pem"

    assert stdout_lines[index_myserver1+5] == "    Certificate: .gimmecert/server/myserver1.cert.pem"

    assert stdout_lines[index_myserver2+1].startswith("    Validity: ")

    assert stdout_lines[index_myserver2+2] == "    DNS: myserver2, myservice.example.com, myotherservice.example.com"

    assert stdout_lines[index_myserver2+4] == "    Private key: .gimmecert/server/myserver2.key.pem"

    assert stdout_lines[index_myserver2+5] == "    Certificate: .gimmecert/server/myserver2.cert.pem"

    assert stdout_lines[index_myserver3+1].startswith("    Validity: ")

    assert stdout_lines[index_myserver3+2] == "    DNS: myserver3"

    assert stdout_lines[index_myserver3+3] == "    Key algorithm: 2048-bit RSA"

    assert stdout_lines[index_myclient1+1].startswith("    Validity: ")

    assert stdout_lines[index_myclient1+2] == "    Key algorithm: 1024-bit RSA"

    assert stdout_lines[index_myclient1+3] == "    Private key: .gimmecert/client/myclient1.key.pem"

    assert stdout_lines[index_myclient1+4] == "    Certificate: .gimmecert/client/myclient1.cert.pem"

    assert stdout_lines[index_myclient2+1].startswith("    Validity: ")

    assert stdout_lines[index_myclient2+3] == "    Private key: .gimmecert/client/myclient2.key.pem"

    assert stdout_lines[index_myclient2+4] == "    Certificate: .gimmecert/client/myclient2.cert.pem"

    assert stdout_lines[index_myclient3+1].startswith("    Validity: ")

    assert stdout_lines[index_myclient3+2] == "    Key algorithm: 2048-bit RSA"

    assert stdout_lines[index_myclient3+3] == "    CSR: .gimmecert/client/myclient3.csr.pem"