package sources

import (
	"reflect"
	"testing"

	"github.com/salvacybersec/keyhunter/pkg/providers"
	"github.com/salvacybersec/keyhunter/pkg/recon"
)

// registerTestRegistry builds a minimal registry with one synthetic provider so
// BuildQueries inside individual sources does not panic.
func registerTestRegistry() *providers.Registry {
	return providers.NewRegistryFromProviders([]providers.Provider{
		{Name: "openai", Keywords: []string{"sk-proj-"}},
	})
}

// TestRegisterAll_WiresAllTenSources asserts that RegisterAll registers every
// Phase 10 code-hosting source by its stable name on a fresh engine.
func TestRegisterAll_WiresAllTenSources(t *testing.T) {
	eng := recon.NewEngine()
	cfg := SourcesConfig{
		Registry: registerTestRegistry(),
		Limiters: recon.NewLimiterRegistry(),
	}
	RegisterAll(eng, cfg)

	got := eng.List()
	want := []string{
		"bitbucket",
		"codeberg",
		"codesandbox",
		"gist",
		"github",
		"gitlab",
		"huggingface",
		"kaggle",
		"replit",
		"sandboxes",
	}
	if !reflect.DeepEqual(got, want) {
		t.Fatalf("RegisterAll names mismatch\n got: %v\nwant: %v", got, want)
	}
}

// TestRegisterAll_MissingCredsStillRegistered asserts that sources whose
// credentials are absent are still registered (so eng.List() reports them),
// but their Enabled() returns false. This keeps the CLI surface uniform
// regardless of which tokens are configured.
func TestRegisterAll_MissingCredsStillRegistered(t *testing.T) {
	eng := recon.NewEngine()
	RegisterAll(eng, SourcesConfig{
		Registry: registerTestRegistry(),
		Limiters: recon.NewLimiterRegistry(),
	})

	if n := len(eng.List()); n != 10 {
		t.Fatalf("expected 10 sources registered, got %d: %v", n, eng.List())
	}

	// SweepAll with an empty config should filter out cred-gated sources
	// (github, gitlab, bitbucket, gist, kaggle) and still run the credless
	// ones. We only check List() here; the integration test covers Sweep.
}