package eu.ehri.project.ws.test;

import com.fasterxml.jackson.core.type.TypeReference;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import eu.ehri.project.acl.ContentTypes;
import eu.ehri.project.acl.PermissionType;
import eu.ehri.project.persistence.Bundle;
import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:eu/ehri/project/ws/test/PermissionResourceClientTest.class */
public class PermissionResourceClientTest extends AbstractResourceClientTest {
    private static final String LIMITED_USER_NAME = "reto";
    private static final String TEST_HOLDER_IDENTIFIER = "r2";
    private String jsonDocumentaryUnitTestStr;

    public PermissionResourceClientTest() {
        super(new Class[0]);
    }

    @Before
    public void setUp() throws Exception {
        this.jsonDocumentaryUnitTestStr = readResourceFileAsString("DocumentaryUnit.json");
    }

    @Test
    public void testSettingGlobalPermissionMatrix() throws UniformInterfaceException, IOException {
        ClientResponse clientResponse = (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME)).get(ClientResponse.class);
        assertStatus(ClientResponse.Status.OK, clientResponse);
        List<Map<String, Map<String, List<String>>>> inheritedMatrix = getInheritedMatrix((String) clientResponse.getEntity(String.class));
        Assert.assertNull(inheritedMatrix.get(0).get(LIMITED_USER_NAME).get(ContentTypes.DOCUMENTARY_UNIT.getName()));
        Assert.assertNull(inheritedMatrix.get(0).get(LIMITED_USER_NAME).get(ContentTypes.DOCUMENTARY_UNIT.getName()));
        assertStatus(ClientResponse.Status.OK, (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME)).entity(jsonMapper.writeValueAsBytes(getTestMatrix())).post(ClientResponse.class));
        ClientResponse clientResponse2 = (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME)).get(ClientResponse.class);
        assertStatus(ClientResponse.Status.OK, clientResponse2);
        List<Map<String, Map<String, List<String>>>> inheritedMatrix2 = getInheritedMatrix((String) clientResponse2.getEntity(String.class));
        Assert.assertTrue(inheritedMatrix2.get(0).get(LIMITED_USER_NAME).get(ContentTypes.DOCUMENTARY_UNIT.getName()).contains(PermissionType.CREATE.getName()));
        Assert.assertTrue(inheritedMatrix2.get(0).get(LIMITED_USER_NAME).get(ContentTypes.DOCUMENTARY_UNIT.getName()).contains(PermissionType.DELETE.getName()));
    }

    @Test
    public void testPermissionSetPermissionDenied() throws Exception {
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, ehriUri("permissions", LIMITED_USER_NAME)).post(ClientResponse.class, jsonMapper.writeValueAsBytes(getTestMatrix())));
    }

    @Test
    public void testGivingBadPermsErrorsCorrectly() throws Exception {
        HashMap newHashMap = Maps.newHashMap(getTestMatrix());
        newHashMap.put("IDONTEXIST", new ImmutableList.Builder().add(PermissionType.CREATE.getName()).build());
        assertStatus(ClientResponse.Status.BAD_REQUEST, (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME)).post(ClientResponse.class, jsonMapper.writeValueAsBytes(newHashMap)));
    }

    @Test
    public void testSettingGlobalPermissions() throws Exception {
        URI creationUriFor = getCreationUriFor(TEST_HOLDER_IDENTIFIER);
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, creationUriFor).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class));
        assertStatus(ClientResponse.Status.OK, (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME)).post(ClientResponse.class, jsonMapper.writeValueAsBytes(getTestMatrix())));
        ClientResponse clientResponse = (ClientResponse) jsonCallAs(LIMITED_USER_NAME, creationUriFor).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class);
        assertStatus(ClientResponse.Status.CREATED, clientResponse);
        assertStatus(ClientResponse.Status.NO_CONTENT, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, clientResponse.getLocation()).delete(ClientResponse.class));
    }

    @Test
    public void testSettingScopedPermissions() throws Exception {
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, getCreationUriFor(TEST_HOLDER_IDENTIFIER)).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class));
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, getCreationUriFor("r3")).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class));
        ClientResponse clientResponse = (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME, "scope", TEST_HOLDER_IDENTIFIER)).entity("{\"DocumentaryUnit\": [\"create\"]}").post(ClientResponse.class);
        System.out.println((String) clientResponse.getEntity(String.class));
        assertStatus(ClientResponse.Status.OK, clientResponse);
        assertStatus(ClientResponse.Status.CREATED, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, getCreationUriFor(TEST_HOLDER_IDENTIFIER)).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class));
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, getCreationUriFor("r3")).entity(this.jsonDocumentaryUnitTestStr).post(ClientResponse.class));
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, ehriUri("permissions", "linda", "scope", TEST_HOLDER_IDENTIFIER)).entity("{\"DocumentaryUnit\": [\"grant\"]}").post(ClientResponse.class));
    }

    @Test
    public void testSettingItemPermissions() throws Exception {
        URI entityUri = entityUri("DocumentaryUnit", "c4");
        ClientResponse clientResponse = (ClientResponse) jsonCallAs(LIMITED_USER_NAME, entityUri).get(ClientResponse.class);
        assertStatus(ClientResponse.Status.OK, clientResponse);
        String json = Bundle.fromString((String) clientResponse.getEntity(String.class)).withDataValue("testKey", "testValue").toJson();
        assertStatus(ClientResponse.Status.FORBIDDEN, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, entityUri).entity(json).put(ClientResponse.class));
        assertStatus(ClientResponse.Status.OK, (ClientResponse) jsonCallAs(getAdminUserProfileId(), ehriUri("permissions", LIMITED_USER_NAME, "item", "c4")).entity("[\"update\", \"delete\"]").post(ClientResponse.class));
        assertStatus(ClientResponse.Status.OK, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, entityUri).entity(json).put(ClientResponse.class));
        assertStatus(ClientResponse.Status.NO_CONTENT, (ClientResponse) jsonCallAs(LIMITED_USER_NAME, entityUri).delete(ClientResponse.class));
    }

    private List<Map<String, Map<String, List<String>>>> getInheritedMatrix(String str) throws IOException {
        return (List) jsonMapper.readValue(str, new TypeReference<List<Map<String, Map<String, List<String>>>>>() { // from class: eu.ehri.project.ws.test.PermissionResourceClientTest.1
        });
    }

    private Map<String, List<String>> getTestMatrix() {
        return ImmutableMap.of(ContentTypes.DOCUMENTARY_UNIT.getName(), Lists.newArrayList(new String[]{PermissionType.CREATE.getName(), PermissionType.DELETE.getName(), PermissionType.UPDATE.getName()}), ContentTypes.REPOSITORY.getName(), Lists.newArrayList(new String[]{PermissionType.CREATE.getName(), PermissionType.DELETE.getName(), PermissionType.UPDATE.getName()}));
    }

    private URI getCreationUriFor(String str) {
        return entityUri("Repository", str);
    }
}
