package org.sonar.server.usertoken.ws;

import com.google.common.base.Throwables;
import java.io.IOException;
import javax.annotation.Nullable;
import org.apache.commons.lang.RandomStringUtils;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.sonar.api.utils.System2;
import org.sonar.db.DbTester;
import org.sonar.db.user.UserDbTester;
import org.sonar.db.user.UserTesting;
import org.sonar.db.user.UserTokenTesting;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.ServerException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usertoken.TokenGenerator;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
import org.sonar.test.JsonAssert;
import org.sonarqube.ws.WsUserTokens;

/* loaded from: input_file:org/sonar/server/usertoken/ws/GenerateActionTest.class */
public class GenerateActionTest {
    private static final String GRACE_HOPPER = "grace.hopper";
    private static final String ADA_LOVELACE = "ada.lovelace";
    private static final String TOKEN_NAME = "Third Party Application";

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);
    UserDbTester userDb = new UserDbTester(this.db);

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    TokenGenerator tokenGenerator = (TokenGenerator) Mockito.mock(TokenGenerator.class);
    WsActionTester ws;

    @Before
    public void setUp() {
        Mockito.when(this.tokenGenerator.generate()).thenReturn("123456789");
        Mockito.when(this.tokenGenerator.hash(Matchers.anyString())).thenReturn("987654321");
        this.userSession.login().setGlobalPermissions("admin");
        this.userDb.insertUser(UserTesting.newUserDto().setLogin(GRACE_HOPPER));
        this.userDb.insertUser(UserTesting.newUserDto().setLogin(ADA_LOVELACE));
        this.ws = new WsActionTester(new GenerateAction(this.db.getDbClient(), this.userSession, System2.INSTANCE, this.tokenGenerator));
    }

    @Test
    public void json_example() {
        JsonAssert.assertJson(this.ws.newRequest().setMediaType("application/json").setParam("login", GRACE_HOPPER).setParam("name", TOKEN_NAME).execute().getInput()).isSimilarTo(getClass().getResource("generate-example.json"));
    }

    @Test
    public void a_user_can_generate_token_for_himself() {
        this.userSession.login(GRACE_HOPPER).setGlobalPermissions("scan");
        Assertions.assertThat(newRequest(null, TOKEN_NAME).getLogin()).isEqualTo(GRACE_HOPPER);
    }

    @Test
    public void fail_if_name_is_longer_than_100_characters() {
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Token name length (101) is longer than the maximum authorized (100)");
        newRequest(GRACE_HOPPER, RandomStringUtils.randomAlphabetic(101));
    }

    @Test
    public void fail_if_login_does_not_exist() {
        this.expectedException.expect(ForbiddenException.class);
        newRequest("unknown-login", "any-name");
    }

    @Test
    public void fail_if_name_is_blank() {
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("The 'name' parameter must not be blank");
        newRequest(GRACE_HOPPER, "   ");
    }

    @Test
    public void fail_if_token_with_same_login_and_name_exists() {
        newRequest(GRACE_HOPPER, TOKEN_NAME);
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("A user token with login 'grace.hopper' and name 'Third Party Application' already exists");
        newRequest(GRACE_HOPPER, TOKEN_NAME);
    }

    @Test
    public void fail_if_token_hash_already_exists_in_db() {
        Mockito.when(this.tokenGenerator.hash(Matchers.anyString())).thenReturn("987654321");
        this.db.getDbClient().userTokenDao().insert(this.db.getSession(), UserTokenTesting.newUserToken().setTokenHash("987654321"));
        this.db.commit();
        this.expectedException.expect(ServerException.class);
        this.expectedException.expectMessage("Error while generating token. Please try again.");
        newRequest(GRACE_HOPPER, TOKEN_NAME);
    }

    @Test
    public void fail_if_insufficient_privileges() {
        this.userSession.login(ADA_LOVELACE).setGlobalPermissions("scan");
        this.expectedException.expect(ForbiddenException.class);
        newRequest(GRACE_HOPPER, TOKEN_NAME);
    }

    private WsUserTokens.GenerateWsResponse newRequest(@Nullable String str, String str2) {
        TestRequest param = this.ws.newRequest().setMediaType("application/x-protobuf").setParam("name", str2);
        if (str != null) {
            param.setParam("login", str);
        }
        try {
            return WsUserTokens.GenerateWsResponse.parseFrom(param.execute().getInputStream());
        } catch (IOException e) {
            throw Throwables.propagate(e);
        }
    }
}
