package org.fcrepo.test.fesl.policy;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.PropertyResourceBundle;
import java.util.ResourceBundle;
import junit.framework.Assert;
import junit.framework.JUnit4TestAdapter;
import junit.framework.Test;
import org.fcrepo.common.Constants;
import org.fcrepo.test.FedoraServerTestCase;
import org.fcrepo.test.fesl.util.AuthorizationDeniedException;
import org.fcrepo.test.fesl.util.FedoraUtil;
import org.fcrepo.test.fesl.util.HttpUtils;
import org.fcrepo.test.fesl.util.LoadDataset;
import org.fcrepo.test.fesl.util.PolicyUtils;
import org.fcrepo.test.fesl.util.RemoveDataset;
import org.junit.After;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/fcrepo/test/fesl/policy/TestPolicies.class */
public class TestPolicies extends FedoraServerTestCase implements Constants {
    private static final String PROPERTIES = "fedora";
    private PolicyUtils policyUtils = null;
    private static final Logger logger = LoggerFactory.getLogger(TestPolicies.class);
    private static HttpUtils httpUtils = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/fcrepo/test/fesl/policy/TestPolicies$PermissionTest.class */
    public class PermissionTest {
        private final EntityPerms m_object = new EntityPerms();
        private final EntityPerms m_datastream = new EntityPerms();
        private final int m_first;
        private final int m_last;
        private final String m_pidns;
        private final String m_dsid;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:org/fcrepo/test/fesl/policy/TestPolicies$PermissionTest$EntityPerms.class */
        public class EntityPerms {
            private final Perms m_allowed = new Perms();
            private final Perms m_denied = new Perms();

            /* JADX INFO: Access modifiers changed from: package-private */
            /* loaded from: input_file:org/fcrepo/test/fesl/policy/TestPolicies$PermissionTest$EntityPerms$Perms.class */
            public class Perms extends HashSet<String> {
                private static final long serialVersionUID = 3747931619024146008L;

                Perms() {
                }

                public boolean containsAll(String[] strArr) {
                    return containsAll(Arrays.asList(strArr));
                }

                public boolean containsOnly(String[] strArr) {
                    return size() == strArr.length && containsAll(strArr);
                }

                public String mismatch(String[] strArr) {
                    if (containsOnly(strArr)) {
                        return "";
                    }
                    String str = "Expected permission not found for: [ ";
                    for (String str2 : strArr) {
                        if (!contains(str2)) {
                            str = str + str2 + " ";
                        }
                    }
                    String str3 = (str + "]. ") + "Permission found but not expected for: [ ";
                    List asList = Arrays.asList(strArr);
                    Iterator<String> it = iterator();
                    while (it.hasNext()) {
                        String next = it.next();
                        if (!asList.contains(next)) {
                            str3 = str3 + next + " ";
                        }
                    }
                    return str3 + "].";
                }
            }

            EntityPerms() {
            }

            public Perms allowed() {
                return this.m_allowed;
            }

            public Perms denied() {
                return this.m_denied;
            }
        }

        PermissionTest(int i, int i2, String str, String str2) throws Exception {
            this.m_first = i;
            this.m_last = i2;
            this.m_pidns = str;
            this.m_dsid = str2;
            for (int i3 = this.m_first; i3 <= this.m_last; i3++) {
                String str3 = this.m_pidns + ":" + i3;
                try {
                    TestPolicies.httpUtils.get("/fedora/objects/" + str3 + "?format=xml");
                    this.m_object.allowed().add(str3);
                } catch (AuthorizationDeniedException e) {
                    this.m_object.denied().add(str3);
                }
                if (!this.m_dsid.equals("")) {
                    try {
                        TestPolicies.httpUtils.get("/fedora/objects/" + str3 + "/datastreams/" + this.m_dsid + "?format=xml");
                        this.m_datastream.allowed().add(str3);
                    } catch (AuthorizationDeniedException e2) {
                        this.m_datastream.denied().add(str3);
                    }
                }
            }
            if (this.m_object.allowed().size() + this.m_object.denied().size() != pidCount()) {
                Assert.fail("Error in checking permissions - total of allowed and denied objects does not equal number of objects tested");
                throw new RuntimeException("Should not happen");
            }
            if (this.m_dsid.equals("") || this.m_datastream.allowed().size() + this.m_datastream.denied().size() == pidCount()) {
                return;
            }
            Assert.fail("Error in checking permissions - total of allowed and denied datastreams does not equal number of object datastreams tested");
            throw new RuntimeException("Also should not happen");
        }

        public EntityPerms object() {
            return this.m_object;
        }

        public EntityPerms datastream() {
            return this.m_datastream;
        }

        public int pidCount() {
            return (this.m_last - this.m_first) + 1;
        }
    }

    public static Test suite() {
        return new JUnit4TestAdapter(TestPolicies.class);
    }

    public void setUp() {
        PropertyResourceBundle propertyResourceBundle = (PropertyResourceBundle) ResourceBundle.getBundle(PROPERTIES);
        String string = propertyResourceBundle.getString("fedora.admin.username");
        String string2 = propertyResourceBundle.getString("fedora.admin.password");
        String baseURL = FedoraUtil.getBaseURL();
        try {
            if (logger.isDebugEnabled()) {
                logger.debug("Setting up...");
            }
            this.policyUtils = new PolicyUtils(getFedoraClient());
            httpUtils = new HttpUtils(baseURL, string, string2);
            String addPolicy = this.policyUtils.addPolicy("test-access-admin.xml");
            LoadDataset.load("fesl", baseURL, string, string2);
            this.policyUtils.delPolicy(addPolicy);
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
            org.junit.Assert.fail(e.getMessage());
        }
    }

    @After
    public void tearDown() {
        PropertyResourceBundle propertyResourceBundle = (PropertyResourceBundle) ResourceBundle.getBundle(PROPERTIES);
        String string = propertyResourceBundle.getString("fedora.admin.username");
        String string2 = propertyResourceBundle.getString("fedora.admin.password");
        String baseURL = FedoraUtil.getBaseURL();
        try {
            if (logger.isDebugEnabled()) {
                logger.debug("Tearing down...");
            }
            String addPolicy = this.policyUtils.addPolicy("test-access-admin.xml");
            RemoveDataset.remove("fesl", baseURL, string, string2);
            this.policyUtils.delPolicy(addPolicy);
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
            org.junit.Assert.fail(e.getMessage());
        }
    }

    @org.junit.Test
    public void testAdminGetDeny() throws Exception {
        String addPolicy = this.policyUtils.addPolicy("test-policy-00.xml");
        try {
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007?format=xml"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007?format=xml");
            } catch (AuthorizationDeniedException e) {
            }
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007/datastreams"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007/datastreams");
            } catch (AuthorizationDeniedException e2) {
            }
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007/datastreams/DC"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007/datastreams/DC");
            } catch (AuthorizationDeniedException e3) {
            }
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007/datastreams/DC/content"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007/datastreams/DC/content");
            } catch (AuthorizationDeniedException e4) {
            }
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007/methods"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007/methods");
            } catch (AuthorizationDeniedException e5) {
            }
            try {
                logger.debug("http response:\n" + httpUtils.get("/fedora/objects/test:1000007/methods/fedora-system:3/viewDublinCore"));
                org.junit.Assert.fail("Access was permitted when it should have been denied:  /fedora/objects/test:1000007/methods/fedora-system:3/viewDublinCore");
            } catch (AuthorizationDeniedException e6) {
            }
        } finally {
            this.policyUtils.delPolicy(addPolicy);
        }
    }

    @org.junit.Test
    public void testAdminGetPermit() throws Exception {
        String addPolicy = this.policyUtils.addPolicy("test-policy-01.xml");
        try {
            try {
                try {
                    String str = httpUtils.get("/fedora/objects/test:1000007?format=xml");
                    if (logger.isDebugEnabled()) {
                        logger.debug("http response:\n" + str);
                    }
                    org.junit.Assert.assertTrue("Expected object data not found", str.contains("<objLabel>Dexter</objLabel>"));
                    this.policyUtils.delPolicy(addPolicy);
                } catch (Exception e) {
                    throw e;
                }
            } catch (AuthorizationDeniedException e2) {
                org.junit.Assert.fail("Authorization denied.  (Check that PEP_NOCACHE env variable is set to true)");
                this.policyUtils.delPolicy(addPolicy);
            }
        } catch (Throwable th) {
            this.policyUtils.delPolicy(addPolicy);
            throw th;
        }
    }

    @org.junit.Test
    public void testRIAttributesRels1() throws Exception {
        doAttributesTest("test-policy-state-rel1.xml", "test-policy-subject-rel1.xml");
    }

    @org.junit.Test
    public void testRIAttributesRels2() throws Exception {
        doAttributesTest("test-policy-state-rel2.xml", "test-policy-subject-rel2.xml");
    }

    @org.junit.Test
    public void testRIAttributesTQL() throws Exception {
        doAttributesTest("test-policy-state-itql.xml", "test-policy-subject-itql.xml");
    }

    @org.junit.Test
    public void testRIAttributesSPARQL() throws Exception {
        doAttributesTest("test-policy-state-sparql.xml", "test-policy-subject-sparql.xml");
    }

    @org.junit.Test
    public void testRIAttributesSPO() throws Exception {
        doAttributesTest("test-policy-state-spo.xml", "test-policy-subject-spo.xml");
    }

    private void doAttributesTest(String str, String str2) throws Exception {
        PermissionTest permissionTest = new PermissionTest(1000000, 1000012, "test", "DC");
        assertEquals("Allowed objects count (no policies)", permissionTest.pidCount(), permissionTest.object().allowed().size());
        assertEquals("Allowed DC datastreams count (no policies)", permissionTest.pidCount(), permissionTest.datastream().allowed().size());
        String addPolicy = this.policyUtils.addPolicy(str);
        try {
            PermissionTest permissionTest2 = new PermissionTest(1000000, 1000012, "test", "DC");
            assertEquals(str + ": Access denied for objects", "", permissionTest2.object().denied().mismatch(new String[]{"test:1000004", "test:1000005", "test:1000006", "test:1000007", "test:1000008", "test:1000009"}));
            assertEquals(str + ": Access denied for datastreams", "", permissionTest2.datastream().denied().mismatch(new String[]{"test:1000008", "test:1000009", "test:1000010", "test:1000011", "test:1000012"}));
            this.policyUtils.delPolicy(addPolicy);
            PermissionTest permissionTest3 = new PermissionTest(1000000, 1000012, "test", "DC");
            assertEquals("Allowed objects count (no policies)", permissionTest3.pidCount(), permissionTest3.object().allowed().size());
            assertEquals("Allowed DC datastreams count (no policies)", permissionTest3.pidCount(), permissionTest3.datastream().allowed().size());
            addPolicy = this.policyUtils.addPolicy(str2);
            try {
                PermissionTest permissionTest4 = new PermissionTest(1000000, 1000012, "test", "DC");
                assertEquals(str2 + ": Access allowed for objects", "", permissionTest4.object().allowed().mismatch(new String[]{"test:1000001", "test:1000003", "test:1000007", "test:1000009"}));
                assertEquals(str2 + ": Access allowed for objects", "", permissionTest4.datastream().allowed().mismatch(new String[]{"test:1000001", "test:1000003", "test:1000007", "test:1000009"}));
                this.policyUtils.delPolicy(addPolicy);
            } finally {
            }
        } finally {
        }
    }
}
