package io.quarkus.resteasy.reactive.server.test.security;

import io.quarkus.security.test.utils.TestIdentityController;
import io.restassured.RestAssured;
import io.restassured.response.ValidatableResponse;
import org.hamcrest.Matcher;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/AbstractPermissionsAllowedTestCase.class */
public abstract class AbstractPermissionsAllowedTestCase {
    @BeforeAll
    public static void setupUsers() {
        TestIdentityController.resetRoles().add("admin", "admin").add("user", "user").add("viewer", "viewer");
    }

    @Test
    public void testStringPermission2RequiredPermissions() {
        RestAssured.given().auth().basic("admin", "admin").post("/permissions", new Object[0]).then().statusCode(200).body(Matchers.equalTo("done"), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").post("/permissions", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testStringPermission2RequiredPermissionsNonBlocking() {
        RestAssured.given().auth().basic("admin", "admin").post("/permissions-non-blocking", new Object[0]).then().statusCode(200).body(Matchers.equalTo("done"), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").post("/permissions-non-blocking", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testStringPermissionOneOfPermissionsAndActions() {
        RestAssured.given().auth().basic("admin", "admin").get("/permissions/admin", new Object[0]).then().statusCode(200).body(Matchers.equalTo("admin"), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").get("/permissions/admin", new Object[0]).then().statusCode(200).body(Matchers.equalTo("admin"), new Matcher[0]);
        RestAssured.given().auth().basic("viewer", "viewer").get("/permissions/admin", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testStringPermissionOneOfPermissionsAndActionsNonBlocking() {
        RestAssured.given().auth().basic("admin", "admin").get("/permissions-non-blocking/admin", new Object[0]).then().statusCode(200).body(Matchers.equalTo("admin"), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").get("/permissions-non-blocking/admin", new Object[0]).then().statusCode(200).body(Matchers.equalTo("admin"), new Matcher[0]);
        RestAssured.given().auth().basic("viewer", "viewer").get("/permissions-non-blocking/admin", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testBlockingAccessToIdentityOnIOThread() {
        RestAssured.given().auth().basic("user", "user").get("/permissions/admin/security-identity", new Object[0]).then().statusCode(200).body(Matchers.equalTo("user"), new Matcher[0]);
        RestAssured.given().auth().basic("admin", "admin").get("/permissions/admin/security-identity", new Object[0]).then().statusCode(403);
        RestAssured.given().auth().basic("user", "user").get("/permissions-non-blocking/admin/security-identity", new Object[0]).then().statusCode(200).body(Matchers.equalTo("user"), new Matcher[0]);
        RestAssured.given().auth().basic("admin", "admin").get("/permissions-non-blocking/admin/security-identity", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testCustomPermissionNonBlocking() {
        RestAssured.given().auth().basic("admin", "admin").param("greeting", new Object[]{"hello"}).get("/permissions-non-blocking/custom-permission", new Object[0]).then().statusCode(200).body(Matchers.equalTo("hello"), new Matcher[0]);
        RestAssured.given().auth().basic("admin", "admin").param("greeting", new Object[]{"hi"}).get("/permissions-non-blocking/custom-permission", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testCustomPermission() {
        RestAssured.given().auth().basic("admin", "admin").param("greeting", new Object[]{"hello"}).get("/permissions/custom-permission", new Object[0]).then().statusCode(200).body(Matchers.equalTo("hello"), new Matcher[0]);
        RestAssured.given().auth().basic("admin", "admin").param("greeting", new Object[]{"hi"}).get("/permissions/custom-permission", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testCustomPermissionWithAdditionalArgs() {
        reqAutodetectedExtraArgs("admin", "Ostrava").statusCode(200).body(Matchers.equalTo("so long Nelson 3 Ostrava"), new Matcher[0]);
        reqAutodetectedExtraArgs("user", "Prague").statusCode(200).body(Matchers.equalTo("so long Nelson 3 Prague"), new Matcher[0]);
        reqAutodetectedExtraArgs("user", "Ostrava").statusCode(403);
        reqAutodetectedExtraArgs("viewer", "Ostrava").statusCode(403);
        reqExplicitlyMarkedExtraArgs("admin", "Ostrava").statusCode(200).body(Matchers.equalTo("so long Nelson 3 Ostrava"), new Matcher[0]);
        reqExplicitlyMarkedExtraArgs("user", "Prague").statusCode(200).body(Matchers.equalTo("so long Nelson 3 Prague"), new Matcher[0]);
        reqExplicitlyMarkedExtraArgs("user", "Ostrava").statusCode(403);
        reqExplicitlyMarkedExtraArgs("viewer", "Ostrava").statusCode(403);
    }

    private static ValidatableResponse reqAutodetectedExtraArgs(String str, String str2) {
        return RestAssured.given().auth().basic(str, str).pathParam("goodbye", "so long").header("toWhom", "Nelson", new Object[0]).cookie("day", 3, new Object[0]).body(str2).post("/permissions-non-blocking/custom-perm-with-args/{goodbye}", new Object[0]).then();
    }

    private static ValidatableResponse reqExplicitlyMarkedExtraArgs(String str, String str2) {
        return RestAssured.given().auth().basic(str, str).pathParam("goodbye", "so long").header("toWhom", "Nelson", new Object[0]).cookie("day", 3, new Object[0]).body(str2).post("/permissions/custom-perm-with-args/{goodbye}", new Object[0]).then();
    }
}
