package org.sonar.server.user.ws;

import java.util.Collections;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.organization.OrganizationTesting;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.property.PropertyDto;
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.property.PropertyTesting;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.db.user.UserTokenTesting;
import org.sonar.server.es.EsTester;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.permission.index.FooIndexDefinition;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.index.UserIndex;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.user.index.UserIndexer;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import org.sonar.test.JsonAssert;

/* loaded from: input_file:org/sonar/server/user/ws/DeactivateActionTest.class */
public class DeactivateActionTest {
    private System2 system2 = AlwaysIncreasingSystem2.INSTANCE;

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public DbTester db = DbTester.create(this.system2);

    @Rule
    public EsTester esTester = new EsTester(new UserIndexDefinition(new MapSettings().asConfig()));

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();
    private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(this.db);
    private UserIndex index = new UserIndex(this.esTester.client());
    private DbClient dbClient = this.db.getDbClient();
    private UserIndexer userIndexer = new UserIndexer(this.dbClient, this.esTester.client());
    private DbSession dbSession = this.db.getSession();
    private WsActionTester ws = new WsActionTester(new DeactivateAction(this.dbClient, this.userIndexer, this.userSession, new UserJsonWriter(this.userSession), this.defaultOrganizationProvider));

    @Test
    public void deactivate_user_and_delete_his_related_data() {
        UserDto insertUser = insertUser(UserTesting.newUserDto().setLogin("ada.lovelace").setEmail("ada.lovelace@noteg.com").setName("Ada Lovelace").setScmAccounts(Collections.singletonList("al")));
        logInAsSystemAdministrator();
        deactivate(insertUser.getLogin()).getInput();
        verifyThatUserIsDeactivated(insertUser.getLogin());
        Assertions.assertThat(this.index.getNullableByLogin(insertUser.getLogin()).active()).isFalse();
    }

    @Test
    public void deactivate_user_deletes_his_group_membership() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        GroupDto insertGroup = this.db.users().insertGroup();
        this.db.users().insertGroup();
        this.db.users().insertMember(insertGroup, insertUser);
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().groupMembershipDao().selectGroupIdsByUserId(this.dbSession, insertUser.getId().intValue())).isEmpty();
    }

    @Test
    public void deactivate_user_deletes_his_tokens() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        this.db.getDbClient().userTokenDao().insert(this.dbSession, UserTokenTesting.newUserToken().setLogin(insertUser.getLogin()));
        this.db.getDbClient().userTokenDao().insert(this.dbSession, UserTokenTesting.newUserToken().setLogin(insertUser.getLogin()));
        this.db.commit();
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().userTokenDao().selectByLogin(this.dbSession, insertUser.getLogin())).isEmpty();
    }

    @Test
    public void deactivate_user_deletes_his_properties() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        this.db.properties().insertProperty(PropertyTesting.newUserPropertyDto(insertUser));
        this.db.properties().insertProperty(PropertyTesting.newUserPropertyDto(insertUser));
        this.db.properties().insertProperty(PropertyTesting.newUserPropertyDto(insertUser).setResourceId(insertPrivateProject.getId()));
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setUserId(insertUser.getId()).build(), this.dbSession)).isEmpty();
        Assertions.assertThat(this.db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setUserId(insertUser.getId()).setComponentId(insertPrivateProject.getId()).build(), this.dbSession)).isEmpty();
    }

    @Test
    public void deactivate_user_deletes_his_permissions() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        this.db.users().insertPermissionOnUser(insertUser, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnUser(insertUser, OrganizationPermission.ADMINISTER_QUALITY_PROFILES);
        this.db.users().insertProjectPermissionOnUser(insertUser, "user", insertPrivateProject);
        this.db.users().insertProjectPermissionOnUser(insertUser, "codeviewer", insertPrivateProject);
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().userPermissionDao().selectGlobalPermissionsOfUser(this.dbSession, insertUser.getId().intValue(), this.db.getDefaultOrganization().getUuid())).isEmpty();
        Assertions.assertThat(this.db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(this.dbSession, insertUser.getId().intValue(), insertPrivateProject.getId().longValue())).isEmpty();
    }

    @Test
    public void deactivate_user_deletes_his_permission_templates() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        PermissionTemplateDto insertTemplate = this.db.permissionTemplates().insertTemplate();
        PermissionTemplateDto insertTemplate2 = this.db.permissionTemplates().insertTemplate();
        this.db.permissionTemplates().addUserToTemplate(insertTemplate.getId().longValue(), insertUser.getId().intValue(), "user");
        this.db.permissionTemplates().addUserToTemplate(insertTemplate2.getId().longValue(), insertUser.getId().intValue(), "codeviewer");
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().permissionTemplateDao().selectUserPermissionsByTemplateId(this.dbSession, insertTemplate.getId().longValue())).extracting((v0) -> {
            return v0.getUserId();
        }).isEmpty();
        Assertions.assertThat(this.db.getDbClient().permissionTemplateDao().selectUserPermissionsByTemplateId(this.dbSession, insertTemplate2.getId().longValue())).extracting((v0) -> {
            return v0.getUserId();
        }).isEmpty();
    }

    @Test
    public void deactivate_user_deletes_his_default_assignee_settings() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        ComponentDto insertPrivateProject2 = this.db.components().insertPrivateProject();
        this.db.properties().insertProperty(new PropertyDto().setKey("sonar.issues.defaultAssigneeLogin").setValue(insertUser.getLogin()).setResourceId(insertPrivateProject.getId()));
        this.db.properties().insertProperty(new PropertyDto().setKey("sonar.issues.defaultAssigneeLogin").setValue(insertUser.getLogin()).setResourceId(insertPrivateProject2.getId()));
        this.db.properties().insertProperty(new PropertyDto().setKey("other").setValue(insertUser.getLogin()).setResourceId(insertPrivateProject2.getId()));
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setKey("sonar.issues.defaultAssigneeLogin").build(), this.db.getSession())).isEmpty();
        Assertions.assertThat(this.db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().build(), this.db.getSession())).extracting((v0) -> {
            return v0.getKey();
        }).containsOnly(new String[]{"other"});
    }

    @Test
    public void deactivate_user_deletes_his_organization_membership() {
        logInAsSystemAdministrator();
        UserDto insertUser = insertUser(UserTesting.newUserDto());
        OrganizationDto insert = this.db.organizations().insert();
        this.db.organizations().addMember(insert, insertUser);
        OrganizationDto insert2 = this.db.organizations().insert();
        this.db.organizations().addMember(insert2, insertUser);
        deactivate(insertUser.getLogin()).getInput();
        Assertions.assertThat(this.dbClient.organizationMemberDao().select(this.db.getSession(), insert.getUuid(), insertUser.getId().intValue())).isNotPresent();
        Assertions.assertThat(this.dbClient.organizationMemberDao().select(this.db.getSession(), insert2.getUuid(), insertUser.getId().intValue())).isNotPresent();
    }

    @Test
    public void cannot_deactivate_self() {
        UserDto createUser = createUser();
        this.userSession.logIn(createUser.getLogin()).setSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Self-deactivation is not possible");
        deactivate(createUser.getLogin());
        verifyThatUserExists(createUser.getLogin());
    }

    @Test
    public void deactivation_requires_to_be_logged_in() {
        this.expectedException.expect(UnauthorizedException.class);
        this.expectedException.expectMessage("Authentication is required");
        deactivate("someone");
    }

    @Test
    public void deactivation_requires_administrator_permission() {
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        this.expectedException.expectMessage("Insufficient privileges");
        deactivate("someone");
    }

    @Test
    public void fail_if_user_does_not_exist() {
        logInAsSystemAdministrator();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User 'someone' doesn't exist");
        deactivate("someone");
    }

    @Test
    public void fail_if_login_is_blank() {
        logInAsSystemAdministrator();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User '' doesn't exist");
        deactivate("");
    }

    @Test
    public void fail_to_deactivate_last_administrator_of_default_organization() {
        UserDto createUser = createUser();
        this.db.users().insertPermissionOnUser(createUser, OrganizationPermission.ADMINISTER);
        logInAsSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("User is last administrator, and cannot be deactivated");
        deactivate(createUser.getLogin());
    }

    @Test
    public void fail_to_deactivate_last_administrator_of_organization() {
        UserDto insertUser = insertUser(UserTesting.newUserDto().setLogin(WsActionTester.CONTROLLER_KEY));
        OrganizationDto insert = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org1"));
        OrganizationDto insert2 = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org2"));
        OrganizationDto insert3 = this.db.organizations().insert(OrganizationTesting.newOrganizationDto().setKey("org3"));
        this.db.users().insertPermissionOnUser(insert, insertUser, "admin");
        this.db.users().insertPermissionOnUser(insert2, insertUser, "admin");
        this.db.users().insertPermissionOnUser(insert3, insertUser, "admin");
        this.db.users().insertPermissionOnUser(insert3, createUser(), "admin");
        logInAsSystemAdministrator();
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("User 'test' is last administrator of organizations [org1, org2], and cannot be deactivated");
        deactivate(insertUser.getLogin());
    }

    @Test
    public void administrators_can_be_deactivated_if_there_are_still_other_administrators() {
        UserDto createUser = createUser();
        UserDto createUser2 = createUser();
        this.db.users().insertPermissionOnUser(createUser, OrganizationPermission.ADMINISTER);
        this.db.users().insertPermissionOnUser(createUser2, OrganizationPermission.ADMINISTER);
        this.db.commit();
        logInAsSystemAdministrator();
        deactivate(createUser.getLogin());
        verifyThatUserIsDeactivated(createUser.getLogin());
        verifyThatUserExists(createUser2.getLogin());
    }

    @Test
    public void test_definition() {
        Assertions.assertThat(this.ws.getDef().isPost()).isTrue();
        Assertions.assertThat(this.ws.getDef().isInternal()).isFalse();
        Assertions.assertThat(this.ws.getDef().params()).hasSize(1);
    }

    @Test
    public void test_example() throws Exception {
        UserDto insertUser = insertUser(UserTesting.newUserDto().setLogin("ada.lovelace").setEmail("ada.lovelace@noteg.com").setName("Ada Lovelace").setLocal(true).setScmAccounts(Collections.singletonList("al")));
        logInAsSystemAdministrator();
        JsonAssert.assertJson(deactivate(insertUser.getLogin()).getInput()).isSimilarTo(this.ws.getDef().responseExampleAsString());
    }

    private UserDto createUser() {
        return insertUser(UserTesting.newUserDto());
    }

    private UserDto insertUser(UserDto userDto) {
        this.dbClient.userDao().insert(this.dbSession, userDto);
        this.dbClient.userTokenDao().insert(this.dbSession, UserTokenTesting.newUserToken().setLogin(userDto.getLogin()));
        this.dbClient.propertiesDao().saveProperty(this.dbSession, new PropertyDto().setUserId(userDto.getId()).setKey(FooIndexDefinition.FOO_TYPE).setValue("bar"));
        this.userIndexer.commitAndIndex(this.dbSession, userDto);
        return userDto;
    }

    private void logInAsSystemAdministrator() {
        this.userSession.logIn().setSystemAdministrator();
    }

    private TestResponse deactivate(String str) {
        return this.ws.newRequest().setMethod("POST").setParam("login", str).execute();
    }

    private void verifyThatUserExists(String str) {
        Assertions.assertThat(this.db.users().selectUserByLogin(str)).isPresent();
    }

    private void verifyThatUserIsDeactivated(String str) {
        Optional selectUserByLogin = this.db.users().selectUserByLogin(str);
        Assertions.assertThat(selectUserByLogin).isPresent();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).isActive()).isFalse();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).getEmail()).isNull();
        Assertions.assertThat(((UserDto) selectUserByLogin.get()).getScmAccountsAsList()).isEmpty();
    }
}
