#!/bin/bash
set -x

bazel run //Testing/integration:install_profile -- Testing/integration/configs/default.mobileconfig

# Reset moroz to default config
killall moroz
/tmp/moroz -configs="$GITHUB_WORKSPACE/Testing/integration/configs/moroz_default/global.toml" -use-tls=false &

sudo santactl sync --debug

# Ensure baseline binary blocking
set +e
./Source/santad/testdata/binaryrules/badbinary
blocked=$?
set -e

if [[ $blocked == 0 ]]; then
  echo "Blocklisted binary allowed to run" >&2
  exit 1
fi

if [[ "$(sudo santactl status --json | jq .daemon.block_usb)" != "false" ]]; then
  echo "USB blocking enabled with minimal config" >&2
  exit 1
fi

# Wait for the UI to have come up
sleep 5

bazel run //Testing/integration:dismiss_santa_popup

# Now change moroz to use the changed config, enabling USB blocking and removing the badbinary block rule
killall moroz
/tmp/moroz -configs="$GITHUB_WORKSPACE/Testing/integration/configs/moroz_changed/global.toml" -use-tls=false &

sudo santactl sync --debug

set +e
./Source/santad/testdata/binaryrules/badbinary
blocked=$?
set -e

if [[ $blocked != 0 ]]; then
  echo "Removal from blocklist failed" >&2
  exit 1
fi

if [[ "$(sudo santactl status --json | jq .daemon.block_usb)" != "true" ]]; then
  echo "USB blocking config change didnt take effect" >&2
  exit 1
fi