package org.sonar.server.organization.ws;

import java.util.Arrays;
import java.util.HashSet;
import java.util.function.Function;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.assertj.core.groups.Tuple;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.api.server.ws.WebService;
import org.sonar.core.util.Protobuf;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.property.PropertyDto;
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.es.EsTester;
import org.sonar.server.es.SearchOptions;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.index.UserIndex;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.user.index.UserIndexer;
import org.sonar.server.user.index.UserQuery;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;

/* loaded from: input_file:org/sonar/server/organization/ws/RemoveMemberActionTest.class */
public class RemoveMemberActionTest {

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();

    @Rule
    public EsTester es = new EsTester(new UserIndexDefinition(new MapSettings().asConfig()));

    @Rule
    public DbTester db = DbTester.create();
    private DbClient dbClient = this.db.getDbClient();
    private DbSession dbSession = this.db.getSession();
    private UserIndex userIndex = new UserIndex(this.es.client());
    private UserIndexer userIndexer = new UserIndexer(this.dbClient, this.es.client());
    private WsActionTester ws = new WsActionTester(new RemoveMemberAction(this.dbClient, this.userSession, this.userIndexer));
    private OrganizationDto organization;
    private ComponentDto project;
    private UserDto user;

    @Before
    public void setUp() {
        this.organization = this.db.organizations().insert();
        this.project = this.db.components().insertPrivateProject(this.organization);
        this.user = this.db.users().insertUser();
        this.db.organizations().addMember(this.organization, this.user);
        this.db.organizations().addMember(this.organization, this.db.users().insertAdminByUserPermission(this.organization));
        this.userIndexer.indexOnStartup(new HashSet());
    }

    @Test
    public void definition() {
        WebService.Action def = this.ws.getDef();
        Assertions.assertThat(def.key()).isEqualTo("remove_member");
        Assertions.assertThat(def.since()).isEqualTo("6.4");
        Assertions.assertThat(def.isPost()).isTrue();
        Assertions.assertThat(def.isInternal()).isTrue();
        Assertions.assertThat(def.params()).extracting((v0) -> {
            return v0.key();
        }).containsOnly(new String[]{"organization", "login"});
        Assertions.assertThat(def.param("organization").isRequired()).isTrue();
        Assertions.assertThat(def.param("login").isRequired()).isTrue();
    }

    @Test
    public void no_content_http_204_returned() {
        TestResponse call = call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(call.getStatus()).isEqualTo(204);
        Assertions.assertThat(call.getInput()).isEmpty();
    }

    @Test
    public void remove_member_from_db_and_user_index() {
        assertMember(this.organization.getUuid(), this.user);
        call(this.organization.getKey(), this.user.getLogin());
        assertNotAMember(this.organization.getUuid(), this.user);
    }

    @Test
    public void remove_organization_permissions() {
        UserDto insertUser = this.db.users().insertUser();
        OrganizationDto insert = this.db.organizations().insert();
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(insert);
        assertMember(this.organization.getUuid(), this.user);
        this.db.users().insertPermissionOnUser(this.organization, this.user, OrganizationPermission.ADMINISTER);
        this.db.users().insertPermissionOnUser(this.organization, this.user, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnUser(insert, this.user, OrganizationPermission.ADMINISTER);
        this.db.users().insertPermissionOnUser(insert, this.user, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnUser(this.organization, insertUser, OrganizationPermission.ADMINISTER);
        this.db.users().insertPermissionOnUser(this.organization, insertUser, OrganizationPermission.SCAN);
        this.db.users().insertProjectPermissionOnUser(this.user, "codeviewer", this.project);
        this.db.users().insertProjectPermissionOnUser(this.user, "user", this.project);
        this.db.users().insertProjectPermissionOnUser(this.user, "codeviewer", insertPrivateProject);
        this.db.users().insertProjectPermissionOnUser(this.user, "user", insertPrivateProject);
        this.db.users().insertProjectPermissionOnUser(insertUser, "codeviewer", this.project);
        this.db.users().insertProjectPermissionOnUser(insertUser, "user", this.project);
        call(this.organization.getKey(), this.user.getLogin());
        assertNotAMember(this.organization.getUuid(), this.user);
        assertOrgPermissionsOfUser(this.user, this.organization, new OrganizationPermission[0]);
        assertOrgPermissionsOfUser(this.user, insert, OrganizationPermission.ADMINISTER, OrganizationPermission.SCAN);
        assertOrgPermissionsOfUser(insertUser, this.organization, OrganizationPermission.ADMINISTER, OrganizationPermission.SCAN);
        assertProjectPermissionsOfUser(this.user, this.project, new String[0]);
        assertProjectPermissionsOfUser(this.user, insertPrivateProject, "codeviewer", "user");
        assertProjectPermissionsOfUser(insertUser, this.project, "codeviewer", "user");
    }

    @Test
    public void remove_template_permissions() {
        OrganizationDto insert = this.db.organizations().insert();
        UserDto insertUser = this.db.users().insertUser();
        PermissionTemplateDto insertTemplate = this.db.permissionTemplates().insertTemplate(this.organization);
        PermissionTemplateDto insertTemplate2 = this.db.permissionTemplates().insertTemplate(insert);
        this.db.permissionTemplates().addUserToTemplate(insertTemplate.getId().longValue(), this.user.getId().intValue(), "PERMISSION");
        this.db.permissionTemplates().addUserToTemplate(insertTemplate.getId().longValue(), insertUser.getId().intValue(), "PERMISSION");
        this.db.permissionTemplates().addUserToTemplate(insertTemplate2.getId().longValue(), this.user.getId().intValue(), "PERMISSION");
        call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(this.dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(this.dbSession, insertTemplate.getId().longValue())).extracting((v0) -> {
            return v0.getUserId();
        }).containsOnly(new Integer[]{insertUser.getId()});
        Assertions.assertThat(this.dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(this.dbSession, insertTemplate2.getId().longValue())).extracting((v0) -> {
            return v0.getUserId();
        }).containsOnly(new Integer[]{this.user.getId()});
    }

    @Test
    public void remove_from_organization_groups() {
        OrganizationDto insert = this.db.organizations().insert();
        UserDto insertUser = this.db.users().insertUser();
        GroupDto insertGroup = this.db.users().insertGroup(this.organization);
        GroupDto insertGroup2 = this.db.users().insertGroup(insert);
        this.db.users().insertMembers(insertGroup, new UserDto[]{this.user, insertUser});
        this.db.users().insertMembers(insertGroup2, new UserDto[]{this.user, insertUser});
        call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(this.dbClient.groupMembershipDao().selectGroupIdsByUserId(this.dbSession, this.user.getId().intValue())).containsOnly(new Integer[]{insertGroup2.getId()});
        Assertions.assertThat(this.dbClient.groupMembershipDao().selectGroupIdsByUserId(this.dbSession, insertUser.getId().intValue())).containsOnly(new Integer[]{insertGroup.getId(), insertGroup2.getId()});
    }

    @Test
    public void remove_from_default_organization_group() {
        this.db.users().insertMember(this.db.users().insertDefaultGroup(this.organization, "default"), this.user);
        call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(this.dbClient.groupMembershipDao().selectGroupIdsByUserId(this.dbSession, this.user.getId().intValue())).isEmpty();
    }

    @Test
    public void remove_from_org_properties() {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(this.db.organizations().insert());
        UserDto insertUser = this.db.users().insertUser();
        insertProperty("KEY_11", "VALUE", this.project.getId(), this.user.getId());
        insertProperty("KEY_12", "VALUE", this.project.getId(), this.user.getId());
        insertProperty("KEY_11", "VALUE", this.project.getId(), insertUser.getId());
        insertProperty("KEY_11", "VALUE", insertPrivateProject.getId(), this.user.getId());
        call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(this.dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentId(this.project.getId()).build(), this.dbSession)).hasSize(1).extracting((v0) -> {
            return v0.getUserId();
        }).containsOnly(new Integer[]{insertUser.getId()});
        Assertions.assertThat(this.dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentId(insertPrivateProject.getId()).build(), this.dbSession)).extracting((v0) -> {
            return v0.getUserId();
        }).hasSize(1).containsOnly(new Integer[]{this.user.getId()});
    }

    @Test
    public void remove_from_default_assignee_properties() {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(this.db.organizations().insert());
        UserDto insertUser = this.db.users().insertUser();
        insertProperty("sonar.issues.defaultAssigneeLogin", this.user.getLogin(), this.project.getId(), null);
        insertProperty("ANOTHER_KEY", this.user.getLogin(), this.project.getId(), null);
        insertProperty("sonar.issues.defaultAssigneeLogin", insertUser.getLogin(), this.project.getId(), null);
        insertProperty("sonar.issues.defaultAssigneeLogin", this.user.getLogin(), insertPrivateProject.getId(), null);
        call(this.organization.getKey(), this.user.getLogin());
        Assertions.assertThat(this.dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentId(this.project.getId()).build(), this.dbSession)).hasSize(2).extracting(new Function[]{(v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        }}).containsOnly(new Tuple[]{Tuple.tuple(new Object[]{"ANOTHER_KEY", this.user.getLogin()}), Tuple.tuple(new Object[]{"sonar.issues.defaultAssigneeLogin", insertUser.getLogin()})});
        Assertions.assertThat(this.dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentId(insertPrivateProject.getId()).build(), this.dbSession)).extracting((v0) -> {
            return v0.getValue();
        }).hasSize(1).containsOnly(new String[]{this.user.getLogin()});
    }

    @Test
    public void user_is_removed_only_from_designated_organization() {
        OrganizationDto insert = this.db.organizations().insert();
        this.db.organizations().addMember(insert, this.user);
        call(this.organization.getKey(), this.user.getLogin());
        assertMember(insert.getUuid(), this.user);
    }

    @Test
    public void remove_member_as_organization_admin() {
        this.userSession.logIn().addPermission(OrganizationPermission.ADMINISTER, this.organization);
        call(this.organization.getKey(), this.user.getLogin());
        assertNotAMember(this.organization.getUuid(), this.user);
    }

    @Test
    public void do_not_fail_if_user_already_removed_from_organization() {
        call(this.organization.getKey(), this.user.getLogin());
        call(this.organization.getKey(), this.user.getLogin());
    }

    @Test
    public void fail_if_login_does_not_exist() {
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User 'login-42' is not found");
        call(this.organization.getKey(), "login-42");
    }

    @Test
    public void fail_if_organization_does_not_exist() {
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("Organization 'org-42' is not found");
        call("org-42", this.user.getLogin());
    }

    @Test
    public void fail_if_no_login_provided() {
        this.expectedException.expect(IllegalArgumentException.class);
        call(this.organization.getKey(), null);
    }

    @Test
    public void fail_if_no_organization_provided() {
        this.expectedException.expect(IllegalArgumentException.class);
        call(null, this.user.getLogin());
    }

    @Test
    public void fail_if_insufficient_permissions() {
        this.userSession.logIn().addPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, this.organization);
        this.expectedException.expect(ForbiddenException.class);
        call(this.organization.getKey(), this.user.getLogin());
    }

    @Test
    public void remove_org_admin_is_allowed_when_another_org_admin_exists() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        UserDto insertAdminByUserPermission = this.db.users().insertAdminByUserPermission(insert);
        this.db.organizations().addMember(insert, insertAdminByUserPermission);
        UserDto insertAdminByUserPermission2 = this.db.users().insertAdminByUserPermission(insert);
        this.db.organizations().addMember(insert, insertAdminByUserPermission2);
        this.userIndexer.commitAndIndex(this.db.getSession(), Arrays.asList(insertAdminByUserPermission, insertAdminByUserPermission2));
        call(insert.getKey(), insertAdminByUserPermission.getLogin());
        assertNotAMember(insert.getUuid(), insertAdminByUserPermission);
        assertMember(insert.getUuid(), insertAdminByUserPermission2);
    }

    @Test
    public void fail_to_remove_last_organization_admin() {
        OrganizationDto insert = this.db.organizations().insert();
        UserDto insertAdminByUserPermission = this.db.users().insertAdminByUserPermission(insert);
        this.db.organizations().addMember(insert, insertAdminByUserPermission);
        this.db.organizations().addMember(insert, this.db.users().insertUser());
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("The last administrator member cannot be removed");
        call(insert.getKey(), insertAdminByUserPermission.getLogin());
    }

    private TestResponse call(@Nullable String str, @Nullable String str2) {
        TestRequest newRequest = this.ws.newRequest();
        Protobuf.setNullable(str, str3 -> {
            return newRequest.setParam("organization", str3);
        });
        Protobuf.setNullable(str2, str4 -> {
            return newRequest.setParam("login", str4);
        });
        return newRequest.execute();
    }

    private void assertNotAMember(String str, UserDto userDto) {
        Assertions.assertThat(this.dbClient.organizationMemberDao().select(this.dbSession, str, userDto.getId().intValue())).isNotPresent();
        Assertions.assertThat(this.userIndex.search(UserQuery.builder().setOrganizationUuid(str).setTextQuery(userDto.getLogin()).build(), new SearchOptions()).getDocs()).isEmpty();
    }

    private void assertMember(String str, UserDto userDto) {
        Assertions.assertThat(this.dbClient.organizationMemberDao().select(this.dbSession, str, userDto.getId().intValue())).isPresent();
        Assertions.assertThat(this.userIndex.getNullableByLogin(userDto.getLogin()).organizationUuids()).contains(new String[]{str});
    }

    private void assertOrgPermissionsOfUser(UserDto userDto, OrganizationDto organizationDto, OrganizationPermission... organizationPermissionArr) {
        Assertions.assertThat(this.dbClient.userPermissionDao().selectGlobalPermissionsOfUser(this.dbSession, userDto.getId().intValue(), organizationDto.getUuid()).stream().map(OrganizationPermission::fromKey)).containsOnly(organizationPermissionArr);
    }

    private void assertProjectPermissionsOfUser(UserDto userDto, ComponentDto componentDto, String... strArr) {
        Assertions.assertThat(this.dbClient.userPermissionDao().selectProjectPermissionsOfUser(this.dbSession, userDto.getId().intValue(), componentDto.getId().longValue())).containsOnly(strArr);
    }

    private void insertProperty(String str, @Nullable String str2, @Nullable Long l, @Nullable Integer num) {
        this.db.properties().insertProperty(new PropertyDto().setKey(str).setResourceId(l == null ? null : l).setUserId(num == null ? null : num).setValue(str2));
    }
}
