package com.atlassian.jira.webtests.ztests.misc;

import com.atlassian.integrationtesting.runner.restore.RestoreOnce;
import com.atlassian.jira.functest.framework.BaseJiraFuncTest;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.security.PublicAccessPermissionManager;
import com.atlassian.jira.testkit.client.model.FeatureFlag;
import com.atlassian.sal.api.user.UserRole;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import org.assertj.core.api.Assertions;
import org.junit.After;
import org.junit.Test;

@RestoreOnce("blankprojects.xml")
@WebTest({Category.FUNC_TEST, Category.FILTERS, Category.HTTP, Category.SECURITY})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/misc/TestStrongerDefaultsCoreServlet.class */
public class TestStrongerDefaultsCoreServlet extends BaseJiraFuncTest {
    private static final FeatureFlag PUBLIC_ACCESS_FEATURE_FLAG = FeatureFlag.featureFlag(PublicAccessPermissionManager.PUBLIC_ACCESS.featureKey());

    @After
    public void tearDown() {
        this.backdoor.darkFeatures().resetForSite(PUBLIC_ACCESS_FEATURE_FLAG);
    }

    @Test
    public void testServletIsAccessibleForAnonymousWhenPublicAccessIsEnabled() {
        this.backdoor.darkFeatures().enableForSite(PUBLIC_ACCESS_FEATURE_FLAG);
        accessServletAnonymously();
        this.assertions.text().assertTextPresent("<summary>" + TestStrongerDefaultsCoreServlet.class.getName() + "</summary>");
    }

    @Test
    public void testServletIsNotAccessibleForAnonymousWhenPublicAccessIsDisabled() {
        this.backdoor.darkFeatures().disableForSite(PUBLIC_ACCESS_FEATURE_FLAG);
        Assertions.assertThat(this.navigation.getCurrentPage()).contains(new CharSequence[]{"/login.jsp?"}).contains(new CharSequence[]{"permissionViolation=true"}).contains(new CharSequence[]{"os_destination=" + URLEncoder.encode(accessServletAnonymously(), StandardCharsets.UTF_8)}).contains(new CharSequence[]{"user_role=" + UserRole.USER});
    }

    private String accessServletAnonymously() {
        String servletUrl = getServletUrl(this.backdoor.issues().createIssue("HSP", TestStrongerDefaultsCoreServlet.class.getName()).key());
        this.backdoor.permissionSchemes().addEveryonePermission(0L, ProjectPermissions.BROWSE_PROJECTS);
        this.navigation.logout();
        this.navigation.gotoPage(servletUrl);
        return servletUrl;
    }

    private static String getServletUrl(String str) {
        return "/si/jira.issueviews:issue-xml/" + str + "/" + str + ".xml";
    }
}
