#!/bin/bash
# test-security-output.sh — Validate security-assessment-agent output structure
set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
source "$SCRIPT_DIR/lib/e2e-helpers.sh"

FIXTURE="$SCRIPT_DIR/fixtures/security-assessment/fixture.md"

if [ ! -f "$FIXTURE" ]; then
  echo "ERROR: Fixture not found: $FIXTURE"
  echo "Run: bash tests/capture-fixture.sh to generate fixtures"
  exit 1
fi

init_suite "Security Assessment Agent"

# Structure checks
assert_has_section "$FIXTURE" "Sikkerhetsvurdering" "Has security assessment header"
assert_has_section "$FIXTURE" "Sikkerhetsscoring" "Has scoring section"
assert_has_section "$FIXTURE" "Kritiske funn" "Has critical findings section"
assert_has_section "$FIXTURE" "DPIA" "Has DPIA section"
assert_has_section "$FIXTURE" "ROS-analyse" "Has risk analysis section"
assert_has_section "$FIXTURE" "Dataklassifisering" "Has data classification section"

# Content quality
assert_min_lines "$FIXTURE" 40 "Minimum 40 lines"
assert_min_tables "$FIXTURE" 3 "Minimum 3 tables (scoring, ROS, data classification)"
assert_scores_in_range "$FIXTURE" "Security scores in valid X/5 range"
assert_has_dimensions "$FIXTURE" 5 "At least 5 security dimensions scored"

# Encoding
assert_encoding_ok "$FIXTURE" "UTF-8 encoding valid"
assert_no_ascii_approximation "$FIXTURE" "No ASCII approximation of Norwegian chars"

# Domain-specific
assert_matches_pattern "$FIXTURE" "(GDPR|DPIA|personvern)" "References GDPR/DPIA"
assert_matches_pattern "$FIXTURE" "(AI Act|AI-Act)" "References AI Act"
assert_matches_pattern "$FIXTURE" "(Schrems II|Schrems)" "References Schrems II"
assert_matches_pattern "$FIXTURE" "P0|P1|Blokkerende" "Has priority classifications (P0/P1)"
assert_matches_pattern "$FIXTURE" "(Identity|Network|Data Protection|Content Safety|Compliance|Monitoring)" "Covers standard security dimensions"

print_summary