package io.quarkus.resteasy.reactive.server.test.security;

import io.quarkus.security.PermissionsAllowed;
import io.quarkus.security.StringPermission;
import io.quarkus.security.test.utils.TestIdentityController;
import io.quarkus.security.test.utils.TestIdentityProvider;
import io.quarkus.test.QuarkusUnitTest;
import io.restassured.RestAssured;
import io.vertx.core.json.JsonObject;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import java.security.Permission;
import org.jboss.shrinkwrap.api.asset.StringAsset;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;

/* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RepeatedPermissionsAllowedTest.class */
public class RepeatedPermissionsAllowedTest {

    @RegisterExtension
    static QuarkusUnitTest runner = new QuarkusUnitTest().withApplicationRoot(javaArchive -> {
        javaArchive.addClasses(new Class[]{TestIdentityProvider.class, TestIdentityController.class, HelloResource.class}).addAsResource(new StringAsset("quarkus.log.category.\"io.quarkus.vertx.http.runtime.QuarkusErrorHandler\".level=OFF" + System.lineSeparator()), "application.properties");
    });

    @Path("/hello-interface")
    /* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RepeatedPermissionsAllowedTest$HelloInterface.class */
    public interface HelloInterface {
        @POST
        @PermissionsAllowed.List({@PermissionsAllowed({"write"}), @PermissionsAllowed({"read"})})
        String sayHello(JsonObject jsonObject);
    }

    /* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RepeatedPermissionsAllowedTest$HelloInterfaceImpl.class */
    public static class HelloInterfaceImpl implements HelloInterface {
        @Override // io.quarkus.resteasy.reactive.server.test.security.RepeatedPermissionsAllowedTest.HelloInterface
        public String sayHello(JsonObject jsonObject) {
            return "ignored";
        }
    }

    @Path("/hello")
    /* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RepeatedPermissionsAllowedTest$HelloResource.class */
    public static class HelloResource {
        @POST
        @PermissionsAllowed.List({@PermissionsAllowed({"write"}), @PermissionsAllowed({"read"})})
        public String sayHello(JsonObject jsonObject) {
            return "ignored";
        }
    }

    @BeforeAll
    public static void setupUsers() {
        TestIdentityController.resetRoles().add("user", "user", new Permission[]{new StringPermission("read", new String[0])}).add("admin", "admin", new Permission[]{new StringPermission("read", new String[0]), new StringPermission("write", new String[0])});
    }

    @Test
    public void testRepeatedPermissionsAllowedOnClass() {
        RestAssured.given().body("{%$$#!#@").post("/hello", new Object[0]).then().statusCode(401);
        RestAssured.given().auth().preemptive().basic("user", "user").body("{%$$#!#@").post("/hello", new Object[0]).then().statusCode(403);
        RestAssured.given().auth().preemptive().basic("admin", "admin").body("{%$$#!#@").post("/hello", new Object[0]).then().statusCode(500);
    }

    @Test
    public void testRepeatedPermissionsAllowedOnInterface() {
        RestAssured.given().body("{%$$#!#@").post("/hello-interface", new Object[0]).then().statusCode(401);
        RestAssured.given().auth().preemptive().basic("user", "user").body("{%$$#!#@").post("/hello-interface", new Object[0]).then().statusCode(403);
        RestAssured.given().auth().preemptive().basic("admin", "admin").body("{%$$#!#@").post("/hello-interface", new Object[0]).then().statusCode(500);
    }
}
