package org.sonar.server.root.ws;

import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.user.UserDao;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;

/* loaded from: input_file:org/sonar/server/root/ws/UnsetRootActionTest.class */
public class UnsetRootActionTest {
    private static final String SOME_LOGIN = "johndoe";

    @Rule
    public DbTester dbTester = DbTester.create(System2.INSTANCE);

    @Rule
    public UserSessionRule userSessionRule = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private UserDao userDao = this.dbTester.getDbClient().userDao();
    private DbSession dbSession = this.dbTester.getSession();
    private UnsetRootAction underTest = new UnsetRootAction(this.userSessionRule, this.dbTester.getDbClient());
    private WsActionTester wsTester = new WsActionTester(this.underTest);

    @Test
    public void verify_definition() {
        WebService.Action def = this.wsTester.getDef();
        Assertions.assertThat(def.key()).isEqualTo("unset_root");
        Assertions.assertThat(def.isInternal()).isTrue();
        Assertions.assertThat(def.isPost()).isTrue();
        Assertions.assertThat(def.since()).isEqualTo("6.2");
        Assertions.assertThat(def.description()).isEqualTo("Make the specified user not root.<br/>Requires to be root.");
        Assertions.assertThat(def.responseExample()).isNull();
        Assertions.assertThat(def.deprecatedKey()).isNull();
        Assertions.assertThat(def.deprecatedSince()).isNull();
        Assertions.assertThat(def.handler()).isSameAs(this.underTest);
        Assertions.assertThat(def.params()).hasSize(1);
        WebService.Param param = def.param("login");
        Assertions.assertThat(param.isRequired()).isTrue();
        Assertions.assertThat(param.description()).isEqualTo("A user login");
        Assertions.assertThat(param.defaultValue()).isNull();
        Assertions.assertThat(param.deprecatedSince()).isNull();
        Assertions.assertThat(param.deprecatedKey()).isNull();
        Assertions.assertThat(param.exampleValue()).isEqualTo("admin");
    }

    @Test
    public void execute_fails_with_ForbiddenException_when_user_is_not_logged_in() {
        expectInsufficientPrivilegesForbiddenException();
        executeRequest(SOME_LOGIN);
    }

    @Test
    public void execute_fails_with_ForbiddenException_when_user_is_not_root() {
        this.userSessionRule.login();
        expectInsufficientPrivilegesForbiddenException();
        executeRequest(SOME_LOGIN);
    }

    @Test
    public void execute_fails_with_IAE_when_login_param_is_not_provided() {
        makeAuthenticatedUserRoot();
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("The 'login' parameter is missing");
        executeRequest(null);
    }

    @Test
    public void execute_makes_user_with_specified_login_not_root_when_it_is() {
        UserDto insertRootUser = insertRootUser(UserTesting.newUserDto());
        insertRootUser(UserTesting.newUserDto(SOME_LOGIN, "name", "email"));
        makeAuthenticatedUserRoot();
        executeRequest(SOME_LOGIN);
        Assertions.assertThat(this.userDao.selectByLogin(this.dbSession, SOME_LOGIN).isRoot()).isFalse();
        Assertions.assertThat(this.userDao.selectByLogin(this.dbSession, insertRootUser.getLogin()).isRoot()).isTrue();
    }

    @Test
    public void execute_has_no_effect_when_user_is_already_not_root() {
        UserDto insertRootUser = insertRootUser(UserTesting.newUserDto());
        insertNonRootUser(UserTesting.newUserDto(SOME_LOGIN, "name", "email"));
        makeAuthenticatedUserRoot();
        executeRequest(SOME_LOGIN);
        Assertions.assertThat(this.userDao.selectByLogin(this.dbSession, SOME_LOGIN).isRoot()).isFalse();
        Assertions.assertThat(this.userDao.selectByLogin(this.dbSession, insertRootUser.getLogin()).isRoot()).isTrue();
    }

    @Test
    public void execute_fails_with_BadRequestException_when_attempting_to_unset_root_on_last_root_user() {
        insertRootUser(UserTesting.newUserDto(SOME_LOGIN, "name", "email"));
        insertNonRootUser(UserTesting.newUserDto());
        makeAuthenticatedUserRoot();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Last root can't be unset");
        executeRequest(SOME_LOGIN);
    }

    @Test
    public void execute_fails_with_BadRequestException_when_attempting_to_unset_non_root_and_there_is_no_root_at_all() {
        UserDto newUserDto = UserTesting.newUserDto(SOME_LOGIN, "name", "email");
        insertNonRootUser(newUserDto);
        makeAuthenticatedUserRoot();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Last root can't be unset");
        executeRequest(newUserDto.getLogin());
    }

    @Test
    public void execute_fails_with_NotFoundException_when_user_for_specified_login_does_not_exist() {
        makeAuthenticatedUserRoot();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User with login 'bar_foo' not found");
        executeRequest("bar_foo");
    }

    @Test
    public void execute_fails_with_NotFoundException_when_user_for_specified_login_is_inactive() {
        UserDto insertRootUser = insertRootUser(UserTesting.newUserDto().setActive(false));
        makeAuthenticatedUserRoot();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User with login '" + insertRootUser.getLogin() + "' not found");
        executeRequest(insertRootUser.getLogin());
    }

    private UserDto insertNonRootUser(UserDto userDto) {
        this.userDao.insert(this.dbSession, userDto);
        this.dbSession.commit();
        return userDto;
    }

    private UserDto insertRootUser(UserDto userDto) {
        insertNonRootUser(userDto);
        this.userDao.setRoot(this.dbSession, userDto.getLogin(), true);
        this.dbSession.commit();
        return userDto;
    }

    private void makeAuthenticatedUserRoot() {
        this.userSessionRule.login().setRoot();
    }

    private void expectInsufficientPrivilegesForbiddenException() {
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
    }

    private int executeRequest(@Nullable String str) {
        TestRequest newRequest = this.wsTester.newRequest();
        if (str != null) {
            newRequest.setParam("login", str);
        }
        return newRequest.execute().getStatus();
    }
}
