#!/bin/bash
#
# Simplified SQL Injection Security Tests
# Tests the recall API endpoint against SQL injection attacks
#

API_URL="http://172.16.3.30:8001/api"

# Get JWT token from setup config if it exists
if [ -f ".claude/context-recall-config.env" ]; then
    source .claude/context-recall-config.env
fi

# Test counter
TOTAL_TESTS=0
PASSED_TESTS=0
FAILED_TESTS=0

# Color codes
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Test function
run_test() {
    local test_name="$1"
    local search_term="$2"
    local expected_status="$3"
    local test_type="${4:-search_term}"  # search_term or tag

    TOTAL_TESTS=$((TOTAL_TESTS + 1))

    # Build curl command based on test type
    if [ "$test_type" = "tag" ]; then
        response=$(curl -s -w "\n%{http_code}" -X GET "$API_URL/conversation-contexts/recall?tags[]=$search_term" \
            -H "Authorization: Bearer $JWT_TOKEN" 2>&1)
    else
        response=$(curl -s -w "\n%{http_code}" -X GET "$API_URL/conversation-contexts/recall?search_term=$search_term" \
            -H "Authorization: Bearer $JWT_TOKEN" 2>&1)
    fi

    http_code=$(echo "$response" | tail -1)
    body=$(echo "$response" | sed '$d')

    # Check if status code matches expected
    if [ "$http_code" = "$expected_status" ]; then
        echo -e "${GREEN}[PASS]${NC} $test_name (HTTP $http_code)"
        PASSED_TESTS=$((PASSED_TESTS + 1))
        return 0
    else
        echo -e "${RED}[FAIL]${NC} $test_name"
        echo "  Expected: HTTP $expected_status"
        echo "  Got: HTTP $http_code"
        echo "  Response: $body"
        FAILED_TESTS=$((FAILED_TESTS + 1))
        return 1
    fi
}

# Print header
echo "======================================================================="
echo "SQL INJECTION SECURITY TEST SUITE - Simplified"
echo "======================================================================="
echo ""
echo "Target: $API_URL/conversation-contexts/recall"
echo ""

# Verify JWT token
if [ -z "$JWT_TOKEN" ]; then
    echo -e "${RED}[ERROR]${NC} JWT_TOKEN not set. Run setup-context-recall.sh first."
    exit 1
fi

echo "Testing SQL injection vulnerabilities..."
echo ""

# Test 1: Basic SQL injection with single quote (should be rejected - 422)
run_test "Basic SQL injection: ' OR '1'='1" "' OR '1'='1" "422"

# Test 2: UNION attack (should be rejected - 422)
run_test "UNION attack: ' UNION SELECT * FROM users--" "' UNION SELECT * FROM users--" "422"

# Test 3: Comment injection (should be rejected - 422)
run_test "Comment injection: test' --" "test' --" "422"

# Test 4: Semicolon attack (should be rejected - 422)
run_test "Semicolon attack: test'; DROP TABLE conversation_contexts;--" "test'; DROP TABLE conversation_contexts;--" "422"

# Test 5: Time-based blind SQLi (should be rejected - 422)
run_test "Time-based blind: ' AND SLEEP(5)--" "' AND SLEEP(5)--" "422"

# Test 6: Stacked queries (should be rejected - 422)
run_test "Stacked queries: test; DELETE FROM contexts" "test; DELETE FROM contexts" "422"

# Test 7: SQL injection via tags (should be rejected - 400)
run_test "Tag injection: ' OR '1'='1" "' OR '1'='1" "400" "tag"

# Test 8: Tag UNION attack (should be rejected - 400)
run_test "Tag UNION: tag' UNION SELECT--" "tag' UNION SELECT--" "400" "tag"

# Valid inputs (should succeed - 200)
echo ""
echo "Testing valid inputs (should work)..."
echo ""

# Test 9: Valid alphanumeric search (should succeed - 200)
run_test "Valid search: API development" "API development" "200"

# Test 10: Valid search with allowed punctuation (should succeed - 200)
run_test "Valid punctuation: database-migration (phase-1)!" "database-migration (phase-1)!" "200"

# Test 11: Valid tags (should succeed - 200)
run_test "Valid tags: api-test" "api-test" "200" "tag"

# Test 12: Verify database still works after attacks (should succeed - 200)
echo ""
echo "Verifying database integrity..."
echo ""

response=$(curl -s -w "\n%{http_code}" -X GET "$API_URL/conversation-contexts/recall?limit=5" \
    -H "Authorization: Bearer $JWT_TOKEN" 2>&1)
http_code=$(echo "$response" | tail -1)

if [ "$http_code" = "200" ]; then
    echo -e "${GREEN}[PASS]${NC} Database integrity check (HTTP $http_code)"
    PASSED_TESTS=$((PASSED_TESTS + 1))
    TOTAL_TESTS=$((TOTAL_TESTS + 1))
else
    echo -e "${RED}[FAIL]${NC} Database integrity check"
    echo "  Expected: HTTP 200"
    echo "  Got: HTTP $http_code"
    FAILED_TESTS=$((FAILED_TESTS + 1))
    TOTAL_TESTS=$((TOTAL_TESTS + 1))
fi

# Print summary
echo ""
echo "======================================================================="
echo "TEST SUMMARY"
echo "======================================================================="
echo "Total Tests: $TOTAL_TESTS"
echo -e "${GREEN}Passed: $PASSED_TESTS${NC}"
if [ $FAILED_TESTS -gt 0 ]; then
    echo -e "${RED}Failed: $FAILED_TESTS${NC}"
else
    echo -e "${GREEN}Failed: $FAILED_TESTS${NC}"
fi

pass_rate=$(awk "BEGIN {printf \"%.1f\", ($PASSED_TESTS/$TOTAL_TESTS)*100}")
echo "Pass Rate: $pass_rate%"
echo ""

if [ $FAILED_TESTS -eq 0 ]; then
    echo -e "${GREEN}[SUCCESS]${NC} All SQL injection tests passed!"
    echo "The API is properly protected against SQL injection attacks."
    exit 0
else
    echo -e "${RED}[FAILURE]${NC} Some tests failed!"
    echo "Review the failed tests above for security vulnerabilities."
    exit 1
fi