package org.camunda.bpm.engine.test.api.identity;

import java.util.Iterator;
import java.util.List;
import org.camunda.bpm.engine.AuthorizationService;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.BatchPermissions;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.ProcessDefinitionPermissions;
import org.camunda.bpm.engine.authorization.ProcessInstancePermissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl;
import org.camunda.bpm.engine.test.ProcessEngineRule;
import org.camunda.bpm.engine.test.util.ProvidedProcessEngineRule;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

/* loaded from: input_file:org/camunda/bpm/engine/test/api/identity/AuthorizationQueryAuthorizationsTest.class */
public class AuthorizationQueryAuthorizationsTest {

    @Rule
    public ProcessEngineRule engineRule = new ProvidedProcessEngineRule();

    @Rule
    public ExpectedException thrown = ExpectedException.none();
    protected AuthorizationService authorizationService;
    protected ProcessEngineConfigurationImpl processEngineConfiguration;

    @Before
    public void init() {
        this.processEngineConfiguration = this.engineRule.getProcessEngineConfiguration();
        this.authorizationService = this.engineRule.getAuthorizationService();
    }

    @After
    public void tearDown() {
        this.processEngineConfiguration.setAuthorizationEnabled(false);
        cleanupAfterTest();
    }

    @Test
    public void testQuerySingleCorrectPermission() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.PROCESS_DEFINITION);
        createNewAuthorization.addPermission(Permissions.READ);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.PROCESS_DEFINITION).singleResult());
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).count());
    }

    @Test
    public void testQuerySingleIncorrectPermission() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.BATCH);
        createNewAuthorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.BATCH).singleResult());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().hasPermission(Permissions.CREATE_INSTANCE).count());
    }

    @Test
    public void testQueryPermissionsWithWrongResource() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.APPLICATION);
        createNewAuthorization.addPermission(Permissions.ACCESS);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.APPLICATION).singleResult());
        Authorization authorization = (Authorization) this.authorizationService.createAuthorizationQuery().hasPermission(Permissions.ACCESS).singleResult();
        List list = this.authorizationService.createAuthorizationQuery().hasPermission(ProcessDefinitionPermissions.RETRY_JOB).list();
        List list2 = this.authorizationService.createAuthorizationQuery().hasPermission(ProcessInstancePermissions.RETRY_JOB).list();
        Assert.assertNotNull(authorization);
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().hasPermission(Permissions.ACCESS).count());
        Assert.assertTrue(list.isEmpty());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().hasPermission(ProcessDefinitionPermissions.RETRY_JOB).count());
        Assert.assertTrue(list2.isEmpty());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().hasPermission(ProcessInstancePermissions.RETRY_JOB).count());
    }

    @Test
    public void testQueryPermissionWithMixedResource() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.APPLICATION);
        createNewAuthorization.addPermission(Permissions.ACCESS);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.APPLICATION).singleResult());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().resourceType(Resources.BATCH).hasPermission(Permissions.ACCESS).count());
    }

    @Test
    public void testQueryPermissionsWithMixedResource() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.PROCESS_DEFINITION);
        createNewAuthorization.addPermission(Permissions.READ);
        createNewAuthorization.addPermission(ProcessDefinitionPermissions.RETRY_JOB);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.PROCESS_DEFINITION).singleResult());
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().resourceType(Resources.PROCESS_DEFINITION).hasPermission(ProcessDefinitionPermissions.READ).hasPermission(ProcessDefinitionPermissions.RETRY_JOB).count());
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().resourceType(Resources.PROCESS_DEFINITION).hasPermission(ProcessDefinitionPermissions.READ).count());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().resourceType(Resources.PROCESS_DEFINITION).hasPermission(Permissions.READ).hasPermission(Permissions.ACCESS).count());
    }

    @Test
    public void testQueryCorrectAndIncorrectPersmission() throws Exception {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId("userId");
        createNewAuthorization.setResource(Resources.PROCESS_DEFINITION);
        createNewAuthorization.addPermission(Permissions.READ);
        createNewAuthorization.addPermission(ProcessDefinitionPermissions.RETRY_JOB);
        createNewAuthorization.setResourceId("*");
        this.authorizationService.saveAuthorization(createNewAuthorization);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        Assert.assertNotNull((Authorization) this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{"userId"}).resourceType(Resources.PROCESS_DEFINITION).singleResult());
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).hasPermission(Permissions.ACCESS).count());
    }

    protected void cleanupAfterTest() {
        Iterator it = this.authorizationService.createAuthorizationQuery().list().iterator();
        while (it.hasNext()) {
            this.authorizationService.deleteAuthorization(((Authorization) it.next()).getId());
        }
    }
}
