package org.nuiton.wikitty.layers;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.nuiton.wikitty.FieldType;
import org.nuiton.wikitty.Wikitty;
import org.nuiton.wikitty.WikittyAuthorisationHelper;
import org.nuiton.wikitty.WikittyServiceInMemory;
import org.nuiton.wikitty.WikittyServiceSecurity;

/* loaded from: input_file:org/nuiton/wikitty/layers/WikittyServiceSecurityTest.class */
public class WikittyServiceSecurityTest extends AbstractWikittyServiceTest {
    private static final Log log = LogFactory.getLog(WikittyServiceSecurityTest.class);
    protected static final String APPADMIN_LOGIN = "root";
    protected static final String APPADMIN_PASSWORD = "toto";
    protected WikittyServiceSecurity securityService;
    protected String noRightsToken;
    protected String readerToken;
    protected String writerToken;
    protected String adminToken;
    protected String ownerToken;

    @Before
    public void setUpWikittyServiceSecurityTest() {
        this.securityService = new WikittyServiceSecurity(new WikittyServiceInMemory());
        this.service = this.securityService;
        this.token = this.service.login(APPADMIN_LOGIN, APPADMIN_PASSWORD);
        this.securityService.createAccount(this.token, "i have no rights", "");
        this.securityService.createAccount(this.token, "reader", "");
        this.securityService.createAccount(this.token, "writer", "");
        this.securityService.createAccount(this.token, "admin", "");
        this.securityService.createAccount(this.token, "owner", "");
        Wikitty addWikittyAuthorisation = this.securityService.addWikittyAuthorisation(this.token, this.extension);
        WikittyAuthorisationHelper.addReader(addWikittyAuthorisation, this.securityService.getUserWikittyId(this.token, "reader"));
        WikittyAuthorisationHelper.addWriter(addWikittyAuthorisation, this.securityService.getUserWikittyId(this.token, "writer"));
        WikittyAuthorisationHelper.addAdmin(addWikittyAuthorisation, this.securityService.getUserWikittyId(this.token, "admin"));
        WikittyAuthorisationHelper.setOwner(addWikittyAuthorisation, this.securityService.getUserWikittyId(this.token, "owner"));
        log.debug("initial wikitty rights" + addWikittyAuthorisation);
        this.service.store(this.token, addWikittyAuthorisation);
        log.debug("restored initial rights " + this.securityService.restoreExtensionAuthorisation(this.token, this.extension));
        this.service.logout(this.token);
        this.token = null;
        this.ownerToken = this.service.login("owner", "");
        this.adminToken = this.service.login("admin", "");
        this.writerToken = this.service.login("writer", "");
        this.readerToken = this.service.login("reader", "");
        this.noRightsToken = this.service.login("i have no rights", "");
    }

    @Test
    public void testInvalidToken() {
        try {
            this.service.store("INVALID TOKEN", this.aWikitty);
            Assert.fail();
        } catch (SecurityException e) {
        }
        this.token = this.service.login(APPADMIN_LOGIN, APPADMIN_PASSWORD);
        this.service.store(this.token, this.aWikitty);
        try {
            this.service.restore("INVALID TOKEN", this.aWikitty.getId());
            Assert.fail();
        } catch (SecurityException e2) {
        }
        try {
            this.service.logout("INVALID TOKEN");
            Assert.fail();
        } catch (SecurityException e3) {
        }
        this.service.logout(this.token);
        try {
            this.service.store(this.token, this.aWikitty);
            Assert.fail();
        } catch (SecurityException e4) {
        }
    }

    @Test
    @Ignore
    public void testReaderRightOnWikitty() {
    }

    @Test
    @Ignore
    public void checkReaderRightOnExtension() {
        try {
            this.service.store(this.noRightsToken, this.aWikitty);
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
            log.debug("creating a wikitty without rights", e);
        }
        try {
            this.service.restoreExtension(this.noRightsToken, this.extension.getId());
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e2) {
            log.debug("creating a wikitty without rights", e2);
        }
        try {
            this.service.restoreExtensionLastVersion(this.noRightsToken, this.extension.getName());
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e3) {
            log.debug("creating a wikitty without rights", e3);
        }
        try {
            this.service.store(this.readerToken, this.aWikitty);
            this.service.restoreExtension(this.readerToken, this.extension.getId());
            this.service.restoreExtensionLastVersion(this.readerToken, this.extension.getName());
        } catch (SecurityException e4) {
            Assert.fail("an exception has been raised");
        }
    }

    @Test
    @Ignore
    public void checkWriterRightOnExtension() {
        FieldType fieldType = new FieldType(FieldType.TYPE.STRING, 0, 1);
        this.service.restoreExtensionLastVersion(this.writerToken, this.extension.getName());
        this.extension.addField("new_field", fieldType);
        try {
            this.service.storeExtension(this.readerToken, this.extension);
            Assert.fail("an exception should have been raised");
        } catch (SecurityException e) {
        }
        try {
            this.service.storeExtension(this.writerToken, this.extension);
        } catch (SecurityException e2) {
            Assert.fail("an exception has been raised");
        }
    }

    @Test
    @Ignore
    public void checkAdminRightOnExtention() {
        Wikitty restoreExtensionAuthorisation = this.securityService.restoreExtensionAuthorisation(this.adminToken, this.extension);
        log.debug("initial rights " + restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.clearReader(restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.clearWriter(restoreExtensionAuthorisation);
        WikittyAuthorisationHelper.addWriter(restoreExtensionAuthorisation, "ID1");
        WikittyAuthorisationHelper.setOwner(restoreExtensionAuthorisation, "ID2");
        log.debug("will store rights " + restoreExtensionAuthorisation);
        this.service.store(this.adminToken, restoreExtensionAuthorisation);
        Wikitty restore = this.service.restore(this.adminToken, restoreExtensionAuthorisation.getId());
        log.debug("restored rights " + restore);
        Assert.assertTrue(WikittyAuthorisationHelper.getReader(restore).isEmpty());
        Assert.assertTrue(WikittyAuthorisationHelper.getWriter(restore).contains("ID1"));
        Assert.assertEquals(1L, WikittyAuthorisationHelper.getWriter(restore).size());
        Assert.assertFalse(WikittyAuthorisationHelper.getAdmin(restore).isEmpty());
        Assert.assertFalse(WikittyAuthorisationHelper.getOwner(restore).equals("ID2"));
    }

    @Test
    public void checkOwnerRightOnExtention() {
    }
}
