package org.jahia.services.acl;

import java.util.Collections;
import java.util.Locale;
import java.util.Properties;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.content.JCRCallback;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRPublicationService;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.JCRTemplate;
import org.jahia.services.content.decorator.JCRGroupNode;
import org.jahia.services.content.decorator.JCRUserNode;
import org.jahia.services.sites.JahiaSite;
import org.jahia.services.usermanager.JahiaGroupManagerService;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.test.framework.AbstractJUnitTest;
import org.jahia.test.utils.TestHelper;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jahia/services/acl/AclIT.class */
public class AclIT extends AbstractJUnitTest {
    private static final transient Logger logger = LoggerFactory.getLogger(AclIT.class);
    private static final String TESTSITE_NAME = "aclTestSite";
    private static JCRUserNode user1;
    private static JCRUserNode user2;
    private static JCRUserNode user3;
    private static JCRUserNode user4;
    private static JCRGroupNode group1;
    private static JCRGroupNode group2;
    public static final String HOMEPATH = "/sites/aclTestSite/home";
    public static JCRPublicationService jcrService;
    private static JCRNodeWrapper systemSite;
    private static JCRNodeWrapper site;
    private static JCRNodeWrapper home;
    private static JCRNodeWrapper content1;
    private static JCRNodeWrapper content11;
    private static JCRNodeWrapper content12;
    private static JCRNodeWrapper content2;
    private static JCRNodeWrapper content21;
    private static JCRNodeWrapper content22;
    private static String homeIdentifier;
    private JCRSessionWrapper session;
    static String content1Identifier;
    private static String content11Identifier;
    private static String content12Identifier;
    private static String content2Identifier;
    private static String content21Identifier;
    private static String content22Identifier;

    /* loaded from: input_file:org/jahia/services/acl/AclIT$CheckPermission.class */
    class CheckPermission implements JCRCallback<Boolean> {
        private String path;
        private String permission;

        CheckPermission(String str, String str2) {
            this.path = str;
            this.permission = str2;
        }

        /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
        public Boolean m2doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
            try {
                return Boolean.valueOf(jCRSessionWrapper.getNode(this.path).hasPermission(this.permission));
            } catch (PathNotFoundException e) {
                return false;
            }
        }
    }

    @Override // org.jahia.test.framework.AbstractJUnitTest, org.jahia.test.framework.InstanceTestClassListener
    public void beforeClassSetup() throws Exception {
        super.beforeClassSetup();
        TestHelper.createSite("systemsite", null);
        JahiaSite createSite = TestHelper.createSite(TESTSITE_NAME, null);
        jcrService = ServicesRegistry.getInstance().getJCRPublicationService();
        JCRSessionWrapper currentUserSession = jcrService.getSessionFactory().getCurrentUserSession();
        home = currentUserSession.getNode(HOMEPATH);
        homeIdentifier = home.getIdentifier();
        content1 = home.addNode("content1", "jnt:contentList");
        content1Identifier = content1.getIdentifier();
        content11 = content1.addNode("content1.1", "jnt:contentList");
        content11Identifier = content11.getIdentifier();
        content12 = content1.addNode("content1.2", "jnt:contentList");
        content12Identifier = content12.getIdentifier();
        content2 = home.addNode("content2", "jnt:contentList");
        content2Identifier = content2.getIdentifier();
        content21 = content2.addNode("content2.1", "jnt:contentList");
        content21Identifier = content21.getIdentifier();
        content22 = content2.addNode("content2.2", "jnt:contentList");
        content22Identifier = content22.getIdentifier();
        currentUserSession.save();
        JahiaUserManagerService jahiaUserManagerService = ServicesRegistry.getInstance().getJahiaUserManagerService();
        Assert.assertNotNull("JahiaUserManagerService cannot be retrieved", jahiaUserManagerService);
        user1 = jahiaUserManagerService.createUser("user1", "password", new Properties(), currentUserSession);
        user2 = jahiaUserManagerService.createUser("user2", "password", new Properties(), currentUserSession);
        user3 = jahiaUserManagerService.createUser("user3", "password", new Properties(), currentUserSession);
        user4 = jahiaUserManagerService.createUser("user4", "password", new Properties(), currentUserSession);
        JahiaGroupManagerService jahiaGroupManagerService = ServicesRegistry.getInstance().getJahiaGroupManagerService();
        Assert.assertNotNull("JahiaGroupManagerService cannot be retrieved", jahiaGroupManagerService);
        group1 = jahiaGroupManagerService.createGroup(createSite.getSiteKey(), "group1", new Properties(), false, currentUserSession);
        group2 = jahiaGroupManagerService.createGroup(createSite.getSiteKey(), "group2", new Properties(), false, currentUserSession);
        group1.addMember(user1);
        group1.addMember(user2);
        group2.addMember(user3);
        group2.addMember(user4);
        currentUserSession.save();
    }

    @Override // org.jahia.test.framework.AbstractJUnitTest, org.jahia.test.framework.InstanceTestClassListener
    public void afterClassSetup() throws Exception {
        super.afterClassSetup();
        try {
            JCRSessionWrapper currentUserSession = JCRSessionFactory.getInstance().getCurrentUserSession();
            if (currentUserSession.nodeExists("/sites/aclTestSite")) {
                TestHelper.deleteSite(TESTSITE_NAME);
            }
            JahiaUserManagerService jahiaUserManagerService = ServicesRegistry.getInstance().getJahiaUserManagerService();
            jahiaUserManagerService.deleteUser(user1.getPath(), currentUserSession);
            jahiaUserManagerService.deleteUser(user2.getPath(), currentUserSession);
            jahiaUserManagerService.deleteUser(user3.getPath(), currentUserSession);
            jahiaUserManagerService.deleteUser(user4.getPath(), currentUserSession);
            currentUserSession.save();
        } catch (Exception e) {
            logger.warn("Exception during test tearDown", e);
        }
        JCRSessionFactory.getInstance().closeAllSessions();
    }

    @Before
    public void setUp() throws RepositoryException {
        this.session = JCRSessionFactory.getInstance().getCurrentUserSession();
        systemSite = this.session.getNode("/sites/systemsite");
        site = this.session.getNode("/sites/aclTestSite");
        home = this.session.getNodeByIdentifier(homeIdentifier);
        content1 = this.session.getNodeByIdentifier(content1Identifier);
        content11 = this.session.getNodeByIdentifier(content11Identifier);
        content12 = this.session.getNodeByIdentifier(content12Identifier);
        content2 = this.session.getNodeByIdentifier(content2Identifier);
        content21 = this.session.getNodeByIdentifier(content21Identifier);
        content22 = this.session.getNodeByIdentifier(content22Identifier);
        this.session.save();
    }

    @After
    public void tearDown() throws Exception {
        home.revokeAllRoles();
        content1.revokeAllRoles();
        content11.revokeAllRoles();
        content12.revokeAllRoles();
        content2.revokeAllRoles();
        content21.revokeAllRoles();
        content21.revokeAllRoles();
        this.session.getNode("/modules").revokeAllRoles();
        this.session.save();
        JCRSessionFactory.getInstance().closeAllSessions();
    }

    @Test
    public void testDefaultReadRight() throws Exception {
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(HOMEPATH, "jcr:read"))).booleanValue());
    }

    @Test
    public void testGrantUser() throws Exception {
        content11.grantRoles("u:user1", Collections.singleton("owner"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user2", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
    }

    @Test
    public void testGrantGroup() throws Exception {
        content11.grantRoles("g:group1", Collections.singleton("owner"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user2", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user3", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user4", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
    }

    @Test
    public void testDenyUser() throws Exception {
        content1.grantRoles("u:user1", Collections.singleton("owner"));
        content11.denyRoles("u:user1", Collections.singleton("owner"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content1.getPath(), "jcr:write"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:write"))).booleanValue());
    }

    @Test
    public void testAclBreak() throws Exception {
        content1.setAclInheritanceBreak(true);
        content11.grantRoles("u:user1", Collections.singleton("owner"));
        this.session.save();
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(home.getPath(), "jcr:read"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content1.getPath(), "jcr:read"))).booleanValue());
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content11.getPath(), "jcr:read"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(content12.getPath(), "jcr:read"))).booleanValue());
    }

    @Test
    public void testPrivileged() throws Exception {
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jcr:read_default"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jcr:read_default"))).booleanValue());
        content1.grantRoles("u:user1", Collections.singleton("editor"));
        content2.grantRoles("u:user1", Collections.singleton("editor"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jcr:read_default"))).booleanValue());
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jcr:read_default"))).booleanValue());
        content1.revokeAllRoles();
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jcr:read_default"))).booleanValue());
        content2.revokeAllRoles();
        this.session.save();
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jcr:read_default"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jcr:read_default"))).booleanValue());
        this.session.getNode("/modules").grantRoles("u:user1", Collections.singleton("editor"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jcr:read_default"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jcr:read_default"))).booleanValue());
    }

    @Test
    public void testExternalPermissions() throws Exception {
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jContentAccess"))).booleanValue());
        content1.grantRoles("u:user1", Collections.singleton("editor"));
        content2.grantRoles("u:user1", Collections.singleton("editor"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jContentAccess"))).booleanValue());
        content1.revokeAllRoles();
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jContentAccess"))).booleanValue());
        content2.revokeAllRoles();
        this.session.save();
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(site.getPath(), "jContentAccess"))).booleanValue());
        Assert.assertFalse(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jContentAccess"))).booleanValue());
        this.session.getNode("/modules").grantRoles("u:user1", Collections.singleton("editor"));
        this.session.save();
        Assert.assertTrue(((Boolean) JCRTemplate.getInstance().doExecute("user1", (String) null, (String) null, (Locale) null, new CheckPermission(systemSite.getPath(), "jContentAccess"))).booleanValue());
    }
}
