package org.jpasecurity.security;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import javax.persistence.metamodel.EntityType;
import javax.persistence.metamodel.ManagedType;
import javax.persistence.metamodel.MappedSuperclassType;
import javax.persistence.metamodel.Metamodel;
import org.jpasecurity.AccessType;
import org.jpasecurity.Alias;
import org.jpasecurity.Path;
import org.jpasecurity.access.DefaultAccessManager;
import org.jpasecurity.access.SecurePersistenceUnitUtil;
import org.jpasecurity.jpql.compiler.SubselectEvaluator;
import org.jpasecurity.jpql.parser.JpqlParser;
import org.jpasecurity.model.acl.AbstractAclProtectedEntity;
import org.jpasecurity.model.acl.AbstractEntity;
import org.jpasecurity.model.acl.AclProtectedEntity;
import org.jpasecurity.model.acl.Group;
import org.jpasecurity.model.acl.SecondAclProtectedEntity;
import org.jpasecurity.security.rules.AccessRulesCompiler;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:org/jpasecurity/security/JpaInheritenceEntityFilterTest.class */
public class JpaInheritenceEntityFilterTest {
    private Metamodel metamodel;
    private DefaultAccessManager accessManager;
    private Collection<AccessRule> accessRules;
    private EntityFilter filter;

    @Before
    public void initialize() throws Exception {
        this.metamodel = (Metamodel) Mockito.mock(Metamodel.class);
        ManagedType managedType = (MappedSuperclassType) Mockito.mock(MappedSuperclassType.class);
        EntityType entityType = (EntityType) Mockito.mock(EntityType.class);
        EntityType entityType2 = (EntityType) Mockito.mock(EntityType.class);
        ManagedType managedType2 = (MappedSuperclassType) Mockito.mock(MappedSuperclassType.class);
        EntityType entityType3 = (EntityType) Mockito.mock(EntityType.class);
        SecurePersistenceUnitUtil securePersistenceUnitUtil = (SecurePersistenceUnitUtil) Mockito.mock(SecurePersistenceUnitUtil.class);
        this.accessManager = (DefaultAccessManager) Mockito.mock(DefaultAccessManager.class);
        DefaultSecurityContext defaultSecurityContext = new DefaultSecurityContext();
        defaultSecurityContext.register(new Alias("CURRENT_PRINCIPAL"), "user");
        Mockito.when(this.accessManager.getContext()).thenReturn(defaultSecurityContext);
        Mockito.when(this.metamodel.getManagedTypes()).thenReturn(new HashSet(Arrays.asList(managedType, entityType, entityType2, managedType2, entityType3)));
        Mockito.when(this.metamodel.getEntities()).thenReturn(new HashSet(Arrays.asList(entityType, entityType2, entityType3)));
        Mockito.when(this.metamodel.managedType(AbstractAclProtectedEntity.class)).thenReturn(managedType);
        Mockito.when(this.metamodel.managedType(AclProtectedEntity.class)).thenReturn(entityType);
        Mockito.when(this.metamodel.managedType(SecondAclProtectedEntity.class)).thenReturn(entityType2);
        Mockito.when(this.metamodel.managedType(AbstractEntity.class)).thenReturn(managedType2);
        Mockito.when(this.metamodel.managedType(Group.class)).thenReturn(entityType3);
        Mockito.when(this.metamodel.entity(AbstractAclProtectedEntity.class)).thenThrow(new Throwable[]{new IllegalArgumentException("not an entity")});
        Mockito.when(this.metamodel.entity(AclProtectedEntity.class)).thenReturn(entityType);
        Mockito.when(this.metamodel.entity(SecondAclProtectedEntity.class)).thenReturn(entityType2);
        Mockito.when(this.metamodel.entity(AbstractEntity.class)).thenThrow(new Throwable[]{new IllegalArgumentException("not an entity")});
        Mockito.when(this.metamodel.entity(Group.class)).thenReturn(entityType3);
        Mockito.when(managedType.getJavaType()).thenReturn(AbstractAclProtectedEntity.class);
        Mockito.when(entityType.getName()).thenReturn(AclProtectedEntity.class.getSimpleName());
        Mockito.when(entityType.getJavaType()).thenReturn(AclProtectedEntity.class);
        Mockito.when(entityType2.getName()).thenReturn(SecondAclProtectedEntity.class.getSimpleName());
        Mockito.when(entityType2.getJavaType()).thenReturn(SecondAclProtectedEntity.class);
        Mockito.when(managedType2.getJavaType()).thenReturn(AbstractEntity.class);
        Mockito.when(entityType3.getName()).thenReturn(Group.class.getSimpleName());
        Mockito.when(entityType3.getJavaType()).thenReturn(Group.class);
        DefaultAccessManager.Instance.register(this.accessManager);
        this.accessRules = new AccessRulesCompiler(this.metamodel).compile(new JpqlParser().parseRule("GRANT ACCESS TO org.jpasecurity.model.acl.AccessControlled bean WHERE (bean.accessControlList is null) OR (bean.accessControlList=CURRENT_PRINCIPAL))"));
        this.filter = new EntityFilter(this.metamodel, securePersistenceUnitUtil, this.accessRules, new SubselectEvaluator[0]);
    }

    @After
    public void removeAccessManager() {
        DefaultAccessManager.Instance.unregister(this.accessManager);
    }

    @Test
    public void checkStatementForConcreteSubtype() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(new Path("i"), SecondAclProtectedEntity.class);
        Assert.assertEquals("(((i.accessControlList IS  NULL ) OR (i.accessControlList = :CURRENT_PRINCIPAL)))", this.filter.createAccessDefinition(hashMap, AccessType.READ, Collections.emptySet()).getAccessRules().toString());
    }

    @Test
    public void checkStatementForProtectedBaseSuperType() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(new Path("i"), AbstractAclProtectedEntity.class);
        Assert.assertEquals("(((i.accessControlList IS  NULL ) OR (i.accessControlList = :CURRENT_PRINCIPAL)))", this.filter.createAccessDefinition(hashMap, AccessType.READ, Collections.emptySet()).getAccessRules().toString());
    }

    @Test
    public void checkStatementForMixedConcreteTypes() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(new Path("i"), SecondAclProtectedEntity.class);
        hashMap.put(new Path("b"), AclProtectedEntity.class);
        Assert.assertEquals("(((i.accessControlList IS  NULL ) OR (i.accessControlList = :CURRENT_PRINCIPAL)) AND ((b.accessControlList IS  NULL ) OR (b.accessControlList = :CURRENT_PRINCIPAL)))", this.filter.createAccessDefinition(hashMap, AccessType.READ, Collections.emptySet()).getAccessRules().toString());
    }

    @Test
    @Ignore("TODO: Find a better way to assert result")
    public void checkStatementForNotProtectedSuperType() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(new Path("i"), AbstractEntity.class);
        Assert.assertEquals("(( EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = i)  AND ((i.accessControlList IS  NULL ) OR (i.accessControlList = :CURRENT_PRINCIPAL)) OR  NOT  EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = i) ))", this.filter.createAccessDefinition(hashMap, AccessType.READ, Collections.emptySet()).getAccessRules().toString());
    }

    @Test
    @Ignore("TODO: Find a better way to assert result")
    public void checkStatementForMultipleNotProtectedSuperType() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(new Path("i"), AbstractEntity.class);
        hashMap.put(new Path("b"), AbstractEntity.class);
        Assert.assertEquals("(( EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = i)  AND ((i.accessControlList IS  NULL ) OR (i.accessControlList = :CURRENT_PRINCIPAL)) OR  NOT  EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = i) ) AND ( EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = b)  AND ((b.accessControlList IS  NULL ) OR (b.accessControlList = :CURRENT_PRINCIPAL)) OR  NOT  EXISTS ( SELECT abstractAclProtectedEntity FROM AbstractAclProtectedEntity abstractAclProtectedEntity WHERE abstractAclProtectedEntity = b) ))", this.filter.createAccessDefinition(hashMap, AccessType.READ, Collections.emptySet()).getAccessRules().toString());
    }
}
