package checker

import (
	"context"

	sdk "git.happydns.org/checker-sdk-go/checker"
)

// tlsQualityRule folds findings from a downstream TLS checker (cert chain,
// hostname match, expiry, …) into SMTP rule output, so they show up on the
// SMTP service page without the user opening a separate report.
type tlsQualityRule struct{}

func (r *tlsQualityRule) Name() string { return "smtp.tls_quality" }
func (r *tlsQualityRule) Description() string {
	return "Folds downstream TLS checker findings (certificate chain, hostname match, expiry) onto the SMTP service."
}

func (r *tlsQualityRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) []sdk.CheckState {
	data, errSt := loadSMTPData(ctx, obs)
	if errSt != nil {
		return []sdk.CheckState{*errSt}
	}
	if data.MX.NullMX {
		return []sdk.CheckState{notTestedState("smtp.tls_quality.skipped", "Skipped: domain declares a null MX.")}
	}
	related, _ := obs.GetRelated(ctx, TLSRelatedKey)
	if len(related) == 0 {
		return []sdk.CheckState{notTestedState("smtp.tls_quality.skipped", "No related TLS observation available (no TLS checker downstream, or no probe yet).")}
	}
	issues := tlsIssuesFromRelated(related)
	if len(issues) == 0 {
		return []sdk.CheckState{passState("smtp.tls_quality.ok", "Downstream TLS checker reports no issues on the MX endpoints.")}
	}
	return statesFromIssues(issues)
}