package com.atlassian.jira.webtests.ztests.bundledplugins2.rest;

import com.atlassian.integrationtesting.runner.restore.Restore;
import com.atlassian.jira.functest.framework.BaseJiraRestTest;
import com.atlassian.jira.functest.framework.FunctTestConstants;
import com.atlassian.jira.functest.framework.LoginAs;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.functest.matcher.PermissionMatcher;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.rest.v2.permission.UserPermissionJsonBean;
import com.atlassian.jira.testkit.client.RestApiClient;
import com.atlassian.jira.testkit.client.restclient.ParsedResponse;
import com.atlassian.jira.webtests.util.JIRAEnvironmentData;
import com.atlassian.jira.webtests.ztests.bundledplugins2.webhooks.TestUserWebHook;
import com.atlassian.jira.webtests.ztests.security.TestGlobalPermissions;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.common.collect.ImmutableMap;
import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Response;
import org.hamcrest.Matcher;
import org.hamcrest.Matchers;
import org.hamcrest.core.AllOf;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

@LoginAs(user = "admin")
@Restore("TestPermissionsRest.xml")
@WebTest({Category.FUNC_TEST, Category.REST})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestPermissionsResource.class */
public class TestPermissionsResource extends BaseJiraRestTest {
    private PermissionsClient permissionsClient;

    /* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestPermissionsResource$PermissionsClient.class */
    private class PermissionsClient extends RestApiClient<PermissionsClient> {
        protected PermissionsClient(JIRAEnvironmentData jIRAEnvironmentData) {
            super(jIRAEnvironmentData);
        }

        private ParsedResponse<PermissionsOuter> getPermissions() {
            return toResponse(new RestApiClient.RestCall() { // from class: com.atlassian.jira.webtests.ztests.bundledplugins2.rest.TestPermissionsResource.PermissionsClient.1
                public Response call() {
                    return (Response) PermissionsClient.this.createResource().path("mypermissions").request().get(Response.class);
                }
            }, PermissionsOuter.class);
        }

        private ParsedResponse<PermissionsOuter> getPermissions(final Map<String, String> map) {
            return toResponse(new RestApiClient.RestCall() { // from class: com.atlassian.jira.webtests.ztests.bundledplugins2.rest.TestPermissionsResource.PermissionsClient.2
                public Response call() {
                    WebTarget path = PermissionsClient.this.createResource().path("mypermissions");
                    for (Map.Entry entry : map.entrySet()) {
                        path = path.queryParam((String) entry.getKey(), new Object[]{entry.getValue()});
                    }
                    return (Response) path.request().get(Response.class);
                }
            }, PermissionsOuter.class);
        }

        private ParsedResponse<PermissionsOuter> getAllPermissions() {
            return toResponse(new RestApiClient.RestCall() { // from class: com.atlassian.jira.webtests.ztests.bundledplugins2.rest.TestPermissionsResource.PermissionsClient.3
                public Response call() {
                    return (Response) PermissionsClient.this.createResource().path("permissions").request().get(Response.class);
                }
            }, PermissionsOuter.class);
        }
    }

    /* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestPermissionsResource$PermissionsOuter.class */
    private static class PermissionsOuter {

        @JsonProperty
        HashMap<String, UserPermissionJsonBean> permissions;

        private PermissionsOuter() {
        }
    }

    @Before
    public void setUpTest() {
        this.permissionsClient = new PermissionsClient(this.environmentData);
        this.backdoor.plugins().disablePluginModule(TestGlobalPermissions.GLOBAL_PERMISSION_COMPLETE);
        this.backdoor.plugins().enablePluginModule(TestGlobalPermissions.GLOBAL_PERMISSION_COMPLETE);
    }

    @Test
    public void testPermissionsEndpointIsForAdministratorsOnly() {
        Assert.assertEquals(((PermissionsClient) this.permissionsClient.anonymous()).getAllPermissions().statusCode, 401L);
        this.backdoor.usersAndGroups().addUser("non-admin-user");
        Assert.assertEquals(((PermissionsClient) this.permissionsClient.loginAs("non-admin-user")).getAllPermissions().statusCode, 403L);
    }

    @Test
    public void testCustomPermissionIsReturnedByAllPermissionsEndpoint() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getAllPermissions().body).permissions.get(TestGlobalPermissions.GLOBAL_PERMISSION), AllOf.allOf(new Matcher[]{PermissionMatcher.key(TestGlobalPermissions.GLOBAL_PERMISSION), PermissionMatcher.name("func.test.global.permission.name"), PermissionMatcher.type("GLOBAL"), PermissionMatcher.description("func.test.global.permission.description")}));
    }

    @Test
    public void testGlobalPermissionsAreReturnedByAllPermissionsEndpoint() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getAllPermissions().body).permissions.get("SYSTEM_ADMIN"), AllOf.allOf(new Matcher[]{PermissionMatcher.key("SYSTEM_ADMIN"), PermissionMatcher.name("Jira System Administrators"), PermissionMatcher.type("GLOBAL"), PermissionMatcher.hasNotEmptyDescription()}));
    }

    @Test
    public void testProjectPermissionsAreReturnedByAllPermissionsEndpoint() {
        ParsedResponse<PermissionsOuter> allPermissions = this.permissionsClient.getAllPermissions();
        Assert.assertThat(((PermissionsOuter) allPermissions.body).permissions.get("LINK_ISSUES"), AllOf.allOf(new Matcher[]{PermissionMatcher.key("LINK_ISSUES"), PermissionMatcher.name("Link Issues"), PermissionMatcher.type("PROJECT"), PermissionMatcher.hasNotEmptyDescription()}));
        Assert.assertThat(((PermissionsOuter) allPermissions.body).permissions.get("BROWSE_PROJECTS"), AllOf.allOf(new Matcher[]{PermissionMatcher.key("BROWSE_PROJECTS"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.type("PROJECT"), PermissionMatcher.hasNotEmptyDescription()}));
    }

    @Test
    public void testCustomProjectPermissionsAreReturnedByAllPermissionsEndpoint() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getAllPermissions().body).permissions.get("func.test.project.permission"), AllOf.allOf(new Matcher[]{PermissionMatcher.key("func.test.project.permission"), PermissionMatcher.name("func.test.project.permission.name"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("func.test.project.permission.description")}));
    }

    @Test
    public void testGlobalPermissions() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions().body).permissions.get("ADMINISTER"), AllOf.allOf(new Matcher[]{PermissionMatcher.key("ADMINISTER"), PermissionMatcher.id(FunctTestConstants.ISSUE_ALL), PermissionMatcher.name("Jira Administrators"), PermissionMatcher.type("GLOBAL"), PermissionMatcher.description("Ability to perform most administration functions (excluding Import & Export, SMTP Configuration, etc.)."), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(true)}));
        ParsedResponse<PermissionsOuter> permissions = ((PermissionsClient) this.permissionsClient.loginAs(TestUserWebHook.USER_NAME, TestUserWebHook.USER_NAME)).getPermissions();
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get("ADMINISTER"), PermissionMatcher.havePermission(false));
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get(TestGlobalPermissions.GLOBAL_PERMISSION), AllOf.allOf(new Matcher[]{PermissionMatcher.key(TestGlobalPermissions.GLOBAL_PERMISSION), PermissionMatcher.name("func.test.global.permission.name"), PermissionMatcher.type("GLOBAL"), PermissionMatcher.description("func.test.global.permission.description"), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(false)}));
    }

    @Test
    public void testGetLegacyProjectPermissions() {
        ParsedResponse<PermissionsOuter> permissions = this.permissionsClient.getPermissions();
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get("BROWSE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.key("BROWSE"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to browse projects and the issues within them."), PermissionMatcher.deprecatedKey(true), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get("COMMENT_ISSUE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("15"), PermissionMatcher.key("COMMENT_ISSUE"), PermissionMatcher.name("Add Comments"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to comment on issues."), PermissionMatcher.deprecatedKey(true), PermissionMatcher.havePermission(true)}));
        ParsedResponse<PermissionsOuter> permissions2 = ((PermissionsClient) this.permissionsClient.loginAs(TestUserWebHook.USER_NAME, TestUserWebHook.USER_NAME)).getPermissions();
        Assert.assertThat(((PermissionsOuter) permissions2.body).permissions.get("BROWSE"), PermissionMatcher.havePermission(false));
        Assert.assertThat(((PermissionsOuter) permissions2.body).permissions.get("COMMENT_ISSUE"), PermissionMatcher.havePermission(false));
    }

    @Test
    public void testGetAnonymousUserPermissions() {
        ParsedResponse<PermissionsOuter> permissions = ((PermissionsClient) this.permissionsClient.anonymous()).getPermissions();
        Assert.assertThat(permissions, Matchers.notNullValue());
        Assert.assertThat(Integer.valueOf(permissions.statusCode), Matchers.is(401));
    }

    @Test
    public void testGetProjectPermissions() {
        ParsedResponse<PermissionsOuter> permissions = this.permissionsClient.getPermissions();
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.key(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), PermissionMatcher.name("Browse Projects"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to browse projects and the issues within them."), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) permissions.body).permissions.get(ProjectPermissions.ADD_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("15"), PermissionMatcher.key(ProjectPermissions.ADD_COMMENTS.permissionKey()), PermissionMatcher.name("Add Comments"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to comment on issues."), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(true)}));
        ParsedResponse<PermissionsOuter> permissions2 = ((PermissionsClient) this.permissionsClient.loginAs(TestUserWebHook.USER_NAME, TestUserWebHook.USER_NAME)).getPermissions();
        Assert.assertThat(((PermissionsOuter) permissions2.body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), PermissionMatcher.havePermission(false));
        Assert.assertThat(((PermissionsOuter) permissions2.body).permissions.get(ProjectPermissions.ADD_COMMENTS.permissionKey()), PermissionMatcher.havePermission(false));
        Assert.assertThat(((PermissionsOuter) permissions2.body).permissions.get(TestGlobalPermissions.GLOBAL_PERMISSION), AllOf.allOf(new Matcher[]{PermissionMatcher.key(TestGlobalPermissions.GLOBAL_PERMISSION), PermissionMatcher.name("func.test.global.permission.name"), PermissionMatcher.type("GLOBAL"), PermissionMatcher.description("func.test.global.permission.description"), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(false)}));
    }

    @Test
    public void testLegacyProjectFilter() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTA")).body).permissions.get("BROWSE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTB")).body).permissions.get("BROWSE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(false)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectId", "10000")).body).permissions.get("BROWSE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectId", "10001")).body).permissions.get("BROWSE"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(false)}));
    }

    @Test
    public void testProjectFilter() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTA")).body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTB")).body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(false)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectId", "10000")).body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectId", "10001")).body).permissions.get(ProjectPermissions.BROWSE_PROJECTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("10"), PermissionMatcher.name("Browse Projects"), PermissionMatcher.havePermission(false)}));
    }

    @Test
    public void testLegacyIssueFiltering() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions().body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.name("Delete All Comments"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to delete all comments made on issues."), PermissionMatcher.deprecatedKey(true), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTA")).body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueKey", "PROJECTA-3")).body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueKey", "PROJECTA-4")).body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.havePermission(false)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueId", "10200")).body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueId", "10201")).body).permissions.get("COMMENT_DELETE_ALL"), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key("COMMENT_DELETE_ALL"), PermissionMatcher.havePermission(false)}));
    }

    @Test
    public void testIssueFiltering() {
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions().body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.name("Delete All Comments"), PermissionMatcher.type("PROJECT"), PermissionMatcher.description("Ability to delete all comments made on issues."), PermissionMatcher.deprecatedKey(null), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("projectKey", "PROJECTA")).body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueKey", "PROJECTA-3")).body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueKey", "PROJECTA-4")).body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.havePermission(false)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueId", "10200")).body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.havePermission(true)}));
        Assert.assertThat(((PermissionsOuter) this.permissionsClient.getPermissions(ImmutableMap.of("issueId", "10201")).body).permissions.get(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), AllOf.allOf(new Matcher[]{PermissionMatcher.id("36"), PermissionMatcher.key(ProjectPermissions.DELETE_ALL_COMMENTS.permissionKey()), PermissionMatcher.havePermission(false)}));
    }
}
