package org.sonar.server.user.ws;

import java.util.Collections;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.config.MapSettings;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.organization.OrganizationTesting;
import org.sonar.db.property.PropertyDto;
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.db.user.UserTokenTesting;
import org.sonar.server.es.EsTester;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.permission.index.FooIndexDefinition;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.index.UserIndex;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.user.index.UserIndexer;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import org.sonar.test.JsonAssert;

/* loaded from: input_file:org/sonar/server/user/ws/DeactivateActionTest.class */
public class DeactivateActionTest {
    private WsActionTester ws;
    private UserIndex index;
    private UserIndexer userIndexer;
    private System2 system2 = AlwaysIncreasingSystem2.INSTANCE;

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public DbTester db = DbTester.create(this.system2);

    @Rule
    public EsTester esTester = new EsTester(new UserIndexDefinition(new MapSettings()));

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();
    private TestDefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(this.db);
    private DbClient dbClient = this.db.getDbClient();
    private DbSession dbSession = this.db.getSession();

    @Before
    public void setUp() {
        this.userIndexer = new UserIndexer(this.system2, this.dbClient, this.esTester.client());
        this.index = new UserIndex(this.esTester.client());
        this.userIndexer = new UserIndexer(this.system2, this.dbClient, this.esTester.client());
        this.ws = new WsActionTester(new DeactivateAction(this.dbClient, this.userIndexer, this.userSession, new UserJsonWriter(this.userSession), this.defaultOrganizationProvider));
    }

    @Test
    public void test_definition() {
        Assertions.assertThat(this.ws.getDef().isPost()).isTrue();
        Assertions.assertThat(this.ws.getDef().isInternal()).isFalse();
        Assertions.assertThat(this.ws.getDef().params()).hasSize(1);
    }

    @Test
    public void deactivate_user_and_delete_his_related_data() throws Exception {
        UserDto insertUser = insertUser(UserTesting.newUserDto().setLogin("ada.lovelace").setEmail("ada.lovelace@noteg.com").setName("Ada Lovelace").setScmAccounts(Collections.singletonList("al")));
        logInAsSystemAdministrator();
        JsonAssert.assertJson(deactivate(insertUser.getLogin()).getInput()).isSimilarTo(this.ws.getDef().responseExampleAsString());
        Assertions.assertThat(this.index.getNullableByLogin(insertUser.getLogin()).active()).isFalse();
        verifyThatUserIsDeactivated(insertUser.getLogin());
        Assertions.assertThat(this.dbClient.userTokenDao().selectByLogin(this.dbSession, insertUser.getLogin())).isEmpty();
        Assertions.assertThat(this.dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setUserId(Integer.valueOf(insertUser.getId().intValue())).build(), this.dbSession)).isEmpty();
    }

    @Test
    public void cannot_deactivate_self() throws Exception {
        UserDto createUser = createUser();
        this.userSession.logIn(createUser.getLogin()).setSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Self-deactivation is not possible");
        deactivate(createUser.getLogin());
        verifyThatUserExists(createUser.getLogin());
    }

    @Test
    public void deactivation_requires_to_be_logged_in() throws Exception {
        this.expectedException.expect(UnauthorizedException.class);
        this.expectedException.expectMessage("Authentication is required");
        deactivate("someone");
    }

    @Test
    public void deactivation_requires_administrator_permission() throws Exception {
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
        deactivate("someone");
    }

    @Test
    public void fail_if_user_does_not_exist() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User 'someone' doesn't exist");
        deactivate("someone");
    }

    @Test
    public void fail_if_login_is_blank() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User '' doesn't exist");
        deactivate("");
    }

    @Test
    public void fail_to_deactivate_last_administrator_of_default_organization() throws Exception {
        UserDto createUser = createUser();
        this.db.users().insertPermissionOnUser(createUser, "admin");
        logInAsSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("User is last administrator, and cannot be deactivated");
        deactivate(createUser.getLogin());
    }

    @Test
    public void fail_to_deactivate_last_administrator_of_organization() throws Exception {
        UserDto createUser = createUser();
        OrganizationDto insert = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org1"));
        OrganizationDto insert2 = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org2"));
        OrganizationDto insert3 = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org3"));
        this.db.users().insertPermissionOnUser(insert, createUser, "admin");
        this.db.users().insertPermissionOnUser(insert2, createUser, "admin");
        this.db.users().insertPermissionOnUser(insert3, createUser, "admin");
        this.db.users().insertPermissionOnUser(insert3, createUser(), "admin");
        logInAsSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("User is last administrator of organizations [org1, org2], and cannot be deactivated");
        deactivate(createUser.getLogin());
    }

    @Test
    public void administrators_can_be_deactivated_if_there_are_still_other_administrators() throws Exception {
        UserDto createUser = createUser();
        UserDto createUser2 = createUser();
        this.db.users().insertPermissionOnUser(createUser, "admin");
        this.db.users().insertPermissionOnUser(createUser2, "admin");
        this.db.commit();
        logInAsSystemAdministrator();
        deactivate(createUser.getLogin());
        verifyThatUserIsDeactivated(createUser.getLogin());
        verifyThatUserExists(createUser2.getLogin());
    }

    private UserDto createUser() {
        return insertUser(UserTesting.newUserDto());
    }

    private UserDto insertUser(UserDto userDto) {
        userDto.setCreatedAt(Long.valueOf(this.system2.now())).setUpdatedAt(Long.valueOf(this.system2.now()));
        this.dbClient.userDao().insert(this.dbSession, userDto);
        this.dbClient.userTokenDao().insert(this.dbSession, UserTokenTesting.newUserToken().setLogin(userDto.getLogin()));
        this.dbClient.propertiesDao().saveProperty(this.dbSession, new PropertyDto().setUserId(userDto.getId()).setKey(FooIndexDefinition.FOO_TYPE).setValue("bar"));
        this.dbSession.commit();
        this.userIndexer.index();
        return userDto;
    }

    private void logInAsSystemAdministrator() {
        this.userSession.logIn().setSystemAdministrator();
    }

    private TestResponse deactivate(String str) {
        return this.ws.newRequest().setMethod("POST").setParam("login", str).execute();
    }

    private void verifyThatUserExists(String str) {
        Assertions.assertThat(this.db.users().selectUserByLogin(str)).isPresent();
    }

    private void verifyThatUserIsDeactivated(String str) {
        Optional selectUserByLogin = this.db.users().selectUserByLogin(str);
        Assertions.assertThat(selectUserByLogin).isPresent();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).isActive()).isFalse();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).getEmail()).isNull();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).getScmAccountsAsList()).isEmpty();
    }
}
