package org.camunda.bpm.engine.test.authorization;

import org.camunda.bpm.engine.AuthorizationException;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.impl.AbstractQuery;
import org.camunda.bpm.engine.repository.ProcessDefinition;
import org.camunda.bpm.engine.repository.ProcessDefinitionQuery;

/* loaded from: input_file:org/camunda/bpm/engine/test/authorization/ProcessDefinitionAuthorizationTest.class */
public class ProcessDefinitionAuthorizationTest extends AuthorizationTest {
    protected static final String ONE_TASK_PROCESS_KEY = "oneTaskProcess";
    protected static final String TWO_TASKS_PROCESS_KEY = "twoTasksProcess";
    protected String deploymentId;

    public void setUp() {
        this.deploymentId = this.repositoryService.createDeployment().addClasspathResource("org/camunda/bpm/engine/test/api/oneTaskProcess.bpmn20.xml").addClasspathResource("org/camunda/bpm/engine/test/api/twoTasksProcess.bpmn20.xml").deploy().getId();
    }

    @Override // org.camunda.bpm.engine.test.authorization.AuthorizationTest
    public void tearDown() {
        super.tearDown();
        this.repositoryService.deleteDeployment(this.deploymentId, true);
    }

    public void testQueryWithoutAuthorization() {
        verifyQueryResults(this.repositoryService.createProcessDefinitionQuery(), 0);
    }

    public void testQueryWithReadPermissionOnAnyProcessDefinition() {
        createGrantAuthorization(Resources.PROCESS_DEFINITION, "*", this.userId, Permissions.READ);
        verifyQueryResults(this.repositoryService.createProcessDefinitionQuery(), 2);
    }

    public void testQueryWithReadPermissionOnOneTaskProcess() {
        createGrantAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY, this.userId, Permissions.READ);
        ProcessDefinitionQuery createProcessDefinitionQuery = this.repositoryService.createProcessDefinitionQuery();
        verifyQueryResults(createProcessDefinitionQuery, 1);
        ProcessDefinition processDefinition = (ProcessDefinition) createProcessDefinitionQuery.singleResult();
        assertNotNull(processDefinition);
        assertEquals(ONE_TASK_PROCESS_KEY, processDefinition.getKey());
    }

    public void testQueryWithRevokedReadPermission() {
        createGrantAuthorization(Resources.PROCESS_DEFINITION, "*", this.userId, Permissions.ALL);
        Authorization createRevokeAuthorization = createRevokeAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY);
        createRevokeAuthorization.setUserId(this.userId);
        createRevokeAuthorization.removePermission(Permissions.READ);
        saveAuthorization(createRevokeAuthorization);
        ProcessDefinitionQuery createProcessDefinitionQuery = this.repositoryService.createProcessDefinitionQuery();
        verifyQueryResults(createProcessDefinitionQuery, 1);
        ProcessDefinition processDefinition = (ProcessDefinition) createProcessDefinitionQuery.singleResult();
        assertNotNull(processDefinition);
        assertEquals(TWO_TASKS_PROCESS_KEY, processDefinition.getKey());
    }

    public void testQueryWithGroupAuthorizationRevokedReadPermission() {
        Authorization createGrantAuthorization = createGrantAuthorization(Resources.PROCESS_DEFINITION, "*");
        createGrantAuthorization.setGroupId(this.groupId);
        createGrantAuthorization.addPermission(Permissions.ALL);
        saveAuthorization(createGrantAuthorization);
        Authorization createRevokeAuthorization = createRevokeAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY);
        createRevokeAuthorization.setGroupId(this.groupId);
        createRevokeAuthorization.removePermission(Permissions.READ);
        saveAuthorization(createRevokeAuthorization);
        ProcessDefinitionQuery createProcessDefinitionQuery = this.repositoryService.createProcessDefinitionQuery();
        verifyQueryResults(createProcessDefinitionQuery, 1);
        ProcessDefinition processDefinition = (ProcessDefinition) createProcessDefinitionQuery.singleResult();
        assertNotNull(processDefinition);
        assertEquals(TWO_TASKS_PROCESS_KEY, processDefinition.getKey());
    }

    public void testGetProcessDefinitionWithoutAuthorizations() {
        try {
            this.repositoryService.getProcessDefinition(selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId());
            fail("Exception expected: It should not be possible to get the process definition");
        } catch (AuthorizationException e) {
            String message = e.getMessage();
            assertTextPresent(this.userId, message);
            assertTextPresent(Permissions.READ.getName(), message);
            assertTextPresent(ONE_TASK_PROCESS_KEY, message);
            assertTextPresent(Resources.PROCESS_DEFINITION.resourceName(), message);
        }
    }

    public void testGetProcessDefinition() {
        String id = selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId();
        createGrantAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY, this.userId, Permissions.READ);
        assertNotNull(this.repositoryService.getProcessDefinition(id));
    }

    public void testGetProcessDiagramWithoutAuthorizations() {
        try {
            this.repositoryService.getProcessDiagram(selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId());
            fail("Exception expected: It should not be possible to get the process diagram");
        } catch (AuthorizationException e) {
            String message = e.getMessage();
            assertTextPresent(this.userId, message);
            assertTextPresent(Permissions.READ.getName(), message);
            assertTextPresent(ONE_TASK_PROCESS_KEY, message);
            assertTextPresent(Resources.PROCESS_DEFINITION.resourceName(), message);
        }
    }

    public void testGetProcessDiagram() {
        String id = selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId();
        createGrantAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY, this.userId, Permissions.READ);
        assertNull(this.repositoryService.getProcessDiagram(id));
    }

    public void testGetProcessModelWithoutAuthorizations() {
        try {
            this.repositoryService.getProcessModel(selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId());
            fail("Exception expected: It should not be possible to get the process model");
        } catch (AuthorizationException e) {
            String message = e.getMessage();
            assertTextPresent(this.userId, message);
            assertTextPresent(Permissions.READ.getName(), message);
            assertTextPresent(ONE_TASK_PROCESS_KEY, message);
            assertTextPresent(Resources.PROCESS_DEFINITION.resourceName(), message);
        }
    }

    public void testGetProcessModel() {
        String id = selectProcessDefinitionByKey(ONE_TASK_PROCESS_KEY).getId();
        createGrantAuthorization(Resources.PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY, this.userId, Permissions.READ);
        assertNotNull(this.repositoryService.getProcessModel(id));
    }

    protected void verifyQueryResults(ProcessDefinitionQuery processDefinitionQuery, int i) {
        verifyQueryResults((AbstractQuery<?, ?>) processDefinitionQuery, i);
    }
}
