package com.atlassian.jira.webtests.ztests.bundledplugins2.rest;

import com.atlassian.jira.functest.framework.BaseJiraFuncTest;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.testkit.beans.UserDTO;
import com.atlassian.jira.testkit.client.restclient.ParsedResponse;
import com.atlassian.jira.util.json.JSONObject;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.client.UserPropertyClient;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.util.PropertyAssertions;
import com.google.common.collect.ImmutableMap;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;
import javax.ws.rs.core.Response;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Before;
import org.junit.Test;

@WebTest({Category.FUNC_TEST, Category.REST})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestUserPropertyResource.class */
public class TestUserPropertyResource extends BaseJiraFuncTest {
    private static AtomicInteger SEQ = new AtomicInteger(1);
    protected UserPropertyClient propertyClient;

    @Before
    public void setUp() {
        this.backdoor.restoreBlankInstance();
        this.backdoor.permissions().addGlobalPermission(27, "jira-developers");
        this.backdoor.usersAndGroups().addUserToGroup("fred", "jira-developers");
        this.propertyClient = new UserPropertyClient(this.environmentData);
    }

    @Test
    public void propertyCanBeSetAndRead() {
        this.propertyClient.put("admin", "myProperty", value(5));
        MatcherAssert.assertThat(this.propertyClient.get("admin", "myProperty").value, Matchers.equalTo(valueAsMap(5)));
    }

    @Test
    public void propertyCanBeRetrievedByUsernameAndByKeyAfterUsernameWasChanged() {
        this.propertyClient.put("fred", "myProperty", value(5));
        renameUser("fred", "fred2");
        MatcherAssert.assertThat(this.propertyClient.identifyUserBy(UserPropertyClient.UserIdentificationMode.username).get("fred2", "myProperty").value, Matchers.equalTo(valueAsMap(5)));
        MatcherAssert.assertThat(this.propertyClient.identifyUserBy(UserPropertyClient.UserIdentificationMode.userKey).get("fred", "myProperty").value, Matchers.equalTo(valueAsMap(5)));
    }

    @Test
    public void nonAdminUserIsNotAllowedToModifyOtherUsersProperties() {
        ParsedResponse put = this.propertyClient.loginAs("fred").put("admin", "rogueProp", value(5));
        MatcherAssert.assertThat(Integer.valueOf(put.statusCode), Matchers.equalTo(Integer.valueOf(Response.Status.FORBIDDEN.getStatusCode())));
        MatcherAssert.assertThat(put.entity.errorMessages, Matchers.contains(new String[]{"User 'fred' does not have permissions to edit properties of user 'admin'"}));
    }

    @Test
    public void regularAdminCanAccessAndModifyOtherUsersProperties() {
        createUserWithPermission("globalAdmin", GlobalPermissionKey.ADMINISTER);
        this.propertyClient.loginAs("globalAdmin");
        assertCanAccessAndEditPropertiesOf("fred");
    }

    @Test
    public void nonAdminUserCanAccessAndEditTheirOwnProperties() {
        this.propertyClient.loginAs("fred");
        assertCanAccessAndEditPropertiesOf("fred");
    }

    @Test
    public void notFoundResponseIsReturnedForNonExistingUsersWhenWeAreAdmin() {
        MatcherAssert.assertThat(this.propertyClient.getKeys("fred").keys, Matchers.hasSize(0));
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.loginAs("admin").getKeys("nonExistentUser");
            return null;
        }, Response.Status.NOT_FOUND, "Specified user does not exist or you do not have required permissions");
    }

    @Test
    public void regularAdminIsNotAllowedToEditSystemAdminsProperties() {
        createUserWithPermission("regularAdmin", GlobalPermissionKey.ADMINISTER);
        ParsedResponse put = this.propertyClient.loginAs("regularAdmin").put("admin", "rogueProp", value(42));
        MatcherAssert.assertThat(Integer.valueOf(put.statusCode), Matchers.equalTo(Integer.valueOf(Response.Status.FORBIDDEN.getStatusCode())));
        MatcherAssert.assertThat(put.entity.errorMessages, Matchers.contains(new String[]{"User 'regularAdmin' does not have permissions to edit properties of user 'admin'"}));
    }

    @Test
    public void nonAdminUserIsNotAllowedToAccessOtherUsersProperties() {
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.loginAs("fred").getKeys("admin");
            return null;
        }, Response.Status.FORBIDDEN, "User 'fred' does not have permissions to read properties of user 'admin'");
    }

    @Test
    public void regularAdminIsNotAllowedToReadSystemAdminsProperties() {
        createUserWithPermission("regularAdmin", GlobalPermissionKey.ADMINISTER);
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.loginAs("regularAdmin").getKeys("admin");
            return null;
        }, Response.Status.FORBIDDEN);
    }

    @Test
    public void anonymousUserIsNotAllowedToAccessAnyProperties() {
        this.propertyClient.anonymous();
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.getKeys("fred");
            return null;
        }, Response.Status.UNAUTHORIZED);
    }

    @Test
    public void propertiesAreClearedAfterUserIsDeleted() {
        this.propertyClient.put("fred", "farewellProp", value(-1));
        this.backdoor.usersAndGroups().deleteUser("fred");
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.getKeys("fred");
            return null;
        }, Response.Status.NOT_FOUND);
        this.backdoor.usersAndGroups().addUser("fred");
        MatcherAssert.assertThat(this.propertyClient.getKeys("fred").keys, Matchers.hasSize(0));
    }

    @Test
    public void notFoundIsReturnedWhenAccessingNonExistentProperty() {
        PropertyAssertions.assertWebApplicationException(() -> {
            this.propertyClient.get("admin", "nonExistentProperty");
            return null;
        }, Response.Status.NOT_FOUND);
    }

    protected final void renameUser(String str, String str2) {
        this.backdoor.usersAndGroups().updateUser(new UserDTO(true, 1L, str, (String) null, str, str, str2, 0L));
    }

    protected final void assertCanAccessAndEditPropertiesOf(String str) {
        this.propertyClient.put(str, "prop", value(42));
        MatcherAssert.assertThat(this.propertyClient.getKeys(str).keys, Matchers.hasSize(1));
        MatcherAssert.assertThat(this.propertyClient.get(str, "prop").value, Matchers.equalTo(valueAsMap(42)));
    }

    protected final void createUserWithPermission(String str, GlobalPermissionKey globalPermissionKey) {
        this.backdoor.usersAndGroups().addUser(str);
        String str2 = "userGroup-" + SEQ.incrementAndGet();
        this.backdoor.usersAndGroups().addGroup(str2);
        this.backdoor.usersAndGroups().addUserToGroup(str, str2);
        this.backdoor.permissions().addGlobalPermission(((Integer) GlobalPermissionKey.GLOBAL_PERMISSION_ID_TRANSLATION.inverse().get(globalPermissionKey)).intValue(), str2);
    }

    protected final JSONObject value(int i) {
        return new JSONObject(valueAsMap(i));
    }

    protected final Map<String, Object> valueAsMap(int i) {
        return ImmutableMap.of(TestWorkflowTransitionProperties.VALUE, Integer.valueOf(i));
    }
}
