package org.sonar.server.permission.ws;

import java.io.IOException;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionTemplateDto;
import org.sonar.db.permission.PermissionTemplateGroupDto;
import org.sonar.db.permission.PermissionTemplateTesting;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.GroupTesting;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.computation.step.ExtractReportStepTest;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usergroups.ws.UserGroupFinder;
import org.sonar.server.ws.WsActionTester;
import org.sonar.test.DbTests;
import org.sonar.test.JsonAssert;
import org.sonarqube.ws.WsPermissions;

@Category({DbTests.class})
/* loaded from: input_file:org/sonar/server/permission/ws/TemplateGroupsActionTest.class */
public class TemplateGroupsActionTest {

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);
    ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(new String[]{"TRK", "VW", "DEV"});
    DbClient dbClient;
    DbSession dbSession;
    WsActionTester ws;
    PermissionTemplateDto template1;
    PermissionTemplateDto template2;
    TemplateGroupsAction underTest;

    @Before
    public void setUp() {
        this.dbClient = this.db.getDbClient();
        this.dbSession = this.db.getSession();
        this.underTest = new TemplateGroupsAction(this.dbClient, this.userSession, new PermissionDependenciesFinder(this.dbClient, new ComponentFinder(this.dbClient), new UserGroupFinder(this.dbClient), this.resourceTypes));
        this.ws = new WsActionTester(this.underTest);
        this.userSession.login("login").setGlobalPermissions("admin");
        this.template1 = this.dbClient.permissionTemplateDao().insert(this.dbSession, PermissionTemplateTesting.newPermissionTemplateDto().setUuid("template-uuid-1"));
        this.template2 = this.dbClient.permissionTemplateDao().insert(this.dbSession, PermissionTemplateTesting.newPermissionTemplateDto().setUuid("template-uuid-2"));
        GroupDto insertGroup = insertGroup(new GroupDto().setName("group-1-name").setDescription("group-1-description"));
        GroupDto insertGroup2 = insertGroup(new GroupDto().setName("group-2-name").setDescription("group-2-description"));
        GroupDto insertGroup3 = insertGroup(new GroupDto().setName("group-3-name").setDescription("group-3-description"));
        addGroupToTemplate(newPermissionTemplateGroup("user", this.template1.getId().longValue(), insertGroup.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("user", this.template1.getId().longValue(), insertGroup2.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("user", this.template1.getId().longValue(), null));
        addGroupToTemplate(newPermissionTemplateGroup("admin", this.template1.getId().longValue(), insertGroup3.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("user", this.template2.getId().longValue(), insertGroup.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("user", this.template2.getId().longValue(), insertGroup2.getId()));
        commit();
    }

    @Test
    public void template_groups_of_json_example() {
        GroupDto insertGroup = insertGroup(GroupTesting.newGroupDto().setName("sonar-administrators").setDescription("System administrators"));
        GroupDto insertGroup2 = insertGroup(GroupTesting.newGroupDto().setName("sonar-users").setDescription("Any new users created will automatically join this group"));
        addGroupToTemplate(newPermissionTemplateGroup("issueadmin", this.template1.getId().longValue(), insertGroup.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("issueadmin", this.template1.getId().longValue(), insertGroup2.getId()));
        addGroupToTemplate(newPermissionTemplateGroup("issueadmin", this.template1.getId().longValue(), null));
        commit();
        JsonAssert.assertJson(this.ws.newRequest().setParam("permission", "issueadmin").setParam("templateId", this.template1.getUuid()).execute().getInput()).ignoreFields(new String[]{"id"}).withStrictArrayOrder().isSimilarTo(getClass().getResource("template_groups-example.json"));
    }

    @Test
    public void search_by_template_name() throws IOException {
        Assertions.assertThat(WsPermissions.WsGroupsResponse.parseFrom(this.ws.newRequest().setMediaType("application/x-protobuf").setParam("permission", "user").setParam("templateName", this.template1.getName()).execute().getInputStream()).getGroupsList()).extracting("name").containsExactly(new Object[]{"Anyone", "group-1-name", "group-2-name"});
    }

    @Test
    public void search_with_admin_permission_does_not_return_anyone() throws IOException {
        Assertions.assertThat(WsPermissions.WsGroupsResponse.parseFrom(this.ws.newRequest().setMediaType("application/x-protobuf").setParam("permission", "admin").setParam("templateId", this.template1.getUuid()).setParam("selected", WebService.SelectionMode.ALL.value()).execute().getInputStream()).getGroupsList()).extracting("name").containsExactly(new Object[]{"group-1-name", "group-2-name", "group-3-name"});
    }

    @Test
    public void search_with_pagination() throws IOException {
        Assertions.assertThat(WsPermissions.WsGroupsResponse.parseFrom(this.ws.newRequest().setMediaType("application/x-protobuf").setParam("permission", "user").setParam("templateName", this.template1.getName()).setParam("p", "2").setParam("ps", ExtractReportStepTest.TASK_UUID).execute().getInputStream()).getGroupsList()).extracting("name").containsExactly(new Object[]{"group-1-name"});
    }

    @Test
    public void search_with_selected() throws IOException {
        Assertions.assertThat(WsPermissions.WsGroupsResponse.parseFrom(this.ws.newRequest().setMediaType("application/x-protobuf").setParam("permission", "user").setParam("templateName", this.template1.getName()).setParam("selected", WebService.SelectionMode.ALL.value()).execute().getInputStream()).getGroupsList()).extracting("name").containsExactly(new Object[]{"Anyone", "group-1-name", "group-2-name", "group-3-name"});
    }

    @Test
    public void search_with_text_query() throws IOException {
        Assertions.assertThat(WsPermissions.WsGroupsResponse.parseFrom(this.ws.newRequest().setMediaType("application/x-protobuf").setParam("permission", "user").setParam("templateName", this.template1.getName()).setParam("q", "-name").execute().getInputStream()).getGroupsList()).extracting("name").containsExactly(new Object[]{"group-1-name", "group-2-name"});
    }

    @Test
    public void fail_if_not_logged_in() {
        this.expectedException.expect(UnauthorizedException.class);
        this.userSession.anonymous();
        this.ws.newRequest().setParam("permission", "user").setParam("templateId", this.template1.getUuid()).execute();
    }

    @Test
    public void fail_if_insufficient_privileges() {
        this.expectedException.expect(ForbiddenException.class);
        this.userSession.login();
        this.ws.newRequest().setParam("permission", "user").setParam("templateId", this.template1.getUuid()).execute();
    }

    @Test
    public void fail_if_template_uuid_and_name_provided() {
        this.expectedException.expect(BadRequestException.class);
        this.ws.newRequest().setParam("permission", "user").setParam("templateId", this.template1.getUuid()).setParam("templateName", this.template1.getName()).execute();
    }

    @Test
    public void fail_if_template_uuid_nor_name_provided() {
        this.expectedException.expect(BadRequestException.class);
        this.ws.newRequest().setParam("permission", "user").execute();
    }

    @Test
    public void fail_if_template_is_not_found() {
        this.expectedException.expect(NotFoundException.class);
        this.ws.newRequest().setParam("permission", "user").setParam("templateId", "unknown-uuid").execute();
    }

    @Test
    public void fail_if_not_a_project_permission() {
        this.expectedException.expect(BadRequestException.class);
        this.ws.newRequest().setParam("permission", "shareDashboard").setParam("templateId", this.template1.getUuid()).execute();
    }

    private GroupDto insertGroup(GroupDto groupDto) {
        GroupDto insert = this.dbClient.groupDao().insert(this.dbSession, groupDto);
        commit();
        return insert;
    }

    private void addGroupToTemplate(PermissionTemplateGroupDto permissionTemplateGroupDto) {
        this.dbClient.permissionTemplateDao().insertGroupPermission(this.dbSession, permissionTemplateGroupDto);
    }

    private static PermissionTemplateGroupDto newPermissionTemplateGroup(String str, long j, @Nullable Long l) {
        return PermissionTemplateTesting.newPermissionTemplateGroupDto().setPermission(str).setTemplateId(Long.valueOf(j)).setGroupId(l);
    }

    private void commit() {
        this.dbSession.commit();
    }
}
