package org.apache.sling.launchpad.webapp.integrationtest.accessManager;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import javax.json.JsonArray;
import javax.json.JsonException;
import javax.json.JsonObject;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.sling.commons.testing.integration.HttpTest;
import org.apache.sling.launchpad.webapp.integrationtest.servlets.post.PostServletCreateTest;
import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/sling/launchpad/webapp/integrationtest/accessManager/AccessPrivilegesInfoTest.class */
public class AccessPrivilegesInfoTest {
    private static Random random = new Random(System.currentTimeMillis());
    String testUserId = null;
    String testUserId2 = null;
    String testGroupId = null;
    String testFolderUrl = null;
    Set<String> toDelete = new HashSet();
    private final AccessManagerTestUtil H = new AccessManagerTestUtil();

    @Before
    public void setup() throws Exception {
        this.H.setUp();
        this.H.getTestClient().mkdirs(HttpTest.WEBDAV_BASE_URL, "/apps/nt/unstructured");
        this.toDelete.add(this.H.uploadTestScript("/apps/nt/unstructured", "accessmanager/privileges-info.json.esp", "privileges-info.json.esp"));
    }

    @After
    public void cleanup() throws Exception {
        this.H.tearDown();
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        if (this.testFolderUrl != null) {
            String str = this.testFolderUrl;
            ArrayList arrayList = new ArrayList();
            arrayList.add(new NameValuePair(":operation", "delete"));
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        }
        if (this.testGroupId != null) {
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + this.testGroupId + ".delete.html", 200, new ArrayList(), null);
        }
        if (this.testUserId != null) {
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + this.testUserId + ".delete.html", 200, new ArrayList(), null);
        }
        if (this.testUserId2 != null) {
            this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + this.testUserId2 + ".delete.html", 200, new ArrayList(), null);
        }
        Iterator<String> it = this.toDelete.iterator();
        while (it.hasNext()) {
            this.H.getTestClient().delete(it.next());
        }
    }

    @Test
    public void testDeniedWriteForUser() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder();
        String str = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:write", "denied"));
        this.H.assertAuthenticatedPostStatus(new UsernamePasswordCredentials("admin", "admin"), str, 200, arrayList, null);
        String authenticatedContent = this.H.getAuthenticatedContent(new UsernamePasswordCredentials(this.testUserId, "testPwd"), this.testFolderUrl + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject parseObject = JsonUtil.parseObject(authenticatedContent);
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canAddChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDeleteChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDelete")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canModifyProperties")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canReadAccessControl")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canModifyAccessControl")));
    }

    @Test
    public void testGrantedWriteForUser() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder();
        String str = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        String str2 = this.testFolderUrl + ".privileges-info.json";
        Credentials usernamePasswordCredentials2 = new UsernamePasswordCredentials(this.testUserId, "testPwd");
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials2, str2, "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject parseObject = JsonUtil.parseObject(authenticatedContent);
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canAddChildren")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canDeleteChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDelete")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canModifyProperties")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canReadAccessControl")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canModifyAccessControl")));
        String createNode = this.H.getTestClient().createNode(this.testFolderUrl + "/testFolder" + random.nextInt() + PostServletCreateTest.SLASH, (Map) null);
        String str3 = createNode + ".modifyAce.html";
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:removeNode", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str3, 200, arrayList2, null);
        String authenticatedContent2 = this.H.getAuthenticatedContent(usernamePasswordCredentials2, createNode + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent2);
        Assert.assertEquals(true, Boolean.valueOf(JsonUtil.parseObject(authenticatedContent2).getBoolean("canDelete")));
    }

    @Test
    public void testDeniedWriteForGroup() throws IOException, JsonException {
        this.testGroupId = this.H.createTestGroup();
        this.testUserId = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder();
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        String str = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + this.testGroupId + ".update.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair(":member", this.testUserId));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        String str2 = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testGroupId));
        arrayList2.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "denied"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str2, 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(new UsernamePasswordCredentials(this.testUserId, "testPwd"), this.testFolderUrl + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject parseObject = JsonUtil.parseObject(authenticatedContent);
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canAddChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDeleteChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDelete")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canModifyProperties")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canReadAccessControl")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canModifyAccessControl")));
    }

    @Test
    public void testGrantedWriteForGroup() throws IOException, JsonException {
        this.testGroupId = this.H.createTestGroup();
        this.testUserId = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder();
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        String str = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + this.testGroupId + ".update.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair(":member", this.testUserId));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        String str2 = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testGroupId));
        arrayList2.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str2, 200, arrayList2, null);
        String str3 = this.testFolderUrl + ".privileges-info.json";
        Credentials usernamePasswordCredentials2 = new UsernamePasswordCredentials(this.testUserId, "testPwd");
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials2, str3, "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject parseObject = JsonUtil.parseObject(authenticatedContent);
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canAddChildren")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canDeleteChildren")));
        Assert.assertEquals(false, Boolean.valueOf(parseObject.getBoolean("canDelete")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canModifyProperties")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canReadAccessControl")));
        Assert.assertEquals(true, Boolean.valueOf(parseObject.getBoolean("canModifyAccessControl")));
        String createNode = this.H.getTestClient().createNode(this.testFolderUrl + "/testFolder" + random.nextInt() + PostServletCreateTest.SLASH, (Map) null);
        String str4 = createNode + ".modifyAce.html";
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new NameValuePair("principalId", this.testGroupId));
        arrayList3.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList3.add(new NameValuePair("privilege@jcr:removeNode", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str4, 200, arrayList3, null);
        String authenticatedContent2 = this.H.getAuthenticatedContent(usernamePasswordCredentials2, createNode + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent2);
        Assert.assertEquals(true, Boolean.valueOf(JsonUtil.parseObject(authenticatedContent2).getBoolean("canDelete")));
    }

    @Test
    public void testSLING_1090() throws Exception {
        this.testUserId = this.H.createTestUser();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList.add(new NameValuePair("privilege@jcr:removeChildNodes", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, HttpTest.HTTP_BASE_URL + "/.modifyAce.html", 200, arrayList, null);
        this.testFolderUrl = this.H.getTestClient().createNode(HttpTest.HTTP_BASE_URL + "/testFolder" + random.nextInt() + PostServletCreateTest.SLASH, (Map) null);
        String str = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId));
        arrayList2.add(new NameValuePair("privilege@jcr:read", "granted"));
        arrayList2.add(new NameValuePair("privilege@jcr:removeNode", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList2, null);
        String authenticatedContent = this.H.getAuthenticatedContent(new UsernamePasswordCredentials(this.testUserId, "testPwd"), this.testFolderUrl + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        Assert.assertEquals(true, Boolean.valueOf(JsonUtil.parseObject(authenticatedContent).getBoolean("canDelete")));
    }

    @Test
    public void testDeclaredAclForUser() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        this.testUserId2 = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId2));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList2, null);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new NameValuePair("principalId", this.testUserId2));
        arrayList3.add(new NameValuePair("privilege@jcr:lockManagement", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, this.testFolderUrl + "/child.modifyAce.html", 200, arrayList3, null);
        String str2 = this.testFolderUrl + "/child.privileges-info.json";
        Credentials usernamePasswordCredentials2 = new UsernamePasswordCredentials("admin", "admin");
        String authenticatedContent = this.H.getAuthenticatedContent(usernamePasswordCredentials2, str2, "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject("declaredAccessRights");
        Assert.assertNull(jsonObject.get(this.testUserId));
        JsonObject jsonObject2 = jsonObject.getJsonObject(this.testUserId2);
        Assert.assertNotNull(jsonObject2);
        JsonArray jsonArray = jsonObject2.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:lockManagement");
        Assert.assertNotNull(jsonObject2.getJsonArray("denied"));
        Assert.assertEquals(0L, r0.size());
        String authenticatedContent2 = this.H.getAuthenticatedContent(usernamePasswordCredentials2, this.testFolderUrl + ".privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent2);
        JsonObject jsonObject3 = JsonUtil.parseObject(authenticatedContent2).getJsonObject("declaredAccessRights");
        JsonObject jsonObject4 = jsonObject3.getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject4);
        JsonArray jsonArray2 = jsonObject4.getJsonArray("granted");
        Assert.assertNotNull(jsonArray2);
        Assert.assertEquals(1L, jsonArray2.size());
        HashSet hashSet2 = new HashSet();
        for (int i2 = 0; i2 < jsonArray2.size(); i2++) {
            hashSet2.add(jsonArray2.getString(i2));
        }
        this.H.assertPrivilege(hashSet2, true, "jcr:write");
        Assert.assertNotNull(jsonObject4.getJsonArray("denied"));
        Assert.assertEquals(0L, r0.size());
        JsonObject jsonObject5 = jsonObject3.getJsonObject(this.testUserId2);
        Assert.assertNotNull(jsonObject5);
        JsonArray jsonArray3 = jsonObject5.getJsonArray("granted");
        Assert.assertNotNull(jsonArray3);
        Assert.assertEquals(1L, jsonArray3.size());
        HashSet hashSet3 = new HashSet();
        for (int i3 = 0; i3 < jsonArray3.size(); i3++) {
            hashSet3.add(jsonArray3.getString(i3));
        }
        this.H.assertPrivilege(hashSet3, true, "jcr:write");
        Assert.assertNotNull(jsonObject5.getJsonArray("denied"));
        Assert.assertEquals(0L, r0.size());
    }

    @Test
    public void testEffectiveAclForUser() throws IOException, JsonException {
        this.testUserId = this.H.createTestUser();
        this.testUserId2 = this.H.createTestUser();
        this.testFolderUrl = this.H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
        String str = this.testFolderUrl + ".modifyAce.html";
        ArrayList arrayList = new ArrayList();
        arrayList.add(new NameValuePair("principalId", this.testUserId));
        arrayList.add(new NameValuePair("privilege@jcr:write", "granted"));
        Credentials usernamePasswordCredentials = new UsernamePasswordCredentials("admin", "admin");
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList, null);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new NameValuePair("principalId", this.testUserId2));
        arrayList2.add(new NameValuePair("privilege@jcr:write", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, str, 200, arrayList2, null);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new NameValuePair("principalId", this.testUserId2));
        arrayList3.add(new NameValuePair("privilege@jcr:lockManagement", "granted"));
        this.H.assertAuthenticatedPostStatus(usernamePasswordCredentials, this.testFolderUrl + "/child.modifyAce.html", 200, arrayList3, null);
        String authenticatedContent = this.H.getAuthenticatedContent(new UsernamePasswordCredentials("admin", "admin"), this.testFolderUrl + "/child.privileges-info.json", "application/json", null, 200);
        Assert.assertNotNull(authenticatedContent);
        JsonObject jsonObject = JsonUtil.parseObject(authenticatedContent).getJsonObject("effectiveAccessRights");
        JsonObject jsonObject2 = jsonObject.getJsonObject(this.testUserId);
        Assert.assertNotNull(jsonObject2);
        JsonArray jsonArray = jsonObject2.getJsonArray("granted");
        Assert.assertNotNull(jsonArray);
        Assert.assertEquals(1L, jsonArray.size());
        HashSet hashSet = new HashSet();
        for (int i = 0; i < jsonArray.size(); i++) {
            hashSet.add(jsonArray.getString(i));
        }
        this.H.assertPrivilege(hashSet, true, "jcr:write");
        Assert.assertNotNull(jsonObject2.getJsonArray("denied"));
        Assert.assertEquals(0L, r0.size());
        JsonObject jsonObject3 = jsonObject.getJsonObject(this.testUserId2);
        Assert.assertNotNull(jsonObject3);
        JsonArray jsonArray2 = jsonObject3.getJsonArray("granted");
        Assert.assertNotNull(jsonArray2);
        Assert.assertEquals(2L, jsonArray2.size());
        HashSet hashSet2 = new HashSet();
        for (int i2 = 0; i2 < jsonArray2.size(); i2++) {
            hashSet2.add(jsonArray2.getString(i2));
        }
        this.H.assertPrivilege(hashSet2, true, "jcr:write");
        this.H.assertPrivilege(hashSet2, true, "jcr:lockManagement");
        Assert.assertNotNull(jsonObject3.getJsonArray("denied"));
        Assert.assertEquals(0L, r0.size());
    }
}
