package policy

import "testing"

func TestOutboundRuleCheck(t *testing.T) {
	cases := []struct {
		name       string
		rule       OutboundRule
		recipients []string
		wantOK     bool
		wantReason string
	}{
		{
			name:       "RO mode always blocked",
			rule:       OutboundRule{Mode: "RO"},
			recipients: []string{"a@x.com"},
			wantOK:     false,
			wantReason: "ro_mode",
		},
		{
			name:       "RW no whitelist allows anything",
			rule:       OutboundRule{Mode: "RW"},
			recipients: []string{"anyone@anywhere.com"},
			wantOK:     true,
		},
		{
			name:       "whitelist-out all match allows",
			rule:       OutboundRule{Mode: "RW", WhitelistOutEnabled: true, WhitelistOut: []string{"bob@x.com", "@trusted.com"}},
			recipients: []string{"bob@x.com", "ann@trusted.com"},
			wantOK:     true,
		},
		{
			name:       "whitelist-out domain match",
			rule:       OutboundRule{Mode: "RW", WhitelistOutEnabled: true, WhitelistOut: []string{"@trusted.com"}},
			recipients: []string{"ANN@Trusted.com"},
			wantOK:     true,
		},
		{
			name:       "one bad recipient blocks whole send",
			rule:       OutboundRule{Mode: "RW", WhitelistOutEnabled: true, WhitelistOut: []string{"@trusted.com"}},
			recipients: []string{"ann@trusted.com", "eve@evil.com"},
			wantOK:     false,
			wantReason: "whitelist_out",
		},
		{
			name:       "RO takes precedence over whitelist pass",
			rule:       OutboundRule{Mode: "RO", WhitelistOutEnabled: true, WhitelistOut: []string{"@trusted.com"}},
			recipients: []string{"ann@trusted.com"},
			wantOK:     false,
			wantReason: "ro_mode",
		},
	}
	for _, c := range cases {
		t.Run(c.name, func(t *testing.T) {
			ok, reason := c.rule.Check(c.recipients)
			if ok != c.wantOK {
				t.Fatalf("Check ok=%v want %v", ok, c.wantOK)
			}
			if !ok && reason != c.wantReason {
				t.Fatalf("reason=%q want %q", reason, c.wantReason)
			}
		})
	}
}