module KennaKdi
  class VulnGenerator
    attr_accessor :cve_data_path, :cve_data

    def initialize(cve_data_path)
      # path to a directory of json.gz nvd files for CveReport class
      @cve_data_path = cve_data_path
      @cve_data = random_cve_report 
    end

    def random_vuln_and_vuln_def
      # spit out a pair of vuln/vuln_def hashes
      scanner_id = Faker::Code.nric
      t = Time.new
      timestamp = t.strftime("%Y-%m-%d %H:%M:%S")
      

      id = cve_data.cve_ids.sample
      cve = cve_data.cve(id)
      description = cve_data.description(id) 

      {
        "vuln": {
          "scanner_identifier": scanner_id,
          "scanner_type": "KDI Faker Data",
          "created_at": timestamp,
          "last_seen_at": timestamp,
          "status": "open"
        },
        "vuln_def": {
          "scanner_identifier": scanner_id,
          "scanner_type": "KDI Faker Data",
          "cve_identifiers": id,
          "name": "#{scanner_id} - #{id}",
          "description": description
        }
      }
    end

    private

    def random_cve_report
      cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
      CveReport.new(cve_files.sample)
    end
  end
end