package org.sonar.server.permission.ws.template;

import java.util.List;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.Mockito;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.i18n.I18nRule;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.permission.index.PermissionIndexer;
import org.sonar.server.permission.ws.BasePermissionWsTest;

/* loaded from: input_file:org/sonar/server/permission/ws/template/BulkApplyTemplateActionTest.class */
public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyTemplateAction> {
    private UserDto user1;
    private UserDto user2;
    private GroupDto group1;
    private GroupDto group2;
    private OrganizationDto organization;
    private PermissionTemplateDto template1;
    private PermissionTemplateDto template2;

    @Rule
    public DefaultTemplatesResolverRule defaultTemplatesResolver = DefaultTemplatesResolverRule.withoutGovernance();
    private PermissionIndexer issuePermissionIndexer = (PermissionIndexer) Mockito.mock(PermissionIndexer.class);

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.server.permission.ws.BasePermissionWsTest
    public BulkApplyTemplateAction buildWsAction() {
        return new BulkApplyTemplateAction(this.db.getDbClient(), this.userSession, new PermissionTemplateService(this.db.getDbClient(), this.issuePermissionIndexer, this.userSession, this.defaultTemplatesResolver), newPermissionWsSupport(), new I18nRule(), newRootResourceTypes());
    }

    @Before
    public void setUp() {
        this.organization = this.db.organizations().insert();
        this.user1 = this.db.users().insertUser();
        this.user2 = this.db.users().insertUser();
        this.group1 = this.db.users().insertGroup(this.organization);
        this.group2 = this.db.users().insertGroup(this.organization);
        this.db.organizations().addMember(this.organization, this.user1);
        this.db.organizations().addMember(this.organization, this.user2);
        this.template1 = this.db.permissionTemplates().insertTemplate(this.organization);
        addUserToTemplate(this.user1, this.template1, "codeviewer");
        addUserToTemplate(this.user2, this.template1, "issueadmin");
        addGroupToTemplate(this.group1, this.template1, "admin");
        addGroupToTemplate(this.group2, this.template1, "user");
        this.template2 = this.db.permissionTemplates().insertTemplate(this.organization);
        addUserToTemplate(this.user1, this.template2, "user");
        addUserToTemplate(this.user2, this.template2, "user");
        addGroupToTemplate(this.group1, this.template2, "user");
        addGroupToTemplate(this.group2, this.template2, "user");
    }

    @Test
    public void bulk_apply_template_by_template_uuid() throws Exception {
        this.db.components().insertPrivateProject(this.db.organizations().insert());
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(this.organization);
        ComponentDto insertPublicProject = this.db.components().insertPublicProject(this.organization);
        ComponentDto insertView = this.db.components().insertView(this.organization);
        loginAsAdmin(this.organization, new OrganizationDto[0]);
        newRequest().setParam("templateId", this.template1.getUuid()).execute();
        assertTemplate1AppliedToPrivateProject(insertPrivateProject);
        assertTemplate1AppliedToPublicProject(insertPublicProject);
        assertTemplate1AppliedToPublicProject(insertView);
    }

    @Test
    public void request_throws_NotFoundException_if_template_with_specified_name_does_not_exist_in_specified_organization() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        loginAsAdmin(insert, new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("Permission template with name '" + this.template1.getName() + "' is not found (case insensitive) in organization with key '" + insert.getKey() + "'");
        newRequest().setParam("organization", insert.getKey()).setParam("templateName", this.template1.getName()).execute();
    }

    @Test
    public void bulk_apply_template_by_template_name() throws Exception {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(this.organization);
        ComponentDto insertPublicProject = this.db.components().insertPublicProject(this.organization);
        loginAsAdmin(this.organization, new OrganizationDto[0]);
        newRequest().setParam("organization", this.organization.getKey()).setParam("templateName", this.template1.getName()).execute();
        assertTemplate1AppliedToPrivateProject(insertPrivateProject);
        assertTemplate1AppliedToPublicProject(insertPublicProject);
    }

    @Test
    public void apply_template_by_qualifier() throws Exception {
        ComponentDto insertPublicProject = this.db.components().insertPublicProject(this.organization);
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(this.organization);
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newView(this.organization));
        loginAsAdmin(this.organization, new OrganizationDto[0]);
        newRequest().setParam("templateId", this.template1.getUuid()).setParam("qualifier", insertPrivateProject.qualifier()).execute();
        assertTemplate1AppliedToPrivateProject(insertPrivateProject);
        assertTemplate1AppliedToPublicProject(insertPublicProject);
        assertNoPermissionOnProject(insertComponent);
    }

    @Test
    public void apply_template_by_query_on_name_and_key_public_project() throws Exception {
        ComponentDto key = ComponentTesting.newPublicProjectDto(this.organization).setKey("sonar");
        this.db.components().insertProjectAndSnapshot(key);
        ComponentDto name = ComponentTesting.newPublicProjectDto(this.organization).setName("name-sonar-name");
        this.db.components().insertProjectAndSnapshot(name);
        ComponentDto name2 = ComponentTesting.newPublicProjectDto(this.organization).setKey("new-sonar").setName("project-name");
        this.db.components().insertProjectAndSnapshot(name2);
        loginAsAdmin(this.organization, new OrganizationDto[0]);
        newRequest().setParam("templateId", this.template1.getUuid()).setParam("q", "sonar").execute();
        assertTemplate1AppliedToPublicProject(key);
        assertTemplate1AppliedToPublicProject(name);
        assertNoPermissionOnProject(name2);
    }

    @Test
    public void apply_template_by_query_on_name_and_key() throws Exception {
        ComponentDto key = ComponentTesting.newPrivateProjectDto(this.organization).setKey("sonar");
        this.db.components().insertProjectAndSnapshot(key);
        ComponentDto name = ComponentTesting.newPrivateProjectDto(this.organization).setName("name-sonar-name");
        this.db.components().insertProjectAndSnapshot(name);
        ComponentDto name2 = ComponentTesting.newPublicProjectDto(this.organization).setKey("new-sonar").setName("project-name");
        this.db.components().insertProjectAndSnapshot(name2);
        loginAsAdmin(this.organization, new OrganizationDto[0]);
        newRequest().setParam("templateId", this.template1.getUuid()).setParam("q", "sonar").execute();
        assertTemplate1AppliedToPrivateProject(key);
        assertTemplate1AppliedToPrivateProject(name);
        assertNoPermissionOnProject(name2);
    }

    @Test
    public void fail_if_no_template_parameter() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Template name or template id must be provided, not both.");
        newRequest().execute();
    }

    @Test
    public void fail_if_template_name_is_incorrect() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
        newRequest().setParam("templateId", "unknown-template-uuid").execute();
    }

    private void assertTemplate1AppliedToPublicProject(ComponentDto componentDto) throws Exception {
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "admin")).containsExactly(new String[]{this.group1.getName()});
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "user")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "codeviewer")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "issueadmin")).containsExactly(new Integer[]{this.user2.getId()});
    }

    private void assertTemplate1AppliedToPrivateProject(ComponentDto componentDto) throws Exception {
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "admin")).containsExactly(new String[]{this.group1.getName()});
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "user")).containsExactly(new String[]{this.group2.getName()});
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "codeviewer")).containsExactly(new Integer[]{this.user1.getId()});
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "issueadmin")).containsExactly(new Integer[]{this.user2.getId()});
    }

    private void assertNoPermissionOnProject(ComponentDto componentDto) throws Exception {
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "codeviewer")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "issueadmin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionGroups(componentDto, "user")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "admin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "codeviewer")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "issueadmin")).isEmpty();
        Assertions.assertThat(selectProjectPermissionUsers(componentDto, "user")).isEmpty();
    }

    private void addUserToTemplate(UserDto userDto, PermissionTemplateDto permissionTemplateDto, String str) {
        this.db.getDbClient().permissionTemplateDao().insertUserPermission(this.db.getSession(), permissionTemplateDto.getId(), userDto.getId(), str);
        this.db.commit();
    }

    private void addGroupToTemplate(GroupDto groupDto, PermissionTemplateDto permissionTemplateDto, String str) {
        this.db.getDbClient().permissionTemplateDao().insertGroupPermission(this.db.getSession(), permissionTemplateDto.getId().longValue(), groupDto.getId(), str);
        this.db.commit();
    }

    private List<String> selectProjectPermissionGroups(ComponentDto componentDto, String str) {
        return this.db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(this.db.getSession(), PermissionQuery.builder().setOrganizationUuid(componentDto.getOrganizationUuid()).setPermission(str).setComponentUuid(componentDto.uuid()).build());
    }

    private List<Integer> selectProjectPermissionUsers(ComponentDto componentDto, String str) {
        return this.db.getDbClient().userPermissionDao().selectUserIds(this.db.getSession(), PermissionQuery.builder().setOrganizationUuid(componentDto.getOrganizationUuid()).setPermission(str).setComponentUuid(componentDto.uuid()).build());
    }
}
