package checker

import (
	"context"

	sdk "git.happydns.org/checker-sdk-go/checker"
)

// probeAvailableRule reports whether the downstream TLS checker has probed
// every endpoint we published. Absent probes are common immediately after a
// new TLSA record is published and should not flap the service red.
type probeAvailableRule struct{}

func (r *probeAvailableRule) Name() string { return "dane.probe_available" }
func (r *probeAvailableRule) Description() string {
	return "Verifies a TLS probe is available for every DANE endpoint so the chain can be compared to TLSA records."
}

func (r *probeAvailableRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) []sdk.CheckState {
	rc := loadRuleContext(ctx, obs)
	if rc.err != nil {
		return []sdk.CheckState{observationErrorState(rc.err)}
	}
	if rc.relatedErr != nil {
		return []sdk.CheckState{{
			Status:  sdk.StatusError,
			Code:    "dane_observation_warning",
			Message: rc.relatedErr.Error(),
		}}
	}
	if len(rc.data.Targets) == 0 {
		return []sdk.CheckState{{
			Status:  sdk.StatusUnknown,
			Code:    "dane_probe_available_skipped",
			Message: "No DANE endpoints to probe.",
		}}
	}
	out := make([]sdk.CheckState, 0, len(rc.data.Targets))
	for _, t := range rc.data.Targets {
		subj := targetSubject(t)
		meta := targetMeta(t)
		if rc.probes[t.Ref] == nil {
			out = append(out, sdk.CheckState{
				Status:  sdk.StatusUnknown,
				Code:    "dane_no_probe",
				Subject: subj,
				Message: "No TLS probe available yet for this endpoint; re-evaluate after the next checker-tls cycle.",
				Meta:    meta,
			})
			continue
		}
		out = append(out, sdk.CheckState{
			Status:  sdk.StatusOK,
			Code:    "dane_probe_available_ok",
			Subject: subj,
			Message: "TLS probe available for this endpoint.",
			Meta:    meta,
		})
	}
	return out
}