package org.alfresco.repo.web.scripts.permission;

import java.util.HashSet;
import java.util.Map;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.web.scripts.BaseWebScriptTest;
import org.alfresco.service.cmr.model.FileFolderService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap;
import org.json.JSONArray;
import org.json.JSONObject;
import org.springframework.extensions.webscripts.TestWebScriptServer;

/* loaded from: input_file:org/alfresco/repo/web/scripts/permission/PermissionServiceTest.class */
public class PermissionServiceTest extends BaseWebScriptTest {
    private MutableAuthenticationService authenticationService;
    private AuthenticationComponent authenticationComponent;
    private PersonService personService;
    private NodeService nodeService;
    private PermissionService permissionService;
    private FileFolderService fileFolderService;
    private SiteService siteService;
    private static final String USER_ONE = "USER_ONE_" + GUID.generate();
    private static final String USER_TWO = "USER_TWO_" + GUID.generate();
    private static final String USER_THREE = "USER_THREE_" + GUID.generate();
    private static final String URL_DOCLIB_PERMISSIONS = "/slingshot/doclib/permissions";

    protected void setUp() throws Exception {
        super.setUp();
        this.authenticationService = (MutableAuthenticationService) getServer().getApplicationContext().getBean("AuthenticationService");
        this.authenticationComponent = (AuthenticationComponent) getServer().getApplicationContext().getBean("authenticationComponent");
        this.personService = (PersonService) getServer().getApplicationContext().getBean("PersonService");
        this.nodeService = (NodeService) getServer().getApplicationContext().getBean("NodeService");
        this.permissionService = (PermissionService) getServer().getApplicationContext().getBean("PermissionService");
        this.fileFolderService = (FileFolderService) getServer().getApplicationContext().getBean("FileFolderService");
        this.siteService = (SiteService) getServer().getApplicationContext().getBean("SiteService");
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        createUser(USER_ONE);
    }

    protected void tearDown() throws Exception {
        super.tearDown();
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        deleteUser(USER_ONE);
    }

    public void testDowngradePermissions() throws Exception {
        NodeRef childRef = this.nodeService.createNode(this.nodeService.getRootNode(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE), ContentModel.ASSOC_CHILDREN, QName.createQName("http://www.alfresco.org", "testFolder"), ContentModel.TYPE_FOLDER).getChildRef();
        this.permissionService.setPermission(childRef, USER_ONE, "Coordinator", true);
        this.permissionService.setInheritParentPermissions(childRef, false);
        this.authenticationComponent.setCurrentUser(USER_ONE);
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("authority", USER_ONE);
        jSONObject2.put("role", "Consumer");
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("authority", USER_ONE);
        jSONObject3.put("role", "Coordinator");
        jSONObject3.put("remove", "true");
        jSONArray.put(jSONObject3);
        jSONArray.put(jSONObject2);
        jSONObject.put("permissions", jSONArray);
        jSONObject.put("isInherited", "true");
        sendRequest(new TestWebScriptServer.PostRequest("/slingshot/doclib/permissions/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol() + "/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier() + "/" + childRef.getId(), jSONObject.toString(), "application/json"), 500);
        JSONObject jSONObject4 = new JSONObject();
        JSONArray jSONArray2 = new JSONArray();
        JSONObject jSONObject5 = new JSONObject();
        jSONObject5.put("authority", USER_ONE);
        jSONObject5.put("role", "Consumer");
        JSONObject jSONObject6 = new JSONObject();
        jSONObject6.put("authority", USER_ONE);
        jSONObject6.put("role", "Coordinator");
        jSONObject6.put("remove", "true");
        jSONArray2.put(jSONObject5);
        jSONArray2.put(jSONObject6);
        jSONObject4.put("permissions", jSONArray2);
        jSONObject4.put("isInherited", "true");
        sendRequest(new TestWebScriptServer.PostRequest("/slingshot/doclib/permissions/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol() + "/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier() + "/" + childRef.getId(), jSONObject4.toString(), "application/json"), 200);
        assertTrue("The permission was not set correctly", this.permissionService.hasPermission(childRef, "Consumer") == AccessStatus.ALLOWED);
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        this.nodeService.deleteNode(childRef);
    }

    private void createUser(String str) {
        if (this.authenticationService.authenticationExists(str)) {
            return;
        }
        this.authenticationService.createAuthentication(str, "PWD".toCharArray());
        PropertyMap propertyMap = new PropertyMap(4);
        propertyMap.put(ContentModel.PROP_USERNAME, str);
        propertyMap.put(ContentModel.PROP_FIRSTNAME, "firstName");
        propertyMap.put(ContentModel.PROP_LASTNAME, "lastName");
        propertyMap.put(ContentModel.PROP_EMAIL, "email@email.com");
        propertyMap.put(ContentModel.PROP_JOBTITLE, "jobTitle");
        this.personService.createPerson(propertyMap);
    }

    private void deleteUser(String str) {
        this.personService.deletePerson(str);
        if (this.authenticationService.authenticationExists(str)) {
            this.authenticationService.deleteAuthentication(str);
        }
    }

    public void testMultipleInheritedPermissions() throws Exception {
        String generate = GUID.generate();
        this.siteService.createSite("Testing", generate, generate, (String) null, SiteVisibility.PUBLIC);
        NodeRef nodeRef = this.fileFolderService.create(this.siteService.createContainer(generate, "documentLibrary", ContentModel.TYPE_FOLDER, (Map) null), "Folder1", ContentModel.TYPE_FOLDER).getNodeRef();
        this.permissionService.setPermission(nodeRef, USER_ONE, "Coordinator", true);
        this.permissionService.setPermission(nodeRef, USER_TWO, "Contributor", true);
        this.permissionService.setPermission(nodeRef, USER_THREE, "Consumer", false);
        this.permissionService.setInheritParentPermissions(nodeRef, true);
        NodeRef nodeRef2 = this.fileFolderService.create(nodeRef, "Folder2", ContentModel.TYPE_FOLDER).getNodeRef();
        this.permissionService.setPermission(nodeRef2, USER_ONE, "Coordinator", true);
        this.permissionService.setPermission(nodeRef2, USER_TWO, "Contributor", false);
        this.permissionService.setPermission(nodeRef2, USER_THREE, "Consumer", true);
        this.permissionService.setInheritParentPermissions(nodeRef2, true);
        NodeRef nodeRef3 = this.fileFolderService.create(nodeRef2, "Folder3", ContentModel.TYPE_FOLDER).getNodeRef();
        this.permissionService.setPermission(nodeRef3, USER_ONE, "Consumer", true);
        this.permissionService.setPermission(nodeRef3, USER_ONE, "Consumer", true);
        this.permissionService.setPermission(nodeRef3, USER_ONE, "Coordinator", true);
        this.permissionService.setInheritParentPermissions(nodeRef3, true);
        JSONObject jSONObject = new JSONObject(sendRequest(new TestWebScriptServer.GetRequest("/slingshot/doclib/permissions/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol() + "/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier() + "/" + nodeRef3.getId()), 200).getContentAsString());
        HashSet hashSet = new HashSet();
        JSONArray jSONArray = jSONObject.getJSONArray("direct");
        for (int i = 0; i < jSONArray.length(); i++) {
            assertTrue(hashSet.add(new AccessPermission(jSONArray.getJSONObject(i))));
        }
        AccessPermission accessPermission = null;
        AccessPermission accessPermission2 = null;
        HashSet hashSet2 = new HashSet();
        JSONArray jSONArray2 = jSONObject.getJSONArray("inherited");
        for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
            AccessPermission accessPermission3 = new AccessPermission(jSONArray2.getJSONObject(i2));
            if (USER_TWO.equals(accessPermission3.getAuthority().getName()) && "Contributor".equals(accessPermission3.getRole())) {
                accessPermission = accessPermission3;
            }
            if (USER_THREE.equals(accessPermission3.getAuthority().getName()) && "Consumer".equals(accessPermission3.getRole())) {
                accessPermission2 = accessPermission3;
            }
            assertTrue(hashSet2.add(accessPermission3));
        }
        assertNull(accessPermission);
        assertNotNull(accessPermission2);
    }
}
