package org.sonar.server.project.ws;

import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.ArgumentCaptor;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsTester;

/* loaded from: input_file:org/sonar/server/project/ws/BulkDeleteActionTest.class */
public class BulkDeleteActionTest {
    private static final String ACTION = "bulk_delete";
    private WsTester ws;
    private OrganizationDto org1;
    private OrganizationDto org2;

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private ComponentCleanerService componentCleanerService = (ComponentCleanerService) Mockito.mock(ComponentCleanerService.class);
    private DbClient dbClient = this.db.getDbClient();
    private BulkDeleteAction underTest = new BulkDeleteAction(this.componentCleanerService, this.dbClient, this.userSession, new ProjectsWsSupport(this.dbClient));

    @Before
    public void setUp() {
        this.ws = new WsTester(new ProjectsWs(new ProjectsWsAction[]{this.underTest}));
        this.org1 = this.db.organizations().insert();
        this.org2 = this.db.organizations().insert();
    }

    @Test
    public void system_administrator_deletes_projects_by_uuids_in_all_organizations() throws Exception {
        this.userSession.logIn().setSystemAdministrator();
        ComponentDto insertProject = this.db.components().insertProject(this.org1);
        ComponentDto insertProject2 = this.db.components().insertProject(this.org2);
        this.db.components().insertProject(this.org2);
        this.ws.newPostRequest("api/projects", ACTION).setParam("ids", insertProject.uuid() + "," + insertProject2.uuid()).execute().assertNoContent();
        verifyDeleted(insertProject, insertProject2);
    }

    @Test
    public void system_administrator_deletes_projects_by_keys_in_all_organizations() throws Exception {
        this.userSession.logIn().setSystemAdministrator();
        ComponentDto insertProject = this.db.components().insertProject(this.org1);
        ComponentDto insertProject2 = this.db.components().insertProject(this.org2);
        this.db.components().insertProject(this.org2);
        this.ws.newPostRequest("api/projects", ACTION).setParam("keys", insertProject.key() + "," + insertProject2.key()).execute().assertNoContent();
        verifyDeleted(insertProject, insertProject2);
    }

    @Test
    public void projects_that_dont_exist_are_ignored_and_dont_break_bulk_deletion() throws Exception {
        this.userSession.logIn().setSystemAdministrator();
        ComponentDto insertProject = this.db.components().insertProject(this.org1);
        ComponentDto insertProject2 = this.db.components().insertProject(this.org1);
        this.ws.newPostRequest("api/projects", ACTION).setParam("keys", insertProject.key() + ",missing," + insertProject2.key() + ",doesNotExist").execute().assertNoContent();
        verifyDeleted(insertProject, insertProject2);
    }

    @Test
    public void throw_ForbiddenException_if_organization_administrator_does_not_set_organization_parameter() throws Exception {
        this.userSession.logIn().addOrganizationPermission(this.org1.getUuid(), "admin");
        ComponentDto insertProject = this.db.components().insertProject(this.org1);
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
        this.ws.newPostRequest("api/projects", ACTION).setParam("keys", insertProject.key()).execute();
        verifyNoDeletions();
    }

    @Test
    public void organization_administrator_deletes_projects_by_keys_in_his_organization() throws Exception {
        this.userSession.logIn().addOrganizationPermission(this.org1.getUuid(), "admin");
        ComponentDto insertProject = this.db.components().insertProject(this.org1);
        this.ws.newPostRequest("api/projects", ACTION).setParam("organization", this.org1.getKey()).setParam("keys", insertProject.key() + "," + this.db.components().insertProject(this.org2).key()).execute().assertNoContent();
        verifyDeleted(insertProject);
    }

    @Test
    public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
        this.expectedException.expect(UnauthorizedException.class);
        this.expectedException.expectMessage("Authentication is required");
        this.ws.newPostRequest("api/projects", ACTION).setParam("ids", "whatever-the-uuid").execute();
        verifyNoDeletions();
    }

    @Test
    public void throw_ForbiddenException_if_param_organization_is_not_set_and_not_system_administrator() throws Exception {
        this.userSession.logIn().setNonSystemAdministrator();
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
        this.ws.newPostRequest("api/projects", ACTION).setParam("ids", "whatever-the-uuid").execute();
        verifyNoDeletions();
    }

    @Test
    public void throw_ForbiddenException_if_param_organization_is_set_but_not_organization_administrator() throws Exception {
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
        this.ws.newPostRequest("api/projects", ACTION).setParam("organization", this.org1.getKey()).setParam("ids", "whatever-the-uuid").execute();
        verifyNoDeletions();
    }

    private void verifyDeleted(ComponentDto... componentDtoArr) {
        ArgumentCaptor forClass = ArgumentCaptor.forClass(ComponentDto.class);
        ((ComponentCleanerService) Mockito.verify(this.componentCleanerService, Mockito.times(componentDtoArr.length))).delete((DbSession) Matchers.any(DbSession.class), (ComponentDto) forClass.capture());
        for (ComponentDto componentDto : componentDtoArr) {
            Assertions.assertThat(forClass.getAllValues()).extracting((v0) -> {
                return v0.uuid();
            }).contains(new String[]{componentDto.uuid()});
        }
    }

    private void verifyNoDeletions() {
        Mockito.verifyZeroInteractions(new Object[]{this.componentCleanerService});
    }
}
