package com.atlassian.jira.webtests.ztests.issue;

import com.atlassian.integrationtesting.runner.restore.RestoreOnce;
import com.atlassian.jira.functest.framework.BaseJiraFuncTest;
import com.atlassian.jira.functest.framework.HtmlPage;
import com.atlassian.jira.functest.framework.assertions.TextAssertions;
import com.atlassian.jira.functest.framework.fields.EditFieldConstants;
import com.atlassian.jira.functest.framework.locator.IdLocator;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.matchers.LangMatchers;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.rest.api.issue.IssueCreateResponse;
import com.atlassian.jira.rest.api.issue.IssueFields;
import com.atlassian.jira.rest.api.issue.ResourceRef;
import com.atlassian.jira.testkit.client.IssueSecuritySchemesControl;
import com.atlassian.jira.testkit.client.IssuesControl;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.TestProjectPermissionSchemeResource;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.client.IssueSubTaskClient;
import javax.inject.Inject;
import org.hamcrest.MatcherAssert;
import org.junit.Assert;
import org.junit.Test;

@RestoreOnce("TestIssueOperationsWithLimitedPermissionsProEnt.xml")
@WebTest({Category.FUNC_TEST, Category.ISSUES, Category.PERMISSIONS})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/issue/TestIssueOperationsWithLimitedPermissions.class */
public class TestIssueOperationsWithLimitedPermissions extends BaseJiraFuncTest {
    private static final String RESTRICTED_ISSUE_ID = "10000";
    private static final String RESTRICTED_ISSUE_KEY = "HSP-1";
    private static final String CLOSED_ISSUE_ID = "10020";
    private static final long PROJECT_ID = 10000;
    private static final String ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN = "You are not logged in, and do not have the permissions required to create an issue in this project as a guest.";
    private static final String ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE = "You do not have permission to create issues in this project.";
    private static final String PERMISSION_ERROR_DESC_ANONYMOUS = "You are not logged in, and do not have the permissions required to act on the selected issue as a guest.";
    private static final String PERMISSION_ERROR_DESC_USER = "You do not have permission to act on this issue.";
    private static final String PERMISSION_ERROR_BROWSE_PROJECTS = "You're not allowed to browse projects";
    private static final String PERMISSION_ERROR = "You do not have the permission to see the specified issue.";
    private static final String ISSUE_CANT_BE_DISPLAYED_MESSAGE = "You can&#39;t view this issue";
    private static final String LOGIN = "log in";
    private static final String SIGNUP = "sign up";
    private static final String YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE = "You must log in to access this page.";
    private static final String PERMISSION_VIOLATION_MESSAGE = "It seems that you have tried to perform an operation which you are not permitted to perform.";
    private static final String BROWSE_URL = "/browse/";
    private static final String NEW_TEST_ISSUE = "new test issue";
    private static final String NOT_LOGGED_IN_ERROR = "You're not logged in";
    private static final String TOGGLE_UNVOTE_ISSUE = "toggle-unvote-issue";
    private static final String TOGGLE_VOTE_ISSUE = "toggle-vote-issue";
    private static final String TOGGLE_UNWATCH_ISSUE = "toggle-unwatch-issue";
    private static final String TOGGLE_WATCH_ISSUE = "toggle-watch-issue";
    private static final String RESOLVE_ISSUE = "Resolve Issue";
    private static final String ASSIGN_ISSUE_SUBMIT = "assign-issue-form-submit";
    private static final String EDIT_ISSUE = "Edit Issue";
    private static final String SUMMARY = "Summary";
    private static final String WATCH_ISSUE = "Watch Issue";
    private static final String STOP_WATCHING = "Stop Watching";
    private static final String EDIT_WORK_LOG = "Edit Work Log";
    private static final String DELETE_WORKLOG = "Delete Worklog";
    private static final String IGNORE = "ignoreMeAndSeeAssertBelow";
    private static final String COMMENT_PERMISSION_ERROR_MSG = "you do not have the permission to comment on this issue.";
    private static final String COMPONENT_S = "Component/s";
    private static final String ISSUE_TYPE = "Issue Type";
    private static final String CREATE_SUB_TASK = "Create Sub-Task";
    private static final String ATL_TOKEN = "atl_token=";
    private static final String SECURE_URL = "/secure/";
    private static final String SECURITY_SCHEME = "scheme";
    private static final String SECURITY_LEVEL = "level";

    @Inject
    private HtmlPage page;

    @Inject
    private TextAssertions textAssertions;

    @Test
    public void testViewIssue() {
        assertActionIsInaccessibleToAnonymousUser(BROWSE_URL, NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser(BROWSE_URL, NEW_TEST_ISSUE, ISSUE_CANT_BE_DISPLAYED_MESSAGE);
        assertActionIsAccessibleToAdmin(BROWSE_URL, NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
    }

    @Test
    public void testViewIssueVote() {
        assertActionIsInaccessibleToAnonymousUser("VoteOrWatchIssue.jspa?vote=vote&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("VoteOrWatchIssue.jspa?vote=vote&", NEW_TEST_ISSUE, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("VoteOrWatchIssue.jspa?vote=vote&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
        this.tester.assertLinkPresent(TOGGLE_UNVOTE_ISSUE);
        this.textAssertions.assertTextPresent(new IdLocator(this.tester, TOGGLE_UNVOTE_ISSUE), "Remove vote");
        this.textAssertions.assertTextNotPresent(new IdLocator(this.tester, TOGGLE_UNVOTE_ISSUE), "Add vote");
        assertActionIsInaccessibleToAdminForClosedIssue("VoteOrWatchIssue.jspa?vote=vote&", "An issue that will be closed!", "You cannot vote or change your vote on resolved issues.");
    }

    @Test
    public void testViewIssueUnvote() {
        assertActionIsInaccessibleToAnonymousUser("VoteOrWatchIssue.jspa?vote=unvote&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("VoteOrWatchIssue.jspa?vote=unvote&", NEW_TEST_ISSUE, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("VoteOrWatchIssue.jspa?vote=unvote&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
        this.tester.assertLinkPresent(TOGGLE_VOTE_ISSUE);
        this.textAssertions.assertTextPresent(new IdLocator(this.tester, TOGGLE_VOTE_ISSUE), "Add vote");
        this.textAssertions.assertTextNotPresent(new IdLocator(this.tester, TOGGLE_VOTE_ISSUE), "Remove vote");
        assertActionIsInaccessibleToAdminForClosedIssue("VoteOrWatchIssue.jspa?vote=unvote&", "An issue that will be closed!", "You cannot vote or change your vote on resolved issues.");
    }

    @Test
    public void testViewIssueStartWatching() {
        assertActionIsInaccessibleToAnonymousUser("VoteOrWatchIssue.jspa?watch=watch&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("VoteOrWatchIssue.jspa?watch=watch&", NEW_TEST_ISSUE, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("VoteOrWatchIssue.jspa?watch=watch&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
        this.tester.assertLinkPresent(TOGGLE_UNWATCH_ISSUE);
        this.textAssertions.assertTextPresent(new IdLocator(this.tester, TOGGLE_UNWATCH_ISSUE), "Stop watching");
        this.textAssertions.assertTextNotPresent(new IdLocator(this.tester, TOGGLE_WATCH_ISSUE), "Watch issue");
    }

    @Test
    public void testViewIssueStopWatching() {
        assertActionIsInaccessibleToAnonymousUser("VoteOrWatchIssue.jspa?watch=unwatch&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("VoteOrWatchIssue.jspa?watch=unwatch&", NEW_TEST_ISSUE, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("VoteOrWatchIssue.jspa?watch=unwatch&", NEW_TEST_ISSUE, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
        this.tester.assertLinkPresent(TOGGLE_WATCH_ISSUE);
        this.textAssertions.assertTextPresent(new IdLocator(this.tester, TOGGLE_WATCH_ISSUE), "Watch issue");
        this.textAssertions.assertTextNotPresent(new IdLocator(this.tester, TOGGLE_UNWATCH_ISSUE), "Stop watching");
    }

    @Test
    public void testWorkflowUIDispatcher() {
        assertActionIsInaccessibleToAnonymousUser("WorkflowUIDispatcher.jspa?action=5&", "Resolve Issue", YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("WorkflowUIDispatcher.jspa?action=5&", "Resolve Issue", PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("WorkflowUIDispatcher.jspa?action=5&", "Resolve Issue", YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE);
    }

    @Test
    public void testAssignIssue() {
        assertActionIsInaccessibleToAnonymousUser("AssignIssue!default.jspa?", ASSIGN_ISSUE_SUBMIT, PERMISSION_ERROR, true);
        assertActionIsInaccessibleToUser("AssignIssue!default.jspa?", ASSIGN_ISSUE_SUBMIT, PERMISSION_ERROR);
        assertActionIsAccessibleToAdmin("AssignIssue!default.jspa?", ASSIGN_ISSUE_SUBMIT, PERMISSION_ERROR);
        assertActionIsInaccessibleToAdminForClosedIssue("AssignIssue!default.jspa?", ASSIGN_ISSUE_SUBMIT, PERMISSION_VIOLATION_MESSAGE);
    }

    @Test
    public void testCommentAssignIssue() {
        assertActionIsInaccessibleToAnonymousUser("CommentAssignIssue!default.jspa?action=5&", "Resolve Issue", PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("CommentAssignIssue!default.jspa?action=5&", "Resolve Issue", PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("CommentAssignIssue!default.jspa?action=5&", "Resolve Issue", PERMISSION_ERROR);
    }

    @Test
    public void testEditIssue() {
        assertActionIsInaccessibleToAnonymousUser("EditIssue!default.jspa?", "Edit Issue", PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("EditIssue!default.jspa?", "Edit Issue", PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("EditIssue!default.jspa?", "Edit Issue", PERMISSION_ERROR);
        assertActionIsInaccessibleToAdminForClosedIssue("EditIssue!default.jspa?", null, "You are not allowed to edit this issue due to its current status in the workflow.");
    }

    @Test
    public void testLabels() {
        assertActionIsInaccessibleToAnonymousUser("EditLabels!default.jspa?", null, PERMISSION_ERROR, true);
        assertActionIsInaccessibleToUser("EditLabels!default.jspa?", null, PERMISSION_ERROR);
        assertActionIsAccessibleToAdmin("EditLabels!default.jspa?", "Labels", PERMISSION_ERROR);
        assertActionIsInaccessibleToAdminForClosedIssue("EditLabels!default.jspa?", null, PERMISSION_VIOLATION_MESSAGE);
    }

    @Test
    public void testCloneIssueDetails() {
        assertActionIsInaccessibleToAnonymousUser("CloneIssueDetails!default.jspa?", SUMMARY, PERMISSION_ERROR, false);
        assertActionIsInaccessibleToUser("CloneIssueDetails!default.jspa?", SUMMARY, PERMISSION_ERROR);
        assertActionIsAccessibleToAdmin("CloneIssueDetails!default.jspa?", SUMMARY, PERMISSION_ERROR);
    }

    @Test
    public void testMoveIssue() {
        assertActionIsInaccessibleToAnonymousUser("MoveIssue!default.jspa?", "Current Project", NOT_LOGGED_IN_ERROR, true);
        assertActionIsInaccessibleToUser("MoveIssue!default.jspa?", "Current Project", PERMISSION_ERROR_BROWSE_PROJECTS);
        assertActionIsAccessibleToAdmin("MoveIssue!default.jspa?", "homosapien", NOT_LOGGED_IN_ERROR);
    }

    @Test
    public void testViewVoters() {
        assertActionIsInaccessibleToAnonymousUser("ViewVoters!addVote.jspa?", "There are no voters for this issue", YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("ViewVoters!addVote.jspa?", "There are no voters for this issue", PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ViewVoters!addVote.jspa?", "Remove your vote", PERMISSION_ERROR);
        assertActionIsInaccessibleToAnonymousUser("ViewVoters!removeVote.jspa?", "There are no voters for this issue", YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, true);
        assertActionIsInaccessibleToUser("ViewVoters!removeVote.jspa?", "There are no voters for this issue", PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ViewVoters!removeVote.jspa?", "There are no voters for this issue", PERMISSION_ERROR);
        assertActionIsInaccessibleToAnonymousUser("ViewVoters!default.jspa?", "There are no voters for this issue", PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ViewVoters!default.jspa?", "There are no voters for this issue", PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ViewVoters!default.jspa?", "There are no voters for this issue", PERMISSION_ERROR);
    }

    @Test
    public void testManageWatchers() {
        assertActionIsInaccessibleToAnonymousUser("ManageWatchers!default.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ManageWatchers!default.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ManageWatchers!default.jspa?", WATCH_ISSUE, PERMISSION_ERROR);
    }

    @Test
    public void testManageWatchersStartStopWatching() {
        assertActionIsInaccessibleToAnonymousUser("ManageWatchers!startWatching.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ManageWatchers!startWatching.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ManageWatchers!startWatching.jspa?", STOP_WATCHING, PERMISSION_ERROR);
        assertActionIsInaccessibleToAnonymousUser("ManageWatchers!stopWatching.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ManageWatchers!stopWatching.jspa?", WATCH_ISSUE, PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ManageWatchers!stopWatching.jspa?", WATCH_ISSUE, PERMISSION_ERROR);
    }

    @Test
    public void testManageWatchersStartStopWatchers() {
        assertActionIsInaccessibleToAnonymousUser("ManageWatchers!startWatchers.jspa?userNames=admin&", WATCH_ISSUE, PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ManageWatchers!startWatchers.jspa?userNames=admin&", WATCH_ISSUE, PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ManageWatchers!startWatchers.jspa?userNames=admin&", STOP_WATCHING, PERMISSION_ERROR);
        assertActionIsInaccessibleToAnonymousUser("ManageWatchers!stopWatchers.jspa?userNames=admin&", WATCH_ISSUE, PERMISSION_ERROR_DESC_ANONYMOUS, true);
        assertActionIsInaccessibleToUser("ManageWatchers!stopWatchers.jspa?userNames=admin&", WATCH_ISSUE, PERMISSION_ERROR_DESC_USER);
        assertActionIsAccessibleToAdmin("ManageWatchers!stopWatchers.jspa?userNames=admin&", STOP_WATCHING, PERMISSION_ERROR);
    }

    @Test
    public void testCreateWorklog() {
        assertActionIsInaccessibleToAnonymousUser("CreateWorklog!default.jspa?", null, PERMISSION_ERROR, true);
        assertActionIsInaccessibleToUser("CreateWorklog!default.jspa?", null, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("CreateWorklog!default.jspa?", "Log work", PERMISSION_ERROR);
        assertActionIsInaccessibleToAdminForClosedIssue("CreateWorklog!default.jspa?", null, PERMISSION_VIOLATION_MESSAGE);
    }

    @Test
    public void testUpdateWorklogDefault() {
        assertActionIsInaccessibleToAnonymousUser("UpdateWorklog!default.jspa?worklogId=10000&", EDIT_WORK_LOG, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, false);
        assertActionIsInaccessibleToUser("UpdateWorklog!default.jspa?worklogId=10000&", EDIT_WORK_LOG, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("UpdateWorklog!default.jspa?worklogId=10000&", EDIT_WORK_LOG, PERMISSION_VIOLATION_MESSAGE);
    }

    @Test
    public void testDeleteWorklogDefault() {
        assertActionIsInaccessibleToAnonymousUser("DeleteWorklog!default.jspa?worklogId=10000&", DELETE_WORKLOG, YOU_MUST_LOG_IN_TO_ACCESS_THIS_PAGE, false);
        assertActionIsInaccessibleToUser("DeleteWorklog!default.jspa?worklogId=10000&", DELETE_WORKLOG, PERMISSION_VIOLATION_MESSAGE);
        assertActionIsAccessibleToAdmin("DeleteWorklog!default.jspa?worklogId=10000&", DELETE_WORKLOG, PERMISSION_VIOLATION_MESSAGE);
    }

    @Test
    public void testEditComment() {
        assertActionIsInaccessibleToAnonymousUser("EditComment!default.jspa?commentId=10000&", IGNORE, "You do not have the permission to comment on this issue.", false);
        assertActionIsInaccessibleToUser("EditComment!default.jspa?commentId=10000&", IGNORE, COMMENT_PERMISSION_ERROR_MSG);
        assertActionIsAccessibleToAdmin("EditComment!default.jspa?commentId=10000&", "Edit Comment", COMMENT_PERMISSION_ERROR_MSG);
    }

    @Test
    public void testDeleteComment() {
        assertActionIsInaccessibleToAnonymousUser("DeleteComment!default.jspa?commentId=10000&", IGNORE, "You do not have the permission to comment on this issue.", false);
        assertActionIsInaccessibleToUser("DeleteComment!default.jspa?commentId=10000&", IGNORE, COMMENT_PERMISSION_ERROR_MSG);
        assertActionIsAccessibleToAdmin("DeleteComment!default.jspa?commentId=10000&", "Delete Comment", "You do not have permission to delete comment with id: 10000");
    }

    @Test
    public void testCreateSubTaskIssueDefault() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssue!default.jspa?parentIssueId=10000&", "Component/s", NOT_LOGGED_IN_ERROR, true);
        assertActionIsInaccessibleToUser("CreateSubTaskIssue!default.jspa?parentIssueId=10000&", "Component/s", PERMISSION_ERROR_BROWSE_PROJECTS);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssue!default.jspa?parentIssueId=10000&", "Component/s", PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssue() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssue.jspa?parentIssueId=10000&", ISSUE_TYPE, NOT_LOGGED_IN_ERROR, true);
        assertActionIsInaccessibleToUser("CreateSubTaskIssue.jspa?parentIssueId=10000&", ISSUE_TYPE, PERMISSION_ERROR_BROWSE_PROJECTS);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssue.jspa?parentIssueId=10000&", ISSUE_TYPE, PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssueDetails() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN, false);
        assertActionIsInaccessibleToUser("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssueDetailsNoParentIssueId() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssueDetails.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN, false);
        assertActionIsInaccessibleToUser("CreateSubTaskIssueDetails.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssueDetails.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssueDetailsInvalidPid() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=666&", CREATE_SUB_TASK, ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN, false);
        assertActionIsInaccessibleToUser("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=666&", CREATE_SUB_TASK, ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssueDetails.jspa?parentIssueId=10000&issuetype=5&pid=666&", ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE, CREATE_SUB_TASK);
    }

    @Test
    public void testCreateSubTaskIssueDetailsDefault() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssueDetails!default.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN, false);
        assertActionIsInaccessibleToUser("CreateSubTaskIssueDetails!default.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssueDetails!default.jspa?parentIssueId=10000&issuetype=5&pid=10000&", CREATE_SUB_TASK, PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssueDetailsDefaultNoParentIssueId() {
        assertActionIsInaccessibleToAnonymousUser("CreateSubTaskIssueDetails!default.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERM_AND_NOT_LOGGED_IN, false);
        assertActionIsInaccessibleToUser("CreateSubTaskIssueDetails!default.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, ERROR_MSG_NO_PERMISSION_TO_CREATE_ISSUE);
        assertActionIsAccessibleToAdmin("CreateSubTaskIssueDetails!default.jspa?issuetype=5&pid=10000&", CREATE_SUB_TASK, PERMISSION_ERROR);
    }

    @Test
    public void testCreateSubTaskIssueDetailsIfParentIsRestricted() {
        IssueSubTaskClient issueSubTaskClient = new IssueSubTaskClient(this.environmentData);
        createSecuritySchemeAndAssignToProject();
        IssueCreateResponse createIssueWithSecurityLevel = createIssueWithSecurityLevel();
        String id = createIssueWithSecurityLevel.id();
        String key = createIssueWithSecurityLevel.key();
        this.navigation.login("bob", "bob");
        this.tester.gotoPage("/secure/CreateSubTaskIssueDetails.jspa?issuetype=5&pid=10000&summary=test&parentIssueId=" + id + "&atl_token=" + this.page.getXsrfToken());
        this.textAssertions.assertTextPresent(PERMISSION_ERROR);
        MatcherAssert.assertThat(issueSubTaskClient.get(key), LangMatchers.isEmptyCollection());
    }

    private void assertActionIsInaccessibleToAnonymousUser(String str, String str2, String str3, boolean z) {
        this.navigation.logout();
        this.page.getFreshXsrfToken();
        if (str.equals(BROWSE_URL)) {
            this.tester.gotoPage("/browse/HSP-1?atl_token=" + this.page.getXsrfToken());
        } else {
            this.tester.gotoPage("/secure/" + str + "id=10000&atl_token=" + this.page.getXsrfToken());
        }
        if (z) {
            this.tester.assertTextPresent(str3);
            this.tester.assertLinkPresentWithText(SIGNUP);
        } else {
            this.tester.assertTextPresent(str3);
        }
        if (str2 != null) {
            assertActionNotPresent(str2);
        }
    }

    private void assertActionIsInaccessibleToUser(String str, String str2, String str3) {
        this.navigation.login("fred", "fred");
        if (str.equals(BROWSE_URL)) {
            this.tester.gotoPage("/browse/HSP-1?atl_token=" + this.page.getXsrfToken());
        } else {
            this.tester.gotoPage("/secure/" + str + "id=10000&atl_token=" + this.page.getXsrfToken());
        }
        this.tester.assertTextPresent(str3);
        this.tester.assertLinkNotPresentWithText(LOGIN);
        this.tester.assertLinkNotPresentWithText(SIGNUP);
        if (str2 != null) {
            assertActionNotPresent(str2);
        }
    }

    private void assertActionIsAccessibleToAdmin(String str, String str2, String str3) {
        this.navigation.login("admin", "admin");
        if (str.equals(BROWSE_URL)) {
            this.tester.gotoPage("/browse/HSP-1?atl_token=" + this.page.getXsrfToken());
        } else {
            this.tester.gotoPage("/secure/" + str + "id=10000&atl_token=" + this.page.getXsrfToken());
        }
        assertActionNotPresent(str3);
        this.tester.assertLinkNotPresentWithText(LOGIN);
        this.tester.assertLinkNotPresentWithText(SIGNUP);
        this.tester.assertTextPresent(str2);
    }

    private void assertActionIsInaccessibleToAdminForClosedIssue(String str, String str2, String str3) {
        this.navigation.login("admin", "admin");
        this.tester.gotoPage("/secure/" + str + "id=10020&atl_token=" + this.page.getXsrfToken());
        this.tester.assertTextPresent(str3);
        this.tester.assertLinkNotPresentWithText(LOGIN);
        this.tester.assertLinkNotPresentWithText(SIGNUP);
        assertActionNotPresent(str2);
    }

    private void assertActionNotPresent(String str) {
        if (this.tester.getDialog().getElement("stalker") != null) {
            Assert.assertFalse(this.tester.getDialog().getElement("stalker").getTextContent().contains(str));
        }
    }

    private void createSecuritySchemeAndAssignToProject() {
        this.backdoor.permissionSchemes().addUserPermission(0L, ProjectPermissions.SET_ISSUE_SECURITY, "admin");
        IssueSecuritySchemesControl issueSecuritySchemesControl = this.backdoor.issueSecuritySchemesControl();
        Long createScheme = issueSecuritySchemesControl.createScheme("scheme", TestProjectPermissionSchemeResource.SCHEME_DESC);
        issueSecuritySchemesControl.addUserToSecurityLevel(createScheme.longValue(), issueSecuritySchemesControl.addSecurityLevel(createScheme.longValue(), SECURITY_LEVEL, TestProjectPermissionSchemeResource.SCHEME_DESC).longValue(), "admin");
        this.backdoor.project().setIssueSecurityScheme(10000L, createScheme);
    }

    private IssueCreateResponse createIssueWithSecurityLevel() {
        IssueFields securityLevel = new IssueFields().securityLevel(ResourceRef.withName(SECURITY_LEVEL));
        IssuesControl issues = this.backdoor.issues();
        IssueCreateResponse createIssue = issues.createIssue("HSP", EditFieldConstants.SUMMARY);
        issues.setIssueFields(createIssue.key(), securityLevel);
        return createIssue;
    }
}
