package org.sonar.server.usertoken.ws;

import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.user.UserTokenDto;
import org.sonar.db.user.UserTokenTesting;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.permission.index.FooIndexDefinition;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;

/* loaded from: input_file:org/sonar/server/usertoken/ws/RevokeActionTest.class */
public class RevokeActionTest {
    private static final String GRACE_HOPPER = "grace.hopper";
    private static final String ADA_LOVELACE = "ada.lovelace";
    private static final String TOKEN_NAME = "token-name";

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private DbClient dbClient = this.db.getDbClient();
    private final DbSession dbSession = this.db.getSession();
    private WsActionTester ws;

    @Before
    public void setUp() {
        this.ws = new WsActionTester(new RevokeAction(this.dbClient, this.userSession));
    }

    @Test
    public void delete_token_in_db() {
        logInAsSystemAdministrator();
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName("token-to-delete"));
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName("token-to-keep-1"));
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName("token-to-keep-2"));
        insertUserToken(UserTokenTesting.newUserToken().setLogin(ADA_LOVELACE).setName("token-to-delete"));
        Assertions.assertThat(newRequest(GRACE_HOPPER, "token-to-delete")).isEmpty();
        Assertions.assertThat(this.dbClient.userTokenDao().selectByLogin(this.dbSession, GRACE_HOPPER)).extracting(FooIndexDefinition.FIELD_NAME).containsOnly(new Object[]{"token-to-keep-1", "token-to-keep-2"});
        Assertions.assertThat(this.dbClient.userTokenDao().selectByLogin(this.dbSession, ADA_LOVELACE)).extracting(FooIndexDefinition.FIELD_NAME).containsOnly(new Object[]{"token-to-delete"});
    }

    @Test
    public void user_can_delete_its_own_tokens() {
        this.userSession.logIn(GRACE_HOPPER);
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName("token-to-delete"));
        Assertions.assertThat(newRequest(null, "token-to-delete")).isEmpty();
        Assertions.assertThat(this.dbClient.userTokenDao().selectByLogin(this.dbSession, GRACE_HOPPER)).isEmpty();
    }

    @Test
    public void does_not_fail_when_incorrect_login_or_name() {
        logInAsSystemAdministrator();
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName(TOKEN_NAME));
        newRequest(ADA_LOVELACE, "another-token-name");
    }

    @Test
    public void throw_ForbiddenException_if_non_administrator_revokes_token_of_someone_else() {
        this.userSession.logIn();
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName(TOKEN_NAME));
        this.expectedException.expect(ForbiddenException.class);
        newRequest(GRACE_HOPPER, TOKEN_NAME);
    }

    @Test
    public void throw_UnauthorizedException_if_not_logged_in() {
        this.userSession.anonymous();
        insertUserToken(UserTokenTesting.newUserToken().setLogin(GRACE_HOPPER).setName(TOKEN_NAME));
        this.expectedException.expect(UnauthorizedException.class);
        newRequest(GRACE_HOPPER, TOKEN_NAME);
    }

    private String newRequest(@Nullable String str, String str2) {
        TestRequest param = this.ws.newRequest().setParam(FooIndexDefinition.FIELD_NAME, str2);
        if (str != null) {
            param.setParam("login", str);
        }
        return param.execute().getInput();
    }

    private void insertUserToken(UserTokenDto userTokenDto) {
        this.dbClient.userTokenDao().insert(this.dbSession, userTokenDto);
        this.dbSession.commit();
    }

    private void logInAsSystemAdministrator() {
        this.userSession.logIn().setSystemAdministrator();
    }
}
