package org.sonar.server.permission.ws.template;

import java.util.List;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.permission.ws.BasePermissionWsTest;
import org.sonar.server.ws.TestRequest;

/* loaded from: input_file:org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.class */
public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToTemplateAction> {
    private UserDto user;
    private PermissionTemplateDto permissionTemplate;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.server.permission.ws.BasePermissionWsTest
    public AddUserToTemplateAction buildWsAction() {
        return new AddUserToTemplateAction(this.db.getDbClient(), newPermissionWsSupport(), this.userSession);
    }

    @Before
    public void setUp() {
        this.user = this.db.users().insertUser("user-login");
        this.db.organizations().addMember(this.db.getDefaultOrganization(), this.user);
        this.permissionTemplate = this.db.permissionTemplates().insertTemplate(this.db.getDefaultOrganization());
    }

    @Test
    public void add_user_to_template() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), "codeviewer");
        Assertions.assertThat(getLoginsInTemplateAndPermission(this.permissionTemplate, "codeviewer")).containsExactly(new String[]{this.user.getLogin()});
    }

    @Test
    public void add_user_to_template_by_name() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "codeviewer").setParam("templateName", this.permissionTemplate.getName().toUpperCase()).execute();
        Assertions.assertThat(getLoginsInTemplateAndPermission(this.permissionTemplate, "codeviewer")).containsExactly(new String[]{this.user.getLogin()});
    }

    @Test
    public void add_user_to_template_by_name_and_organization() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        PermissionTemplateDto insertTemplate = this.db.permissionTemplates().insertTemplate(insert);
        addUserAsMemberOfOrganization(insert);
        loginAsAdmin(insert, new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "codeviewer").setParam("templateName", insertTemplate.getName().toUpperCase()).setParam("organization", insert.getKey()).execute();
        Assertions.assertThat(getLoginsInTemplateAndPermission(insertTemplate, "codeviewer")).containsExactly(new String[]{this.user.getLogin()});
    }

    @Test
    public void does_not_add_a_user_twice() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), "issueadmin");
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), "issueadmin");
        Assertions.assertThat(getLoginsInTemplateAndPermission(this.permissionTemplate, "issueadmin")).containsExactly(new String[]{this.user.getLogin()});
    }

    @Test
    public void fail_if_not_a_project_permission() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), "provisioning");
    }

    @Test
    public void fail_if_not_admin_of_default_organization() throws Exception {
        this.userSession.logIn().addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, this.db.getDefaultOrganization());
        this.expectedException.expect(ForbiddenException.class);
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), "codeviewer");
    }

    @Test
    public void fail_if_user_missing() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        newRequest(null, this.permissionTemplate.getUuid(), "codeviewer");
    }

    @Test
    public void fail_if_permission_missing() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        newRequest(this.user.getLogin(), this.permissionTemplate.getUuid(), null);
    }

    @Test
    public void fail_if_template_uuid_and_name_are_missing() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        newRequest(this.user.getLogin(), null, "codeviewer");
    }

    @Test
    public void fail_if_user_does_not_exist() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User with login 'unknown-login' is not found");
        newRequest("unknown-login", this.permissionTemplate.getUuid(), "codeviewer");
    }

    @Test
    public void fail_if_template_key_does_not_exist() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
        newRequest(this.user.getLogin(), "unknown-key", "codeviewer");
    }

    @Test
    public void fail_if_organization_does_not_exist() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("No organization with key 'Unknown'");
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "codeviewer").setParam("templateName", this.permissionTemplate.getName().toUpperCase()).setParam("organization", "Unknown").execute();
    }

    @Test
    public void fail_to_add_permission_when_user_is_not_member_of_given_organization() throws Exception {
        addUserAsMemberOfOrganization(this.db.organizations().insert());
        OrganizationDto insert = this.db.organizations().insert(organizationDto -> {
            organizationDto.setKey("Organization key");
        });
        PermissionTemplateDto insertTemplate = this.db.permissionTemplates().insertTemplate(insert);
        loginAsAdmin(insert, new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("User 'user-login' is not member of organization 'Organization key'");
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "codeviewer").setParam("templateName", insertTemplate.getName().toUpperCase()).setParam("organization", insert.getKey()).execute();
    }

    private void newRequest(@Nullable String str, @Nullable String str2, @Nullable String str3) throws Exception {
        TestRequest newRequest = newRequest();
        if (str != null) {
            newRequest.setParam("login", str);
        }
        if (str2 != null) {
            newRequest.setParam("templateId", str2);
        }
        if (str3 != null) {
            newRequest.setParam("permission", str3);
        }
        newRequest.execute();
    }

    private List<String> getLoginsInTemplateAndPermission(PermissionTemplateDto permissionTemplateDto, String str) {
        return this.db.getDbClient().permissionTemplateDao().selectUserLoginsByQueryAndTemplate(this.db.getSession(), PermissionQuery.builder().setOrganizationUuid(permissionTemplateDto.getOrganizationUuid()).setPermission(str).build(), permissionTemplateDto.getId().longValue());
    }

    private void addUserAsMemberOfOrganization(OrganizationDto organizationDto) {
        this.db.organizations().addMember(organizationDto, this.user);
    }
}
