package org.sonar.server.user.ws;

import java.util.Collections;
import java.util.HashSet;
import java.util.Optional;
import java.util.function.Function;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.ArgumentCaptor;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.core.util.Protobuf;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.es.EsTester;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.organization.OrganizationCreation;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.organization.TestOrganizationFlags;
import org.sonar.server.permission.index.FooIndexDefinition;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.NewUserNotifier;
import org.sonar.server.user.UserUpdater;
import org.sonar.server.user.index.UserDoc;
import org.sonar.server.user.index.UserIndex;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.user.index.UserIndexer;
import org.sonar.server.usergroups.DefaultGroupFinder;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
import org.sonarqube.ws.WsUsers;
import org.sonarqube.ws.client.user.CreateRequest;

/* loaded from: input_file:org/sonar/server/user/ws/CreateActionTest.class */
public class CreateActionTest {
    private static final String DEFAULT_GROUP_NAME = "sonar-users";
    private GroupDto defaultGroupInDefaultOrg;
    private MapSettings settings = new MapSettings();
    private System2 system2 = new AlwaysIncreasingSystem2();

    @Rule
    public DbTester db = DbTester.create(this.system2);

    @Rule
    public EsTester esTester = new EsTester(new UserIndexDefinition(this.settings.asConfig()));

    @Rule
    public UserSessionRule userSessionRule = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private UserIndex index = new UserIndex(this.esTester.client());
    private UserIndexer userIndexer = new UserIndexer(this.db.getDbClient(), this.esTester.client());
    private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(this.db);
    private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
    private OrganizationCreation organizationCreation = (OrganizationCreation) Mockito.mock(OrganizationCreation.class);
    private WsActionTester tester = new WsActionTester(new CreateAction(this.db.getDbClient(), new UserUpdater((NewUserNotifier) Mockito.mock(NewUserNotifier.class), this.db.getDbClient(), this.userIndexer, this.organizationFlags, this.defaultOrganizationProvider, this.organizationCreation, new DefaultGroupFinder(this.db.getDbClient()), this.settings.asConfig()), this.userSessionRule));

    @Before
    public void setUp() {
        this.defaultGroupInDefaultOrg = this.db.users().insertDefaultGroup(this.db.getDefaultOrganization(), DEFAULT_GROUP_NAME);
    }

    @Test
    public void create_user() throws Exception {
        logInAsSystemAdministrator();
        Assertions.assertThat(call(CreateRequest.builder().setLogin("john").setName("John").setEmail("john@email.com").setScmAccounts(Collections.singletonList("jn")).setPassword("1234").build()).getUser()).extracting(new Function[]{(v0) -> {
            return v0.getLogin();
        }, (v0) -> {
            return v0.getName();
        }, (v0) -> {
            return v0.getEmail();
        }, (v0) -> {
            return v0.getScmAccountsList();
        }, (v0) -> {
            return v0.getLocal();
        }}).containsOnly(new Object[]{"john", "John", "john@email.com", Collections.singletonList("jn"), true});
        UserDoc nullableByLogin = this.index.getNullableByLogin("john");
        Assertions.assertThat(nullableByLogin.login()).isEqualTo("john");
        Assertions.assertThat(nullableByLogin.name()).isEqualTo("John");
        Assertions.assertThat(nullableByLogin.email()).isEqualTo("john@email.com");
        Assertions.assertThat(nullableByLogin.scmAccounts()).containsOnly(new String[]{"jn"});
        Optional selectUserByLogin = this.db.users().selectUserByLogin("john");
        Assertions.assertThat(selectUserByLogin).isPresent();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).isRoot()).isFalse();
        Assertions.assertThat(this.db.users().selectGroupIdsOfUser((UserDto) selectUserByLogin.get())).containsOnly(new Integer[]{this.defaultGroupInDefaultOrg.getId()});
    }

    @Test
    public void create_user_calls_create_personal_organization_if_personal_organizations_are_enabled() throws Exception {
        logInAsSystemAdministrator();
        enableCreatePersonalOrg(true);
        assertACallToOrganizationCreationWhenUserIsCreated();
    }

    @Test
    public void create_user_calls_create_personal_organization_if_personal_organizations_are_disabled() throws Exception {
        logInAsSystemAdministrator();
        enableCreatePersonalOrg(false);
        assertACallToOrganizationCreationWhenUserIsCreated();
    }

    @Test
    public void create_user_associates_him_to_default_organization() throws Exception {
        logInAsSystemAdministrator();
        enableCreatePersonalOrg(true);
        call(CreateRequest.builder().setLogin("john").setName("John").setPassword("1234").build());
        Optional selectUserByLogin = this.db.users().selectUserByLogin("john");
        Assertions.assertThat(selectUserByLogin).isPresent();
        Assertions.assertThat(this.db.getDbClient().organizationMemberDao().select(this.db.getSession(), this.defaultOrganizationProvider.get().getUuid(), ((UserDto) selectUserByLogin.get()).getId().intValue())).isPresent();
    }

    @Test
    public void create_local_user() throws Exception {
        logInAsSystemAdministrator();
        call(CreateRequest.builder().setLogin("john").setName("John").setPassword("1234").setLocal(true).build());
        Assertions.assertThat(this.db.users().selectUserByLogin("john").get()).extracting(new Function[]{(v0) -> {
            return v0.isLocal();
        }, (v0) -> {
            return v0.getExternalIdentityProvider();
        }, (v0) -> {
            return v0.getExternalIdentity();
        }, (v0) -> {
            return v0.isRoot();
        }}).containsOnly(new Object[]{true, "sonarqube", "john", false});
    }

    @Test
    public void create_none_local_user() throws Exception {
        logInAsSystemAdministrator();
        call(CreateRequest.builder().setLogin("john").setName("John").setLocal(false).build());
        Assertions.assertThat(this.db.users().selectUserByLogin("john").get()).extracting(new Function[]{(v0) -> {
            return v0.isLocal();
        }, (v0) -> {
            return v0.getExternalIdentityProvider();
        }, (v0) -> {
            return v0.getExternalIdentity();
        }, (v0) -> {
            return v0.isRoot();
        }}).containsOnly(new Object[]{false, "sonarqube", "john", false});
    }

    @Test
    public void create_user_with_comma_in_scm_account() throws Exception {
        logInAsSystemAdministrator();
        Assertions.assertThat(call(CreateRequest.builder().setLogin("john").setName("John").setEmail("john@email.com").setScmAccounts(Collections.singletonList("j,n")).setPassword("1234").build()).getUser().getScmAccountsList()).containsOnly(new String[]{"j,n"});
    }

    @Test
    public void create_user_with_deprecated_scmAccounts_parameter() throws Exception {
        logInAsSystemAdministrator();
        this.tester.newRequest().setParam("login", "john").setParam(FooIndexDefinition.FIELD_NAME, "John").setParam("password", "1234").setParam("scmAccounts", "jn").execute();
        Assertions.assertThat(((UserDto) this.db.users().selectUserByLogin("john").get()).getScmAccountsAsList()).containsOnly(new String[]{"jn"});
    }

    @Test
    public void create_user_with_deprecated_scm_accounts_parameter() throws Exception {
        logInAsSystemAdministrator();
        this.tester.newRequest().setParam("login", "john").setParam(FooIndexDefinition.FIELD_NAME, "John").setParam("password", "1234").setParam("scm_accounts", "jn").execute();
        Assertions.assertThat(((UserDto) this.db.users().selectUserByLogin("john").get()).getScmAccountsAsList()).containsOnly(new String[]{"jn"});
    }

    @Test
    public void reactivate_user() throws Exception {
        logInAsSystemAdministrator();
        this.db.users().insertUser(UserTesting.newUserDto("john", "John", "john@email.com").setActive(false));
        this.userIndexer.indexOnStartup(new HashSet());
        call(CreateRequest.builder().setLogin("john").setName("John").setEmail("john@email.com").setScmAccounts(Collections.singletonList("jn")).setPassword("1234").build());
        Assertions.assertThat(((UserDto) this.db.users().selectUserByLogin("john").get()).isActive()).isTrue();
    }

    @Test
    public void fail_when_missing_login() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Login is mandatory and must not be empty");
        call(CreateRequest.builder().setLogin((String) null).setName("John").setPassword("1234").build());
    }

    @Test
    public void fail_when_missing_name() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Name is mandatory and must not be empty");
        call(CreateRequest.builder().setLogin("john").setName((String) null).setPassword("1234").build());
    }

    @Test
    public void fail_when_missing_password() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Password is mandatory and must not be empty");
        call(CreateRequest.builder().setLogin("john").setName("John").setPassword((String) null).build());
    }

    @Test
    public void fail_when_password_is_set_on_none_local_user() throws Exception {
        logInAsSystemAdministrator();
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Password should only be set on local user");
        call(CreateRequest.builder().setLogin("john").setName("John").setPassword("1234").setLocal(false).build());
    }

    @Test
    public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
        this.userSessionRule.logIn().setNonSystemAdministrator();
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("");
        this.expectedException.expect(ForbiddenException.class);
        executeRequest("john");
    }

    private void setDefaultGroupProperty(GroupDto groupDto) {
        this.settings.setProperty("sonar.defaultGroup", groupDto.getName());
    }

    private WsUsers.CreateWsResponse executeRequest(String str) throws Exception {
        return call(CreateRequest.builder().setLogin(str).setName("name of " + str).setEmail(str + "@email.com").setScmAccounts(Collections.singletonList(str.substring(0, 2))).setPassword("pwd_" + str).build());
    }

    private void assertACallToOrganizationCreationWhenUserIsCreated() {
        call(CreateRequest.builder().setLogin("john").setName("John").setPassword("1234").build());
        Optional selectUserByLogin = this.db.users().selectUserByLogin("john");
        Assertions.assertThat(selectUserByLogin).isPresent();
        ArgumentCaptor forClass = ArgumentCaptor.forClass(UserDto.class);
        ((OrganizationCreation) Mockito.verify(this.organizationCreation)).createForUser((DbSession) Matchers.any(DbSession.class), (UserDto) forClass.capture());
        Assertions.assertThat(((UserDto) forClass.getValue()).getId()).isEqualTo(((UserDto) selectUserByLogin.get()).getId());
    }

    private void logInAsSystemAdministrator() {
        this.userSessionRule.logIn().setSystemAdministrator();
    }

    private WsUsers.CreateWsResponse call(CreateRequest createRequest) {
        TestRequest newRequest = this.tester.newRequest();
        Protobuf.setNullable(createRequest.getLogin(), str -> {
            return newRequest.setParam("login", str);
        });
        Protobuf.setNullable(createRequest.getName(), str2 -> {
            return newRequest.setParam(FooIndexDefinition.FIELD_NAME, str2);
        });
        Protobuf.setNullable(createRequest.getEmail(), str3 -> {
            return newRequest.setParam("email", str3);
        });
        Protobuf.setNullable(createRequest.getPassword(), str4 -> {
            return newRequest.setParam("password", str4);
        });
        Protobuf.setNullable(createRequest.getScmAccounts(), list -> {
            return newRequest.setMultiParam("scmAccount", list);
        });
        newRequest.setParam("local", createRequest.isLocal() ? "true" : "false");
        return newRequest.executeProtobuf(WsUsers.CreateWsResponse.class);
    }

    private void enableCreatePersonalOrg(boolean z) {
        this.settings.setProperty("sonar.organizations.createPersonalOrg", Boolean.valueOf(z));
    }
}
