package org.sonar.server.permission;

import java.util.Collections;
import java.util.List;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.Mockito;
import org.sonar.api.config.MapSettings;
import org.sonar.api.config.Settings;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.template.PermissionTemplateDbTester;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.computation.task.projectanalysis.issue.DefaultAssigneeTest;
import org.sonar.server.permission.index.PermissionIndexer;
import org.sonar.server.permission.ws.template.DefaultTemplatesResolverRule;
import org.sonar.server.tester.UserSessionRule;

/* loaded from: input_file:org/sonar/server/permission/PermissionTemplateServiceTest.class */
public class PermissionTemplateServiceTest {

    @Rule
    public ExpectedException throwable = ExpectedException.none();

    @Rule
    public DbTester dbTester = DbTester.create(new AlwaysIncreasingSystem2());

    @Rule
    public DefaultTemplatesResolverRule defaultTemplatesResolver = DefaultTemplatesResolverRule.withGovernance();
    private UserSessionRule userSession = UserSessionRule.standalone();
    private PermissionTemplateDbTester templateDb = this.dbTester.permissionTemplates();
    private DbSession session = this.dbTester.getSession();
    private Settings settings = new MapSettings();
    private PermissionIndexer permissionIndexer = (PermissionIndexer) Mockito.mock(PermissionIndexer.class);
    private PermissionTemplateService underTest = new PermissionTemplateService(this.dbTester.getDbClient(), this.permissionIndexer, this.userSession, this.defaultTemplatesResolver);

    @Test
    public void apply_permission_template() {
        OrganizationDto insert = this.dbTester.organizations().insert();
        ComponentDto insertProject = this.dbTester.components().insertProject(insert);
        GroupDto insertGroup = this.dbTester.users().insertGroup(insert);
        GroupDto insertGroup2 = this.dbTester.users().insertGroup(insert);
        UserDto insertUser = this.dbTester.users().insertUser();
        this.dbTester.users().insertPermissionOnGroup(insertGroup, "admin");
        this.dbTester.users().insertPermissionOnGroup(insertGroup2, "user");
        this.dbTester.users().insertPermissionOnUser(insert, insertUser, "admin");
        PermissionTemplateDto insertTemplate = this.dbTester.permissionTemplates().insertTemplate(insert);
        this.dbTester.permissionTemplates().addGroupToTemplate(insertTemplate, insertGroup, "admin");
        this.dbTester.permissionTemplates().addGroupToTemplate(insertTemplate, insertGroup, "issueadmin");
        this.dbTester.permissionTemplates().addGroupToTemplate(insertTemplate, insertGroup2, "user");
        this.dbTester.permissionTemplates().addGroupToTemplate(insertTemplate, insertGroup2, "codeviewer");
        this.dbTester.permissionTemplates().addAnyoneToTemplate(insertTemplate, "user");
        this.dbTester.permissionTemplates().addAnyoneToTemplate(insertTemplate, "codeviewer");
        this.dbTester.permissionTemplates().addUserToTemplate(insertTemplate, insertUser, "admin");
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, insertGroup, insertProject)).isEmpty();
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, insertGroup2, insertProject)).isEmpty();
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, null, insertProject)).isEmpty();
        Assertions.assertThat(selectProjectPermissionsOfUser(insertUser, insertProject)).isEmpty();
        this.underTest.apply(this.session, insertTemplate, Collections.singletonList(insertProject));
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, insertGroup, insertProject)).containsOnly(new String[]{"admin", "issueadmin"});
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, insertGroup2, insertProject)).containsOnly(new String[]{"user", "codeviewer"});
        Assertions.assertThat(selectProjectPermissionsOfGroup(insert, null, insertProject)).containsOnly(new String[]{"user", "codeviewer"});
        Assertions.assertThat(selectProjectPermissionsOfUser(insertUser, insertProject)).containsOnly(new String[]{"admin"});
        checkAuthorizationUpdatedAtIsUpdated(insertProject);
    }

    private List<String> selectProjectPermissionsOfGroup(OrganizationDto organizationDto, @Nullable GroupDto groupDto, ComponentDto componentDto) {
        return this.dbTester.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(this.session, organizationDto.getUuid(), groupDto != null ? groupDto.getId() : null, componentDto.getId().longValue());
    }

    private List<String> selectProjectPermissionsOfUser(UserDto userDto, ComponentDto componentDto) {
        return this.dbTester.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(this.session, userDto.getId().longValue(), componentDto.getId().longValue());
    }

    @Test
    public void would_user_have_permission_with_default_permission_template() {
        OrganizationDto insert = this.dbTester.organizations().insert();
        UserDto insertUser = this.dbTester.users().insertUser();
        GroupDto insertGroup = this.dbTester.users().insertGroup(insert);
        this.dbTester.users().insertMember(insertGroup, insertUser);
        PermissionTemplateDto insertTemplate = this.templateDb.insertTemplate(insert);
        this.dbTester.organizations().setDefaultTemplates(insertTemplate, (PermissionTemplateDto) null);
        this.templateDb.addProjectCreatorToTemplate(insertTemplate.getId().longValue(), "scan");
        this.templateDb.addUserToTemplate(insertTemplate.getId().longValue(), insertUser.getId().longValue(), "user");
        this.templateDb.addGroupToTemplate(insertTemplate.getId().longValue(), insertGroup.getId(), "codeviewer");
        this.templateDb.addGroupToTemplate(insertTemplate.getId().longValue(), (Long) null, "issueadmin");
        checkWouldUserHavePermission(insert, insertUser.getId(), "admin", false);
        checkWouldUserHavePermission(insert, insertUser.getId(), "scan", true);
        checkWouldUserHavePermission(insert, insertUser.getId(), "user", true);
        checkWouldUserHavePermission(insert, insertUser.getId(), "codeviewer", true);
        checkWouldUserHavePermission(insert, insertUser.getId(), "issueadmin", true);
        checkWouldUserHavePermission(insert, null, "admin", false);
        checkWouldUserHavePermission(insert, null, "scan", false);
        checkWouldUserHavePermission(insert, null, "user", false);
        checkWouldUserHavePermission(insert, null, "codeviewer", false);
        checkWouldUserHavePermission(insert, null, "issueadmin", true);
    }

    @Test
    public void would_user_have_permission_with_unknown_default_permission_template() {
        this.dbTester.organizations().setDefaultTemplates(this.dbTester.getDefaultOrganization(), "UNKNOWN_TEMPLATE_UUID", (String) null);
        checkWouldUserHavePermission(this.dbTester.getDefaultOrganization(), null, "admin", false);
    }

    @Test
    public void would_user_have_permission_with_empty_template() {
        this.dbTester.organizations().setDefaultTemplates(this.templateDb.insertTemplate(this.dbTester.getDefaultOrganization()), (PermissionTemplateDto) null);
        checkWouldUserHavePermission(this.dbTester.getDefaultOrganization(), null, "admin", false);
    }

    private void checkWouldUserHavePermission(OrganizationDto organizationDto, @Nullable Long l, String str, boolean z) {
        Assertions.assertThat(this.underTest.wouldUserHavePermissionWithDefaultTemplate(this.session, organizationDto.getUuid(), l, str, (String) null, DefaultAssigneeTest.PROJECT_KEY, "TRK")).isEqualTo(z);
    }

    private void checkAuthorizationUpdatedAtIsUpdated(ComponentDto componentDto) {
        Assertions.assertThat(this.dbTester.getDbClient().componentDao().selectOrFailById(this.session, componentDto.getId().longValue()).getAuthorizationUpdatedAt()).isNotNull();
    }
}
