package com.atlassian.jira.webtests.ztests.resources;

import com.atlassian.jira.functest.framework.BaseJiraFuncTest;
import com.atlassian.jira.functest.framework.FuncTestRestClient;
import com.atlassian.jira.functest.framework.LoginAs;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.meterware.httpunit.WebResponse;
import java.io.IOException;
import javax.inject.Inject;
import org.junit.Assert;
import org.junit.Test;
import org.xml.sax.SAXException;

@LoginAs(user = "admin")
@WebTest({Category.FUNC_TEST, Category.REST, Category.HTTP})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/resources/ResourceHeadersTest.class */
public class ResourceHeadersTest extends BaseJiraFuncTest {

    @Inject
    private FuncTestRestClient restClient;
    private static final String X_AUSERNAME = "X-AUSERNAME";
    private static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy";
    private static final String CSP_SANDBOX = "sandbox";
    private static final String JS_REST_RESOURCE = "/rest/func-test/1.0/resources/fetchJsResponse.js";
    private static final String JS_STATIC_RESOURCE = "/s/anotherRandomCDNHash/-hash/buildNumber/randomHash/version/_/download/batch/jira.webresources:calendar-en/jira.webresources:calendar-en.js";
    private static final String CSS_STATIC_RESOURCE = "/s/randomCDNHash/-hash/buildNumber/randomHash/version/_/download/batch/com.atlassian.jira.gadgets:core-gadget-resources/com.atlassian.jira.gadgets:core-gadget-resources.css";
    private static final String NON_CACHEABLE = "secure/Dashboard.jspa";

    @Test
    public void testIfJsResourceFromRestPathDoesntHaveUserNameHeader() {
        Assert.assertNull(doGet(JS_REST_RESOURCE).getHeaderField(X_AUSERNAME));
    }

    @Test
    public void testIfJsResourceFromRestPathDoesntHaveSandboxContentSecurityPolicyHeader() {
        Assert.assertNotEquals(CSP_SANDBOX, doGet(JS_REST_RESOURCE).getHeaderField(CONTENT_SECURITY_POLICY));
    }

    @Test
    public void testIfJsResourceFromStaticPathDoesntHaveUserNameHeader() {
        Assert.assertNull(doGet(JS_STATIC_RESOURCE).getHeaderField(X_AUSERNAME));
    }

    @Test
    public void testIfJsResourceFromStaticPathDoesntHaveUserSandboxContentSecurityPolicyHeader() {
        Assert.assertNotEquals(CSP_SANDBOX, doGet(JS_STATIC_RESOURCE).getHeaderField(CONTENT_SECURITY_POLICY));
    }

    @Test
    public void testIfCSSResourceFromStaticPathDoesntHaveUserNameHeader() {
        Assert.assertNull(doGet(CSS_STATIC_RESOURCE).getHeaderField(X_AUSERNAME));
    }

    @Test
    public void testIfCSSResourceFromStaticPathHasSandboxContentSecurityPolicyHeader() {
        Assert.assertEquals(CSP_SANDBOX, doGet(CSS_STATIC_RESOURCE).getHeaderField(CONTENT_SECURITY_POLICY));
    }

    @Test
    public void testIfOtherNonCachableResourcehasUserNameHeader() {
        Assert.assertEquals(doGet(NON_CACHEABLE).getHeaderField(X_AUSERNAME), "admin");
    }

    private WebResponse doGet(String str) {
        try {
            return this.restClient.GET(str);
        } catch (IOException | SAXException e) {
            throw new RuntimeException(e);
        }
    }
}
