package com.atlassian.jira.webtests.ztests.security.plugin;

import com.atlassian.jira.functest.framework.Administration;
import com.atlassian.jira.functest.framework.BaseJiraFuncTest;
import com.atlassian.jira.functest.framework.LoginAs;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.functest.rule.JiraRestClientSupplier;
import com.atlassian.jira.rest.api.issue.IssueCreateResponse;
import com.atlassian.jira.rest.api.issue.IssueFields;
import com.atlassian.jira.rest.api.issue.IssueUpdateRequest;
import com.atlassian.jira.rest.client.api.IssueRestClient;
import com.atlassian.jira.rest.client.api.JiraRestClient;
import com.atlassian.jira.rest.client.api.domain.Issue;
import com.atlassian.jira.rest.client.api.domain.Transition;
import com.atlassian.jira.testkit.client.restclient.Comment;
import com.atlassian.jira.testkit.client.restclient.CommentClient;
import com.atlassian.jira.testkit.client.restclient.IssueClient;
import com.atlassian.jira.testkit.client.restclient.Visibility;
import java.io.IOException;
import javax.inject.Inject;
import javax.ws.rs.core.Response;
import org.hamcrest.Matcher;
import org.hamcrest.Matchers;
import org.hamcrest.core.Is;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;

@LoginAs(user = "admin")
@WebTest({Category.FUNC_TEST, Category.SECURITY, Category.REFERENCE_PLUGIN})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/security/plugin/TestPermissionOverride.class */
public class TestPermissionOverride extends BaseJiraFuncTest {
    private static final String TRANSITION_ISSUE_PERMISSION_OVERRIDE_MODULE = "com.atlassian.jira.dev.reference-plugin:brad.odlaw.cant.transition.issue";
    private static final String COMMENT_ISSUE_PERMISSION_OVERRIDE_MODULE = "com.atlassian.jira.dev.reference-plugin:brad.odlaw.cant.comment";
    private static final String EDIT_ISSUE_PERMISSION_OVERRIDE_MODULE = "com.atlassian.jira.dev.reference-plugin:brad.odlaw.cant.edit.issue";
    private static final String BRAD = "brad_the_odlaw";

    @Rule
    public JiraRestClientSupplier jiraRestClientSupplier = new JiraRestClientSupplier(this::getEnvironmentData, BRAD, BRAD);
    private IssueClient issueClient;
    private CommentClient commentClient;

    @Inject
    private Administration administration;

    @Before
    public void setUpTest() {
        this.jiraRestClientSupplier.get();
        this.administration.restoreBlankInstance();
        this.backdoor.usersAndGroups().addUser(BRAD, BRAD, BRAD, "odlaw@atlassiqan.com").addUserToGroup(BRAD, "jira-developers");
        this.issueClient = new IssueClient(this.environmentData);
        this.commentClient = new CommentClient(this.environmentData);
    }

    @Test
    public void testPermissionToEditIssueOverridden() {
        IssueCreateResponse createIssue = this.backdoor.issues().createIssue("HSP", "issue summary");
        this.backdoor.plugins().disablePluginModule(EDIT_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(Integer.valueOf(this.issueClient.loginAs(BRAD, BRAD).updateResponse(createIssue.key(), summary("new summary")).statusCode), statusCode(Response.Status.NO_CONTENT));
        this.backdoor.plugins().enablePluginModule(EDIT_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(Integer.valueOf(this.issueClient.loginAs(BRAD, BRAD).updateResponse(createIssue.key(), summary("summary which will never be set")).statusCode), Matchers.not(statusCodeFamily(200)));
    }

    @Test
    public void testPermissionToCommentIssueOverridden() {
        IssueCreateResponse createIssue = this.backdoor.issues().createIssue("HSP", "issue summary");
        this.backdoor.plugins().disablePluginModule(COMMENT_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(Integer.valueOf(this.commentClient.loginAs(BRAD, BRAD).post(createIssue.key(), comment("I comment because I can")).statusCode), Matchers.is(Integer.valueOf(Response.Status.CREATED.getStatusCode())));
        this.backdoor.plugins().enablePluginModule(COMMENT_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(Integer.valueOf(this.commentClient.loginAs(BRAD, BRAD).post(createIssue.key(), comment("I try to comment")).statusCode), Matchers.not(statusCodeFamily(200)));
    }

    @Test
    public void testPermissionToTransitionIssueOverridden() throws IOException {
        IssueCreateResponse createIssue = this.backdoor.issues().createIssue("HSP", "issue summary");
        this.backdoor.plugins().disablePluginModule(TRANSITION_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(getIssueTransitions(this.jiraRestClientSupplier.get(), createIssue.key()), Matchers.not(Matchers.emptyIterable()));
        this.backdoor.plugins().enablePluginModule(TRANSITION_ISSUE_PERMISSION_OVERRIDE_MODULE);
        Assert.assertThat(getIssueTransitions(this.jiraRestClientSupplier.get(), createIssue.key()), Matchers.emptyIterable());
    }

    private IssueUpdateRequest summary(String str) {
        return new IssueUpdateRequest().fields(new IssueFields().summary(str));
    }

    private Comment comment(String str) {
        Comment comment = new Comment();
        comment.body = str;
        comment.visibility = new Visibility("group", "jira-users");
        return comment;
    }

    private Matcher<? super Integer> statusCode(Response.Status status) {
        return Is.is(Integer.valueOf(status.getStatusCode()));
    }

    private Matcher<? super Integer> statusCodeFamily(int i) {
        int i2 = (i / 100) * 100;
        return Matchers.allOf(Matchers.lessThan(Integer.valueOf(i2 + 100)), Matchers.greaterThanOrEqualTo(Integer.valueOf(i2)));
    }

    private Iterable<Transition> getIssueTransitions(JiraRestClient jiraRestClient, String str) {
        IssueRestClient issueClient = jiraRestClient.getIssueClient();
        return (Iterable) issueClient.getTransitions((Issue) issueClient.getIssue(str).claim()).claim();
    }
}
