package org.camunda.bpm.engine.test.api.authorization;

import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import org.camunda.bpm.engine.ProcessEngineException;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Permission;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resource;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.identity.Group;
import org.camunda.bpm.engine.identity.User;
import org.camunda.bpm.engine.impl.identity.Authentication;
import org.camunda.bpm.engine.query.Query;
import org.camunda.bpm.engine.repository.DecisionDefinition;
import org.camunda.bpm.engine.repository.Deployment;
import org.camunda.bpm.engine.repository.DeploymentBuilder;
import org.camunda.bpm.engine.repository.ProcessDefinition;
import org.camunda.bpm.engine.runtime.CaseInstance;
import org.camunda.bpm.engine.runtime.Job;
import org.camunda.bpm.engine.runtime.ProcessInstance;
import org.camunda.bpm.engine.task.Task;
import org.camunda.bpm.engine.test.util.PluggableProcessEngineTest;
import org.camunda.bpm.engine.variable.VariableMap;
import org.camunda.bpm.engine.variable.Variables;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;

/* loaded from: input_file:org/camunda/bpm/engine/test/api/authorization/AuthorizationTest.class */
public abstract class AuthorizationTest extends PluggableProcessEngineTest {
    protected String userId = "test";
    protected String groupId = "accounting";
    protected User user;
    protected Group group;
    protected static final String VARIABLE_NAME = "aVariableName";
    protected static final String VARIABLE_VALUE = "aVariableValue";

    @Before
    public void setUp() throws Exception {
        this.user = createUser(this.userId);
        this.group = createGroup(this.groupId);
        this.identityService.createMembership(this.userId, this.groupId);
        this.identityService.setAuthentication(this.userId, Arrays.asList(this.groupId));
        this.processEngineConfiguration.setAuthorizationEnabled(true);
    }

    @After
    public void tearDown() {
        this.processEngineConfiguration.setAuthorizationEnabled(false);
        Iterator it = this.identityService.createUserQuery().list().iterator();
        while (it.hasNext()) {
            this.identityService.deleteUser(((User) it.next()).getId());
        }
        Iterator it2 = this.identityService.createGroupQuery().list().iterator();
        while (it2.hasNext()) {
            this.identityService.deleteGroup(((Group) it2.next()).getId());
        }
        Iterator it3 = this.authorizationService.createAuthorizationQuery().list().iterator();
        while (it3.hasNext()) {
            this.authorizationService.deleteAuthorization(((Authorization) it3.next()).getId());
        }
    }

    protected <T> T runWithoutAuthorization(Callable<T> callable) {
        boolean isAuthorizationEnabled = this.processEngineConfiguration.isAuthorizationEnabled();
        try {
            try {
                disableAuthorization();
                T call = callable.call();
                if (isAuthorizationEnabled) {
                    enableAuthorization();
                }
                return call;
            } catch (RuntimeException e) {
                throw e;
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th) {
            if (isAuthorizationEnabled) {
                enableAuthorization();
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public User createUser(String str) {
        User newUser = this.identityService.newUser(str);
        this.identityService.saveUser(newUser);
        Authorization createGrantAuthorization = createGrantAuthorization(Resources.AUTHORIZATION, "*");
        createGrantAuthorization.setUserId(str);
        createGrantAuthorization.addPermission(Permissions.ALL);
        saveAuthorization(createGrantAuthorization);
        Authorization createGrantAuthorization2 = createGrantAuthorization(Resources.USER, "*");
        createGrantAuthorization2.setUserId(str);
        createGrantAuthorization2.addPermission(Permissions.ALL);
        saveAuthorization(createGrantAuthorization2);
        return newUser;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Group createGroup(String str) {
        return (Group) runWithoutAuthorization(() -> {
            Group newGroup = this.identityService.newGroup(str);
            this.identityService.saveGroup(newGroup);
            return newGroup;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Authorization createGrantAuthorization(Resource resource, String str, String str2, Permission... permissionArr) {
        Authorization createGrantAuthorization = createGrantAuthorization(resource, str);
        createGrantAuthorization.setUserId(str2);
        for (Permission permission : permissionArr) {
            createGrantAuthorization.addPermission(permission);
        }
        saveAuthorization(createGrantAuthorization);
        return createGrantAuthorization;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Authorization createGrantAuthorizationWithoutAuthentication(Resource resource, String str, String str2, Permission... permissionArr) {
        Authentication currentAuthentication = this.identityService.getCurrentAuthentication();
        this.identityService.clearAuthentication();
        try {
            Authorization createGrantAuthorization = createGrantAuthorization(resource, str, str2, permissionArr);
            this.identityService.setAuthentication(currentAuthentication);
            return createGrantAuthorization;
        } catch (Throwable th) {
            this.identityService.setAuthentication(currentAuthentication);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createGrantAuthorizationGroup(Resource resource, String str, String str2, Permission... permissionArr) {
        Authorization createGrantAuthorization = createGrantAuthorization(resource, str);
        createGrantAuthorization.setGroupId(str2);
        for (Permission permission : permissionArr) {
            createGrantAuthorization.addPermission(permission);
        }
        saveAuthorization(createGrantAuthorization);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createRevokeAuthorizationWithoutAuthentication(Resource resource, String str, String str2, Permission... permissionArr) {
        Authentication currentAuthentication = this.identityService.getCurrentAuthentication();
        this.identityService.clearAuthentication();
        try {
            createRevokeAuthorization(resource, str, str2, permissionArr);
            this.identityService.setAuthentication(currentAuthentication);
        } catch (Throwable th) {
            this.identityService.setAuthentication(currentAuthentication);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createRevokeAuthorization(Resource resource, String str, String str2, Permission... permissionArr) {
        Authorization createRevokeAuthorization = createRevokeAuthorization(resource, str);
        createRevokeAuthorization.setUserId(str2);
        for (Permission permission : permissionArr) {
            createRevokeAuthorization.removePermission(permission);
        }
        saveAuthorization(createRevokeAuthorization);
    }

    protected Authorization createGlobalAuthorization(Resource resource, String str) {
        return createAuthorization(0, resource, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Authorization createGrantAuthorization(Resource resource, String str) {
        return createAuthorization(1, resource, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Authorization createRevokeAuthorization(Resource resource, String str) {
        return createAuthorization(2, resource, str);
    }

    protected Authorization createAuthorization(int i, Resource resource, String str) {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(i);
        createNewAuthorization.setResource(resource);
        if (str != null) {
            createNewAuthorization.setResourceId(str);
        }
        return createNewAuthorization;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveAuthorization(Authorization authorization) {
        this.authorizationService.saveAuthorization(authorization);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void enableAuthorization() {
        this.processEngineConfiguration.setAuthorizationEnabled(true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void disableAuthorization() {
        this.processEngineConfiguration.setAuthorizationEnabled(false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProcessInstance startProcessInstanceByKey(String str) {
        return startProcessInstanceByKey(str, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProcessInstance startProcessInstanceByKey(String str, Map<String, Object> map) {
        return (ProcessInstance) runWithoutAuthorization(() -> {
            return this.runtimeService.startProcessInstanceByKey(str, map);
        });
    }

    public void executeAvailableJobs() {
        runWithoutAuthorization(() -> {
            this.testRule.executeAvailableJobs();
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CaseInstance createCaseInstanceByKey(String str, Map<String, Object> map) {
        return (CaseInstance) runWithoutAuthorization(() -> {
            return this.caseService.createCaseInstanceByKey(str, map);
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createTask(String str) {
        runWithoutAuthorization(() -> {
            this.taskService.saveTask(this.taskService.newTask(str));
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deleteTask(String str, boolean z) {
        runWithoutAuthorization(() -> {
            this.taskService.deleteTask(str, z);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCandidateUser(String str, String str2) {
        runWithoutAuthorization(() -> {
            this.taskService.addCandidateUser(str, str2);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCandidateGroup(String str, String str2) {
        runWithoutAuthorization(() -> {
            this.taskService.addCandidateGroup(str, str2);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setAssignee(String str, String str2) {
        runWithoutAuthorization(() -> {
            this.taskService.setAssignee(str, str2);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void delegateTask(String str, String str2) {
        runWithoutAuthorization(() -> {
            this.taskService.delegateTask(str, str2);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Task selectSingleTask() {
        return (Task) runWithoutAuthorization(() -> {
            return (Task) this.taskService.createTaskQuery().singleResult();
        });
    }

    protected void setTaskVariables(String str, Map<String, ? extends Object> map) {
        runWithoutAuthorization(() -> {
            this.taskService.setVariables(str, map);
            return null;
        });
    }

    protected void setTaskVariablesLocal(String str, Map<String, ? extends Object> map) {
        runWithoutAuthorization(() -> {
            this.taskService.setVariablesLocal(str, map);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setTaskVariable(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.taskService.setVariable(str, str2, obj);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setTaskVariableLocal(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.taskService.setVariableLocal(str, str2, obj);
            return null;
        });
    }

    protected void setExecutionVariable(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.runtimeService.setVariable(str, str2, obj);
            return null;
        });
    }

    protected void setExecutionVariableLocal(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.runtimeService.setVariableLocal(str, str2, obj);
            return null;
        });
    }

    protected void setCaseVariable(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.caseService.setVariable(str, str2, obj);
            return null;
        });
    }

    protected void setCaseVariableLocal(String str, String str2, Object obj) {
        runWithoutAuthorization(() -> {
            this.caseService.setVariableLocal(str, str2, obj);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProcessDefinition selectProcessDefinitionByKey(String str) {
        return (ProcessDefinition) runWithoutAuthorization(() -> {
            return (ProcessDefinition) this.repositoryService.createProcessDefinitionQuery().processDefinitionKey(str).singleResult();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProcessInstance selectSingleProcessInstance() {
        return (ProcessInstance) runWithoutAuthorization(() -> {
            return (ProcessInstance) this.runtimeService.createProcessInstanceQuery().singleResult();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendProcessDefinitionByKey(String str) {
        runWithoutAuthorization(() -> {
            this.repositoryService.suspendProcessDefinitionByKey(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendProcessDefinitionById(String str) {
        runWithoutAuthorization(() -> {
            this.repositoryService.suspendProcessDefinitionById(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendProcessInstanceById(String str) {
        runWithoutAuthorization(() -> {
            this.runtimeService.suspendProcessInstanceById(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobById(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobById(str);
            return null;
        });
    }

    protected void suspendJobByProcessInstanceId(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobByProcessInstanceId(str);
            return null;
        });
    }

    protected void suspendJobByJobDefinitionId(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobByJobDefinitionId(str);
            return null;
        });
    }

    protected void suspendJobByProcessDefinitionId(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobByProcessDefinitionId(str);
            return null;
        });
    }

    protected void suspendJobByProcessDefinitionKey(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobByProcessDefinitionKey(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionById(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionById(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionByProcessDefinitionId(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionByProcessDefinitionId(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionByProcessDefinitionKey(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionByProcessDefinitionKey(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionIncludingJobsById(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionById(str, true);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionIncludingJobsByProcessDefinitionId(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionByProcessDefinitionId(str, true);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void suspendJobDefinitionIncludingJobsByProcessDefinitionKey(String str) {
        runWithoutAuthorization(() -> {
            this.managementService.suspendJobDefinitionByProcessDefinitionKey(str, true);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Deployment createDeployment(String str, String... strArr) {
        return (Deployment) runWithoutAuthorization(() -> {
            DeploymentBuilder createDeployment = this.repositoryService.createDeployment();
            for (String str2 : strArr) {
                createDeployment.addClasspathResource(str2);
            }
            return createDeployment.deploy();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deleteDeployment(String str) {
        deleteDeployment(str, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deleteDeployment(String str, boolean z) {
        Authentication currentAuthentication = this.identityService.getCurrentAuthentication();
        try {
            this.identityService.clearAuthentication();
            runWithoutAuthorization(() -> {
                this.repositoryService.deleteDeployment(str, z);
                return null;
            });
            if (currentAuthentication != null) {
                this.identityService.setAuthentication(currentAuthentication);
            }
        } catch (Throwable th) {
            if (currentAuthentication != null) {
                this.identityService.setAuthentication(currentAuthentication);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProcessInstance startProcessAndExecuteJob(String str) {
        return (ProcessInstance) runWithoutAuthorization(() -> {
            ProcessInstance startProcessInstanceByKey = startProcessInstanceByKey(str);
            executeAvailableJobs(str);
            return startProcessInstanceByKey;
        });
    }

    protected void executeAvailableJobs(String str) {
        runWithoutAuthorization(() -> {
            List list = this.managementService.createJobQuery().processDefinitionKey(str).withRetriesLeft().list();
            if (list.isEmpty()) {
                enableAuthorization();
                return null;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                try {
                    this.managementService.executeJob(((Job) it.next()).getId());
                } catch (Exception e) {
                }
            }
            executeAvailableJobs(str);
            return null;
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DecisionDefinition selectDecisionDefinitionByKey(String str) {
        return (DecisionDefinition) runWithoutAuthorization(() -> {
            return (DecisionDefinition) this.repositoryService.createDecisionDefinitionQuery().decisionDefinitionKey(str).singleResult();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void verifyQueryResults(Query<?, ?> query, int i) {
        Assert.assertEquals(i, query.list().size());
        Assert.assertEquals(i, query.count());
        if (i == 1) {
            Assert.assertNotNull(query.singleResult());
        } else if (i > 1) {
            verifySingleResultFails(query);
        } else if (i == 0) {
            Assert.assertNull(query.singleResult());
        }
    }

    protected void verifySingleResultFails(Query<?, ?> query) {
        try {
            query.singleResult();
            Assert.fail();
        } catch (ProcessEngineException e) {
        }
    }

    public Permission getDefaultTaskPermissionForUser() {
        return this.processEngine.getProcessEngineConfiguration().getDefaultUserPermissionForTask();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public VariableMap getVariables() {
        return Variables.createVariables().putValue("aVariableName", "aVariableValue");
    }
}
