package org.nuiton.wikitty.layers;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.nuiton.wikitty.FieldType;
import org.nuiton.wikitty.Wikitty;
import org.nuiton.wikitty.WikittyAuthorisationAbstract;
import org.nuiton.wikitty.WikittyAuthorisationHelper;
import org.nuiton.wikitty.WikittyAuthorisationImpl;
import org.nuiton.wikitty.WikittyProxy;
import org.nuiton.wikitty.WikittySecurityHelper;
import org.nuiton.wikitty.WikittyServiceInMemory;
import org.nuiton.wikitty.WikittyServiceSecurity;
import org.nuiton.wikitty.WikittyUserImpl;
import org.nuiton.wikitty.WikittyUtil;

/* loaded from: input_file:org/nuiton/wikitty/layers/WikittyServiceSecurityTest.class */
public class WikittyServiceSecurityTest extends AbstractWikittyServiceTest {
    private static final Log log = LogFactory.getLog(WikittyServiceSecurityTest.class);
    protected WikittyServiceSecurity securityService;
    protected String noRightsToken;
    protected String readerToken;
    protected String writerToken;
    protected String adminToken;
    protected String ownerToken;

    @Before
    public void setUpWikittyServiceSecurityTest() {
        this.securityService = new WikittyServiceSecurity(new WikittyServiceInMemory());
        this.service = this.securityService;
        this.token = null;
        WikittyProxy wikittyProxy = new WikittyProxy(this.securityService);
        wikittyProxy.setSecurityToken(this.token);
        WikittyUserImpl wikittyUserImpl = new WikittyUserImpl();
        wikittyUserImpl.setLogin("i have no rights");
        wikittyUserImpl.setPassword("");
        wikittyProxy.store(wikittyUserImpl);
        WikittyUserImpl wikittyUserImpl2 = new WikittyUserImpl();
        wikittyUserImpl2.setLogin("reader");
        wikittyUserImpl2.setPassword("");
        wikittyProxy.store(wikittyUserImpl2);
        WikittyUserImpl wikittyUserImpl3 = new WikittyUserImpl();
        wikittyUserImpl3.setLogin("writer");
        wikittyUserImpl3.setPassword("");
        wikittyProxy.store(wikittyUserImpl3);
        WikittyUserImpl wikittyUserImpl4 = new WikittyUserImpl();
        wikittyUserImpl4.setLogin("admin");
        wikittyUserImpl4.setPassword("");
        wikittyProxy.store(wikittyUserImpl4);
        WikittyUserImpl wikittyUserImpl5 = new WikittyUserImpl();
        wikittyUserImpl5.setLogin("owner");
        wikittyUserImpl5.setPassword("");
        wikittyProxy.store(wikittyUserImpl5);
        Wikitty createExtensionAuthorisation = WikittySecurityHelper.createExtensionAuthorisation(wikittyUserImpl5, this.extension);
        WikittyAuthorisationHelper.addReader(createExtensionAuthorisation, wikittyUserImpl2.getWikittyId());
        WikittyAuthorisationHelper.addWriter(createExtensionAuthorisation, wikittyUserImpl3.getWikittyId());
        WikittyAuthorisationHelper.addAdmin(createExtensionAuthorisation, wikittyUserImpl4.getWikittyId());
        WikittyAuthorisationHelper.setOwner(createExtensionAuthorisation, wikittyUserImpl5.getWikittyId());
        log.debug("initial wikitty rights" + createExtensionAuthorisation);
        this.securityService.storeExtension(this.token, this.extension);
        this.securityService.store(this.token, createExtensionAuthorisation);
        this.token = null;
        this.ownerToken = this.service.login("owner", "");
        this.adminToken = this.service.login("admin", "");
        this.writerToken = this.service.login("writer", "");
        this.readerToken = this.service.login("reader", "");
        this.noRightsToken = this.service.login("i have no rights", "");
        WikittyUserImpl wikittyUserImpl6 = new WikittyUserImpl();
        wikittyUserImpl6.setLogin("root");
        wikittyUserImpl6.setPassword("");
        wikittyProxy.store(wikittyUserImpl6);
        this.service.login("root", "");
        wikittyProxy.store(WikittySecurityHelper.createAppAdminGroup(wikittyUserImpl6));
    }

    @Test
    public void testInvalidToken() {
        String genSecurityTokenId = WikittyUtil.genSecurityTokenId();
        try {
            this.service.store(genSecurityTokenId, this.aWikitty);
            Assert.fail();
        } catch (SecurityException e) {
        }
        this.service.store(this.readerToken, this.aWikitty);
        try {
            this.service.restore(genSecurityTokenId, this.aWikitty.getId());
            Assert.fail();
        } catch (SecurityException e2) {
        }
        try {
            this.service.logout(genSecurityTokenId);
            Assert.fail();
        } catch (SecurityException e3) {
        }
        this.service.logout(this.readerToken);
        try {
            this.service.store(this.readerToken, this.aWikitty);
            Assert.fail();
        } catch (SecurityException e4) {
        }
    }

    @Test
    public void testReaderRightOnWikitty() {
        this.aWikitty.addExtension(WikittyAuthorisationAbstract.extensionWikittyAuthorisation);
        WikittyAuthorisationImpl wikittyAuthorisationImpl = new WikittyAuthorisationImpl(this.aWikitty);
        String userWikittyId = WikittySecurityHelper.getUserWikittyId(new WikittyProxy(this.securityService), "reader");
        wikittyAuthorisationImpl.clearReader();
        wikittyAuthorisationImpl.addReader(userWikittyId);
        log.debug("will store wikitty" + this.aWikitty);
        this.service.store(this.ownerToken, this.aWikitty);
        try {
            log.debug("restored wikitty is " + this.service.restore((String) null, this.aWikitty.getId()));
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
            log.info("raised exception : " + e);
        }
    }

    @Test
    public void testWriterRightOnWikitty() {
        this.aWikitty.addExtension(WikittyAuthorisationAbstract.extensionWikittyAuthorisation);
        WikittyAuthorisationImpl wikittyAuthorisationImpl = new WikittyAuthorisationImpl(this.aWikitty);
        this.service.store(this.ownerToken, this.aWikitty);
        String userWikittyId = WikittySecurityHelper.getUserWikittyId(new WikittyProxy(this.securityService), "admin");
        wikittyAuthorisationImpl.clearReader();
        wikittyAuthorisationImpl.clearWriter();
        wikittyAuthorisationImpl.clearAdmin();
        wikittyAuthorisationImpl.addAdmin(userWikittyId);
        log.debug("will store wikitty" + this.aWikitty);
        try {
            this.service.store(this.writerToken, this.aWikitty);
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
            log.info("raised exception : " + e);
        }
        Wikitty restore = this.service.restore((String) null, this.aWikitty.getId());
        log.debug("restored wikitty is " + restore);
        Assert.assertNotNull(restore);
    }

    @Test
    public void checkReaderRightOnExtension() {
        try {
            this.service.store(this.noRightsToken, this.aWikitty);
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
            log.debug("creating a wikitty without rights", e);
        }
        try {
            this.service.restoreExtension(this.noRightsToken, this.extension.getId());
        } catch (SecurityException e2) {
            Assert.fail("no exception should have been raised");
        }
        try {
            this.service.restoreExtensionLastVersion(this.noRightsToken, this.extension.getName());
        } catch (SecurityException e3) {
            Assert.fail("no exception should have been raised");
        }
        try {
            this.service.store(this.readerToken, this.aWikitty);
            this.service.restoreExtension(this.readerToken, this.extension.getId());
            this.service.restoreExtensionLastVersion(this.readerToken, this.extension.getName());
        } catch (SecurityException e4) {
            Assert.fail("an exception has been raised");
        }
    }

    @Test
    public void checkWriterRightOnExtension() {
        FieldType fieldType = new FieldType(FieldType.TYPE.STRING, 0, 1);
        this.service.restoreExtensionLastVersion(this.writerToken, this.extension.getName());
        this.extension.addField("new_field", fieldType);
        try {
            this.service.storeExtension(this.readerToken, this.extension);
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
        }
        try {
            this.service.storeExtension(this.writerToken, this.extension);
        } catch (SecurityException e2) {
            Assert.fail("an exception has been raised");
        }
    }

    @Test
    public void checkAdminRightOnExtension() {
        WikittyProxy wikittyProxy = new WikittyProxy(this.securityService);
        wikittyProxy.setSecurityToken(this.adminToken);
        Wikitty restoreExtensionAuthorisation = WikittySecurityHelper.restoreExtensionAuthorisation(wikittyProxy, this.extension);
        log.debug("initial rights " + restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.clearReader(restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.clearWriter(restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.addWriter(restoreExtensionAuthorisation, "ID1");
        WikittyAuthorisationHelper.setOwner(restoreExtensionAuthorisation, "ID2");
        log.debug("will store rights " + restoreExtensionAuthorisation);
        try {
            this.securityService.store(this.writerToken, restoreExtensionAuthorisation);
            Assert.fail("an exception should habe raised");
        } catch (SecurityException e) {
        }
        this.securityService.store(this.adminToken, restoreExtensionAuthorisation);
        Wikitty restoreExtensionAuthorisation2 = WikittySecurityHelper.restoreExtensionAuthorisation(wikittyProxy, this.extension);
        log.debug("restored rights " + restoreExtensionAuthorisation2);
        Assert.assertTrue(WikittyAuthorisationHelper.getReader(restoreExtensionAuthorisation2).isEmpty());
        Assert.assertTrue(WikittyAuthorisationHelper.getWriter(restoreExtensionAuthorisation2).contains("ID1"));
        Assert.assertEquals(1L, WikittyAuthorisationHelper.getWriter(restoreExtensionAuthorisation2).size());
        Assert.assertTrue(WikittyAuthorisationHelper.getOwner(restoreExtensionAuthorisation2).contains("ID2"));
    }
}
