package org.sonar.server.permission.ws;

import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserRoleDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.permission.PermissionFinder;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usergroups.ws.UserGroupFinder;
import org.sonar.server.ws.WsActionTester;
import org.sonar.test.DbTests;
import org.sonar.test.JsonAssert;

@Category({DbTests.class})
/* loaded from: input_file:org/sonar/server/permission/ws/UsersActionTest.class */
public class UsersActionTest {

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);
    ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(new String[]{"TRK", "VW", "DEV"});
    DbClient dbClient = this.db.getDbClient();
    DbSession dbSession = this.db.getSession();
    WsActionTester ws;
    UsersAction underTest;

    @Before
    public void setUp() {
        this.underTest = new UsersAction(this.dbClient, this.userSession, new PermissionFinder(this.dbClient), new PermissionDependenciesFinder(this.dbClient, new ComponentFinder(this.dbClient), new UserGroupFinder(this.dbClient), this.resourceTypes));
        this.ws = new WsActionTester(this.underTest);
        this.userSession.login("login").setGlobalPermissions("admin");
        UserDto insertUser = insertUser(new UserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
        UserDto insertUser2 = insertUser(new UserDto().setLogin("login-2").setName("name-2").setEmail("email-2"));
        UserDto insertUser3 = insertUser(new UserDto().setLogin("login-3").setName("name-3").setEmail("email-3"));
        insertUserRole(new UserRoleDto().setRole("scan").setUserId(insertUser.getId()));
        insertUserRole(new UserRoleDto().setRole("scan").setUserId(insertUser2.getId()));
        insertUserRole(new UserRoleDto().setRole("admin").setUserId(insertUser3.getId()));
        commit();
    }

    @Test
    public void search_for_users_with_response_example() {
        this.db.truncateTables();
        UserDto insertUser = insertUser(new UserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com"));
        UserDto insertUser2 = insertUser(new UserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net"));
        insertUserRole(new UserRoleDto().setRole("scan").setUserId(insertUser.getId()));
        insertUserRole(new UserRoleDto().setRole("scan").setUserId(insertUser2.getId()));
        commit();
        JsonAssert.assertJson(this.ws.newRequest().setParam("permission", "scan").execute().getInput()).isSimilarTo(getClass().getResource("users-example.json"));
    }

    @Test
    public void search_for_users_with_one_permission() {
        JsonAssert.assertJson(this.ws.newRequest().setParam("permission", "scan").execute().getInput()).isSimilarTo(getClass().getResource("UsersActionTest/users.json"));
    }

    @Test
    public void search_for_users_with_permission_on_project() {
        this.dbClient.componentDao().insert(this.dbSession, ComponentTesting.newProjectDto("project-uuid").setKey("project-key"));
        insertUserRole(new UserRoleDto().setRole("issueadmin").setUserId(insertUser(UserTesting.newUserDto().setLogin("project-user-login").setName("project-user-name")).getId()).setResourceId(this.dbClient.componentDao().selectOrFailByUuid(this.dbSession, "project-uuid").getId()));
        commit();
        this.userSession.login().addProjectUuidPermissions("admin", "project-uuid");
        Assertions.assertThat(this.ws.newRequest().setParam("permission", "issueadmin").setParam("projectId", "project-uuid").execute().getInput()).contains(new CharSequence[]{"project-user-login"}).doesNotContain("login-1");
    }

    @Test
    public void search_for_users_with_query_as_a_parameter() {
        Assertions.assertThat(this.ws.newRequest().setParam("permission", "scan").setParam("q", "ame-1").execute().getInput()).contains(new CharSequence[]{"login-1"}).doesNotContain("login-2").doesNotContain("login-3");
    }

    @Test
    public void search_for_users_with_select_as_a_parameter() {
        Assertions.assertThat(this.ws.newRequest().setParam("permission", "scan").setParam("selected", WebService.SelectionMode.ALL.value()).execute().getInput()).contains(new CharSequence[]{"login-1", "login-2", "login-3"});
    }

    @Test
    public void fail_if_project_permission_without_project() {
        this.expectedException.expect(BadRequestException.class);
        this.ws.newRequest().setParam("permission", "issueadmin").setParam("selected", WebService.SelectionMode.ALL.value()).execute();
    }

    @Test
    public void fail_if_permission_parameter_is_not_filled() {
        this.expectedException.expect(IllegalArgumentException.class);
        this.ws.newRequest().execute();
    }

    @Test
    public void fail_if_insufficient_privileges() {
        this.expectedException.expect(ForbiddenException.class);
        this.userSession.login("login");
        this.ws.newRequest().setParam("permission", "admin").execute();
    }

    @Test
    public void fail_if_not_logged_in() {
        this.expectedException.expect(UnauthorizedException.class);
        this.userSession.anonymous();
        this.ws.newRequest().setParam("permission", "admin").execute();
    }

    @Test
    public void fail_if_project_uuid_and_project_key_are_provided() {
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Project id or project key can be provided, not both.");
        this.dbClient.componentDao().insert(this.dbSession, ComponentTesting.newProjectDto("project-uuid").setKey("project-key"));
        commit();
        this.ws.newRequest().setParam("permission", "admin").setParam("projectId", "project-uuid").setParam("projectKey", "project-key").execute();
    }

    private UserDto insertUser(UserDto userDto) {
        UserDto insert = this.dbClient.userDao().insert(this.dbSession, userDto.setActive(true));
        commit();
        return insert;
    }

    private void insertUserRole(UserRoleDto userRoleDto) {
        this.dbClient.roleDao().insertUserRole(this.dbSession, userRoleDto);
        commit();
    }

    private void commit() {
        this.dbSession.commit();
    }
}
