module KennaKdi
  class VulnGenerator
    attr_accessor :cve_data_path

    def initialize(cve_data_path)
      # path to a directory of json.gz nvd files for CveReport class
      @cve_data_path = cve_data_path
    end

    def vulns(vulns_and_vuln_defs)
      vulns_and_vuln_defs.flat_map do |vdata|
        vdata[:vuln]
      end
    end

    def vuln_defs(vulns_and_vuln_defs)
      vulns_and_vuln_defs.flat_map do |vdata|
        vdata[:vuln_def]
      end
    end

    def multiple_vulns(num_of_vulns)
      num_of_vulns.times.map { random_vuln_and_vuln_def } 
    end

    private

    def random_cve_report
      cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
      CveReport.new(cve_files.sample)
    end

    def vuln_hash
      scanner_id = Faker::Code.nric
      t = Time.new
      timestamp = t.strftime("%Y-%m-%d %H:%M:%S")

      {
        "scanner_identifier": scanner_id,
        "scanner_type": "KDI Faker Data",
        "created_at": timestamp,
        "last_seen_at": timestamp,
        "status": "open"
      }
    end

    def vuln_def_hash(vuln_hash)
      cve_data = random_cve_report
      id = cve_data.cve_ids.sample
      cve = cve_data.cve(id)
      description = cve_data.description(id) 

      {
        "scanner_identifier": vuln_hash[:scanner_identifier],
        "scanner_type": vuln_hash[:scanner_type],
        "cve_identifiers": id,
        "name": "#{vuln_hash[:scanner_identifier]} - #{id}",
        "description": description
      }
    end

    def random_vuln_and_vuln_def
      # spit out a pair of vuln/vuln_def hashes
      vuln = vuln_hash
      {
        "vuln": vuln,
        "vuln_def": vuln_def_hash(vuln)
      }
    end
  end
end