from applepy.checks.mitre import _attack_technique_url, augment_mitre_worksheet
from applepy.dedupe import dedupe_by_id
from applepy.findings import Finding, Severity


def test_dedupe_by_id() -> None:
    a = Finding(
        id="x",
        title="t",
        category="c",
        severity=Severity.LOW,
        description="d",
        evidence="e",
        worksheet="W",
    )
    b = Finding(
        id="x",
        title="other",
        category="c",
        severity=Severity.HIGH,
        description="d",
        evidence="e",
        worksheet="W",
    )
    out = dedupe_by_id([a, b])
    assert len(out) == 1
    assert out[0].title == "t"


def test_attack_technique_url_subtechnique() -> None:
    assert _attack_technique_url("T1548.001") == "https://attack.mitre.org/techniques/T1548/001/"


def test_attack_technique_url_parent() -> None:
    assert _attack_technique_url("T1059") == "https://attack.mitre.org/techniques/T1059/"


def test_augment_mitre_adds_rows() -> None:
    f = Finding(
        id="f1",
        title="t",
        category="c",
        severity=Severity.INFORMATIONAL,
        description="d",
        evidence="e",
        worksheet="Core",
        mitre_techniques=("T1082",),
    )
    findings: list[Finding] = [f]
    augment_mitre_worksheet(findings)
    assert any(x.id == "map-T1082" for x in findings)
    assert any(x.id == "map-summary" for x in findings)
    assert any(x.id.startswith("map-defer-") for x in findings)