package org.sonar.server.permission.ws.template;

import com.google.common.base.Predicate;
import com.google.common.collect.FluentIterable;
import java.util.List;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.Mockito;
import org.sonar.api.config.Settings;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.GroupWithPermissionDto;
import org.sonar.db.permission.OldPermissionQuery;
import org.sonar.db.permission.PermissionRepository;
import org.sonar.db.permission.UserWithPermissionDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateTesting;
import org.sonar.db.user.GroupDbTester;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.GroupRoleDto;
import org.sonar.db.user.GroupTesting;
import org.sonar.db.user.UserDbTester;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserPermissionDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.i18n.I18nRule;
import org.sonar.server.issue.index.IssueAuthorizationIndexer;
import org.sonar.server.permission.PermissionService;
import org.sonar.server.permission.ws.PermissionDependenciesFinder;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usergroups.ws.UserGroupFinder;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;

/* loaded from: input_file:org/sonar/server/permission/ws/template/BulkApplyTemplateActionTest.class */
public class BulkApplyTemplateActionTest {
    WsActionTester ws;
    UserDto user1;
    UserDto user2;
    GroupDto group1;
    GroupDto group2;
    PermissionTemplateDto template1;
    PermissionTemplateDto template2;

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone().login("login").setGlobalPermissions("admin");

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);
    ComponentDbTester componentDb = new ComponentDbTester(this.db);
    UserDbTester userDb = new UserDbTester(this.db);
    GroupDbTester groupDb = new GroupDbTester(this.db);
    DbClient dbClient = this.db.getDbClient();
    DbSession dbSession = this.db.getSession();
    ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(new String[]{"TRK", "VW", "DEV"});
    I18nRule i18n = new I18nRule();
    IssueAuthorizationIndexer issueAuthorizationIndexer = (IssueAuthorizationIndexer) Mockito.mock(IssueAuthorizationIndexer.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/sonar/server/permission/ws/template/BulkApplyTemplateActionTest$PermissionNotNull.class */
    public static class PermissionNotNull implements Predicate<GroupWithPermissionDto> {
        private PermissionNotNull() {
        }

        public boolean apply(@Nullable GroupWithPermissionDto groupWithPermissionDto) {
            return groupWithPermissionDto.getPermission() != null;
        }
    }

    @Before
    public void setUp() {
        PermissionRepository permissionRepository = new PermissionRepository(this.dbClient, new Settings());
        ComponentFinder componentFinder = new ComponentFinder(this.dbClient);
        this.ws = new WsActionTester(new BulkApplyTemplateAction(this.dbClient, new PermissionService(this.dbClient, permissionRepository, this.issueAuthorizationIndexer, this.userSession, componentFinder), new PermissionDependenciesFinder(this.dbClient, componentFinder, new UserGroupFinder(this.dbClient), this.resourceTypes), this.i18n, this.resourceTypes));
        this.user1 = this.userDb.insertUser(UserTesting.newUserDto().setLogin("user-login-1"));
        this.user2 = this.userDb.insertUser(UserTesting.newUserDto().setLogin("user-login-2"));
        this.group1 = this.groupDb.insertGroup(GroupTesting.newGroupDto().setName("group-name-1"));
        this.group2 = this.groupDb.insertGroup(GroupTesting.newGroupDto().setName("group-name-2"));
        this.template1 = insertTemplate(PermissionTemplateTesting.newPermissionTemplateDto().setUuid("permission-template-uuid-1"));
        addUserToTemplate(this.user1, this.template1, "codeviewer");
        addUserToTemplate(this.user2, this.template1, "issueadmin");
        addGroupToTemplate(this.group1, this.template1, "admin");
        addGroupToTemplate(this.group2, this.template1, "user");
        this.template2 = insertTemplate(PermissionTemplateTesting.newPermissionTemplateDto().setUuid("permission-template-uuid-2"));
        addUserToTemplate(this.user1, this.template2, "user");
        addUserToTemplate(this.user2, this.template2, "user");
        addGroupToTemplate(this.group1, this.template2, "user");
        addGroupToTemplate(this.group2, this.template2, "user");
        commit();
    }

    @Test
    public void bulk_apply_template_by_template_uuid() {
        ComponentDto insertComponent = this.componentDb.insertComponent(ComponentTesting.newProjectDto());
        ComponentDto insertComponent2 = this.componentDb.insertComponent(ComponentTesting.newView());
        ComponentDto insertComponent3 = this.componentDb.insertComponent(ComponentTesting.newDeveloper("developer-name"));
        addUserPermissionToProject(this.user1, insertComponent3, "admin");
        addUserPermissionToProject(this.user2, insertComponent3, "admin");
        addGroupPermissionToProject(this.group1, insertComponent3, "admin");
        addGroupPermissionToProject(this.group2, insertComponent3, "admin");
        this.db.commit();
        call(this.ws.newRequest().setParam("templateId", this.template1.getUuid()));
        assertTemplate1AppliedToProject(insertComponent);
        assertTemplate1AppliedToProject(insertComponent2);
        assertTemplate1AppliedToProject(insertComponent3);
    }

    @Test
    public void bulk_apply_template_by_template_name() {
        ComponentDto insertComponent = this.componentDb.insertComponent(ComponentTesting.newProjectDto());
        call(this.ws.newRequest().setParam("templateName", this.template1.getName()));
        assertTemplate1AppliedToProject(insertComponent);
    }

    @Test
    public void apply_template_by_qualifier() {
        ComponentDto insertComponent = this.componentDb.insertComponent(ComponentTesting.newProjectDto());
        ComponentDto insertComponent2 = this.componentDb.insertComponent(ComponentTesting.newView());
        call(this.ws.newRequest().setParam("templateId", this.template1.getUuid()).setParam("qualifier", insertComponent.qualifier()));
        assertTemplate1AppliedToProject(insertComponent);
        assertNoPermissionOnProject(insertComponent2);
    }

    @Test
    public void apply_template_by_query_on_name_and_key() {
        ComponentDto key = ComponentTesting.newProjectDto().setKey("sonar");
        this.componentDb.insertProjectAndSnapshot(key);
        ComponentDto name = ComponentTesting.newProjectDto().setName("name-sonar-name");
        this.componentDb.insertProjectAndSnapshot(name);
        ComponentDto name2 = ComponentTesting.newProjectDto().setKey("new-sonar").setName("project-name");
        this.componentDb.insertProjectAndSnapshot(name2);
        this.componentDb.indexAllComponents();
        call(this.ws.newRequest().setParam("templateId", this.template1.getUuid()).setParam("q", "sonar"));
        assertTemplate1AppliedToProject(key);
        assertTemplate1AppliedToProject(name);
        assertNoPermissionOnProject(name2);
    }

    @Test
    public void fail_if_no_template_parameter() {
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Template name or template id must be provided, not both.");
        call(this.ws.newRequest());
    }

    @Test
    public void fail_if_template_name_is_incorrect() {
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
        call(this.ws.newRequest().setParam("templateId", "unknown-template-uuid"));
    }

    private void call(TestRequest testRequest) {
        testRequest.execute();
        this.db.commit();
    }

    private void assertTemplate1AppliedToProject(ComponentDto componentDto) {
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "admin")).extracting("name").containsExactly(new Object[]{this.group1.getName()});
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "user")).extracting("name").containsExactly(new Object[]{this.group2.getName()});
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "codeviewer")).extracting("login").containsExactly(new Object[]{this.user1.getLogin()});
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "issueadmin")).extracting("login").containsExactly(new Object[]{this.user2.getLogin()});
    }

    private void assertNoPermissionOnProject(ComponentDto componentDto) {
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "codeviewer")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "issueadmin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "user")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "codeviewer")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "issueadmin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "user")).isEmpty();
    }

    private PermissionTemplateDto insertTemplate(PermissionTemplateDto permissionTemplateDto) {
        return this.dbClient.permissionTemplateDao().insert(this.dbSession, permissionTemplateDto);
    }

    private void addUserToTemplate(UserDto userDto, PermissionTemplateDto permissionTemplateDto, String str) {
        this.dbClient.permissionTemplateDao().insertUserPermission(this.dbSession, permissionTemplateDto.getId(), userDto.getId(), str);
    }

    private void addGroupToTemplate(GroupDto groupDto, PermissionTemplateDto permissionTemplateDto, String str) {
        this.dbClient.permissionTemplateDao().insertGroupPermission(this.dbSession, permissionTemplateDto.getId(), groupDto.getId(), str);
    }

    private void addUserPermissionToProject(UserDto userDto, ComponentDto componentDto, String str) {
        this.dbClient.roleDao().insertUserRole(this.dbSession, new UserPermissionDto().setPermission(str).setUserId(userDto.getId()).setComponentId(componentDto.getId()));
    }

    private void addGroupPermissionToProject(GroupDto groupDto, ComponentDto componentDto, String str) {
        this.dbClient.roleDao().insertGroupRole(this.dbSession, new GroupRoleDto().setRole(str).setResourceId(componentDto.getId()).setGroupId(groupDto.getId()));
    }

    private List<GroupWithPermissionDto> selectProjectPermissionGroups(ComponentDto componentDto, String str) {
        return FluentIterable.from(this.dbClient.permissionDao().selectGroups(this.dbSession, query(str), componentDto.getId())).filter(new PermissionNotNull()).toList();
    }

    private List<UserWithPermissionDto> selectProjectPermissionUsers(ComponentDto componentDto, String str) {
        return this.dbClient.permissionDao().selectUsers(this.dbSession, query(str), componentDto.getId(), 0, Integer.MAX_VALUE);
    }

    private void commit() {
        this.dbSession.commit();
    }

    private static OldPermissionQuery query(String str) {
        return OldPermissionQuery.builder().membership("IN").permission(str).build();
    }
}
