package org.jolokia.server.core.restrictor;

import java.io.InputStream;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import org.jolokia.server.core.restrictor.policy.PolicyRestrictor;
import org.jolokia.server.core.util.HttpMethod;
import org.jolokia.server.core.util.RequestType;
import org.testng.Assert;
import org.testng.AssertJUnit;
import org.testng.annotations.Test;

/* loaded from: input_file:org/jolokia/server/core/restrictor/PolicyBasedRestrictorTest.class */
public class PolicyBasedRestrictorTest {
    @Test
    public void basics() throws MalformedObjectNameException {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample1.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "Verbose"));
        Assert.assertFalse(policyRestrictor.isAttributeWriteAllowed(new ObjectName("java.lang:type=Memory"), "Verbose"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Memory"), "gc"));
        Assert.assertFalse(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Threading"), "gc"));
        AssertJUnit.assertTrue(policyRestrictor.isHttpMethodAllowed(HttpMethod.POST));
        Assert.assertFalse(policyRestrictor.isHttpMethodAllowed(HttpMethod.GET));
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Test
    public void restrictIp() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample1.xml"));
        for (Object[] objArr : new String[]{new String[]{"11.0.18.32", "true"}, new String[]{"planck", "true"}, new String[]{"heisenberg", "false"}, new String[]{"10.0.11.125", "true"}, new String[]{"10.0.11.126", "false"}, new String[]{"11.1.18.32", "false"}, new String[]{"192.168.15.3", "true"}, new String[]{"192.168.15.8", "true"}, new String[]{"192.168.16.3", "false"}}) {
            AssertJUnit.assertEquals("Ip " + objArr[0] + " is " + (objArr[1].equals("false") ? "not " : "") + "allowed", objArr[1], policyRestrictor.isRemoteAccessAllowed(new String[]{objArr[0]}) ? "true" : "false");
        }
    }

    @Test
    public void patterns() throws MalformedObjectNameException {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample2.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("jolokia:type=Config,name=Bla"), "Debug"));
        Assert.assertFalse(policyRestrictor.isOperationAllowed(new ObjectName("jolokia:type=Threading"), "gc"));
        AssertJUnit.assertTrue(policyRestrictor.isRemoteAccessAllowed(new String[]{"10.0.1.125"}));
    }

    @Test
    public void noRestrictions() throws MalformedObjectNameException {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample3.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("jolokia:type=Config,name=Bla"), "Debug"));
        AssertJUnit.assertTrue(policyRestrictor.isOperationAllowed(new ObjectName("jolokia:type=Threading"), "gc"));
        AssertJUnit.assertTrue(policyRestrictor.isTypeAllowed(RequestType.READ));
        AssertJUnit.assertTrue(policyRestrictor.isHttpMethodAllowed(HttpMethod.GET));
        AssertJUnit.assertTrue(policyRestrictor.isHttpMethodAllowed(HttpMethod.POST));
    }

    @Test
    public void deny() throws MalformedObjectNameException {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample4.xml"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeWriteAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeWriteAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "BlaUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("jolokia:type=Config"), "Debug"));
        Assert.assertFalse(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Blubber,name=x"), "gc"));
        AssertJUnit.assertTrue(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Blubber,name=x"), "xavier"));
    }

    @Test
    public void allow() throws MalformedObjectNameException {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample5.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeWriteAllowed(new ObjectName("java.lang:type=Memory"), "HeapMemoryUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeWriteAllowed(new ObjectName("java.lang:type=Memory"), "NonHeapMemoryUsage"));
        Assert.assertFalse(policyRestrictor.isAttributeReadAllowed(new ObjectName("java.lang:type=Memory"), "BlaUsage"));
        AssertJUnit.assertTrue(policyRestrictor.isAttributeReadAllowed(new ObjectName("jolokia:type=Config"), "Debug"));
        AssertJUnit.assertTrue(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Blubber,name=x"), "gc"));
        Assert.assertFalse(policyRestrictor.isOperationAllowed(new ObjectName("java.lang:type=Blubber,name=x"), "xavier"));
    }

    @Test
    public void illegalXml() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal1.xml"));
            Assert.fail("Could parse illegal file");
        } catch (SecurityException e) {
        }
        try {
            new PolicyRestrictor((InputStream) null);
            Assert.fail("No file given");
        } catch (SecurityException e2) {
        }
    }

    @Test
    public void noName() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal2.xml"));
            Assert.fail("Could parse illegal file");
        } catch (SecurityException e) {
            AssertJUnit.assertTrue(e.getMessage().contains("name"));
        }
    }

    @Test
    public void invalidTag() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal3.xml"));
            Assert.fail("Could parse illegal file");
        } catch (SecurityException e) {
            AssertJUnit.assertTrue(e.getMessage().contains("name"));
            AssertJUnit.assertTrue(e.getMessage().contains("attribute"));
            AssertJUnit.assertTrue(e.getMessage().contains("operation"));
            AssertJUnit.assertTrue(e.getMessage().contains("bla"));
        }
    }

    @Test
    public void doubleName() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal4.xml"));
            Assert.fail("Could parse illegal file");
        } catch (SecurityException e) {
            AssertJUnit.assertTrue(e.getMessage().contains("name"));
        }
    }

    @Test
    public void httpMethod() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/method.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isHttpMethodAllowed(HttpMethod.GET));
        AssertJUnit.assertTrue(policyRestrictor.isHttpMethodAllowed(HttpMethod.POST));
    }

    @Test
    public void illegalHttpMethod() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal5.xml"));
            Assert.fail();
        } catch (SecurityException e) {
            AssertJUnit.assertTrue(e.getMessage().contains("BLA"));
        }
    }

    @Test
    public void illegalHttpMethodTag() {
        try {
            new PolicyRestrictor(getClass().getResourceAsStream("/illegal6.xml"));
            Assert.fail();
        } catch (SecurityException e) {
            AssertJUnit.assertTrue(e.getMessage().contains("method"));
            AssertJUnit.assertTrue(e.getMessage().contains("blubber"));
        }
    }

    @Test
    public void cors() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/allow-origin4.xml"));
        for (boolean z : new boolean[]{true, false}) {
            AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://bla.com", z));
            Assert.assertFalse(policyRestrictor.isOriginAllowed("http://www.jolokia.org", z));
            AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("https://www.consol.de", z));
        }
    }

    @Test
    public void corsStrictCheckingOff() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/allow-origin1.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://bla.com", true));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.jolokia.org", true));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("https://www.consol.de", true));
    }

    @Test
    public void corsWildCard() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/allow-origin2.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://bla.com", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.jolokia.org", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.consol.de", false));
    }

    @Test
    public void corsEmpty() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/allow-origin3.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://bla.com", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.jolokia.org", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.consol.de", false));
    }

    @Test
    public void corsNoTags() {
        PolicyRestrictor policyRestrictor = new PolicyRestrictor(getClass().getResourceAsStream("/access-sample1.xml"));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://bla.com", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("http://www.jolokia.org", false));
        AssertJUnit.assertTrue(policyRestrictor.isOriginAllowed("https://www.consol.de", false));
    }
}
