package org.camunda.bpm.engine.test.api.authorization.history;

import java.util.Date;
import java.util.HashMap;
import java.util.List;
import org.apache.commons.lang3.time.DateUtils;
import org.camunda.bpm.engine.AuthorizationException;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.history.CleanableHistoricDecisionInstanceReportResult;
import org.camunda.bpm.engine.history.HistoricDecisionInstance;
import org.camunda.bpm.engine.history.HistoricDecisionInstanceQuery;
import org.camunda.bpm.engine.impl.util.ClockUtil;
import org.camunda.bpm.engine.repository.DecisionDefinition;
import org.camunda.bpm.engine.test.RequiredHistoryLevel;
import org.camunda.bpm.engine.test.api.authorization.AuthorizationTest;
import org.camunda.bpm.engine.variable.VariableMap;
import org.camunda.bpm.engine.variable.Variables;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;

@RequiredHistoryLevel("full")
/* loaded from: input_file:org/camunda/bpm/engine/test/api/authorization/history/HistoricDecisionInstanceAuthorizationTest.class */
public class HistoricDecisionInstanceAuthorizationTest extends AuthorizationTest {
    protected static final String PROCESS_KEY = "testProcess";
    protected static final String DECISION_DEFINITION_KEY = "testDecision";

    @Override // org.camunda.bpm.engine.test.api.authorization.AuthorizationTest
    public void setUp() throws Exception {
        this.deploymentId = createDeployment(null, "org/camunda/bpm/engine/test/history/HistoricDecisionInstanceTest.processWithBusinessRuleTask.bpmn20.xml", "org/camunda/bpm/engine/test/history/HistoricDecisionInstanceTest.decisionSingleOutput.dmn11.xml").getId();
        super.setUp();
    }

    @Override // org.camunda.bpm.engine.test.api.authorization.AuthorizationTest
    public void tearDown() {
        super.tearDown();
        deleteDeployment(this.deploymentId);
    }

    public void testQueryWithoutAuthorization() {
        startProcessInstanceAndEvaluateDecision();
        verifyQueryResults(this.historyService.createHistoricDecisionInstanceQuery(), 0);
    }

    public void testQueryWithReadPermissionOnDecisionDefinition() {
        startProcessInstanceAndEvaluateDecision();
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ_HISTORY);
        verifyQueryResults(this.historyService.createHistoricDecisionInstanceQuery(), 1);
    }

    public void testQueryWithReadPermissionOnAnyDecisionDefinition() {
        startProcessInstanceAndEvaluateDecision();
        createGrantAuthorization(Resources.DECISION_DEFINITION, "*", this.userId, Permissions.READ_HISTORY);
        verifyQueryResults(this.historyService.createHistoricDecisionInstanceQuery(), 1);
    }

    public void testQueryWithMultiple() {
        startProcessInstanceAndEvaluateDecision();
        createGrantAuthorization(Resources.DECISION_DEFINITION, "*", this.userId, Permissions.READ_HISTORY);
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ_HISTORY);
        verifyQueryResults(this.historyService.createHistoricDecisionInstanceQuery(), 1);
    }

    public void testDeleteHistoricDecisionInstanceWithoutAuthorization() {
        startProcessInstanceAndEvaluateDecision();
        try {
            this.historyService.deleteHistoricDecisionInstanceByDefinitionId(selectDecisionDefinitionByKey("testDecision").getId());
            fail("expect authorization exception");
        } catch (AuthorizationException e) {
            Assert.assertThat(e.getMessage(), CoreMatchers.is("The user with id 'test' does not have 'DELETE_HISTORY' permission on resource 'testDecision' of type 'DecisionDefinition'."));
        }
    }

    public void testDeleteHistoricDecisionInstanceWithDeleteHistoryPermissionOnDecisionDefinition() {
        startProcessInstanceAndEvaluateDecision();
        createGrantAuthorization(Resources.DECISION_DEFINITION, "*", this.userId, Permissions.DELETE_HISTORY);
        this.historyService.deleteHistoricDecisionInstanceByDefinitionId(selectDecisionDefinitionByKey("testDecision").getId());
        disableAuthorization();
        Assert.assertThat(Long.valueOf(this.historyService.createHistoricDecisionInstanceQuery().count()), CoreMatchers.is(0L));
        enableAuthorization();
    }

    public void testDeleteHistoricDecisionInstanceWithDeleteHistoryPermissionOnAnyDecisionDefinition() {
        startProcessInstanceAndEvaluateDecision();
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.DELETE_HISTORY);
        this.historyService.deleteHistoricDecisionInstanceByDefinitionId(selectDecisionDefinitionByKey("testDecision").getId());
        disableAuthorization();
        Assert.assertThat(Long.valueOf(this.historyService.createHistoricDecisionInstanceQuery().count()), CoreMatchers.is(0L));
        enableAuthorization();
    }

    public void testDeleteHistoricDecisionInstanceByInstanceIdWithoutAuthorization() {
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ_HISTORY);
        startProcessInstanceAndEvaluateDecision();
        try {
            this.historyService.deleteHistoricDecisionInstanceByInstanceId(((HistoricDecisionInstance) this.historyService.createHistoricDecisionInstanceQuery().includeInputs().includeOutputs().singleResult()).getId());
            fail("expect authorization exception");
        } catch (AuthorizationException e) {
            Assert.assertThat(e.getMessage(), CoreMatchers.is("The user with id 'test' does not have 'DELETE_HISTORY' permission on resource 'testDecision' of type 'DecisionDefinition'."));
        }
    }

    public void testDeleteHistoricDecisionInstanceByInstanceIdWithDeleteHistoryPermissionOnDecisionDefinition() {
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.DELETE_HISTORY, Permissions.READ_HISTORY);
        startProcessInstanceAndEvaluateDecision();
        HistoricDecisionInstanceQuery createHistoricDecisionInstanceQuery = this.historyService.createHistoricDecisionInstanceQuery();
        verifyQueryResults(createHistoricDecisionInstanceQuery, 1);
        this.historyService.deleteHistoricDecisionInstanceByInstanceId(((HistoricDecisionInstance) createHistoricDecisionInstanceQuery.includeInputs().includeOutputs().singleResult()).getId());
        verifyQueryResults(createHistoricDecisionInstanceQuery, 0);
    }

    public void testHistoryCleanupReportWithoutAuthorization() {
        prepareDecisionInstances("testDecision", -6, 5, 10);
        assertEquals(0, this.historyService.createCleanableHistoricDecisionInstanceReport().list().size());
    }

    public void testHistoryCleanupReportWithAuthorization() {
        prepareDecisionInstances("testDecision", -6, 5, 10);
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ, Permissions.READ_HISTORY);
        createGrantAuthorizationGroup(Resources.DECISION_DEFINITION, "testDecision", this.groupId, Permissions.READ, Permissions.READ_HISTORY);
        List list = this.historyService.createCleanableHistoricDecisionInstanceReport().list();
        assertEquals(1, list.size());
        assertEquals(10L, ((CleanableHistoricDecisionInstanceReportResult) list.get(0)).getCleanableDecisionInstanceCount());
        assertEquals(10L, ((CleanableHistoricDecisionInstanceReportResult) list.get(0)).getFinishedDecisionInstanceCount());
    }

    public void testHistoryCleanupReportWithReadPermissionOnly() {
        prepareDecisionInstances("testDecision", -6, 5, 10);
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ);
        assertEquals(0, this.historyService.createCleanableHistoricDecisionInstanceReport().list().size());
    }

    public void testHistoryCleanupReportWithReadHistoryPermissionOnly() {
        prepareDecisionInstances("testDecision", -6, 5, 10);
        createGrantAuthorization(Resources.DECISION_DEFINITION, "testDecision", this.userId, Permissions.READ_HISTORY);
        assertEquals(0, this.historyService.createCleanableHistoricDecisionInstanceReport().list().size());
    }

    protected void startProcessInstanceAndEvaluateDecision() {
        HashMap hashMap = new HashMap();
        hashMap.put("input1", null);
        startProcessInstanceByKey("testProcess", hashMap);
    }

    protected void prepareDecisionInstances(String str, int i, Integer num, int i2) {
        DecisionDefinition selectDecisionDefinitionByKey = selectDecisionDefinitionByKey(str);
        disableAuthorization();
        this.repositoryService.updateDecisionDefinitionHistoryTimeToLive(selectDecisionDefinitionByKey.getId(), num);
        enableAuthorization();
        Date currentTime = ClockUtil.getCurrentTime();
        ClockUtil.setCurrentTime(DateUtils.addDays(currentTime, i));
        VariableMap putValue = Variables.createVariables().putValue("input1", (Object) null);
        for (int i3 = 0; i3 < i2; i3++) {
            disableAuthorization();
            this.decisionService.evaluateDecisionByKey(str).variables(putValue).evaluate();
            enableAuthorization();
        }
        ClockUtil.setCurrentTime(currentTime);
    }
}
