package io.camunda.zeebe.engine.processing.authorization;

import io.camunda.zeebe.engine.util.EngineRule;
import io.camunda.zeebe.protocol.record.Record;
import io.camunda.zeebe.protocol.record.RejectionType;
import io.camunda.zeebe.protocol.record.value.AuthorizationOwnerType;
import io.camunda.zeebe.protocol.record.value.AuthorizationResourceType;
import io.camunda.zeebe.protocol.record.value.EntityType;
import io.camunda.zeebe.protocol.record.value.RoleRecordValue;
import io.camunda.zeebe.test.util.record.RecordingExporterTestWatcher;
import java.util.UUID;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestWatcher;

/* loaded from: input_file:io/camunda/zeebe/engine/processing/authorization/RoleTest.class */
public class RoleTest {

    @Rule
    public final EngineRule engine = EngineRule.singlePartition();

    @Rule
    public final TestWatcher recordingExporterTestWatcher = new RecordingExporterTestWatcher();

    @Test
    public void shouldCreateRole() {
        String uuid = UUID.randomUUID().toString();
        Assertions.assertThat(this.engine.role().newRole(uuid).create().getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
    }

    @Test
    public void shouldNotDuplicate() {
        String uuid = UUID.randomUUID().toString();
        Record<RoleRecordValue> create = this.engine.role().newRole(uuid).create();
        Record<RoleRecordValue> create2 = this.engine.role().newRole(uuid).expectRejection().create();
        Assertions.assertThat(create.getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(create2).hasRejectionType(RejectionType.ALREADY_EXISTS).hasRejectionReason("Expected to create role with name '" + uuid + "', but a role with this name already exists");
    }

    @Test
    public void shouldUpdateRole() {
        Record<RoleRecordValue> create = this.engine.role().newRole(UUID.randomUUID().toString()).create();
        String uuid = UUID.randomUUID().toString();
        Assertions.assertThat(this.engine.role().updateRole(create.getValue().getRoleKey()).withName(uuid).update().getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
    }

    @Test
    public void shouldRejectIfRoleIsNotPresent() {
        String uuid = UUID.randomUUID().toString();
        Record<RoleRecordValue> create = this.engine.role().newRole(uuid).create();
        Record<RoleRecordValue> update = this.engine.role().updateRole(1L).expectRejection().update();
        Assertions.assertThat(create.getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(update).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to update role with key '1', but a role with this key does not exist.");
    }

    @Test
    public void shouldRejectIfRoleWithSameNameIsPresent() {
        long key = this.engine.role().newRole(UUID.randomUUID().toString()).create().getKey();
        String uuid = UUID.randomUUID().toString();
        this.engine.role().newRole(uuid).create();
        io.camunda.zeebe.protocol.record.Assertions.assertThat(this.engine.role().updateRole(key).withName(uuid).expectRejection().update()).hasRejectionType(RejectionType.ALREADY_EXISTS).hasRejectionReason("Expected to update role with name '%s', but a role with this name already exists.".formatted(uuid));
    }

    @Test
    public void shouldAddEntityToRole() {
        long key = this.engine.user().newUser("foo").withEmail("foo@bar").withName("Foo Bar").withPassword("zabraboof").create().getKey();
        Assertions.assertThat(this.engine.role().addEntity(this.engine.role().newRole(UUID.randomUUID().toString()).create().getValue().getRoleKey()).withEntityKey(key).withEntityType(EntityType.USER).add().getValue()).isNotNull().hasFieldOrPropertyWithValue("entityKey", Long.valueOf(key)).hasFieldOrPropertyWithValue("entityType", EntityType.USER);
    }

    @Test
    public void shouldRejectIfRoleIsNotPresentWhileAddingEntity() {
        String uuid = UUID.randomUUID().toString();
        Record<RoleRecordValue> create = this.engine.role().newRole(uuid).create();
        Record<RoleRecordValue> add = this.engine.role().addEntity(1L).expectRejection().add();
        Assertions.assertThat(create.getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(add).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to update role with key '1', but a role with this key does not exist.");
    }

    @Test
    public void shouldRejectIfEntityIsNotPresent() {
        String uuid = UUID.randomUUID().toString();
        RoleRecordValue value = this.engine.role().newRole(uuid).create().getValue();
        long roleKey = value.getRoleKey();
        Record<RoleRecordValue> add = this.engine.role().addEntity(roleKey).withEntityKey(1L).withEntityType(EntityType.USER).expectRejection().add();
        Assertions.assertThat(value).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(add).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to add an entity with key '%s' and type '%s' to role with key '%s', but the entity doesn't exist.".formatted(1L, EntityType.USER, Long.valueOf(roleKey)));
    }

    @Test
    public void shouldRemoveEntityToRole() {
        long key = this.engine.user().newUser("foo").withEmail("foo@bar").withName("Foo Bar").withPassword("zabraboof").create().getKey();
        long roleKey = this.engine.role().newRole(UUID.randomUUID().toString()).create().getValue().getRoleKey();
        this.engine.role().addEntity(roleKey).withEntityKey(key).withEntityType(EntityType.USER).add();
        Assertions.assertThat(this.engine.role().removeEntity(roleKey).withEntityKey(key).withEntityType(EntityType.USER).remove().getValue()).isNotNull().hasFieldOrPropertyWithValue("roleKey", Long.valueOf(roleKey)).hasFieldOrPropertyWithValue("entityKey", Long.valueOf(key)).hasFieldOrPropertyWithValue("entityType", EntityType.USER);
    }

    @Test
    public void shouldRejectIfRoleIsNotPresentEntityRemoval() {
        String uuid = UUID.randomUUID().toString();
        Record<RoleRecordValue> create = this.engine.role().newRole(uuid).create();
        Record<RoleRecordValue> add = this.engine.role().addEntity(1L).expectRejection().add();
        Assertions.assertThat(create.getValue()).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(add).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to update role with key '1', but a role with this key does not exist.");
    }

    @Test
    public void shouldRejectIfEntityIsNotPresentEntityRemoval() {
        String uuid = UUID.randomUUID().toString();
        RoleRecordValue value = this.engine.role().newRole(uuid).create().getValue();
        long roleKey = value.getRoleKey();
        Record<RoleRecordValue> remove = this.engine.role().removeEntity(roleKey).withEntityKey(1L).withEntityType(EntityType.USER).expectRejection().remove();
        Assertions.assertThat(value).isNotNull().hasFieldOrPropertyWithValue("name", uuid);
        io.camunda.zeebe.protocol.record.Assertions.assertThat(remove).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to remove an entity with key '%s' and type '%s' from role with key '%s', but the entity doesn't exist.".formatted(1L, EntityType.USER, Long.valueOf(roleKey)));
    }

    @Test
    public void shouldDeleteRole() {
        long roleKey = this.engine.role().newRole(UUID.randomUUID().toString()).create().getValue().getRoleKey();
        this.engine.authorization().permission().withOwnerKey(Long.valueOf(roleKey)).withOwnerType(AuthorizationOwnerType.ROLE).withResourceType(AuthorizationResourceType.ROLE).add();
        Assertions.assertThat(this.engine.role().deleteRole(roleKey).delete().getValue()).isNotNull().hasFieldOrPropertyWithValue("roleKey", Long.valueOf(roleKey));
    }

    @Test
    public void shouldRejectIfRoleIsNotPresentOnDeletion() {
        io.camunda.zeebe.protocol.record.Assertions.assertThat(this.engine.role().deleteRole(1L).expectRejection().delete()).hasRejectionType(RejectionType.NOT_FOUND).hasRejectionReason("Expected to delete role with key '%s', but a role with this key doesn't exist.".formatted(1L));
    }
}
