package info.magnolia.cms.core;

import info.magnolia.audit.AuditLoggingManager;
import info.magnolia.cms.security.ACLImpl;
import info.magnolia.cms.security.Permission;
import info.magnolia.cms.security.PermissionImpl;
import info.magnolia.cms.security.PrincipalUtil;
import info.magnolia.cms.util.UrlPattern;
import info.magnolia.test.ComponentsTestUtil;
import info.magnolia.test.MgnlTestCase;
import info.magnolia.test.mock.MockHierarchyManager;
import info.magnolia.test.mock.MockUtil;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.ValueFactory;
import javax.jcr.observation.ObservationManager;
import javax.jcr.security.AccessControlManager;
import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.core.security.AccessManager;
import org.apache.jackrabbit.core.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.Path;
import org.apache.jackrabbit.spi.commons.conversion.NameResolver;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:info/magnolia/cms/core/MagnoliaAccessProviderTest.class */
public class MagnoliaAccessProviderTest extends MgnlTestCase {
    private final Session systemSession = (Session) Mockito.mock(SessionImpl.class);
    private final JackrabbitWorkspace workspace = (JackrabbitWorkspace) Mockito.mock(JackrabbitWorkspace.class);
    private final PrivilegeRegistry privilegeRegistry = new PrivilegeRegistry((NameResolver) null);
    private final PrivilegeManager privilegeManager = new PrivilegeManagerImpl(this.privilegeRegistry, (NameResolver) null);
    private final NodeImpl rootNode = (NodeImpl) Mockito.mock(NodeImpl.class);
    private final ObservationManager observationManager = (ObservationManager) Mockito.mock(ObservationManager.class);
    private final ValueFactory valueFactory = (ValueFactory) Mockito.mock(ValueFactory.class);
    private final PrincipalManager principalManager = (PrincipalManager) Mockito.mock(PrincipalManager.class);
    private final AccessManager accessManager = (AccessManager) Mockito.mock(AccessManager.class);
    private final AccessControlManager accessControlManager = (AccessControlManager) Mockito.mock(AccessControlManager.class);
    private final List<Permission> list = new LinkedList();
    private final Path.Element rootElement = (Path.Element) Mockito.mock(Path.Element.class);
    private final Path.Element pageElement = (Path.Element) Mockito.mock(Path.Element.class);
    private final Path.Element contentNodeElement = (Path.Element) Mockito.mock(Path.Element.class);
    private final Path.Element[] elements = {this.pageElement, this.contentNodeElement};
    private final Path itemPath = (Path) Mockito.mock(Path.class);
    private final Path ancestorPath = (Path) Mockito.mock(Path.class);
    private final Name rootName = (Name) Mockito.mock(Name.class);
    private final Name pageName = (Name) Mockito.mock(Name.class);
    private final PermissionImpl permissionImpl = new PermissionImpl();
    Principal principal = new ACLImpl("website", this.list);
    Set<Principal> principals = new HashSet();
    private MockHierarchyManager hm;

    @Override // info.magnolia.test.MgnlTestCase
    public void setUp() throws Exception {
        super.setUp();
        ComponentsTestUtil.setInstance(AuditLoggingManager.class, new AuditLoggingManager());
        this.hm = MockUtil.createAndSetHierarchyManager("website", "");
        this.hm.createContent("/", "", "mgnl:page");
        Content createContent = this.hm.createContent("/", "page", "mgnl:page");
        Content createContent2 = this.hm.createContent("/", "contentNode", "mgnl:contentNode");
        Mockito.when(this.systemSession.getWorkspace()).thenReturn(this.workspace);
        Mockito.when(this.systemSession.getRootNode()).thenReturn(this.rootNode);
        Mockito.when(this.systemSession.getValueFactory()).thenReturn(this.valueFactory);
        Mockito.when(this.systemSession.getAccessControlManager()).thenReturn(this.accessControlManager);
        Mockito.when(Boolean.valueOf(this.systemSession.nodeExists("page/contentNode"))).thenReturn(true);
        Mockito.when(this.systemSession.getNode("/")).thenReturn(createContent.getJCRNode());
        Mockito.when(this.systemSession.getNode("page")).thenReturn(createContent.getJCRNode());
        Mockito.when(this.systemSession.getNode("page/contentNode")).thenReturn(createContent2.getJCRNode());
        Mockito.when(this.systemSession.getJCRPath((Path) null)).thenReturn("");
        Mockito.when(this.systemSession.getPrincipalManager()).thenReturn(this.principalManager);
        Mockito.when(this.systemSession.getAccessManager()).thenReturn(this.accessManager);
        Mockito.when(this.workspace.getPrivilegeManager()).thenReturn(this.privilegeManager);
        Mockito.when(this.workspace.getObservationManager()).thenReturn(this.observationManager);
        Mockito.when(this.workspace.getName()).thenReturn("website");
        Mockito.when(Boolean.valueOf(this.rootNode.hasNode(AccessControlConstants.N_ACCESSCONTROL))).thenReturn(true);
        Mockito.when(this.rootNode.getNode(AccessControlConstants.N_ACCESSCONTROL)).thenReturn(this.rootNode);
        Mockito.when(Boolean.valueOf(this.rootNode.isNodeType(AccessControlConstants.NT_REP_ACCESS_CONTROL))).thenReturn(true);
        Mockito.when(this.principalManager.getEveryone()).thenReturn(this.principal);
        UrlPattern urlPattern = (UrlPattern) Mockito.mock(UrlPattern.class);
        this.list.add(this.permissionImpl);
        this.principals.add(this.principal);
        this.permissionImpl.setPattern(urlPattern);
        Mockito.when(this.itemPath.getElements()).thenReturn(this.elements);
        Mockito.when(this.itemPath.getAncestor(0)).thenReturn(this.itemPath);
        Mockito.when(this.itemPath.getAncestor(1)).thenReturn(this.ancestorPath);
        Mockito.when(this.itemPath.getElements()).thenReturn(new Path.Element[]{this.pageElement, this.contentNodeElement});
        Mockito.when(this.ancestorPath.getElements()).thenReturn(new Path.Element[]{this.pageElement});
        Mockito.when(this.rootElement.getName()).thenReturn(this.rootName);
        Mockito.when(Boolean.valueOf(this.rootElement.denotesRoot())).thenReturn(true);
        Mockito.when(this.pageElement.getName()).thenReturn(this.pageName);
        Mockito.when(Boolean.valueOf(this.pageElement.denotesIdentifier())).thenReturn(true);
        Mockito.when(this.pageElement.getString()).thenReturn("page");
        Mockito.when(this.contentNodeElement.getName()).thenReturn(this.pageName);
        Mockito.when(Boolean.valueOf(this.contentNodeElement.denotesIdentifier())).thenReturn(true);
        Mockito.when(this.contentNodeElement.getString()).thenReturn("contentNode");
    }

    @Test
    public void testPermissionClassNotDefined() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        magnoliaAccessProvider.init(this.systemSession, new HashMap());
        Mockito.when(this.itemPath.getElements()).thenReturn(new Path.Element[]{this.pageElement, this.contentNodeElement});
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals) instanceof DefaultACLBasedPermissions);
    }

    @Test
    public void testPermissionClassDefined() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        hashMap.put("permissionsClass", "info.magnolia.cms.core.NodeTypeBasedPermissions");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals) instanceof NodeTypeBasedPermissions);
    }

    @Test
    public void testPermissionNonexistingClassDefined() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        hashMap.put("permissionsClass", "info.magnolia.cms.core.someNonexistingClass");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals) instanceof DefaultACLBasedPermissions);
    }

    @Test
    public void testPermissionWrongClassDefined() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        hashMap.put("permissionsClass", "info.magnolia.cms.core.MagnoliaAccessProvider");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals) instanceof DefaultACLBasedPermissions);
    }

    @Test
    public void testPermissionWrongClassConstructor() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        hashMap.put("permissionsClass", "info.magnolia.cms.core.RootOnlyPermissions");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals) instanceof DefaultACLBasedPermissions);
    }

    @Test
    public void testReadOnlyPermissionsToJcrSystemAreSetForUser() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        Mockito.when(this.pageElement.getString()).thenReturn("/jcr:system/jcr:versionStorage");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        Assert.assertTrue(magnoliaAccessProvider.compilePermissions(this.principals).grants(this.itemPath, 1));
    }

    @Test
    public void permissionsToJcrSystemAreNotDuplicated() throws RepositoryException {
        MagnoliaAccessProvider magnoliaAccessProvider = new MagnoliaAccessProvider();
        HashMap hashMap = new HashMap();
        Mockito.when(this.pageElement.getString()).thenReturn("/jcr:system/jcr:versionStorage");
        magnoliaAccessProvider.init(this.systemSession, hashMap);
        magnoliaAccessProvider.compilePermissions(this.principals);
        int size = PrincipalUtil.findAccessControlList(this.principals, "website").getList().size();
        magnoliaAccessProvider.compilePermissions(this.principals);
        Assert.assertThat(PrincipalUtil.findAccessControlList(this.principals, "website").getList(), Matchers.hasSize(size));
    }
}
