package org.camunda.bpm.engine.test.authorization;

import java.util.Arrays;
import java.util.Iterator;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Permission;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resource;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.identity.Group;
import org.camunda.bpm.engine.identity.User;
import org.camunda.bpm.engine.impl.test.ResourceProcessEngineTestCase;

/* loaded from: input_file:org/camunda/bpm/engine/test/authorization/ResourceAuthorizationProviderTest.class */
public class ResourceAuthorizationProviderTest extends ResourceProcessEngineTestCase {
    protected String userId;
    protected String groupId;
    protected User user;
    protected Group group;

    public ResourceAuthorizationProviderTest() {
        super("org/camunda/bpm/engine/test/authorization/resource.authorization.provider.camunda.cfg.xml");
        this.userId = "test";
        this.groupId = "accounting";
    }

    protected void initializeProcessEngine() {
        super.initializeProcessEngine();
        this.processEngineConfiguration = this.processEngine.getProcessEngineConfiguration();
        this.processEngineConfiguration.setResourceAuthorizationProvider(new MyResourceAuthorizationProvider());
        this.identityService = this.processEngineConfiguration.getIdentityService();
        this.authorizationService = this.processEngineConfiguration.getAuthorizationService();
        this.user = createUser(this.userId);
        this.group = createGroup(this.groupId);
        this.identityService.createMembership(this.userId, this.groupId);
        this.identityService.setAuthentication(this.userId, Arrays.asList(this.groupId));
        this.processEngineConfiguration.setAuthorizationEnabled(true);
    }

    public void tearDown() {
        this.processEngineConfiguration.setAuthorizationEnabled(false);
        Iterator it = this.identityService.createUserQuery().list().iterator();
        while (it.hasNext()) {
            this.identityService.deleteUser(((User) it.next()).getId());
        }
        Iterator it2 = this.identityService.createGroupQuery().list().iterator();
        while (it2.hasNext()) {
            this.identityService.deleteGroup(((Group) it2.next()).getId());
        }
        Iterator it3 = this.authorizationService.createAuthorizationQuery().list().iterator();
        while (it3.hasNext()) {
            this.authorizationService.deleteAuthorization(((Authorization) it3.next()).getId());
        }
    }

    protected void closeDownProcessEngine() {
        this.processEngine.close();
        super.closeDownProcessEngine();
    }

    public void testNewTaskAssignee() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.setAssignee("myTask", "demo");
        assertNull(MyResourceAuthorizationProvider.OLD_ASSIGNEE);
        assertEquals("demo", MyResourceAuthorizationProvider.NEW_ASSIGNEE);
        MyResourceAuthorizationProvider.clearProperties();
        this.taskService.setAssignee("myTask", this.userId);
        assertEquals("demo", MyResourceAuthorizationProvider.OLD_ASSIGNEE);
        assertEquals(this.userId, MyResourceAuthorizationProvider.NEW_ASSIGNEE);
        this.taskService.deleteTask("myTask", true);
    }

    public void testNewTaskOwner() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.setOwner("myTask", "demo");
        assertNull(MyResourceAuthorizationProvider.OLD_OWNER);
        assertEquals("demo", MyResourceAuthorizationProvider.NEW_OWNER);
        MyResourceAuthorizationProvider.clearProperties();
        this.taskService.setOwner("myTask", this.userId);
        assertEquals("demo", MyResourceAuthorizationProvider.OLD_OWNER);
        assertEquals(this.userId, MyResourceAuthorizationProvider.NEW_OWNER);
        this.taskService.deleteTask("myTask", true);
    }

    public void testAddCandidateUser() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addCandidateUser("myTask", "demo");
        assertEquals("candidate", MyResourceAuthorizationProvider.ADD_USER_IDENTITY_LINK_TYPE);
        assertEquals("demo", MyResourceAuthorizationProvider.ADD_USER_IDENTITY_LINK_USER);
        this.taskService.deleteTask("myTask", true);
    }

    public void testAddUserIdentityLink() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addUserIdentityLink("myTask", "demo", "myIdentityLink");
        assertEquals("myIdentityLink", MyResourceAuthorizationProvider.ADD_USER_IDENTITY_LINK_TYPE);
        assertEquals("demo", MyResourceAuthorizationProvider.ADD_USER_IDENTITY_LINK_USER);
        this.taskService.deleteTask("myTask", true);
    }

    public void testAddCandidateGroup() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addCandidateGroup("myTask", "management");
        assertEquals("candidate", MyResourceAuthorizationProvider.ADD_GROUP_IDENTITY_LINK_TYPE);
        assertEquals("management", MyResourceAuthorizationProvider.ADD_GROUP_IDENTITY_LINK_GROUP);
        this.taskService.deleteTask("myTask", true);
    }

    public void testAddGroupIdentityLink() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addGroupIdentityLink("myTask", "management", "myIdentityLink");
        assertEquals("myIdentityLink", MyResourceAuthorizationProvider.ADD_GROUP_IDENTITY_LINK_TYPE);
        assertEquals("management", MyResourceAuthorizationProvider.ADD_GROUP_IDENTITY_LINK_GROUP);
        this.taskService.deleteTask("myTask", true);
    }

    public void testDeleteUserIdentityLink() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addCandidateUser("myTask", "demo");
        this.taskService.deleteCandidateUser("myTask", "demo");
        assertEquals("candidate", MyResourceAuthorizationProvider.DELETE_USER_IDENTITY_LINK_TYPE);
        assertEquals("demo", MyResourceAuthorizationProvider.DELETE_USER_IDENTITY_LINK_USER);
        this.taskService.deleteTask("myTask", true);
    }

    public void testDeleteGroupIdentityLink() {
        MyResourceAuthorizationProvider.clearProperties();
        createGrantAuthorization(Resources.TASK, "*", Permissions.ALL, this.userId);
        this.taskService.saveTask(this.taskService.newTask("myTask"));
        this.taskService.addCandidateGroup("myTask", "management");
        this.taskService.deleteCandidateGroup("myTask", "management");
        assertEquals("candidate", MyResourceAuthorizationProvider.DELETE_GROUP_IDENTITY_LINK_TYPE);
        assertEquals("management", MyResourceAuthorizationProvider.DELETE_GROUP_IDENTITY_LINK_GROUP);
        this.taskService.deleteTask("myTask", true);
    }

    protected User createUser(String str) {
        User newUser = this.identityService.newUser(str);
        this.identityService.saveUser(newUser);
        Authorization createGrantAuthorization = createGrantAuthorization(Resources.AUTHORIZATION, "*");
        createGrantAuthorization.setUserId(str);
        createGrantAuthorization.addPermission(Permissions.ALL);
        saveAuthorization(createGrantAuthorization);
        Authorization createGrantAuthorization2 = createGrantAuthorization(Resources.USER, "*");
        createGrantAuthorization2.setUserId(str);
        createGrantAuthorization2.addPermission(Permissions.ALL);
        saveAuthorization(createGrantAuthorization2);
        return newUser;
    }

    protected Group createGroup(String str) {
        Group newGroup = this.identityService.newGroup(str);
        this.identityService.saveGroup(newGroup);
        return newGroup;
    }

    protected void createGrantAuthorization(Resource resource, String str, Permission permission, String str2) {
        Authorization createGrantAuthorization = createGrantAuthorization(resource, str);
        createGrantAuthorization.setUserId(str2);
        createGrantAuthorization.addPermission(permission);
        saveAuthorization(createGrantAuthorization);
    }

    protected Authorization createGrantAuthorization(Resource resource, String str) {
        return createAuthorization(1, resource, str);
    }

    protected Authorization createAuthorization(int i, Resource resource, String str) {
        Authorization createNewAuthorization = this.authorizationService.createNewAuthorization(i);
        createNewAuthorization.setResource(resource);
        if (str != null) {
            createNewAuthorization.setResourceId(str);
        }
        return createNewAuthorization;
    }

    protected void saveAuthorization(Authorization authorization) {
        this.authorizationService.saveAuthorization(authorization);
    }
}
