package org.sonar.server.permission.ws;

import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.GroupTesting;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.i18n.I18nRule;
import org.sonar.test.JsonAssert;
import org.sonarqube.ws.Permissions;

/* loaded from: input_file:org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.class */
public class SearchGlobalPermissionsActionTest extends BasePermissionWsTest<SearchGlobalPermissionsAction> {
    private I18nRule i18n = new I18nRule();

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.server.permission.ws.BasePermissionWsTest
    public SearchGlobalPermissionsAction buildWsAction() {
        return new SearchGlobalPermissionsAction(this.db.getDbClient(), this.userSession, this.i18n, newPermissionWsSupport());
    }

    @Before
    public void setUp() {
        initI18nMessages();
    }

    @Test
    public void search_in_organization() {
        OrganizationDto insert = this.db.organizations().insert();
        loginAsAdmin(insert, new OrganizationDto[0]);
        GroupDto insertGroup = this.db.users().insertGroup(newGroup(insert, "sonar-admins", "Administrators"));
        GroupDto insertGroup2 = this.db.users().insertGroup(newGroup(insert, "sonar-users", "Users"));
        this.db.users().insertPermissionOnAnyone(insert, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnGroup(insertGroup2, OrganizationPermission.SCAN);
        this.db.users().insertPermissionOnGroup(insertGroup2, "provisioning");
        this.db.users().insertPermissionOnGroup(insertGroup, OrganizationPermission.ADMINISTER);
        UserDto insertUser = this.db.users().insertUser(newUserDto("user", "user-name"));
        UserDto insertUser2 = this.db.users().insertUser(newUserDto("admin", "admin-name"));
        this.db.organizations().addMember(insert, new UserDto[]{insertUser});
        this.db.organizations().addMember(insert, new UserDto[]{insertUser2});
        this.db.users().insertPermissionOnUser(insert, insertUser, OrganizationPermission.PROVISION_PROJECTS);
        this.db.users().insertPermissionOnUser(insert, insertUser, OrganizationPermission.ADMINISTER_QUALITY_PROFILES);
        this.db.users().insertPermissionOnUser(insert, insertUser2, OrganizationPermission.ADMINISTER_QUALITY_PROFILES);
        this.db.users().insertPermissionOnUser(insert, insertUser, OrganizationPermission.ADMINISTER_QUALITY_GATES);
        this.db.users().insertPermissionOnUser(insert, insertUser2, OrganizationPermission.ADMINISTER_QUALITY_GATES);
        this.db.users().insertPermissionOnUser(this.db.getDefaultOrganization(), insertUser2, OrganizationPermission.ADMINISTER_QUALITY_GATES);
        JsonAssert.assertJson(newRequest().setParam("organization", insert.getKey()).execute().getInput()).isSimilarTo(getClass().getResource("search_global_permissions-example.json"));
    }

    @Test
    public void search_in_default_organization_by_default() {
        OrganizationDto insert = this.db.organizations().insert();
        loginAsAdmin(insert, this.db.getDefaultOrganization());
        UserDto insertUser = this.db.users().insertUser();
        this.db.users().insertPermissionOnUser(this.db.getDefaultOrganization(), insertUser, OrganizationPermission.SCAN);
        this.db.organizations().addMember(this.db.getDefaultOrganization(), new UserDto[]{insertUser});
        this.db.users().insertPermissionOnUser(insert, insertUser, OrganizationPermission.ADMINISTER_QUALITY_GATES);
        this.db.organizations().addMember(insert, new UserDto[]{insertUser});
        Permissions.WsSearchGlobalPermissionsResponse executeProtobuf = newRequest().executeProtobuf(Permissions.WsSearchGlobalPermissionsResponse.class);
        Assertions.assertThat(executeProtobuf.getPermissionsCount()).isEqualTo(GlobalPermissions.ALL.size());
        for (Permissions.Permission permission : executeProtobuf.getPermissionsList()) {
            if (permission.getKey().equals("scan")) {
                Assertions.assertThat(permission.getUsersCount()).isEqualTo(1);
            } else {
                Assertions.assertThat(permission.getUsersCount()).isEqualTo(0);
            }
        }
    }

    @Test
    public void supports_protobuf_response() {
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        Assertions.assertThat(newRequest().executeProtobuf(Permissions.WsSearchGlobalPermissionsResponse.class)).isNotNull();
    }

    @Test
    public void fail_if_not_admin_of_default_organization() {
        this.userSession.logIn();
        this.expectedException.expect(ForbiddenException.class);
        newRequest().execute();
    }

    @Test
    public void fail_if_not_admin_of_specified_organization() {
        OrganizationDto insert = this.db.organizations().insert();
        loginAsAdmin(this.db.getDefaultOrganization(), new OrganizationDto[0]);
        this.expectedException.expect(ForbiddenException.class);
        newRequest().setParam("organization", insert.getKey()).execute();
    }

    @Test
    public void fail_if_not_logged_in() {
        this.userSession.anonymous();
        this.expectedException.expect(UnauthorizedException.class);
        newRequest().execute();
    }

    @Test
    public void fail_if_organization_does_not_exist() {
        this.expectedException.expect(NotFoundException.class);
        newRequest().setParam("organization", "does_not_exist").execute();
    }

    private void initI18nMessages() {
        this.i18n.put("global_permissions.admin", "Administer System");
        this.i18n.put("global_permissions.admin.desc", "Ability to perform all administration functions for the instance: global configuration and personalization of default dashboards.");
        this.i18n.put("global_permissions.profileadmin", "Administer Quality Profiles");
        this.i18n.put("global_permissions.profileadmin.desc", "Ability to perform any action on the quality profiles.");
        this.i18n.put("global_permissions.gateadmin", "Administer Quality Gates");
        this.i18n.put("global_permissions.gateadmin.desc", "Ability to perform any action on the quality gates.");
        this.i18n.put("global_permissions.scan", "Execute Analysis");
        this.i18n.put("global_permissions.scan.desc", "Ability to execute analyses, and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on.");
        this.i18n.put("global_permissions.provisioning", "Create Projects");
        this.i18n.put("global_permissions.provisioning.desc", "Ability to initialize project structure before first analysis.");
    }

    private static UserDto newUserDto(String str, String str2) {
        return UserTesting.newUserDto().setLogin(str).setName(str2).setActive(true);
    }

    private static GroupDto newGroup(OrganizationDto organizationDto, String str, String str2) {
        return GroupTesting.newGroupDto().setName(str).setDescription(str2).setOrganizationUuid(organizationDto.getUuid());
    }
}
