package org.alfresco.repo.web.scripts.site;

import java.util.List;
import java.util.Set;
import java.util.UUID;
import org.alfresco.model.ContentModel;
import org.alfresco.query.PagingRequest;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.rest.api.tests.client.AuthenticatedHttp;
import org.alfresco.rest.api.tests.client.UserData;
import org.alfresco.service.cmr.model.FileFolderService;
import org.alfresco.service.cmr.model.FileInfo;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.json.JSONObject;
import org.springframework.extensions.webscripts.TestWebScriptServer;

/* loaded from: input_file:org/alfresco/repo/web/scripts/site/SurfConfigTest.class */
public class SurfConfigTest extends AbstractSiteServiceTest {
    private SiteService siteService;
    private NodeService nodeService;
    private PermissionService permissionService;
    private FileFolderService fileFolderService;
    private static final long RD = System.currentTimeMillis();
    private static final String USER_ONE = "SiteUserOne" + RD;
    private static final String USER_TWO = "SiteUserTwo" + RD;
    private static final String USER_THREE = "SiteUserThree" + RD;
    private static final String URL_SITES = "/api/sites";
    private static final String URL_MEMBERSHIPS = "/memberships";
    private static final String URL_ADM = "/remoteadm/";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.alfresco.repo.web.scripts.site.AbstractSiteServiceTest
    public void setUp() throws Exception {
        super.setUp();
        this.siteService = (SiteService) getServer().getApplicationContext().getBean("SiteService");
        this.nodeService = (NodeService) getServer().getApplicationContext().getBean("NodeService");
        this.permissionService = (PermissionService) getServer().getApplicationContext().getBean("PermissionService");
        this.fileFolderService = (FileFolderService) getServer().getApplicationContext().getBean("FileFolderService");
        createUser(USER_ONE);
        createUser(USER_TWO);
        createUser(USER_THREE);
        AuthenticationUtil.setFullyAuthenticatedUser(USER_ONE);
    }

    protected void tearDown() throws Exception {
        super.tearDown();
        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
        deleteUser(USER_ONE);
        deleteUser(USER_TWO);
        deleteUser(USER_THREE);
        deleteSites();
        AuthenticationUtil.clearCurrentSecurityContext();
    }

    public void testSurfConfigPermissions() throws Exception {
        String uuid = UUID.randomUUID().toString();
        JSONObject createSite = createSite("myPreset", uuid, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
        assertEquals("myPreset", createSite.get("sitePreset"));
        assertEquals(uuid, createSite.get("shortName"));
        assertEquals("myTitle", createSite.get("title"));
        assertEquals("myDescription", createSite.get("description"));
        assertEquals(SiteVisibility.PUBLIC.toString(), createSite.get("visibility"));
        sendRequest(new TestWebScriptServer.PostRequest("/remoteadm/CREATE/alfresco/site-data/pages/site/" + uuid + "/dashboard.xml?s=sitestore", new JSONObject().toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200);
        NodeRef childByName = this.nodeService.getChildByName(this.siteService.getSite(uuid).getNodeRef(), ContentModel.ASSOC_CONTAINS, "surf-config");
        assertEquals("surf-config", this.nodeService.getProperty(childByName, ContentModel.PROP_NAME));
        String str = (String) this.nodeService.getProperty(childByName, ContentModel.PROP_OWNER);
        assertFalse(USER_ONE.equalsIgnoreCase(str));
        assertEquals(AuthenticationUtil.getAdminUserName(), str);
        assertFalse("Inherit Permissions should be off.", this.permissionService.getInheritParentPermissions(childByName));
        Set allSetPermissions = this.permissionService.getAllSetPermissions(childByName);
        assertEquals(1, allSetPermissions.size());
        String siteRoleGroup = this.siteService.getSiteRoleGroup(uuid, "SiteManager");
        AccessPermission accessPermission = (AccessPermission) allSetPermissions.iterator().next();
        assertEquals(siteRoleGroup, accessPermission.getAuthority());
        assertEquals("SiteManager", accessPermission.getPermission());
        assertTrue(accessPermission.getAccessStatus() == AccessStatus.ALLOWED);
        List page = this.fileFolderService.list(childByName, true, true, (String) null, (Set) null, (List) null, new PagingRequest(Integer.MAX_VALUE)).getPage();
        assertNotNull(page);
        assertEquals(1, page.size());
        assertEquals("pages", ((FileInfo) page.get(0)).getName());
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("role", "SiteCollaborator");
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(UserData.FIELD_USERNAME, USER_TWO);
        jSONObject.put("person", jSONObject2);
        JSONObject jSONObject3 = new JSONObject(sendRequest(new TestWebScriptServer.PostRequest("/api/sites/" + uuid + URL_MEMBERSHIPS, jSONObject.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200).getContentAsString());
        assertEquals("SiteCollaborator", jSONObject3.get("role"));
        assertEquals(USER_TWO, jSONObject3.getJSONObject("authority").get(UserData.FIELD_USERNAME));
        jSONObject.put("role", "SiteManager");
        jSONObject2.put(UserData.FIELD_USERNAME, USER_THREE);
        jSONObject.put("person", jSONObject2);
        JSONObject jSONObject4 = new JSONObject(sendRequest(new TestWebScriptServer.PostRequest("/api/sites/" + uuid + URL_MEMBERSHIPS, jSONObject.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200).getContentAsString());
        assertEquals("SiteManager", jSONObject4.get("role"));
        assertEquals(USER_THREE, jSONObject4.getJSONObject("authority").get(UserData.FIELD_USERNAME));
        AuthenticationUtil.setFullyAuthenticatedUser(USER_TWO);
        try {
            this.fileFolderService.list(childByName, true, true, (String) null, (Set) null, (List) null, new PagingRequest(Integer.MAX_VALUE));
            fail("USER_TWO dose not have the appropriate permissions to perform this operation.");
        } catch (AccessDeniedException e) {
        }
        AuthenticationUtil.setFullyAuthenticatedUser(USER_THREE);
        List page2 = this.fileFolderService.list(childByName, true, true, (String) null, (Set) null, (List) null, new PagingRequest(Integer.MAX_VALUE)).getPage();
        assertNotNull(page2);
        assertEquals(1, page2.size());
        assertEquals("pages", ((FileInfo) page2.get(0)).getName());
        jSONObject.put("role", "SiteContributor");
        jSONObject2.put(UserData.FIELD_USERNAME, USER_ONE);
        jSONObject.put("person", jSONObject2);
        JSONObject jSONObject5 = new JSONObject(sendRequest(new TestWebScriptServer.PutRequest("/api/sites/" + uuid + URL_MEMBERSHIPS, jSONObject.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200).getContentAsString());
        assertEquals("SiteContributor", jSONObject5.get("role"));
        assertEquals(USER_ONE, jSONObject5.getJSONObject("authority").get(UserData.FIELD_USERNAME));
        AuthenticationUtil.setFullyAuthenticatedUser(USER_ONE);
        try {
            this.fileFolderService.list(childByName, true, true, (String) null, (Set) null, (List) null, new PagingRequest(Integer.MAX_VALUE));
            fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
        } catch (AccessDeniedException e2) {
        }
        try {
            this.fileFolderService.list(((FileInfo) page2.get(0)).getNodeRef(), true, true, (String) null, (Set) null, (List) null, new PagingRequest(Integer.MAX_VALUE));
            fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
        } catch (AccessDeniedException e3) {
        }
    }
}
