package org.apache.sling.launchpad.webapp.integrationtest.accessManager;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import javax.json.JsonArray;
import javax.json.JsonException;
import javax.json.JsonObject;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.sling.commons.testing.integration.HttpTest;
import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.class */
public class GetAclTest {
    String testUserId = null;
    String testUserId2 = null;
    private final AccessManagerTestUtil H = new AccessManagerTestUtil();

    @Before
    public void setup() throws Exception {
        this.H.setUp();
    }

    @After
    public void cleanup() throws Exception {
        this.H.tearDown();
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        if (this.testUserId != null) {
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + this.testUserId + ".delete.html", 200, new ArrayList(), null);
        }
        if (this.testUserId2 != null) {
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + this.testUserId2 + ".delete.html", 200, new ArrayList(), null);
        }
    }

    @Test
    public void testEffectiveAclForUser() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        this.testUserId2 = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId2));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList2, null);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new NameValuePair("principalId", this.testUserId2));
        arrayList3.add(new NameValuePair("privilege@jcr:lockManagement", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList3, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject parseObject = JsonUtil.parseObject(authenticatedContent);
        JsonObject jsonObject = parseObject.getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:write");
        Assert.assertNull(jsonObject.get("denied"));
        JsonObject jsonObject2 = parseObject.getJsonObject(this.testUserId2);
        Assert.assertNotNull(jsonObject2);
        Assert.assertEquals(this.testUserId2, jsonObject2.getString("principal"));
        JsonArray jsonArray2 = jsonObject2.getJsonArray("granted");
        Assert.assertNotNull(jsonArray2);
        Assert.assertEquals(2L, jsonArray2.size());
        HashSet hashSet2 = new HashSet();
        for (int i2 = 0; i2 < jsonArray2.size(); i2++) {
            hashSet2.add(jsonArray2.getString(i2));
        }
        this.H.assertPrivilege(hashSet2, true, "jcr:write");
        this.H.assertPrivilege(hashSet2, true, "jcr:lockManagement");
        Assert.assertNull(jsonObject2.get("denied"));
    }

    @Test
    public void testEffectiveAclMergeForUser_ReplacePrivilegeOnChild() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "denied"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:write");
        Assert.assertNull(jsonObject.get("denied"));
    }

    @Test
    public void testEffectiveAclMergeForUser_FewerPrivilegesGrantedOnChild() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:all", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:all");
        Assert.assertNull(jsonObject.get("denied"));
    }

    @Test
    public void testEffectiveAclMergeForUser_MorePrivilegesGrantedOnChild() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:all", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:all");
        Assert.assertNull(jsonObject.get("denied"));
    }

    @Test
    @Ignore
    public void testEffectiveAclMergeForUser_SubsetOfPrivilegesDeniedOnChild() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:all", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "denied"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertTrue(jsonArray.size() >= 8);
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, false, "jcr:all");
        this.H.assertPrivilege(hashSet, false, "jcr:write");
        this.H.assertPrivilege(hashSet, true, "jcr:read");
        this.H.assertPrivilege(hashSet, true, "jcr:readAccessControl");
        this.H.assertPrivilege(hashSet, true, "jcr:modifyAccessControl");
        this.H.assertPrivilege(hashSet, true, "jcr:lockManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:versionManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:nodeTypeManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:retentionManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:lifecycleManagement");
        this.H.assertPrivilege(hashSet, false, "jcr:modifyProperties");
        this.H.assertPrivilege(hashSet, false, "jcr:addChildNodes");
        this.H.assertPrivilege(hashSet, false, "jcr:removeNode");
        this.H.assertPrivilege(hashSet, false, "jcr:removeChildNodes");
        JsonArray jsonArray2 = jsonObject.getJsonArray("denied");
        Assert.assertNotNull(jsonArray2);
        Assert.assertEquals(1L, jsonArray2.size());
        HashSet hashSet2 = new HashSet();
        for (int i2 = 0; i2 < jsonArray2.size(); i2++) {
            hashSet2.add(jsonArray2.getString(i2));
        }
        this.H.assertPrivilege(hashSet2, true, "jcr:write");
    }

    @Test
    public void testEffectiveAclMergeForUser_SubsetOfPrivilegesDeniedOnChild2() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:all", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:removeNode", "denied"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        JsonArray jsonArray = jsonObject.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertTrue(jsonArray.size() >= 11);
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, false, "jcr:all");
        this.H.assertPrivilege(hashSet, false, "jcr:write");
        this.H.assertPrivilege(hashSet, true, "jcr:read");
        this.H.assertPrivilege(hashSet, true, "jcr:readAccessControl");
        this.H.assertPrivilege(hashSet, true, "jcr:modifyAccessControl");
        this.H.assertPrivilege(hashSet, true, "jcr:lockManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:versionManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:nodeTypeManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:retentionManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:lifecycleManagement");
        this.H.assertPrivilege(hashSet, true, "jcr:modifyProperties");
        this.H.assertPrivilege(hashSet, true, "jcr:addChildNodes");
        this.H.assertPrivilege(hashSet, true, "jcr:removeChildNodes");
        JsonArray jsonArray2 = jsonObject.getJsonArray("denied");
        Assert.assertNotNull(jsonArray2);
        Assert.assertEquals(1L, jsonArray2.size());
        HashSet hashSet2 = new HashSet();
        for (int i2 = 0; i2 < jsonArray2.size(); i2++) {
            hashSet2.add(jsonArray2.getString(i2));
        }
        this.H.assertPrivilege(hashSet2, true, "jcr:removeNode");
    }

    @Test
    public void testEffectiveAclMergeForUser_SupersetOfPrivilegesDeniedOnChild() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:all", "denied"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        Assert.assertNull(jsonObject.get("granted"));
        JsonArray jsonArray = jsonObject.getJsonArray("denied");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:all");
    }

    @Test
    public void testEffectiveAclMergeForUser_SupersetOfPrivilegesDeniedOnChild2() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        String createTestFolder = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = createTestFolder + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:modifyProperties", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:all", "denied"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, createTestFolder + "/child.modifyAce.html", 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials, createTestFolder + "/child.eacl.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject);
        Assert.assertEquals(this.testUserId, jsonObject.getString("principal"));
        Assert.assertNull(jsonObject.get("granted"));
        JsonArray jsonArray = jsonObject.getJsonArray("denied");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:all");
    }
}
