package org.camunda.bpm.engine.test.api.filter;

import java.util.Iterator;
import java.util.List;
import org.camunda.bpm.engine.AuthorizationException;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Permission;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.filter.Filter;
import org.camunda.bpm.engine.identity.User;
import org.camunda.bpm.engine.impl.persistence.entity.FilterEntity;
import org.camunda.bpm.engine.impl.test.PluggableProcessEngineTestCase;
import org.camunda.bpm.engine.task.Task;

/* loaded from: input_file:org/camunda/bpm/engine/test/api/filter/FilterAuthorizationsTest.class */
public class FilterAuthorizationsTest extends PluggableProcessEngineTestCase {
    protected User testUser;
    protected Authorization createAuthorization;
    protected Authorization updateAuthorization;
    protected Authorization readAuthorization;
    protected Authorization deleteAuthorization;

    public void setUp() {
        this.testUser = createTestUser("test");
        this.createAuthorization = createAuthorization(Permissions.CREATE, "*");
        this.updateAuthorization = createAuthorization(Permissions.UPDATE, null);
        this.readAuthorization = createAuthorization(Permissions.READ, null);
        this.deleteAuthorization = createAuthorization(Permissions.DELETE, null);
        this.processEngineConfiguration.setAuthorizationEnabled(true);
        this.identityService.setAuthenticatedUserId(this.testUser.getId());
    }

    public void tearDown() {
        this.processEngineConfiguration.setAuthorizationEnabled(false);
        Iterator it = this.filterService.createFilterQuery().list().iterator();
        while (it.hasNext()) {
            this.filterService.deleteFilter(((Filter) it.next()).getId());
        }
        Iterator it2 = this.identityService.createUserQuery().list().iterator();
        while (it2.hasNext()) {
            this.identityService.deleteUser(((User) it2.next()).getId());
        }
        Iterator it3 = this.authorizationService.createAuthorizationQuery().list().iterator();
        while (it3.hasNext()) {
            this.authorizationService.deleteAuthorization(((Authorization) it3.next()).getId());
        }
    }

    public void testCreateFilterNotPermitted() {
        try {
            this.filterService.newTaskFilter();
            fail("Exception expected");
        } catch (AuthorizationException e) {
        }
    }

    public void testCreateFilterPermitted() {
        grantCreateFilter();
        assertNotNull(this.filterService.newTaskFilter());
    }

    public void testSaveFilterNotPermitted() {
        try {
            this.filterService.saveFilter(new FilterEntity("Task"));
            fail("Exception expected");
        } catch (AuthorizationException e) {
        }
    }

    public void testSaveFilterPermitted() {
        Filter name = new FilterEntity("Task").setName("testFilter");
        grantCreateFilter();
        this.filterService.saveFilter(name);
        assertNotNull(name.getId());
    }

    public void testUpdateFilterNotPermitted() {
        Filter createTestFilter = createTestFilter();
        createTestFilter.setName("anotherName");
        try {
            this.filterService.saveFilter(createTestFilter);
            fail("Exception expected");
        } catch (AuthorizationException e) {
        }
    }

    public void testUpdateFilterPermitted() {
        Filter createTestFilter = createTestFilter();
        createTestFilter.setName("anotherName");
        grantUpdateFilter(createTestFilter.getId());
        assertEquals("anotherName", this.filterService.saveFilter(createTestFilter).getName());
    }

    public void testDeleteFilterNotPermitted() {
        try {
            this.filterService.deleteFilter(createTestFilter().getId());
            fail("Exception expected");
        } catch (AuthorizationException e) {
        }
    }

    public void testDeleteFilterPermitted() {
        Filter createTestFilter = createTestFilter();
        grantDeleteFilter(createTestFilter.getId());
        this.filterService.deleteFilter(createTestFilter.getId());
        assertEquals(0L, this.filterService.createFilterQuery().count());
    }

    public void testReadFilterNotPermitted() {
        Filter createTestFilter = createTestFilter();
        assertEquals(0L, this.filterService.createFilterQuery().count());
        assertNull((Filter) this.filterService.createFilterQuery().filterId(createTestFilter.getId()).singleResult());
        try {
            this.filterService.getFilter(createTestFilter.getId());
            fail("Exception expected");
        } catch (AuthorizationException e) {
        }
        try {
            this.filterService.singleResult(createTestFilter.getId());
            fail("Exception expected");
        } catch (AuthorizationException e2) {
        }
        try {
            this.filterService.list(createTestFilter.getId());
            fail("Exception expected");
        } catch (AuthorizationException e3) {
        }
        try {
            this.filterService.listPage(createTestFilter.getId(), 1, 2);
            fail("Exception expected");
        } catch (AuthorizationException e4) {
        }
        try {
            this.filterService.count(createTestFilter.getId());
            fail("Exception expected");
        } catch (AuthorizationException e5) {
        }
    }

    public void testReadFilterPermitted() {
        Filter createTestFilter = createTestFilter();
        grantReadFilter(createTestFilter.getId());
        assertEquals(1L, this.filterService.createFilterQuery().count());
        assertNotNull((Filter) this.filterService.createFilterQuery().filterId(createTestFilter.getId()).singleResult());
        assertNotNull(this.filterService.getFilter(createTestFilter.getId()));
        Task newTask = this.taskService.newTask("test");
        this.taskService.saveTask(newTask);
        Task task = (Task) this.filterService.singleResult(createTestFilter.getId());
        assertNotNull(task);
        assertEquals(newTask.getId(), task.getId());
        List list = this.filterService.list(createTestFilter.getId());
        assertNotNull(list);
        assertEquals(1, list.size());
        assertEquals(newTask.getId(), ((Task) list.get(0)).getId());
        List listPage = this.filterService.listPage(createTestFilter.getId(), 0, 2);
        assertNotNull(listPage);
        assertEquals(1, listPage.size());
        assertEquals(newTask.getId(), ((Task) listPage.get(0)).getId());
        assertEquals(1L, this.filterService.count(createTestFilter.getId()).longValue());
        this.taskService.deleteTask(newTask.getId(), true);
    }

    public void testDefaultFilterAuthorization() {
        User createTestUser = createTestUser("ownerUser");
        User createTestUser2 = createTestUser("anotherUser");
        grantCreateFilter();
        Filter newTaskFilter = this.filterService.newTaskFilter("testFilter");
        newTaskFilter.setOwner(createTestUser.getId());
        this.filterService.saveFilter(newTaskFilter);
        assertFilterPermission(Permissions.CREATE, this.testUser, null, true);
        assertFilterPermission(Permissions.CREATE, createTestUser, null, false);
        assertFilterPermission(Permissions.CREATE, createTestUser2, null, false);
        assertFilterPermission(Permissions.UPDATE, this.testUser, newTaskFilter.getId(), false);
        assertFilterPermission(Permissions.UPDATE, createTestUser, newTaskFilter.getId(), true);
        assertFilterPermission(Permissions.UPDATE, createTestUser2, newTaskFilter.getId(), false);
        assertFilterPermission(Permissions.READ, this.testUser, newTaskFilter.getId(), false);
        assertFilterPermission(Permissions.READ, createTestUser, newTaskFilter.getId(), true);
        assertFilterPermission(Permissions.READ, createTestUser2, newTaskFilter.getId(), false);
        assertFilterPermission(Permissions.DELETE, this.testUser, newTaskFilter.getId(), false);
        assertFilterPermission(Permissions.DELETE, createTestUser, newTaskFilter.getId(), true);
        assertFilterPermission(Permissions.DELETE, createTestUser2, newTaskFilter.getId(), false);
    }

    protected User createTestUser(String str) {
        User newUser = this.identityService.newUser(str);
        this.identityService.saveUser(newUser);
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(newUser.getId());
        createNewAuthorization.setResource(Resources.AUTHORIZATION);
        createNewAuthorization.setResourceId("*");
        createNewAuthorization.addPermission(Permissions.ALL);
        this.authorizationService.saveAuthorization(createNewAuthorization);
        Authorization createNewAuthorization2 = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization2.setUserId(newUser.getId());
        createNewAuthorization2.setResource(Resources.USER);
        createNewAuthorization2.setResourceId("*");
        createNewAuthorization2.addPermission(Permissions.ALL);
        this.authorizationService.saveAuthorization(createNewAuthorization2);
        return newUser;
    }

    protected Filter createTestFilter() {
        grantCreateFilter();
        return this.filterService.saveFilter(this.filterService.newTaskFilter("testFilter"));
    }

    protected Authorization createAuthorization(Permission permission, String str) {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(this.testUser.getId());
        createNewAuthorization.setResource(Resources.FILTER);
        createNewAuthorization.addPermission(permission);
        if (str != null) {
            createNewAuthorization.setResourceId(str);
        }
        return createNewAuthorization;
    }

    protected void grantCreateFilter() {
        grantFilterPermission(this.createAuthorization, null);
        assertFilterPermission(Permissions.CREATE, this.testUser, null, true);
    }

    protected void grantUpdateFilter(String str) {
        grantFilterPermission(this.updateAuthorization, str);
        assertFilterPermission(Permissions.UPDATE, this.testUser, str, true);
    }

    protected void grantReadFilter(String str) {
        grantFilterPermission(this.readAuthorization, str);
        assertFilterPermission(Permissions.READ, this.testUser, str, true);
    }

    protected void grantDeleteFilter(String str) {
        grantFilterPermission(this.deleteAuthorization, str);
        assertFilterPermission(Permissions.DELETE, this.testUser, str, true);
    }

    protected void grantFilterPermission(Authorization authorization, String str) {
        if (str != null) {
            authorization.setResourceId(str);
        }
        this.authorizationService.saveAuthorization(authorization);
    }

    protected void assertFilterPermission(Permission permission, User user, String str, boolean z) {
        assertEquals(z, str != null ? this.authorizationService.isUserAuthorized(user.getId(), (List) null, permission, Resources.FILTER, str) : this.authorizationService.isUserAuthorized(user.getId(), (List) null, permission, Resources.FILTER));
    }
}
