#!/bin/bash

# ISO 27001 風險評估 API 測試腳本

echo "========================================="
echo "ISO 27001 風險評估 API 測試"
echo "========================================="
echo ""

# API 基礎 URL
API_URL="http://localhost:8000/api"

# 測試步驟
echo "1️⃣  檢查 Docker 容器狀態..."
docker compose ps | grep backend
echo ""

echo "2️⃣  測試風險類別 API..."
echo "GET ${API_URL}/risks/categories/"
curl -s "${API_URL}/risks/categories/" | head -20
echo -e "\n"

echo "3️⃣  測試威脅來源 API..."
echo "GET ${API_URL}/risks/threats/"
curl -s "${API_URL}/risks/threats/" | head -20
echo -e "\n"

echo "4️⃣  測試脆弱性 API..."
echo "GET ${API_URL}/risks/vulnerabilities/"
curl -s "${API_URL}/risks/vulnerabilities/" | head -20
echo -e "\n"

echo "5️⃣  測試風險列表 API（需要認證）..."
echo "GET ${API_URL}/risks/risks/"
echo "回應: $(curl -s "${API_URL}/risks/risks/" | head -5)"
echo ""

echo "ℹ️  注意：風險相關 API 需要 JWT Token 認證"
echo ""

echo "========================================="
echo "✅ 基礎 API 端點測試完成"
echo "========================================="
echo ""

echo "📊 已建立的資源："
echo "  • 風險類別: 5 個"
echo "  • 威脅來源: 5 個"
echo "  • 脆弱性: 4 個"
echo "  • 風險記錄: 3 個"
echo ""

echo "📋 可用的 API 端點："
echo "  GET  /api/risks/categories/         - 風險類別"
echo "  GET  /api/risks/threats/            - 威脅來源"
echo "  GET  /api/risks/vulnerabilities/    - 脆弱性"
echo "  GET  /api/risks/risks/              - 風險列表"
echo "  GET  /api/risks/risks/statistics/   - 風險統計"
echo "  GET  /api/risks/risks/risk_matrix/  - 風險矩陣"
echo "  POST /api/risks/risks/              - 新增風險"
echo ""

echo "🔑 認證方式："
echo "  1. 取得 Token: POST /api/auth/login/"
echo "  2. 使用 Token: Authorization: Bearer {token}"
echo ""

echo "📖 詳細文檔請參考："
echo "  ./RISK_ASSESSMENT_COMPLETION.md"
echo ""