package org.cibseven.bpm.engine.rest;

import io.restassured.RestAssured;
import io.restassured.http.ContentType;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.ws.rs.core.Response;
import org.cibseven.bpm.engine.AuthorizationException;
import org.cibseven.bpm.engine.AuthorizationService;
import org.cibseven.bpm.engine.BadUserRequestException;
import org.cibseven.bpm.engine.IdentityService;
import org.cibseven.bpm.engine.authorization.Authorization;
import org.cibseven.bpm.engine.authorization.AuthorizationQuery;
import org.cibseven.bpm.engine.authorization.Permission;
import org.cibseven.bpm.engine.authorization.Permissions;
import org.cibseven.bpm.engine.authorization.Resource;
import org.cibseven.bpm.engine.authorization.Resources;
import org.cibseven.bpm.engine.identity.Group;
import org.cibseven.bpm.engine.identity.GroupQuery;
import org.cibseven.bpm.engine.impl.AuthorizationServiceImpl;
import org.cibseven.bpm.engine.impl.IdentityServiceImpl;
import org.cibseven.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl;
import org.cibseven.bpm.engine.impl.cfg.auth.DefaultPermissionProvider;
import org.cibseven.bpm.engine.impl.cfg.auth.PermissionProvider;
import org.cibseven.bpm.engine.impl.identity.Authentication;
import org.cibseven.bpm.engine.rest.dto.authorization.AuthorizationDto;
import org.cibseven.bpm.engine.rest.exception.InvalidRequestException;
import org.cibseven.bpm.engine.rest.helper.MockProvider;
import org.cibseven.bpm.engine.rest.util.ResourceUtil;
import org.cibseven.bpm.engine.rest.util.container.TestContainerRule;
import org.hamcrest.Matchers;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:org/cibseven/bpm/engine/rest/AuthorizationRestServiceInteractionTest.class */
public class AuthorizationRestServiceInteractionTest extends AbstractRestServiceTest {
    protected static final String SERVICE_PATH = "/rest-test/authorization";
    protected static final String AUTH_CREATE_PATH = "/rest-test/authorization/create";
    protected static final String AUTH_CHECK_PATH = "/rest-test/authorization/check";
    protected static final String AUTH_RESOURCE_PATH = "/rest-test/authorization/{id}";
    protected AuthorizationService authorizationServiceMock;
    protected IdentityService identityServiceMock;
    protected ProcessEngineConfigurationImpl processEngineConfigurationMock;

    @ClassRule
    public static TestContainerRule rule = new TestContainerRule();

    @Before
    public void setUpRuntimeData() {
        this.authorizationServiceMock = (AuthorizationService) Mockito.mock(AuthorizationServiceImpl.class);
        this.identityServiceMock = (IdentityService) Mockito.mock(IdentityServiceImpl.class);
        this.processEngineConfigurationMock = (ProcessEngineConfigurationImpl) Mockito.mock(ProcessEngineConfigurationImpl.class);
        Mockito.when(processEngine.getAuthorizationService()).thenReturn(this.authorizationServiceMock);
        Mockito.when(processEngine.getIdentityService()).thenReturn(this.identityServiceMock);
        Mockito.when(processEngine.getProcessEngineConfiguration()).thenReturn(this.processEngineConfigurationMock);
        Mockito.when(this.processEngineConfigurationMock.getPermissionProvider()).thenReturn(new DefaultPermissionProvider());
    }

    @Test
    public void testIsUserAuthorizedTrue() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedFalse() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(false), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedBatchResource() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        String resourceName = Resources.BATCH.resourceName();
        int resourceType = Resources.BATCH.resourceType();
        ResourceUtil resourceUtil = new ResourceUtil(resourceName, resourceType);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, resourceType);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{resourceName}).queryParam("resourceType", new Object[]{Integer.valueOf(resourceType)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(resourceName), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedProcessDefinitionResource() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        String resourceName = Resources.PROCESS_DEFINITION.resourceName();
        int resourceType = Resources.PROCESS_DEFINITION.resourceType();
        ResourceUtil resourceUtil = new ResourceUtil(resourceName, resourceType);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, resourceType);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{resourceName}).queryParam("resourceType", new Object[]{Integer.valueOf(resourceType)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(resourceName), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(false), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedProcessInstanceResource() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        int resourceType = Resources.PROCESS_INSTANCE.resourceType();
        String resourceName = Resources.PROCESS_INSTANCE.resourceName();
        ResourceUtil resourceUtil = new ResourceUtil(resourceName, resourceType);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, resourceType);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{resourceName}).queryParam("resourceType", new Object[]{Integer.valueOf(resourceType)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(resourceName), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedTaskResource() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        int resourceType = Resources.TASK.resourceType();
        String resourceName = Resources.TASK.resourceName();
        ResourceUtil resourceUtil = new ResourceUtil(resourceName, resourceType);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, resourceType);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{resourceName}).queryParam("resourceType", new Object[]{Integer.valueOf(resourceType)}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(resourceName), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedWithUserIdTrue() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        List<String> list = setupGroupQueryMock();
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION))).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID2, list, permissionForName, resourceUtil))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).queryParam(MockProvider.EXAMPLE_USER_ID, new Object[]{MockProvider.EXAMPLE_USER_ID2}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID2, list, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedWithUserIdFalse() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        List<String> list = setupGroupQueryMock();
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION))).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID2, list, permissionForName, resourceUtil))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).queryParam(MockProvider.EXAMPLE_USER_ID, new Object[]{MockProvider.EXAMPLE_USER_ID2}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo((Object) null), new Object[0]).body("authorized", Matchers.equalTo(false), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID2, list, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedWithUserIdNoReadPermission() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        List<String> list = setupGroupQueryMock();
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).queryParam(MockProvider.EXAMPLE_USER_ID, new Object[]{MockProvider.EXAMPLE_USER_ID2}).then().expect().statusCode(Response.Status.FORBIDDEN.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("type", Matchers.equalTo(InvalidRequestException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("You must have READ permission for Authorization resource."), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.READ, Resources.AUTHORIZATION);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).isUserAuthorized(MockProvider.EXAMPLE_USER_ID2, list, permissionForName, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedNotValidPermission() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        String resourceName = Resources.BATCH.resourceName();
        int resourceType = Resources.BATCH.resourceType();
        ResourceUtil resourceUtil = new ResourceUtil(resourceName, resourceType);
        RestAssured.given().queryParam("permissionName", new Object[]{Permissions.ACCESS.name()}).queryParam("resourceName", new Object[]{resourceName}).queryParam("resourceType", new Object[]{Integer.valueOf(resourceType)}).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(BadUserRequestException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("The permission 'ACCESS' is not valid for 'BATCH' resource type."), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(0))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, Permissions.ACCESS, resourceUtil);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedResourceIdTrue() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil, MockProvider.EXAMPLE_RESOURCE_ID))).thenReturn(true);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).queryParam("resourceId", new Object[]{MockProvider.EXAMPLE_RESOURCE_ID}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_ID), new Object[0]).body("authorized", Matchers.equalTo(true), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil, MockProvider.EXAMPLE_RESOURCE_ID);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedResourceIdFalse() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, arrayList));
        ResourceUtil resourceUtil = new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Permission permissionForName = getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil, MockProvider.EXAMPLE_RESOURCE_ID))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).queryParam("resourceId", new Object[]{MockProvider.EXAMPLE_RESOURCE_ID}).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(MockProvider.FORMAT_APPLICATION_JSON).body("permissionName", Matchers.equalTo(MockProvider.EXAMPLE_PERMISSION_NAME), new Object[0]).body("resourceName", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME), new Object[0]).body("resourceId", Matchers.equalTo(MockProvider.EXAMPLE_RESOURCE_ID), new Object[0]).body("authorized", Matchers.equalTo(false), new Object[0]).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, permissionForName, resourceUtil, MockProvider.EXAMPLE_RESOURCE_ID);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testIsUserAuthorizedNoAuthentication() {
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn((Object) null);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, arrayList, getPermissionProvider().getPermissionForName(MockProvider.EXAMPLE_PERMISSION_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID), new ResourceUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID)))).thenReturn(false);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).then().expect().statusCode(Response.Status.UNAUTHORIZED.getStatusCode()).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).isUserAuthorized((String) Mockito.any(String.class), (List) Mockito.any(List.class), (Permission) Mockito.any(Permission.class), (Resource) Mockito.any(Resource.class));
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).isUserAuthorized((String) Mockito.any(String.class), (List) Mockito.any(List.class), (Permission) Mockito.any(Permission.class), (Resource) Mockito.any(Resource.class), (String) Mockito.any(String.class));
    }

    @Test
    public void testIsUserAuthorizedBadRequests() {
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).when().get(AUTH_CHECK_PATH, new Object[0]);
        RestAssured.given().queryParam("permissionName", new Object[]{MockProvider.EXAMPLE_PERMISSION_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).when().get(AUTH_CHECK_PATH, new Object[0]);
        RestAssured.given().queryParam("resourceName", new Object[]{MockProvider.EXAMPLE_RESOURCE_TYPE_NAME}).queryParam("resourceType", new Object[]{Integer.valueOf(MockProvider.EXAMPLE_RESOURCE_TYPE_ID)}).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).when().get(AUTH_CHECK_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.never())).getCurrentAuthentication();
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).isUserAuthorized((String) Mockito.any(String.class), (List) Mockito.any(List.class), (Permission) Mockito.any(Permission.class), (Resource) Mockito.any(Resource.class));
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).isUserAuthorized((String) Mockito.any(String.class), (List) Mockito.any(List.class), (Permission) Mockito.any(Permission.class), (Resource) Mockito.any(Resource.class), (String) Mockito.any(String.class));
    }

    @Test
    public void testCreateGlobalAuthorization() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(0)).thenReturn(createMockGlobalAuthorization);
        Mockito.when(this.authorizationServiceMock.saveAuthorization(createMockGlobalAuthorization)).thenReturn(createMockGlobalAuthorization);
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        RestAssured.given().body(AuthorizationDto.fromAuthorization(createMockGlobalAuthorization, this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.OK.getStatusCode()).when().post(AUTH_CREATE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).createNewAuthorization(0);
        ((Authorization) Mockito.verify(createMockGlobalAuthorization)).setUserId("*");
        ((Authorization) Mockito.verify(createMockGlobalAuthorization, Mockito.times(4))).setResourceType(createMockGlobalAuthorization.getAuthorizationType());
        ((Authorization) Mockito.verify(createMockGlobalAuthorization, Mockito.times(2))).setResourceId(createMockGlobalAuthorization.getResourceId());
        ((Authorization) Mockito.verify(createMockGlobalAuthorization, Mockito.times(2))).setPermissions(createMockGlobalAuthorization.getPermissions(Permissions.values()));
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).saveAuthorization(createMockGlobalAuthorization);
    }

    @Test
    public void testCreateGrantAuthorization() {
        Authorization createMockGrantAuthorization = MockProvider.createMockGrantAuthorization();
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(1)).thenReturn(createMockGrantAuthorization);
        Mockito.when(this.authorizationServiceMock.saveAuthorization(createMockGrantAuthorization)).thenReturn(createMockGrantAuthorization);
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGrantAuthorization);
        RestAssured.given().body(AuthorizationDto.fromAuthorization(createMockGrantAuthorization, this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.OK.getStatusCode()).when().post(AUTH_CREATE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).createNewAuthorization(1);
        ((Authorization) Mockito.verify(createMockGrantAuthorization, Mockito.times(2))).setUserId(createMockGrantAuthorization.getUserId());
        ((Authorization) Mockito.verify(createMockGrantAuthorization, Mockito.times(4))).setResourceType(createMockGrantAuthorization.getAuthorizationType());
        ((Authorization) Mockito.verify(createMockGrantAuthorization, Mockito.times(2))).setResourceId(createMockGrantAuthorization.getResourceId());
        ((Authorization) Mockito.verify(createMockGrantAuthorization, Mockito.times(2))).setPermissions(createMockGrantAuthorization.getPermissions(Permissions.values()));
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).saveAuthorization(createMockGrantAuthorization);
    }

    @Test
    public void testCreateRevokeAuthorization() {
        Authorization createMockRevokeAuthorization = MockProvider.createMockRevokeAuthorization();
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(2)).thenReturn(createMockRevokeAuthorization);
        Mockito.when(this.authorizationServiceMock.saveAuthorization(createMockRevokeAuthorization)).thenReturn(createMockRevokeAuthorization);
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockRevokeAuthorization);
        RestAssured.given().body(AuthorizationDto.fromAuthorization(createMockRevokeAuthorization, this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.OK.getStatusCode()).when().post(AUTH_CREATE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).createNewAuthorization(2);
        ((Authorization) Mockito.verify(createMockRevokeAuthorization, Mockito.times(2))).setUserId(createMockRevokeAuthorization.getUserId());
        ((Authorization) Mockito.verify(createMockRevokeAuthorization, Mockito.times(4))).setResourceType(createMockRevokeAuthorization.getAuthorizationType());
        ((Authorization) Mockito.verify(createMockRevokeAuthorization, Mockito.times(2))).setResourceId(createMockRevokeAuthorization.getResourceId());
        ((Authorization) Mockito.verify(createMockRevokeAuthorization, Mockito.times(2))).setPermissions(createMockRevokeAuthorization.getPermissions(Permissions.values()));
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).saveAuthorization(createMockRevokeAuthorization);
    }

    @Test
    public void testCreateAuthorizationThrowsAuthorizationException() {
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(1)).thenThrow(new Throwable[]{new AuthorizationException("expected authorization exception")});
        RestAssured.given().body(AuthorizationDto.fromAuthorization(MockProvider.createMockGrantAuthorization(), this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(AuthorizationException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("expected authorization exception"), new Object[0]).when().post(AUTH_CREATE_PATH, new Object[0]);
    }

    @Test
    public void testCreateAuthorizationNotValidPermission() {
        Authorization createMockGrantAuthorization = MockProvider.createMockGrantAuthorization();
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(1)).thenReturn(createMockGrantAuthorization);
        HashMap hashMap = new HashMap();
        hashMap.put("type", 1);
        hashMap.put("permissions", Arrays.asList(Permissions.READ_INSTANCE.name()));
        hashMap.put(MockProvider.EXAMPLE_USER_ID, "userId,userId2");
        hashMap.put("groupId", "groupId1,groupId2");
        hashMap.put("resourceType", Integer.valueOf(Resources.TASK.resourceType()));
        hashMap.put("resourceId", MockProvider.EXAMPLE_RESOURCE_ID);
        RestAssured.given().body(hashMap).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(BadUserRequestException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("The permission 'READ_INSTANCE' is not valid for 'TASK' resource type."), new Object[0]).when().post(AUTH_CREATE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).createNewAuthorization(1);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).saveAuthorization(createMockGrantAuthorization);
    }

    @Test
    public void testSaveAuthorizationThrowsAuthorizationException() {
        Mockito.when(this.authorizationServiceMock.saveAuthorization((Authorization) Mockito.any(Authorization.class))).thenThrow(new Throwable[]{new AuthorizationException("expected authorization exception")});
        Authorization createMockGrantAuthorization = MockProvider.createMockGrantAuthorization();
        Mockito.when(this.authorizationServiceMock.createNewAuthorization(1)).thenReturn(createMockGrantAuthorization);
        RestAssured.given().body(AuthorizationDto.fromAuthorization(createMockGrantAuthorization, this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(AuthorizationException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("expected authorization exception"), new Object[0]).when().post(AUTH_CREATE_PATH, new Object[0]);
    }

    @Test
    public void testDeleteAuthorization() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Response.Status.NO_CONTENT.getStatusCode()).when().delete(AUTH_RESOURCE_PATH, new Object[0]);
        ((AuthorizationQuery) Mockito.verify(authorizationQuery)).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);
    }

    @Test
    public void testDeleteNonExistingAuthorization() {
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn((Object) null);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Response.Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("Authorization with id someAuthorizationId does not exist."), new Object[0]).when().delete(AUTH_RESOURCE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);
    }

    @Test
    public void testDeleteAuthorizationThrowsAuthorizationException() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        ((AuthorizationService) Mockito.doThrow(new Throwable[]{new AuthorizationException("expected authorization exception")}).when(this.authorizationServiceMock)).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Response.Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(AuthorizationException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("expected authorization exception"), new Object[0]).when().delete(AUTH_RESOURCE_PATH, new Object[0]);
    }

    @Test
    public void testUpdateAuthorization() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        AuthorizationDto fromAuthorization = AuthorizationDto.fromAuthorization(createMockGlobalAuthorization, this.processEngineConfigurationMock);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(fromAuthorization).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.NO_CONTENT.getStatusCode()).when().put(AUTH_RESOURCE_PATH, new Object[0]);
        ((AuthorizationQuery) Mockito.verify(authorizationQuery)).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
        ((Authorization) Mockito.verify(createMockGlobalAuthorization)).setGroupId(fromAuthorization.getGroupId());
        ((Authorization) Mockito.verify(createMockGlobalAuthorization)).setUserId(fromAuthorization.getUserId());
        ((Authorization) Mockito.verify(createMockGlobalAuthorization)).setResourceId(fromAuthorization.getResourceId());
        ((Authorization) Mockito.verify(createMockGlobalAuthorization)).setResourceType(fromAuthorization.getResourceType().intValue());
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock)).saveAuthorization(createMockGlobalAuthorization);
    }

    @Test
    public void testUpdateNonExistingAuthorization() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn((Object) null);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(AuthorizationDto.fromAuthorization(createMockGlobalAuthorization, this.processEngineConfigurationMock)).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("Authorization with id someAuthorizationId does not exist."), new Object[0]).when().put(AUTH_RESOURCE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).saveAuthorization(createMockGlobalAuthorization);
    }

    @Test
    public void testUpdateAuthorizationThrowsAuthorizationException() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationDto fromAuthorization = AuthorizationDto.fromAuthorization(createMockGlobalAuthorization, this.processEngineConfigurationMock);
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        Mockito.when(this.authorizationServiceMock.saveAuthorization((Authorization) Mockito.any(Authorization.class))).thenThrow(new Throwable[]{new AuthorizationException("expected authorization exception")});
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(fromAuthorization).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.FORBIDDEN.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(AuthorizationException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("expected authorization exception"), new Object[0]).when().put(AUTH_RESOURCE_PATH, new Object[0]);
    }

    @Test
    public void testUpdateAuthorizationNotValidPermission() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        HashMap hashMap = new HashMap();
        hashMap.put("permissions", Arrays.asList(Permissions.TASK_WORK.name()));
        hashMap.put(MockProvider.EXAMPLE_USER_ID, "userId,userId2");
        hashMap.put("groupId", "groupId1,groupId2");
        hashMap.put("resourceType", Integer.valueOf(Resources.PROCESS_INSTANCE.resourceType()));
        hashMap.put("resourceId", MockProvider.EXAMPLE_RESOURCE_ID);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).body(hashMap).contentType(ContentType.JSON).then().expect().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).contentType(ContentType.JSON).body("type", Matchers.equalTo(BadUserRequestException.class.getSimpleName()), new Object[0]).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("The permission 'TASK_WORK' is not valid for 'PROCESS_INSTANCE' resource type."), new Object[0]).when().put(AUTH_RESOURCE_PATH, new Object[0]);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.never())).saveAuthorization(createMockGlobalAuthorization);
    }

    @Test
    public void testGetAuthorizationById() {
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Response.Status.OK.getStatusCode()).contentType(ContentType.JSON).body("id", Matchers.equalTo(createMockGlobalAuthorization.getId()), new Object[0]).body("type", Matchers.equalTo(Integer.valueOf(createMockGlobalAuthorization.getAuthorizationType())), new Object[0]).body("permissions[0]", Matchers.equalTo(Permissions.READ.getName()), new Object[0]).body("permissions[1]", Matchers.equalTo(Permissions.UPDATE.getName()), new Object[0]).body(MockProvider.EXAMPLE_USER_ID, Matchers.equalTo(createMockGlobalAuthorization.getUserId()), new Object[0]).body("groupId", Matchers.equalTo(createMockGlobalAuthorization.getGroupId()), new Object[0]).body("resourceType", Matchers.equalTo(Integer.valueOf(createMockGlobalAuthorization.getResourceType())), new Object[0]).body("resourceId", Matchers.equalTo(createMockGlobalAuthorization.getResourceId()), new Object[0]).body("removalTime", Matchers.equalTo(MockProvider.EXAMPLE_AUTH_REMOVAL_TIME), new Object[0]).body("rootProcessInstanceId", Matchers.equalTo(createMockGlobalAuthorization.getRootProcessInstanceId()), new Object[0]).when().get(AUTH_RESOURCE_PATH, new Object[0]);
    }

    @Test
    public void testGetNonExistingAuthorizationById() {
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn((Object) null);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().expect().statusCode(Response.Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON).body(MockProvider.EXAMPLE_EVENT_SUBSCRIPTION_TYPE, Matchers.equalTo("Authorization with id someAuthorizationId does not exist."), new Object[0]).when().get(AUTH_RESOURCE_PATH, new Object[0]);
    }

    @Test
    public void testAuthenticationRestServiceOptions() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization";
        Mockito.when(Boolean.valueOf(this.processEngineConfigurationMock.isAuthorizationEnabled())).thenReturn(true);
        RestAssured.given().then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("list"), new Object[0]).body("links[1].href", Matchers.equalTo(str + "/count"), new Object[0]).body("links[1].method", Matchers.equalTo("GET"), new Object[0]).body("links[1].rel", Matchers.equalTo("count"), new Object[0]).body("links[2].href", Matchers.equalTo(str + "/create"), new Object[0]).body("links[2].method", Matchers.equalTo("POST"), new Object[0]).body("links[2].rel", Matchers.equalTo("create"), new Object[0]).when().options(SERVICE_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(1))).getCurrentAuthentication();
    }

    @Test
    public void testAuthenticationRestServiceOptionsWithAuthorizationDisabled() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization";
        Mockito.when(Boolean.valueOf(this.processEngineConfigurationMock.isAuthorizationEnabled())).thenReturn(false);
        RestAssured.given().then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("list"), new Object[0]).body("links[1].href", Matchers.equalTo(str + "/count"), new Object[0]).body("links[1].method", Matchers.equalTo("GET"), new Object[0]).body("links[1].rel", Matchers.equalTo("count"), new Object[0]).body("links[2].href", Matchers.equalTo(str + "/create"), new Object[0]).body("links[2].method", Matchers.equalTo("POST"), new Object[0]).body("links[2].rel", Matchers.equalTo("create"), new Object[0]).when().options(SERVICE_PATH, new Object[0]);
        verifyNoAuthorizationCheckPerformed();
    }

    @Test
    public void testAuthorizationResourceOptions() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization/someAuthorizationId";
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn((Object) null);
        Mockito.when(Boolean.valueOf(this.processEngineConfigurationMock.isAuthorizationEnabled())).thenReturn(true);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("self"), new Object[0]).body("links[1].href", Matchers.equalTo(str), new Object[0]).body("links[1].method", Matchers.equalTo("DELETE"), new Object[0]).body("links[1].rel", Matchers.equalTo("delete"), new Object[0]).body("links[2].href", Matchers.equalTo(str), new Object[0]).body("links[2].method", Matchers.equalTo("PUT"), new Object[0]).body("links[2].rel", Matchers.equalTo("update"), new Object[0]).when().options(AUTH_RESOURCE_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(2))).getCurrentAuthentication();
    }

    @Test
    public void testAuthorizationResourceOptionsUnauthorized() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization/someAuthorizationId";
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, (List) null));
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.DELETE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID))).thenReturn(false);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.UPDATE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID))).thenReturn(false);
        Mockito.when(Boolean.valueOf(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled())).thenReturn(true);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("self"), new Object[0]).body("links[1]", Matchers.nullValue(), new Object[0]).body("links[2]", Matchers.nullValue(), new Object[0]).when().options(AUTH_RESOURCE_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(2))).getCurrentAuthentication();
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.DELETE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.UPDATE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
    }

    @Test
    public void testAuthorizationResourceOptionsUpdateUnauthorized() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization/someAuthorizationId";
        Authorization createMockGlobalAuthorization = MockProvider.createMockGlobalAuthorization();
        AuthorizationQuery authorizationQuery = (AuthorizationQuery) Mockito.mock(AuthorizationQuery.class);
        Mockito.when(this.authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
        Mockito.when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
        Mockito.when((Authorization) authorizationQuery.singleResult()).thenReturn(createMockGlobalAuthorization);
        Mockito.when(this.identityServiceMock.getCurrentAuthentication()).thenReturn(new Authentication(MockProvider.EXAMPLE_USER_ID, (List) null));
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.DELETE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID))).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.UPDATE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID))).thenReturn(false);
        Mockito.when(Boolean.valueOf(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled())).thenReturn(true);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("self"), new Object[0]).body("links[1].href", Matchers.equalTo(str), new Object[0]).body("links[1].method", Matchers.equalTo("DELETE"), new Object[0]).body("links[1].rel", Matchers.equalTo("delete"), new Object[0]).body("links[2]", Matchers.nullValue(), new Object[0]).when().options(AUTH_RESOURCE_PATH, new Object[0]);
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(2))).getCurrentAuthentication();
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.DELETE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(1))).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, (List) null, Permissions.UPDATE, Resources.AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
    }

    @Test
    public void testAuthorizationResourceOptionsWithAuthorizationDisabled() {
        String str = "http://localhost:" + PORT + "/rest-test/authorization/someAuthorizationId";
        Mockito.when(Boolean.valueOf(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled())).thenReturn(false);
        RestAssured.given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Response.Status.OK.getStatusCode()).body("links[0].href", Matchers.equalTo(str), new Object[0]).body("links[0].method", Matchers.equalTo("GET"), new Object[0]).body("links[0].rel", Matchers.equalTo("self"), new Object[0]).body("links[1].href", Matchers.equalTo(str), new Object[0]).body("links[1].method", Matchers.equalTo("DELETE"), new Object[0]).body("links[1].rel", Matchers.equalTo("delete"), new Object[0]).body("links[2].href", Matchers.equalTo(str), new Object[0]).body("links[2].method", Matchers.equalTo("PUT"), new Object[0]).body("links[2].rel", Matchers.equalTo("update"), new Object[0]).when().options(AUTH_RESOURCE_PATH, new Object[0]);
        verifyNoAuthorizationCheckPerformed();
    }

    protected void verifyNoAuthorizationCheckPerformed() {
        ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.times(0))).getCurrentAuthentication();
        ((AuthorizationService) Mockito.verify(this.authorizationServiceMock, Mockito.times(0))).isUserAuthorized(Mockito.anyString(), Mockito.anyList(), (Permission) Mockito.any(Permission.class), (Resource) Mockito.any(Resource.class));
    }

    protected PermissionProvider getPermissionProvider() {
        return this.processEngineConfigurationMock.getPermissionProvider();
    }

    protected List<String> setupGroupQueryMock() {
        GroupQuery groupQuery = (GroupQuery) Mockito.mock(GroupQuery.class);
        List<Group> createMockGroups = MockProvider.createMockGroups();
        Mockito.when(this.identityServiceMock.createGroupQuery()).thenReturn(groupQuery);
        Mockito.when(groupQuery.groupMember(Mockito.anyString())).thenReturn(groupQuery);
        Mockito.when(groupQuery.unlimitedList()).thenReturn(createMockGroups);
        ArrayList arrayList = new ArrayList();
        Iterator<Group> it = createMockGroups.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        return arrayList;
    }
}
