import os

import pytest

import testinfra.utils.ansible_runner


testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('client-disallowed')

parameters_mandatory_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-mandatory')

parameters_optional_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional')


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts + parameters_optional_hosts)
@pytest.mark.parametrize("ip_protocol", [4, 6])
def test_ssh_connectivity(host, target_host, ip_protocol):
    """
    Test if SSH server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -%s -p 22 -oG - %s', str(ip_protocol), target_host)

        assert scan.rc == 0
        assert "Ports: 22/open/tcp//ssh" in scan.stdout


@pytest.mark.parametrize("target_host", parameters_mandatory_hosts)
@pytest.mark.parametrize("ip_protocol", [4, 6])
def test_http_connectivity_allowed(host, target_host, ip_protocol):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -%s -p 80 -oG - %s', str(ip_protocol), target_host)

        assert scan.rc == 0
        assert "Ports: 80/open/tcp//http" in scan.stdout


@pytest.mark.parametrize("target_host", parameters_optional_hosts)
@pytest.mark.parametrize("ip_protocol", [4, 6])
def test_http_connectivity_disallowed(host, target_host, ip_protocol):
    """
    Test if HTTP server is reachable.
    """

    with host.sudo():

        scan = host.run('nmap -%s -p 80 -oG - %s', str(ip_protocol), target_host)

        assert scan.rc == 0
        assert "Ports: 80/filtered/tcp//http" in scan.stdout