package org.sonar.server.permission.ws;

import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.user.GroupDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.test.JsonAssert;

/* loaded from: input_file:org/sonar/server/permission/ws/GroupsActionTest.class */
public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> {
    private GroupDto group1;
    private GroupDto group2;
    private GroupDto group3;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.server.permission.ws.BasePermissionWsTest
    public GroupsAction buildWsAction() {
        return new GroupsAction(this.db.getDbClient(), this.userSession, newPermissionWsSupport());
    }

    @Before
    public void setUp() {
        OrganizationDto defaultOrganization = this.db.getDefaultOrganization();
        this.group1 = this.db.users().insertGroup(defaultOrganization, "group-1-name");
        this.group2 = this.db.users().insertGroup(defaultOrganization, "group-2-name");
        this.group3 = this.db.users().insertGroup(defaultOrganization, "group-3-name");
        this.db.users().insertPermissionOnGroup(this.group1, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnGroup(this.group2, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnGroup(this.group3, OrganizationPermission.ADMINISTER);
        this.db.users().insertPermissionOnAnyone(defaultOrganization, OrganizationPermission.SCAN);
        this.db.commit();
    }

    @Test
    public void search_for_groups_with_one_permission() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        JsonAssert.assertJson(newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).execute().getInput()).isSimilarTo("{\n  \"paging\": {\n    \"pageIndex\": 1,\n    \"pageSize\": 20,\n    \"total\": 3\n  },\n  \"groups\": [\n    {\n      \"name\": \"Anyone\",\n      \"permissions\": [\n        \"scan\"\n      ]\n    },\n    {\n      \"name\": \"group-1-name\",\n      \"description\": \"" + this.group1.getDescription() + "\",\n      \"permissions\": [\n        \"scan\"\n      ]\n    },\n    {\n      \"name\": \"group-2-name\",\n      \"description\": \"" + this.group2.getDescription() + "\",\n      \"permissions\": [\n        \"scan\"\n      ]\n    }\n  ]\n}\n");
    }

    @Test
    public void search_with_selection() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).execute().getInput()).containsSequence(new CharSequence[]{"Anyone", "group-1", "group-2"});
    }

    @Test
    public void search_groups_with_pagination() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).setParam("ps", "1").setParam("p", "3").execute().getInput()).contains(new CharSequence[]{"group-2"}).doesNotContain("group-1").doesNotContain("group-3");
    }

    @Test
    public void search_groups_with_query() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).setParam("q", "group-").execute().getInput()).contains(new CharSequence[]{"group-1", "group-2"}).doesNotContain("Anyone");
    }

    @Test
    public void search_groups_with_project_permissions() throws Exception {
        OrganizationDto defaultOrganization = this.db.getDefaultOrganization();
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(defaultOrganization, "project-uuid"));
        GroupDto insertGroup = this.db.users().insertGroup(defaultOrganization, "project-group-name");
        this.db.users().insertProjectPermissionOnGroup(insertGroup, "issueadmin", insertComponent);
        ComponentDto insertComponent2 = this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(defaultOrganization));
        GroupDto insertGroup2 = this.db.users().insertGroup(defaultOrganization, "another-project-group-name");
        this.db.users().insertProjectPermissionOnGroup(insertGroup2, "issueadmin", insertComponent2);
        GroupDto insertGroup3 = this.db.users().insertGroup(defaultOrganization, "group-without-permission");
        this.userSession.logIn().addProjectPermission("admin", insertComponent);
        Assertions.assertThat(newRequest().setParam("permission", "issueadmin").setParam("projectId", "project-uuid").execute().getInput()).contains(new CharSequence[]{insertGroup.getName()}).doesNotContain(insertGroup2.getName()).doesNotContain(insertGroup3.getName());
    }

    @Test
    public void return_also_groups_without_permission_when_search_query() throws Exception {
        OrganizationDto defaultOrganization = this.db.getDefaultOrganization();
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(defaultOrganization, "project-uuid"));
        GroupDto insertGroup = this.db.users().insertGroup(defaultOrganization, "group-with-permission");
        this.db.users().insertProjectPermissionOnGroup(insertGroup, "issueadmin", insertComponent);
        GroupDto insertGroup2 = this.db.users().insertGroup(defaultOrganization, "group-without-permission");
        GroupDto insertGroup3 = this.db.users().insertGroup(defaultOrganization, "another-group");
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", "issueadmin").setParam("projectId", "project-uuid").setParam("q", "group-with").execute().getInput()).contains(new CharSequence[]{insertGroup.getName()}).doesNotContain(insertGroup2.getName()).doesNotContain(insertGroup3.getName());
    }

    @Test
    public void return_only_groups_with_permission_when_no_search_query() throws Exception {
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(this.db.getDefaultOrganization(), "project-uuid"));
        GroupDto insertGroup = this.db.users().insertGroup(this.db.getDefaultOrganization(), "project-group-name");
        this.db.users().insertProjectPermissionOnGroup(insertGroup, "issueadmin", insertComponent);
        GroupDto insertGroup2 = this.db.users().insertGroup(this.db.getDefaultOrganization(), "group-without-permission");
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", "issueadmin").setParam("projectId", insertComponent.uuid()).execute().getInput()).contains(new CharSequence[]{insertGroup.getName()}).doesNotContain(insertGroup2.getName());
    }

    @Test
    public void return_anyone_group_when_search_query_and_no_param_permission() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(insert, "project-uuid"));
        this.db.users().insertProjectPermissionOnGroup(this.db.users().insertGroup(insert, "group-with-permission"), "issueadmin", insertComponent);
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("projectId", insertComponent.uuid()).setParam("q", "nyo").execute().getInput()).contains(new CharSequence[]{"Anyone"});
    }

    @Test
    public void search_groups_on_views() throws Exception {
        this.db.users().insertProjectPermissionOnGroup(this.db.users().insertGroup(this.db.getDefaultOrganization(), "project-group-name"), "issueadmin", this.db.components().insertComponent(ComponentTesting.newView(this.db.getDefaultOrganization(), "view-uuid").setKey("view-key")));
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().setParam("permission", "issueadmin").setParam("projectId", "view-uuid").execute().getInput()).contains(new CharSequence[]{"project-group-name"}).doesNotContain("group-1").doesNotContain("group-2").doesNotContain("group-3");
    }

    @Test
    public void fail_if_not_logged_in() throws Exception {
        this.expectedException.expect(UnauthorizedException.class);
        this.userSession.anonymous();
        newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).execute();
    }

    @Test
    public void fail_if_insufficient_privileges() throws Exception {
        this.expectedException.expect(ForbiddenException.class);
        this.userSession.logIn("login");
        newRequest().setParam("permission", OrganizationPermission.SCAN.getKey()).execute();
    }

    @Test
    public void fail_if_project_uuid_and_project_key_are_provided() throws Exception {
        this.db.components().insertComponent(ComponentTesting.newPrivateProjectDto(this.db.organizations().insert(), "project-uuid").setKey("project-key"));
        this.expectedException.expect(BadRequestException.class);
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest().setParam("permission", "scan").setParam("projectId", "project-uuid").setParam("projectKey", "project-key").execute();
    }
}
