package org.jpasecurity.acl;

import java.util.Arrays;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.EntityTransaction;
import javax.persistence.NoResultException;
import javax.persistence.Persistence;
import javax.persistence.PersistenceException;
import org.jpasecurity.model.acl.Acl;
import org.jpasecurity.model.acl.AclEntry;
import org.jpasecurity.model.acl.AclProtectedEntity;
import org.jpasecurity.model.acl.Group;
import org.jpasecurity.model.acl.Privilege;
import org.jpasecurity.model.acl.Role;
import org.jpasecurity.model.acl.User;
import org.jpasecurity.security.authentication.TestSecurityContext;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;

@Ignore("TODO")
/* loaded from: input_file:org/jpasecurity/acl/AclSyntaxTest.class */
public class AclSyntaxTest {
    private static EntityManagerFactory entityManagerFactory;
    private static Group group;
    private static Privilege privilege1;
    private static Privilege privilege2;
    private static User user;
    private static User user2;
    private static AclProtectedEntity entity;
    private static final int FULL_ACCESS_PRIVILEGE = -2;
    private static final int READ_ACCESS_PRIVILEGE = -1;

    @BeforeClass
    public static void createEntityManagerFactory() {
        TestSecurityContext.authenticate(Integer.valueOf(FULL_ACCESS_PRIVILEGE), new Object[]{Integer.valueOf(FULL_ACCESS_PRIVILEGE)});
        entityManagerFactory = Persistence.createEntityManagerFactory("acl-model-nocache");
    }

    @AfterClass
    public static void closeEntityManagerFactory() {
        entityManagerFactory.close();
        entityManagerFactory = null;
    }

    @Before
    public void createTestData() {
        TestSecurityContext.authenticate(Integer.valueOf(FULL_ACCESS_PRIVILEGE), new Object[]{Integer.valueOf(FULL_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        if (user == null) {
            createEntityManager.getTransaction().begin();
            privilege1 = new Privilege();
            privilege1.setName("modifySomething");
            createEntityManager.persist(privilege1);
            privilege2 = new Privilege();
            privilege2.setName("viewSomething");
            createEntityManager.persist(privilege2);
            group = new Group();
            group.setName("USERS");
            group.getFullHierarchy().add(group);
            createEntityManager.persist(group);
            Group group2 = new Group();
            group2.setName("ADMINS");
            group2.getFullHierarchy().add(group2);
            createEntityManager.persist(group2);
            Role role = new Role();
            role.setName("Test Role");
            createEntityManager.persist(role);
            user = new User();
            user.setGroups(Arrays.asList(group));
            user.setRoles(Arrays.asList(role));
            createEntityManager.persist(user);
            user2 = new User();
            user2.setGroups(Arrays.asList(group2));
            user2.setRoles(Arrays.asList(role));
            createEntityManager.persist(user);
            createEntityManager.getTransaction().commit();
            createEntityManager.getTransaction().begin();
            Acl acl = new Acl();
            createEntityManager.persist(acl);
            AclEntry aclEntry = new AclEntry();
            aclEntry.setAccessControlList(acl);
            acl.getEntries().add(aclEntry);
            aclEntry.setGroup(group);
            createEntityManager.persist(aclEntry);
            entity = new AclProtectedEntity();
            entity.setAccessControlList(acl);
            createEntityManager.persist(entity);
            createEntityManager.getTransaction().commit();
            createEntityManager.close();
        }
    }

    @After
    public void logout() {
        TestSecurityContext.authenticate(null, new Object[0]);
    }

    @Test
    public void queryAclProtectedEntity() {
        TestSecurityContext.authenticate(Integer.valueOf(FULL_ACCESS_PRIVILEGE), new Object[]{Integer.valueOf(FULL_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            Assert.assertNotNull((AclProtectedEntity) createEntityManager.createQuery("select e from AclProtectedEntity e").getSingleResult());
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    public void queryAclProtectedEntityWithNoPrivileges() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[0]);
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            createEntityManager.createQuery("select e from AclProtectedEntity e").getSingleResult();
            Assert.fail();
        } catch (NoResultException e) {
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
        if (transaction.isActive()) {
            transaction.rollback();
        }
        createEntityManager.close();
    }

    @Test
    public void queryAclProtectedEntityWithReadAllPrivilege() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[]{Integer.valueOf(READ_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            Assert.assertNotNull(createEntityManager.createQuery("select e from AclProtectedEntity e").getResultList());
            Assert.assertEquals(1L, r0.size());
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    public void updateAclProtectedEntityWithReadAllPrivilege() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[]{Integer.valueOf(READ_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        transaction.begin();
        try {
            AclProtectedEntity aclProtectedEntity = (AclProtectedEntity) createEntityManager.find(AclProtectedEntity.class, Long.valueOf(entity.getId()));
            Assert.assertNotNull(aclProtectedEntity);
            aclProtectedEntity.setSomeProperty("OtherValue");
            try {
                transaction.commit();
                Assert.fail("Expect SecurityException");
            } catch (PersistenceException e) {
                Assert.assertEquals(SecurityException.class, e.getCause().getClass());
            }
        } finally {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        }
    }

    @Test
    public void queryAclProtectedEntityWithFullAccessPrivilege() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[]{Integer.valueOf(FULL_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            Assert.assertNotNull(createEntityManager.createQuery("select e from AclProtectedEntity e").getResultList());
            Assert.assertEquals(1L, r0.size());
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    @Ignore("Fix shared reference problem with hibernate")
    public void updateAclProtectedEntity() {
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            TestSecurityContext.authenticate(Long.valueOf(user.getId()), new Object[0]);
            transaction.begin();
            createEntityManager.find(User.class, Long.valueOf(user.getId()));
            AclProtectedEntity aclProtectedEntity = (AclProtectedEntity) createEntityManager.find(AclProtectedEntity.class, Long.valueOf(entity.getId()));
            aclProtectedEntity.getAccessControlList().getEntries().size();
            aclProtectedEntity.setSomeProperty("test");
            transaction.commit();
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    public void updateAclProtectedEntityNoAccess() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[0]);
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            transaction.begin();
            createEntityManager.find(User.class, Long.valueOf(user.getId()));
            AclProtectedEntity aclProtectedEntity = (AclProtectedEntity) createEntityManager.find(AclProtectedEntity.class, Long.valueOf(entity.getId()));
            entity.getAccessControlList().getEntries().size();
            aclProtectedEntity.setSomeProperty("test");
            transaction.commit();
            Assert.fail("Expect exception!");
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (SecurityException e) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    public void updateAclProtectedEntityNoAccessOnlyFullRead() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[]{Integer.valueOf(READ_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            try {
                transaction.begin();
                createEntityManager.find(User.class, Long.valueOf(user.getId()));
                AclProtectedEntity aclProtectedEntity = (AclProtectedEntity) createEntityManager.find(AclProtectedEntity.class, Long.valueOf(entity.getId()));
                entity.getAccessControlList().getEntries().size();
                aclProtectedEntity.setSomeProperty("test" + System.currentTimeMillis());
                transaction.commit();
                Assert.fail("Expect exception!");
                if (transaction.isActive()) {
                    transaction.rollback();
                }
                createEntityManager.close();
            } catch (PersistenceException e) {
                Assert.assertEquals(SecurityException.class, e.getCause().getClass());
                if (transaction.isActive()) {
                    transaction.rollback();
                }
                createEntityManager.close();
            }
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }

    @Test
    @Ignore("Fix shared reference problem with hibernate")
    public void updateAclProtectedEntityFullAccessPrivilege() {
        TestSecurityContext.authenticate(Long.valueOf(user2.getId()), new Object[]{Integer.valueOf(FULL_ACCESS_PRIVILEGE)});
        EntityManager createEntityManager = entityManagerFactory.createEntityManager();
        EntityTransaction transaction = createEntityManager.getTransaction();
        try {
            transaction.begin();
            createEntityManager.find(User.class, Long.valueOf(user.getId()));
            AclProtectedEntity aclProtectedEntity = (AclProtectedEntity) createEntityManager.find(AclProtectedEntity.class, Long.valueOf(entity.getId()));
            aclProtectedEntity.getAccessControlList().getEntries().size();
            aclProtectedEntity.setSomeProperty("test" + System.currentTimeMillis());
            transaction.commit();
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
        } catch (Throwable th) {
            if (transaction.isActive()) {
                transaction.rollback();
            }
            createEntityManager.close();
            throw th;
        }
    }
}
