package org.nuxeo.ecm.core.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.nuxeo.ecm.core.CoreUTConstants;
import org.nuxeo.ecm.core.NXCore;
import org.nuxeo.ecm.core.api.impl.UserPrincipal;
import org.nuxeo.ecm.core.api.security.PermissionProvider;
import org.nuxeo.ecm.core.api.security.UserVisiblePermission;
import org.nuxeo.runtime.test.NXRuntimeTestCase;

/* loaded from: input_file:org/nuxeo/ecm/core/security/TestSecurityService.class */
public class TestSecurityService extends NXRuntimeTestCase {
    private SecurityService service;

    public void setUp() throws Exception {
        deployContrib(CoreUTConstants.CORE_BUNDLE, "OSGI-INF/SecurityService.xml");
        deployContrib(CoreUTConstants.CORE_BUNDLE, "OSGI-INF/permissions-contrib.xml");
    }

    protected void postSetUp() throws Exception {
        this.service = NXCore.getSecurityService();
    }

    public void tearDown() throws Exception {
        this.service = null;
    }

    @Test
    public void testGetPermissionsToCheck() {
        List asList = Arrays.asList(this.service.getPermissionsToCheck("Read"));
        Assert.assertEquals(4L, asList.size());
        Assert.assertTrue(asList.contains("Read"));
        Assert.assertTrue(asList.contains("Everything"));
    }

    @Test
    public void testDefaultPermissions() {
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        String[] permissionGroups = permissionProvider.getPermissionGroups("Read");
        Assert.assertNotNull(permissionGroups);
        Assert.assertEquals(Arrays.asList("ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups));
        String[] permissionGroups2 = permissionProvider.getPermissionGroups("ReadProperties");
        Assert.assertNotNull(permissionGroups2);
        Assert.assertEquals(Arrays.asList("Read", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups2));
        String[] permissionGroups3 = permissionProvider.getPermissionGroups("ReadChildren");
        Assert.assertNotNull(permissionGroups3);
        Assert.assertEquals(Arrays.asList("Read", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups3));
        String[] permissionGroups4 = permissionProvider.getPermissionGroups("Browse");
        Assert.assertNotNull(permissionGroups4);
        Assert.assertEquals(Arrays.asList("Read", "ReadProperties", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups4));
    }

    protected List<String> permStrings(List<UserVisiblePermission> list) {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<UserVisiblePermission> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getPermission());
        }
        return arrayList;
    }

    @Test
    public void testDefaultVisiblePermission() throws Exception {
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        List<UserVisiblePermission> userVisiblePermissionDescriptors = permissionProvider.getUserVisiblePermissionDescriptors();
        Assert.assertNotNull(userVisiblePermissionDescriptors);
        Assert.assertEquals(Arrays.asList("Read", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors));
        List<UserVisiblePermission> userVisiblePermissionDescriptors2 = permissionProvider.getUserVisiblePermissionDescriptors("Section");
        Assert.assertNotNull(userVisiblePermissionDescriptors2);
        Assert.assertEquals(Arrays.asList("Read", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors2));
        List<UserVisiblePermission> userVisiblePermissionDescriptors3 = permissionProvider.getUserVisiblePermissionDescriptors("Workspace");
        Assert.assertNotNull(userVisiblePermissionDescriptors3);
        Assert.assertEquals(Arrays.asList("Read", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors3));
    }

    @Test
    public void testOverridedPermissions1() throws Exception {
        pushInlineDeployments(new String[]{"org.nuxeo.ecm.core.tests:permissions-override1-contrib.xml"});
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        String[] permissionGroups = permissionProvider.getPermissionGroups("Read");
        Assert.assertNotNull(permissionGroups);
        Assert.assertEquals(Arrays.asList("CustomCompoundPerm", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups));
        String[] permissionGroups2 = permissionProvider.getPermissionGroups("ReadProperties");
        Assert.assertNotNull(permissionGroups2);
        Assert.assertEquals(Arrays.asList("CustomCompoundPerm", "Read", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups2));
        String[] permissionGroups3 = permissionProvider.getPermissionGroups("ReadChildren");
        Assert.assertNotNull(permissionGroups3);
        Assert.assertEquals(Arrays.asList("CustomCompoundPerm", "Read", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups3));
        String[] permissionGroups4 = permissionProvider.getPermissionGroups("Browse");
        Assert.assertNotNull(permissionGroups4);
        Assert.assertEquals(Arrays.asList("CustomCompoundPerm", "Read", "ReadProperties", "ReadRemove", "ReadWrite"), Arrays.asList(permissionGroups4));
        Assert.assertNull(permissionProvider.getPermissionGroups("CustomCompoundPerm"));
        String[] permissionGroups5 = permissionProvider.getPermissionGroups("CustomAtomicPerm");
        Assert.assertNotNull(permissionGroups5);
        Assert.assertEquals(Arrays.asList("CustomCompoundPerm"), Arrays.asList(permissionGroups5));
    }

    @Test
    public void testOverridedVisiblePermission1() throws Exception {
        pushInlineDeployments(new String[]{"org.nuxeo.ecm.core.tests:permissions-override1-contrib.xml"});
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        List<UserVisiblePermission> userVisiblePermissionDescriptors = permissionProvider.getUserVisiblePermissionDescriptors();
        Assert.assertNotNull(userVisiblePermissionDescriptors);
        Assert.assertEquals(Arrays.asList("Read", "CustomCompoundPerm", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors));
        List<UserVisiblePermission> userVisiblePermissionDescriptors2 = permissionProvider.getUserVisiblePermissionDescriptors("Section");
        Assert.assertNotNull(userVisiblePermissionDescriptors2);
        Assert.assertEquals(Arrays.asList("Read", "CustomCompoundPerm", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors2));
        List<UserVisiblePermission> userVisiblePermissionDescriptors3 = permissionProvider.getUserVisiblePermissionDescriptors("Workspace");
        Assert.assertNotNull(userVisiblePermissionDescriptors3);
        Assert.assertEquals(Arrays.asList("Read", "CustomCompoundPerm", "ReadWrite", "Everything"), permStrings(userVisiblePermissionDescriptors3));
    }

    @Test
    public void testOverriddenPermissions2() throws Exception {
        pushInlineDeployments(new String[]{"org.nuxeo.ecm.core.tests:permissions-override2-contrib.xml"});
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        testDefaultPermissions();
        Assert.assertNull(permissionProvider.getPermissionGroups("CustomCompoundPerm"));
        String[] permissionGroups = permissionProvider.getPermissionGroups("CustomAtomicPerm");
        Assert.assertNotNull(permissionGroups);
        Assert.assertEquals(Arrays.asList("ReadWrite", "Write"), Arrays.asList(permissionGroups));
    }

    @Test
    public void testOverridedVisiblePermission2() throws Exception {
        pushInlineDeployments(new String[]{"org.nuxeo.ecm.core.tests:permissions-override2-contrib.xml"});
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        List<UserVisiblePermission> userVisiblePermissionDescriptors = permissionProvider.getUserVisiblePermissionDescriptors();
        Assert.assertNotNull(userVisiblePermissionDescriptors);
        Assert.assertEquals(Arrays.asList("Write", "Read", "Everything"), permStrings(userVisiblePermissionDescriptors));
        List<UserVisiblePermission> userVisiblePermissionDescriptors2 = permissionProvider.getUserVisiblePermissionDescriptors("Section");
        Assert.assertNotNull(userVisiblePermissionDescriptors2);
        Assert.assertEquals(Arrays.asList("Write", "Read", "Everything"), permStrings(userVisiblePermissionDescriptors2));
        List<UserVisiblePermission> userVisiblePermissionDescriptors3 = permissionProvider.getUserVisiblePermissionDescriptors("Workspace");
        Assert.assertNotNull(userVisiblePermissionDescriptors3);
        Assert.assertEquals(Arrays.asList("Write", "Read", "Everything"), permStrings(userVisiblePermissionDescriptors3));
    }

    @Test
    public void testOverridedVisiblePermission3() throws Exception {
        pushInlineDeployments(new String[]{"org.nuxeo.ecm.core.tests:permissions-override3-contrib.xml"});
        PermissionProvider permissionProvider = this.service.getPermissionProvider();
        List<UserVisiblePermission> userVisiblePermissionDescriptors = permissionProvider.getUserVisiblePermissionDescriptors();
        Assert.assertNotNull(userVisiblePermissionDescriptors);
        Assert.assertEquals(Arrays.asList("Write", "Read", "Everything"), permStrings(userVisiblePermissionDescriptors));
        List<UserVisiblePermission> userVisiblePermissionDescriptors2 = permissionProvider.getUserVisiblePermissionDescriptors("Section");
        Assert.assertNotNull(userVisiblePermissionDescriptors2);
        Assert.assertEquals(Arrays.asList("Write", "Everything", "Read"), permStrings(userVisiblePermissionDescriptors2));
        List<UserVisiblePermission> userVisiblePermissionDescriptors3 = permissionProvider.getUserVisiblePermissionDescriptors("Workspace");
        Assert.assertNotNull(userVisiblePermissionDescriptors3);
        Assert.assertEquals(Arrays.asList("Write", "Read", "Everything"), permStrings(userVisiblePermissionDescriptors3));
    }

    @Test
    public void testPermissionsVsDeny() throws Exception {
        List userVisiblePermissionDescriptors = this.service.getPermissionProvider().getUserVisiblePermissionDescriptors();
        Assert.assertNotNull(userVisiblePermissionDescriptors);
        UserVisiblePermission userVisiblePermission = null;
        Iterator it = userVisiblePermissionDescriptors.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            UserVisiblePermission userVisiblePermission2 = (UserVisiblePermission) it.next();
            if (userVisiblePermission2.getId().equals("ReadWrite")) {
                userVisiblePermission = userVisiblePermission2;
                break;
            }
        }
        Assert.assertNotNull(userVisiblePermission);
        Assert.assertEquals("Write", userVisiblePermission.getDenyPermission());
        Assert.assertEquals("ReadWrite", userVisiblePermission.getPermission());
    }

    @Test
    public void testGetPrincipalsToCheck() {
        String[] principalsToCheck = SecurityService.getPrincipalsToCheck(new UserPrincipal("bob", Arrays.asList("vps", "males"), false, false));
        Assert.assertEquals(4L, principalsToCheck.length);
        Assert.assertTrue(Arrays.asList(principalsToCheck).contains("bob"));
        Assert.assertTrue(Arrays.asList(principalsToCheck).contains("vps"));
        Assert.assertTrue(Arrays.asList(principalsToCheck).contains("males"));
        Assert.assertTrue(Arrays.asList(principalsToCheck).contains("Everyone"));
    }
}
