package org.camunda.bpm.engine.test.api.authorization;

import java.util.Collections;
import org.camunda.bpm.engine.AuthorizationService;
import org.camunda.bpm.engine.IdentityService;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.identity.Tenant;
import org.camunda.bpm.engine.test.ProcessEngineRule;
import org.camunda.bpm.engine.test.util.ProcessEngineTestRule;
import org.camunda.bpm.engine.test.util.ProvidedProcessEngineRule;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.RuleChain;

/* loaded from: input_file:org/camunda/bpm/engine/test/api/authorization/DefaultPermissionForTenantMemberTest.class */
public class DefaultPermissionForTenantMemberTest {
    protected static final String TENANT_ONE = "tenant1";
    protected static final String TENANT_TWO = "tenant2";
    protected static final String USER_ID = "user";
    protected static final String GROUP_ID = "group";
    protected AuthorizationService authorizationService;
    protected IdentityService identityService;
    protected ProcessEngineRule engineRule = new ProvidedProcessEngineRule();
    protected ProcessEngineTestRule testRule = new ProcessEngineTestRule(this.engineRule);

    @Rule
    public RuleChain ruleChain = RuleChain.outerRule(this.engineRule).around(this.testRule);

    @Before
    public void init() {
        this.identityService = this.engineRule.getIdentityService();
        this.authorizationService = this.engineRule.getAuthorizationService();
        createTenant(TENANT_ONE);
        this.identityService.saveUser(this.identityService.newUser(USER_ID));
        this.identityService.saveGroup(this.identityService.newGroup(GROUP_ID));
        this.engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
    }

    @After
    public void tearDown() {
        this.identityService.clearAuthentication();
        this.identityService.deleteUser(USER_ID);
        this.identityService.deleteGroup(GROUP_ID);
        this.identityService.deleteTenant(TENANT_ONE);
        this.identityService.deleteTenant(TENANT_TWO);
        this.engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(false);
    }

    @Test
    public void testCreateTenantUserMembership() {
        this.identityService.createTenantUserMembership(TENANT_ONE, USER_ID);
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{USER_ID}).resourceType(Resources.TENANT).resourceId(TENANT_ONE).hasPermission(Permissions.READ).count());
        this.identityService.setAuthenticatedUserId(USER_ID);
        Assert.assertEquals(TENANT_ONE, ((Tenant) this.identityService.createTenantQuery().singleResult()).getId());
    }

    @Test
    public void testCreateAndDeleteTenantUserMembership() {
        this.identityService.createTenantUserMembership(TENANT_ONE, USER_ID);
        this.identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID);
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{USER_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
        this.identityService.setAuthenticatedUserId(USER_ID);
        Assert.assertEquals(0L, this.identityService.createTenantQuery().count());
    }

    @Test
    public void testCreateAndDeleteTenantUserMembershipForMultipleTenants() {
        createTenant(TENANT_TWO);
        this.identityService.createTenantUserMembership(TENANT_ONE, USER_ID);
        this.identityService.createTenantUserMembership(TENANT_TWO, USER_ID);
        Assert.assertEquals(2L, this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{USER_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
        this.identityService.deleteTenantUserMembership(TENANT_ONE, USER_ID);
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().userIdIn(new String[]{USER_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
    }

    @Test
    public void testCreateTenantGroupMembership() {
        this.identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID);
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().groupIdIn(new String[]{GROUP_ID}).resourceType(Resources.TENANT).resourceId(TENANT_ONE).hasPermission(Permissions.READ).count());
        this.identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID));
        Assert.assertEquals(TENANT_ONE, ((Tenant) this.identityService.createTenantQuery().singleResult()).getId());
    }

    @Test
    public void testCreateAndDeleteTenantGroupMembership() {
        this.identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID);
        this.identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID);
        Assert.assertEquals(0L, this.authorizationService.createAuthorizationQuery().groupIdIn(new String[]{GROUP_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
        this.identityService.setAuthentication(USER_ID, Collections.singletonList(GROUP_ID));
        Assert.assertEquals(0L, this.identityService.createTenantQuery().count());
    }

    @Test
    public void testCreateAndDeleteTenantGroupMembershipForMultipleTenants() {
        createTenant(TENANT_TWO);
        this.identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ID);
        this.identityService.createTenantGroupMembership(TENANT_TWO, GROUP_ID);
        Assert.assertEquals(2L, this.authorizationService.createAuthorizationQuery().groupIdIn(new String[]{GROUP_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
        this.identityService.deleteTenantGroupMembership(TENANT_ONE, GROUP_ID);
        Assert.assertEquals(1L, this.authorizationService.createAuthorizationQuery().groupIdIn(new String[]{GROUP_ID}).resourceType(Resources.TENANT).hasPermission(Permissions.READ).count());
    }

    protected Tenant createTenant(String str) {
        Tenant newTenant = this.identityService.newTenant(str);
        this.identityService.saveTenant(newTenant);
        return newTenant;
    }
}
