package org.alfresco.repo.web.scripts.permission;

import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.web.scripts.BaseWebScriptTest;
import org.alfresco.rest.api.tests.client.AuthenticatedHttp;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap;
import org.json.JSONArray;
import org.json.JSONObject;
import org.springframework.extensions.webscripts.TestWebScriptServer;

/* loaded from: input_file:org/alfresco/repo/web/scripts/permission/PermissionServiceTest.class */
public class PermissionServiceTest extends BaseWebScriptTest {
    private MutableAuthenticationService authenticationService;
    private AuthenticationComponent authenticationComponent;
    private PersonService personService;
    private NodeService nodeService;
    private PermissionService permissionService;
    private static final String USER_ONE = "USER" + GUID.generate();
    private static final String URL_DOCLIB_PERMISSIONS = "/slingshot/doclib/permissions";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.alfresco.repo.web.scripts.BaseWebScriptTest
    public void setUp() throws Exception {
        super.setUp();
        this.authenticationService = (MutableAuthenticationService) getServer().getApplicationContext().getBean("AuthenticationService");
        this.authenticationComponent = (AuthenticationComponent) getServer().getApplicationContext().getBean("authenticationComponent");
        this.personService = (PersonService) getServer().getApplicationContext().getBean("PersonService");
        this.nodeService = (NodeService) getServer().getApplicationContext().getBean("NodeService");
        this.permissionService = (PermissionService) getServer().getApplicationContext().getBean("PermissionService");
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        createUser(USER_ONE);
    }

    protected void tearDown() throws Exception {
        super.tearDown();
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        deleteUser(USER_ONE);
    }

    public void testDowngradePermissions() throws Exception {
        NodeRef childRef = this.nodeService.createNode(this.nodeService.getRootNode(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE), ContentModel.ASSOC_CHILDREN, QName.createQName("http://www.alfresco.org", "testFolder"), ContentModel.TYPE_FOLDER).getChildRef();
        this.permissionService.setPermission(childRef, USER_ONE, "Coordinator", true);
        this.permissionService.setInheritParentPermissions(childRef, false);
        this.authenticationComponent.setCurrentUser(USER_ONE);
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("authority", USER_ONE);
        jSONObject2.put("role", "Consumer");
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("authority", USER_ONE);
        jSONObject3.put("role", "Coordinator");
        jSONObject3.put("remove", "true");
        jSONArray.put(jSONObject3);
        jSONArray.put(jSONObject2);
        jSONObject.put("permissions", jSONArray);
        jSONObject.put("isInherited", "true");
        sendRequest(new TestWebScriptServer.PostRequest("/slingshot/doclib/permissions/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol() + "/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier() + "/" + childRef.getId(), jSONObject.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 500);
        JSONObject jSONObject4 = new JSONObject();
        JSONArray jSONArray2 = new JSONArray();
        JSONObject jSONObject5 = new JSONObject();
        jSONObject5.put("authority", USER_ONE);
        jSONObject5.put("role", "Consumer");
        JSONObject jSONObject6 = new JSONObject();
        jSONObject6.put("authority", USER_ONE);
        jSONObject6.put("role", "Coordinator");
        jSONObject6.put("remove", "true");
        jSONArray2.put(jSONObject5);
        jSONArray2.put(jSONObject6);
        jSONObject4.put("permissions", jSONArray2);
        jSONObject4.put("isInherited", "true");
        sendRequest(new TestWebScriptServer.PostRequest("/slingshot/doclib/permissions/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol() + "/" + StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier() + "/" + childRef.getId(), jSONObject4.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200);
        assertTrue("The permission was not set correctly", this.permissionService.hasPermission(childRef, "Consumer") == AccessStatus.ALLOWED);
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        this.nodeService.deleteNode(childRef);
    }

    private void createUser(String str) {
        if (this.authenticationService.authenticationExists(str)) {
            return;
        }
        this.authenticationService.createAuthentication(str, "PWD".toCharArray());
        PropertyMap propertyMap = new PropertyMap(4);
        propertyMap.put(ContentModel.PROP_USERNAME, str);
        propertyMap.put(ContentModel.PROP_FIRSTNAME, "firstName");
        propertyMap.put(ContentModel.PROP_LASTNAME, "lastName");
        propertyMap.put(ContentModel.PROP_EMAIL, "email@email.com");
        propertyMap.put(ContentModel.PROP_JOBTITLE, "jobTitle");
        this.personService.createPerson(propertyMap);
    }

    private void deleteUser(String str) {
        this.personService.deletePerson(str);
        if (this.authenticationService.authenticationExists(str)) {
            this.authenticationService.deleteAuthentication(str);
        }
    }
}
