package org.sonar.server.permission.ws;

import java.util.function.Consumer;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.ServerException;

/* loaded from: input_file:org/sonar/server/permission/ws/AddUserActionTest.class */
public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
    private UserDto user;

    @Before
    public void setUp() {
        this.user = this.db.users().insertUser("ray.bradbury");
        this.db.organizations().addMember(this.db.getDefaultOrganization(), this.user);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.server.permission.ws.BasePermissionWsTest
    public AddUserAction buildWsAction() {
        return new AddUserAction(this.db.getDbClient(), this.userSession, newPermissionUpdater(), newPermissionWsSupport());
    }

    @Test
    public void add_permission_to_user_on_default_organization_if_organization_is_not_specified() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
        Assertions.assertThat(this.db.users().selectPermissionsOfUser(this.user, this.db.getDefaultOrganization())).containsOnly(new OrganizationPermission[]{OrganizationPermission.ADMINISTER});
    }

    @Test
    public void add_permission_to_user_on_specified_organization() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        addUserAsMemberOfOrganization(insert);
        loginAsAdmin(insert, new OrganizationDto[0]);
        newRequest().setParam("organization", insert.getKey()).setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
        Assertions.assertThat(this.db.users().selectPermissionsOfUser(this.user, insert)).containsOnly(new OrganizationPermission[]{OrganizationPermission.ADMINISTER});
    }

    @Test
    public void add_permission_to_project_referenced_by_its_id() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        addUserAsMemberOfOrganization(insert);
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject(insert);
        loginAsAdmin(insert, new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", insertPrivateProject.uuid()).setParam("permission", "admin").execute();
        Assertions.assertThat(this.db.users().selectPermissionsOfUser(this.user, insert)).isEmpty();
        Assertions.assertThat(this.db.users().selectProjectPermissionsOfUser(this.user, insertPrivateProject)).containsOnly(new String[]{"admin"});
    }

    @Test
    public void add_permission_to_project_referenced_by_its_key() throws Exception {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectKey", insertPrivateProject.getDbKey()).setParam("permission", "admin").execute();
        Assertions.assertThat(this.db.users().selectPermissionsOfUser(this.user, this.db.getDefaultOrganization())).isEmpty();
        Assertions.assertThat(this.db.users().selectProjectPermissionsOfUser(this.user, insertPrivateProject)).containsOnly(new String[]{"admin"});
    }

    @Test
    public void add_permission_to_view() throws Exception {
        ComponentDto insertComponent = this.db.components().insertComponent(ComponentTesting.newView(this.db.getDefaultOrganization(), "view-uuid").setDbKey("view-key"));
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", insertComponent.uuid()).setParam("permission", "admin").execute();
        Assertions.assertThat(this.db.users().selectPermissionsOfUser(this.user, this.db.getDefaultOrganization())).isEmpty();
        Assertions.assertThat(this.db.users().selectProjectPermissionsOfUser(this.user, insertComponent)).containsOnly(new String[]{"admin"});
    }

    @Test
    public void fail_when_project_uuid_is_unknown() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", "unknown-project-uuid").setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_component_is_a_module() throws Exception {
        failIfComponentIsNotAProjectOrView(this.db.components().insertComponent(ComponentTesting.newModuleDto(ComponentTesting.newPrivateProjectDto(this.db.organizations().insert()))));
    }

    @Test
    public void fail_when_component_is_a_directory() throws Exception {
        failIfComponentIsNotAProjectOrView(this.db.components().insertComponent(ComponentTesting.newDirectory(ComponentTesting.newPrivateProjectDto(this.db.organizations().insert()), "A/B")));
    }

    @Test
    public void fail_when_component_is_a_file() throws Exception {
        failIfComponentIsNotAProjectOrView(this.db.components().insertComponent(ComponentTesting.newFileDto(ComponentTesting.newPrivateProjectDto(this.db.organizations().insert()), (ComponentDto) null, "file-uuid")));
    }

    @Test
    public void fail_when_component_is_a_subview() throws Exception {
        failIfComponentIsNotAProjectOrView(this.db.components().insertComponent(ComponentTesting.newSubView(ComponentTesting.newView(this.db.organizations().insert()))));
    }

    private void failIfComponentIsNotAProjectOrView(ComponentDto componentDto) {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Component '" + componentDto.getDbKey() + "' (id: " + componentDto.uuid() + ") must be a project or a view.");
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", componentDto.uuid()).setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_project_permission_without_project() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "issueadmin").execute();
    }

    @Test
    public void fail_when_component_is_not_a_project() throws Exception {
        this.db.components().insertComponent(ComponentTesting.newFileDto(ComponentTesting.newPrivateProjectDto(this.db.organizations().insert(), "project-uuid"), (ComponentDto) null, "file-uuid"));
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", "file-uuid").setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_get_request() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(ServerException.class);
        newRequest().setMethod("GET").setParam("login", "george.orwell").setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_user_login_is_missing() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        newRequest().setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_permission_is_missing() throws Exception {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(NotFoundException.class);
        newRequest().setParam("login", "jrr.tolkien").execute();
    }

    @Test
    public void fail_when_project_uuid_and_project_key_are_provided() throws Exception {
        this.db.components().insertPrivateProject();
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(BadRequestException.class);
        this.expectedException.expectMessage("Project id or project key can be provided, not both.");
        newRequest().setParam("permission", "admin").setParam("login", this.user.getLogin()).setParam("projectId", "project-uuid").setParam("projectKey", "project-key").execute();
    }

    @Test
    public void adding_global_permission_fails_if_not_administrator_of_organization() throws Exception {
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
    }

    @Test
    public void adding_project_permission_fails_if_not_administrator_of_project() throws Exception {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        newRequest().setParam("login", this.user.getLogin()).setParam("permission", "admin").setParam("projectKey", insertPrivateProject.getDbKey()).execute();
    }

    @Test
    public void adding_project_permission_is_allowed_to_project_administrators() throws Exception {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        this.userSession.logIn().addProjectPermission("admin", insertPrivateProject);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectKey", insertPrivateProject.getDbKey()).setParam("permission", "issueadmin").execute();
        Assertions.assertThat(this.db.users().selectProjectPermissionsOfUser(this.user, insertPrivateProject)).containsOnly(new String[]{"issueadmin"});
    }

    @Test
    public void organization_parameter_must_not_be_set_on_project_permissions() {
        ComponentDto insertPrivateProject = this.db.components().insertPrivateProject();
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("Organization must not be set when project is set.");
        newRequest().setParam("login", this.user.getLogin()).setParam("projectKey", insertPrivateProject.getDbKey()).setParam("organization", "an_org").setParam("permission", "issueadmin").execute();
    }

    @Test
    public void fail_to_add_permission_when_user_is_not_member_of_given_organization() throws Exception {
        addUserAsMemberOfOrganization(this.db.organizations().insert());
        OrganizationDto insert = this.db.organizations().insert(organizationDto -> {
            organizationDto.setKey("Organization key");
        });
        loginAsAdmin(insert, new OrganizationDto[0]);
        this.expectedException.expect(IllegalArgumentException.class);
        this.expectedException.expectMessage("User 'ray.bradbury' is not member of organization 'Organization key'");
        newRequest().setParam("organization", insert.getKey()).setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
    }

    @Test
    public void no_effect_when_adding_USER_permission_on_a_public_project() {
        OrganizationDto insert = this.db.organizations().insert();
        ComponentDto insertPublicProject = this.db.components().insertPublicProject(insert);
        addUserAsMemberOfOrganization(insert);
        this.userSession.logIn().addProjectPermission("admin", insertPublicProject);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", insertPublicProject.uuid()).setParam("permission", "user").execute();
        Assertions.assertThat(this.db.users().selectAnyonePermissions(insert, insertPublicProject)).isEmpty();
    }

    @Test
    public void no_effect_when_adding_CODEVIEWER_permission_on_a_public_project() {
        OrganizationDto insert = this.db.organizations().insert();
        ComponentDto insertPublicProject = this.db.components().insertPublicProject(insert);
        addUserAsMemberOfOrganization(insert);
        this.userSession.logIn().addProjectPermission("admin", insertPublicProject);
        newRequest().setParam("login", this.user.getLogin()).setParam("projectId", insertPublicProject.uuid()).setParam("permission", "codeviewer").execute();
        Assertions.assertThat(this.db.users().selectAnyonePermissions(insert, insertPublicProject)).isEmpty();
    }

    @Test
    public void fail_when_using_branch_db_key() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        addUserAsMemberOfOrganization(insert);
        ComponentDto insertMainBranch = this.db.components().insertMainBranch(insert, new Consumer[0]);
        this.userSession.logIn().addProjectPermission("admin", insertMainBranch);
        ComponentDto insertProjectBranch = this.db.components().insertProjectBranch(insertMainBranch, new Consumer[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage(String.format("Project key '%s' not found", insertProjectBranch.getDbKey()));
        newRequest().setParam("organization", insert.getKey()).setParam("projectKey", insertProjectBranch.getDbKey()).setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
    }

    @Test
    public void fail_when_using_branch_uuid() throws Exception {
        OrganizationDto insert = this.db.organizations().insert();
        addUserAsMemberOfOrganization(insert);
        ComponentDto insertMainBranch = this.db.components().insertMainBranch(insert, new Consumer[0]);
        this.userSession.logIn().addProjectPermission("admin", insertMainBranch);
        ComponentDto insertProjectBranch = this.db.components().insertProjectBranch(insertMainBranch, new Consumer[0]);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage(String.format("Project id '%s' not found", insertProjectBranch.uuid()));
        newRequest().setParam("organization", insert.getKey()).setParam("projectId", insertProjectBranch.uuid()).setParam("login", this.user.getLogin()).setParam("permission", "admin").execute();
    }

    private void addUserAsMemberOfOrganization(OrganizationDto organizationDto) {
        this.db.organizations().addMember(organizationDto, this.user);
    }
}
