package org.jahia.test.services.content.protection;

import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.Set;
import javax.jcr.RepositoryException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.jahia.exceptions.JahiaException;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.categories.Category;
import org.jahia.services.content.JCRCallback;
import org.jahia.services.content.JCRContentUtils;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRPublicationService;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.JCRTemplate;
import org.jahia.services.content.decorator.JCRSiteNode;
import org.jahia.services.content.decorator.JCRUserNode;
import org.jahia.services.sites.JahiaSite;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.test.JahiaTestCase;
import org.jahia.test.TestHelper;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/jahia/test/services/content/protection/JsonViewAccessTest.class */
public class JsonViewAccessTest extends JahiaTestCase {
    private static final String CATEGORY_NAME = "json-view-access-test-category";
    private static final String EDITOR_USER_NAME = "json-view-access-test-editor";
    private static String editorFilesPath;
    private static JahiaSite site;
    private static final String TESTSITE_NAME = "jsonViewAccessTest";
    private static final String USER_PASSWORD = "password";

    /* JADX INFO: Access modifiers changed from: private */
    public static void createCategories() throws JahiaException {
        Category createCategory = Category.createCategory(CATEGORY_NAME, (Category) null);
        Category createCategory2 = Category.createCategory("products", createCategory);
        Category.createCategory("DX", createCategory2);
        Category.createCategory("MF", createCategory2);
        Category.createCategory("FF", createCategory2);
        Category createCategory3 = Category.createCategory("services", createCategory);
        Category.createCategory("Training", createCategory3);
        Category.createCategory("Support", createCategory3);
    }

    private static void createContent() throws RepositoryException {
        JCRTemplate.getInstance().doExecute(EDITOR_USER_NAME, site.getSiteKey(), "default", Locale.ENGLISH, new JCRCallback<Boolean>() { // from class: org.jahia.test.services.content.protection.JsonViewAccessTest.1
            /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
            public Boolean m2838doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                JCRSiteNode node = jCRSessionWrapper.getNode(JsonViewAccessTest.site.getJCRLocalPath());
                JCRNodeWrapper addNode = node.getHome().addNode("page-a", "jnt:page");
                addNode.setProperty("jcr:title", "Page A");
                addNode.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode2 = addNode.addNode("sub-page-1", "jnt:page");
                addNode2.setProperty("jcr:title", "Subpage 1");
                addNode2.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode3 = addNode.addNode("sub-page-2", "jnt:page");
                addNode3.setProperty("jcr:title", "Subpage 2");
                addNode3.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode4 = node.getHome().addNode("page-b", "jnt:page");
                addNode4.setProperty("jcr:title", "Page B");
                addNode4.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode5 = node.getHome().addNode("label-c", "jnt:navMenuText");
                addNode5.setProperty("jcr:title", "Label C");
                JCRNodeWrapper addNode6 = addNode5.addNode("label-sub-page-1", "jnt:page");
                addNode6.setProperty("jcr:title", "Subpage under label 1");
                addNode6.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode7 = addNode5.addNode("label-sub-page-2", "jnt:page");
                addNode7.setProperty("jcr:title", "Subpage under label 2");
                addNode7.setProperty("j:templateName", "simple");
                JCRNodeWrapper addNode8 = node.getNode("files").addNode("folder-1", "jnt:folder");
                addNode8.uploadFile("text-1.txt", IOUtils.toInputStream("text-1"), "plain/text");
                addNode8.uploadFile("text-2.txt", IOUtils.toInputStream("text-2"), "plain/text");
                JCRNodeWrapper addNode9 = node.getNode("files").addNode("folder-2", "jnt:folder");
                addNode9.uploadFile("text-3.txt", IOUtils.toInputStream("text-3"), "plain/text");
                addNode9.uploadFile("text-4.txt", IOUtils.toInputStream("text-4"), "plain/text");
                jCRSessionWrapper.save();
                JCRPublicationService.getInstance().publishByMainId(node.getIdentifier(), "default", "live", (Set) null, true, (List) null);
                return null;
            }
        });
        JCRTemplate.getInstance().doExecuteWithSystemSession(new JCRCallback<Boolean>() { // from class: org.jahia.test.services.content.protection.JsonViewAccessTest.2
            /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
            public Boolean m2839doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                JCRNodeWrapper addNode = jCRSessionWrapper.getNode(ServicesRegistry.getInstance().getJahiaUserManagerService().getUserSplittingRule().getPathForUsername(JsonViewAccessTest.EDITOR_USER_NAME)).addNode("files", "jnt:folder");
                String unused = JsonViewAccessTest.editorFilesPath = addNode.getPath();
                JCRNodeWrapper addNode2 = addNode.addNode("folder-1", "jnt:folder");
                addNode2.uploadFile("text-1.txt", IOUtils.toInputStream("text-1"), "plain/text");
                addNode2.uploadFile("text-2.txt", IOUtils.toInputStream("text-2"), "plain/text");
                JCRNodeWrapper addNode3 = addNode.addNode("folder-2", "jnt:folder");
                addNode3.uploadFile("text-3.txt", IOUtils.toInputStream("text-3"), "plain/text");
                addNode3.uploadFile("text-4.txt", IOUtils.toInputStream("text-4"), "plain/text");
                jCRSessionWrapper.save();
                JCRPublicationService.getInstance().publishByMainId(addNode.getIdentifier(), "default", "live", (Set) null, true, (List) null);
                return null;
            }
        });
    }

    @BeforeClass
    public static void oneTimeSetUp() throws Exception {
        site = TestHelper.createSite(TESTSITE_NAME, "localhost" + System.currentTimeMillis(), TestHelper.INTRANET_TEMPLATES);
        Assert.assertNotNull(site);
        JCRTemplate.getInstance().doExecuteWithSystemSession(new JCRCallback<Boolean>() { // from class: org.jahia.test.services.content.protection.JsonViewAccessTest.3
            /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
            public Boolean m2840doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                JahiaUserManagerService.getInstance().createUser(JsonViewAccessTest.EDITOR_USER_NAME, (String) null, "password", new Properties(), jCRSessionWrapper);
                jCRSessionWrapper.save();
                jCRSessionWrapper.getNode(JsonViewAccessTest.site.getJCRLocalPath()).grantRoles("u:json-view-access-test-editor", Collections.singleton("editor"));
                jCRSessionWrapper.save();
                try {
                    JsonViewAccessTest.createCategories();
                    jCRSessionWrapper.save();
                    return null;
                } catch (JahiaException e) {
                    throw new RepositoryException(e);
                }
            }
        });
        createContent();
    }

    @AfterClass
    public static void oneTimeTearDown() throws Exception {
        JCRTemplate.getInstance().doExecuteWithSystemSession(new JCRCallback<Boolean>() { // from class: org.jahia.test.services.content.protection.JsonViewAccessTest.4
            /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
            public Boolean m2841doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                if (jCRSessionWrapper.nodeExists("/sites/systemsite/categories/json-view-access-test-category")) {
                    jCRSessionWrapper.getNode("/sites/systemsite/categories/json-view-access-test-category").remove();
                    jCRSessionWrapper.save();
                }
                JahiaUserManagerService jahiaUserManagerService = JahiaUserManagerService.getInstance();
                JCRUserNode lookupUser = jahiaUserManagerService.lookupUser(JsonViewAccessTest.EDITOR_USER_NAME, jCRSessionWrapper);
                if (lookupUser == null) {
                    return null;
                }
                jahiaUserManagerService.deleteUser(lookupUser.getPath(), jCRSessionWrapper);
                jCRSessionWrapper.save();
                return null;
            }
        });
        TestHelper.deleteSite(TESTSITE_NAME);
        JCRSessionFactory.getInstance().closeAllSessions();
    }

    private void checkAccess(String str, boolean z, String str2) throws IOException {
        String str3 = "/cms/render/live/en" + str;
        String asText = getAsText(str3, z ? 200 : 404);
        if (str2 != null) {
            Assert.assertTrue("Response content of the URL " + str3 + " does not contain expected text: " + str2, StringUtils.contains(asText, str2));
        }
    }

    private void checkHasAccess(String str, String str2) throws IOException {
        checkAccess(str, true, str2);
    }

    private void checkNoAccess(String str) throws IOException {
        checkAccess(str, false, "<title>404 - ");
    }

    @Test
    public void guestHasAccessInLiveToCategories() throws RepositoryException, IOException {
        String str = JCRContentUtils.getSystemSitePath() + "/categories/" + CATEGORY_NAME;
        for (String str2 : new String[]{"", "/products", "/services"}) {
            checkHasAccess(str + str2 + ".json", "\"jcr:created\"");
            checkHasAccess(str + str2 + ".tree.json", "\"path\":\"" + str + str2);
            checkHasAccess(str + str2 + ".treeItem.json", "\"path\":\"" + str + str2);
            checkHasAccess(str + str2 + ".treeRootItem.json", "\"path\":\"" + str + str2);
        }
        for (String str3 : new String[]{"/products/DX", "/services/Training"}) {
            checkHasAccess(str + str3 + ".json", "\"jcr:created\"");
            checkHasAccess(str + str3 + ".tree.json", null);
            checkHasAccess(str + str3 + ".treeItem.json", "\"path\":\"" + str + str3);
            checkHasAccess(str + str3 + ".treeRootItem.json", "\"path\":\"" + str + str3);
        }
    }

    @Test
    public void guestHasAccessInLiveToSiteFolders() throws RepositoryException, IOException {
        String jCRLocalPath = site.getJCRLocalPath();
        for (String str : new String[]{"/files", "/files/folder-1", "/files/folder-2"}) {
            checkHasAccess(jCRLocalPath + str + ".json", "\"jcr:created\"");
            checkHasAccess(jCRLocalPath + str + ".tree.json", "/files".equals(str) ? "\"path\":\"" + jCRLocalPath + str : "[]");
            checkHasAccess(jCRLocalPath + str + ".treeItem.json", "\"path\":\"" + jCRLocalPath + str);
            checkHasAccess(jCRLocalPath + str + ".treeRootItem.json", "\"path\":\"" + jCRLocalPath + str);
        }
    }

    @Test
    public void guestHasAccessInLiveToSitePages() throws RepositoryException, IOException {
        String jCRLocalPath = site.getJCRLocalPath();
        checkHasAccess(jCRLocalPath + ".treeRootItem.json", "\"path\":\"" + jCRLocalPath + "\"");
        for (String str : new String[]{"/home", "/home/page-a", "/home/label-c"}) {
            checkHasAccess(jCRLocalPath + str + ".json", "\"jcr:created\"");
            checkHasAccess(jCRLocalPath + str + ".tree.json", "\"path\":\"" + jCRLocalPath + str);
            checkHasAccess(jCRLocalPath + str + ".treeItem.json", "\"path\":\"" + jCRLocalPath + str);
            checkHasAccess(jCRLocalPath + str + ".treeRootItem.json", "\"path\":\"" + jCRLocalPath + str);
        }
        for (String str2 : new String[]{"/home/page-a/sub-page-1", "/home/label-c/label-sub-page-1"}) {
            checkHasAccess(jCRLocalPath + str2 + ".json", "\"jcr:created\"");
            checkHasAccess(jCRLocalPath + str2 + ".tree.json", null);
            checkHasAccess(jCRLocalPath + str2 + ".treeItem.json", "\"path\":\"" + jCRLocalPath + str2);
            checkHasAccess(jCRLocalPath + str2 + ".treeRootItem.json", "\"path\":\"" + jCRLocalPath + str2);
        }
    }

    @Test
    public void guestHasNoAccessInLiveToProtectedContent() throws RepositoryException, IOException {
        getAsText("/cms/render/live/en/j:acl.json", 401);
        getAsText("/cms/render/live/en/j:acl.tree.json", 401);
        getAsText("/cms/render/live/en/j:acl.treeItem.json", 401);
        getAsText("/cms/render/live/en/j:acl.treeRootItem.json", 401);
        for (String str : new String[]{"/jcr:system", "/imports", "/groups", "/modules", "/referencesKeeper", "/settings", "/sites", "/users"}) {
            checkNoAccess(str + ".json");
            checkNoAccess(str + ".tree.json");
            checkNoAccess(str + ".treeItem.json");
            checkNoAccess(str + ".treeRootItem.json");
        }
    }

    @Test
    public void guestHasNoAccessInLiveToSiteFiles() throws RepositoryException, IOException {
        String jCRLocalPath = site.getJCRLocalPath();
        for (String str : new String[]{"/files/folder-1/text-1.txt", "/files/folder-2/text-3.txt"}) {
            checkNoAccess(jCRLocalPath + str + ".json");
            checkNoAccess(jCRLocalPath + str + ".tree.json");
            checkNoAccess(jCRLocalPath + str + ".treeItem.json");
            checkNoAccess(jCRLocalPath + str + ".treeRootItem.json");
        }
    }

    @Test
    public void guestHasNoAccessInLiveToSiteProtectedContent() throws RepositoryException, IOException {
        String jCRLocalPath = site.getJCRLocalPath();
        checkNoAccess(jCRLocalPath + ".json");
        checkNoAccess(jCRLocalPath + ".tree.json");
        checkNoAccess(jCRLocalPath + ".treeItem.json");
        getAsText(jCRLocalPath + "/j:acl.json", 401);
        getAsText(jCRLocalPath + "/j:acl.tree.json", 401);
        getAsText(jCRLocalPath + "/j:acl.treeItem.json", 401);
        getAsText(jCRLocalPath + "/j:acl.treeRootItem.json", 401);
        for (String str : new String[]{"/contents", "/groups", "/users", "/home/listA", "/home/listA"}) {
            checkNoAccess(jCRLocalPath + str + ".json");
            checkNoAccess(jCRLocalPath + str + ".tree.json");
            checkNoAccess(jCRLocalPath + str + ".treeItem.json");
            checkNoAccess(jCRLocalPath + str + ".treeRootItem.json");
        }
    }

    @Test
    public void guestHasNoAccessInLiveToSiteUserFolders() throws RepositoryException, IOException {
        String str = editorFilesPath;
        for (String str2 : new String[]{"/files", "/files/folder-1", "/files/folder-2"}) {
            checkNoAccess(str + str2 + ".json");
            checkNoAccess(str + str2 + ".tree.json");
            checkNoAccess(str + str2 + ".treeItem.json");
            checkNoAccess(str + str2 + ".treeRootItem.json");
        }
    }

    @Test
    public void guestHasNoAccessInLiveToUserFilesAndFolder() throws RepositoryException, IOException {
        String str = editorFilesPath;
        for (String str2 : new String[]{"", "/folder-1", "/folder-2", "/folder-1/text-1.txt", "/folder-2/text-3.txt"}) {
            checkNoAccess(str + str2 + ".json");
            checkNoAccess(str + str2 + ".tree.json");
            checkNoAccess(str + str2 + ".treeItem.json");
            checkNoAccess(str + str2 + ".treeRootItem.json");
        }
    }
}
