package org.sonar.server.usertoken.ws;

import java.util.function.Consumer;
import javax.annotation.Nullable;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTokenDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.permission.index.FooIndexDefinition;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;

/* loaded from: input_file:org/sonar/server/usertoken/ws/RevokeActionTest.class */
public class RevokeActionTest {

    @Rule
    public DbTester db = DbTester.create(System2.INSTANCE);

    @Rule
    public UserSessionRule userSession = UserSessionRule.standalone();

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private DbClient dbClient = this.db.getDbClient();
    private DbSession dbSession = this.db.getSession();
    private WsActionTester ws = new WsActionTester(new RevokeAction(this.dbClient, new UserTokenSupport(this.db.getDbClient(), this.userSession)));

    @Test
    public void delete_token_in_db() {
        logInAsSystemAdministrator();
        UserDto insertUser = this.db.users().insertUser();
        UserDto insertUser2 = this.db.users().insertUser();
        UserTokenDto insertToken = this.db.users().insertToken(insertUser, new Consumer[0]);
        UserTokenDto insertToken2 = this.db.users().insertToken(insertUser, new Consumer[0]);
        UserTokenDto insertToken3 = this.db.users().insertToken(insertUser, new Consumer[0]);
        UserTokenDto insertToken4 = this.db.users().insertToken(insertUser2, new Consumer[0]);
        Assertions.assertThat(newRequest(insertUser.getLogin(), insertToken.getName())).isEmpty();
        Assertions.assertThat(this.dbClient.userTokenDao().selectByUser(this.dbSession, insertUser)).extracting((v0) -> {
            return v0.getName();
        }).containsExactlyInAnyOrder(new String[]{insertToken2.getName(), insertToken3.getName()});
        Assertions.assertThat(this.dbClient.userTokenDao().selectByUser(this.dbSession, insertUser2)).extracting((v0) -> {
            return v0.getName();
        }).containsExactlyInAnyOrder(new String[]{insertToken4.getName()});
    }

    @Test
    public void user_can_delete_its_own_tokens() {
        UserDto insertUser = this.db.users().insertUser();
        UserTokenDto insertToken = this.db.users().insertToken(insertUser, new Consumer[0]);
        this.userSession.logIn(insertUser);
        Assertions.assertThat(newRequest(null, insertToken.getName())).isEmpty();
        Assertions.assertThat(this.dbClient.userTokenDao().selectByUser(this.dbSession, insertUser)).isEmpty();
    }

    @Test
    public void does_not_fail_when_incorrect_login_or_name() {
        UserDto insertUser = this.db.users().insertUser();
        this.db.users().insertToken(insertUser, new Consumer[0]);
        logInAsSystemAdministrator();
        newRequest(insertUser.getLogin(), "another-token-name");
    }

    @Test
    public void throw_ForbiddenException_if_non_administrator_revokes_token_of_someone_else() {
        UserDto insertUser = this.db.users().insertUser();
        UserTokenDto insertToken = this.db.users().insertToken(insertUser, new Consumer[0]);
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        newRequest(insertUser.getLogin(), insertToken.getName());
    }

    @Test
    public void throw_UnauthorizedException_if_not_logged_in() {
        UserDto insertUser = this.db.users().insertUser();
        UserTokenDto insertToken = this.db.users().insertToken(insertUser, new Consumer[0]);
        this.userSession.anonymous();
        this.expectedException.expect(UnauthorizedException.class);
        newRequest(insertUser.getLogin(), insertToken.getName());
    }

    @Test
    public void fail_if_login_does_not_exist() {
        logInAsSystemAdministrator();
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage("User with login 'unknown-login' doesn't exist");
        newRequest("unknown-login", "any-name");
    }

    private String newRequest(@Nullable String str, String str2) {
        TestRequest param = this.ws.newRequest().setParam(FooIndexDefinition.FIELD_NAME, str2);
        if (str != null) {
            param.setParam("login", str);
        }
        return param.execute().getInput();
    }

    private void logInAsSystemAdministrator() {
        this.userSession.logIn().setSystemAdministrator();
    }
}
