package IdPAccountManager::TestAccount;

use strict;
use warnings;

use base 'IdPAccountManager::DB::Object';

use DateTime;

    table   => 'testaccounts',

    columns => [
        id              => { type => 'bigserial', not_null => 1 },
        password_hash   => { type => 'varchar', length => 50, not_null => 1 },
        password        => { type => 'varchar', length => 50, nonpersistent => 1 },
        creation_date   => { type => 'date' },
        expiration_date => { type => 'date' },
        profile         => { type => 'varchar', length => 100, not_null => 1 },
        scope           => { type => 'varchar', length => 100, not_null => 1 },
        sp_entityid     => { type => 'varchar', length => 250, not_null => 1 },

    primary_key_columns => [ 'id' ],

my %cn = (
    alumni1        => 'Åsold Wahlstrøm - eduGAIN Access Check account',
    employee1      => 'Linnéa Hsu - eduGAIN Access Check account',
    fullset1       => 'Gundabald Lightfoot - eduGAIN Access Check account',
    librarywalkin1 => 'Ramón Núñez - eduGAIN Access Check account',
    researcher1    => 'Stéphane Larivière - eduGAIN Access Check account',
    student1       => 'Ciarán MacCárthaigh - eduGAIN Access Check account',
    student2       => 'Damiën Kuijper - eduGAIN Access Check account',
    teacher1       => 'Peter Müller - eduGAIN Access Check account',

my %givenName = (
    fullset1       => 'Gundabald',

my %sn = (
    fullset1       => 'Lightfoot - eduGAIN Access Check account',

my %mail = (
    alumni1        => 'asold.wahlstrom',
    employee1      => 'linnea.hsu',
    fullset1       => 'gundabald.lightfoot',
    generic1       => 'forearartian',
    librarywalkin1 => 'ramon.nunez',
    researcher1    => 'stephane.lariviere',
    student1       => 'ciaran.maccarthaigh',
    student2       => 'damien.kuijper',
    teacher1       => 'peter.muller',

my %affiliation = (
    alumni1        => [ qw/alum/ ],
    employee1      => [ qw/member staff employee/ ],
    fullset1       => [ qw/member faculty/ ],
    librarywalkin1 => [ qw/library-walk-in/ ],
    researcher1    => [ qw/member faculty/ ],
    student1       => [ qw/member student/ ],
    student2       => [ qw/member student faculty/ ],
    teacher1       => [ qw/member faculty/ ],

my %scopedAffiliation = (
    alumni1        => [ qw/alum/ ],
    employee1      => [ qw/member staff employee/ ],
    fullset1       => [ qw/member faculty/ ],
    librarywalkin1 => [ qw/library-walk-in/ ],
    researcher1    => [ qw/member faculty/ ],
    student1       => [ qw/member student/ ],
    student2       => [ qw/member student faculty/ ],
    teacher1       => [ qw/member faculty/ ],
    teacher2       => [ qw/member faculty/ ],

my %comment = (
    alumni1         => <<EOF,
Value "member" is not set for eduPersonAffiliation, contrary to current students.
    employee1      => <<EOF,
There are conflicting definitions of "staff" and "employee" from country to country that make those values particularly unreliable in any international context. However in this example we set both values.
    fullset1       => <<EOF,
This user profile respresents a researcher with all eduGAIN user attributes plus givenName and surname.
    generic1       => <<EOF,
This account provides a limited set of user attributes (eduPersonPrincipalName, mail and displayName).
    librarywalkin1 => <<EOF,
This term was created to cover the case where physical presence in a library facility grants someone access to electronic resources typically licensed for faculty, staff and students. In recent years the library walk-in provision has been extended to cover other cases such as library users on the campus network, or those using on-campus workstations.  Licensed resource providers have often been willing to interpret their contracts with licensees to accept this broader definition of "library-walk-in," though specific terms may vary. For a more direct way of using eduPerson attributes to express library privilege information, see the eduPersonEntitlement value "urn:mace:dir:entitlement:common-lib-terms" as defined in the MACE-Dir Registry of eduPersonEntitlement values <a href=""></a>.
    researcher1    => <<EOF,
This account provides only an eduPersonTargetedID attribute.
    student1       => <<EOF,
An active student has both "member" and "student" values set for eduPersonAffiliation.
    student2       => <<EOF,
A PhD student, having three values set for eduPersonAffiliation: "member" and "student" and "faculty".
    teacher1       => <<EOF,
This account provides a limited set of user attributes (eduPersonScopedAffiliation and eduPersonTargetedID).
    teacher2       => <<EOF,
An active teacher has both "member" and "faculty" values set for eduPersonAffiliation.

sub print {
    my ($self, $fd) = @_;
    $fd = \*STDOUT unless $fd;

    printf $fd
"Account ID=%s; password_hash=%s; sp_entityid=%s; profile=%s; scope=%s; creation_date=%s; expiration_date=%s\n",

sub save {
    my ($self, %args) = @_;

    # If no ID is defined, it is a new account
    if (! defined $self->id()) {
            DateTime->today()->add(days => $args{accounts_validity_period})


sub internal_uid {
    my ($self) = @_;
    return 'user' . $self->id();

sub cn {
    my ($self) = @_;
    return $cn{$self->profile()};

sub displayName {
    my ($self) = @_;
    return $cn{$self->profile()};

sub givenName {
    my ($self) = @_;
    return $givenName{$self->profile()};

sub mail {
    my ($self) = @_;
    my $prefix = $mail{$self->profile()};
    return $prefix ?
        $prefix . '@' . $self->{scope} : undef;

sub eduPersonAffiliation {
    my ($self) = @_;
    return $affiliation{$self->profile()};

sub eduPersonScopedAffiliation {
    my ($self) = @_;
    my $affiliations = $scopedAffiliation{$self->profile()};
    return $affiliations ?
        [ map { $_ . '@' . $self->{scope} } @$affiliations ] : undef;

sub eduPersonPrincipalName {
    my ($self) = @_;
    return $self->id() . '@'. $self->{scope};

sub schacHomeOrganization {
    my ($self) = @_;
    return $self->{scope};

sub schacHomeOrganizationType {
    my ($self) = @_;
    return "urn:schac:homeOrganizationType:int:other";

sub comment {
    my ($self) = @_;
    return $comment{$self->profile()};
