package org.finra.herd.service.helper;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.finra.herd.core.helper.ConfigurationHelper;
import org.finra.herd.dao.NamespaceIamRoleAuthorizationDao;
import org.finra.herd.model.dto.ConfigurationValue;
import org.finra.herd.model.jpa.NamespaceEntity;
import org.finra.herd.model.jpa.NamespaceIamRoleAuthorizationEntity;
import org.finra.herd.service.AbstractServiceTest;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.springframework.security.access.AccessDeniedException;

/* loaded from: input_file:org/finra/herd/service/helper/NamespaceIamRoleAuthorizationHelperTest.class */
public class NamespaceIamRoleAuthorizationHelperTest extends AbstractServiceTest {

    @InjectMocks
    private NamespaceIamRoleAuthorizationHelper namespaceIamRoleAuthorizationHelper;

    @Mock
    private NamespaceIamRoleAuthorizationDao namespaceIamRoleAuthorizationDao;

    @Mock
    private ConfigurationHelper configurationHelper;

    @Before
    public void before() {
        MockitoAnnotations.initMocks(this);
    }

    @Test
    public void checkPermissionsAssertNoErrorWhenNamespaceAuthorizedToAllRoles() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        List asList = Arrays.asList("iamRoleName1", "iamRoleName2");
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity2.setIamRoleName("iamRoleName2");
        arrayList.add(namespaceIamRoleAuthorizationEntity2);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertAccessDeniedWhenNamespaceNotAuthorizedToOneRole() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        namespaceEntity.setCode(AbstractServiceTest.MESSAGE_HEADER_KEY_NAMESPACE);
        List asList = Arrays.asList("iamRoleName1", "iamRoleName2");
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        try {
            this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
            Assert.fail();
        } catch (AccessDeniedException e) {
            Assert.assertEquals("The namespace \"namespace\" does not have access to the following IAM roles: [iamRoleName2]", e.getMessage());
        }
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertAccessDeniedWhenNamespaceNotAuthorizedToAllRole() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        namespaceEntity.setCode(AbstractServiceTest.MESSAGE_HEADER_KEY_NAMESPACE);
        List asList = Arrays.asList("iamRoleName1", "iamRoleName2");
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        try {
            this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
            Assert.fail();
        } catch (AccessDeniedException e) {
            Assert.assertEquals("The namespace \"namespace\" does not have access to the following IAM roles: [iamRoleName1, iamRoleName2]", e.getMessage());
        }
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertBlankRequestRoleIgnored() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        List asList = Arrays.asList("      \t\t ", "iamRoleName2");
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity2.setIamRoleName("iamRoleName2");
        arrayList.add(namespaceIamRoleAuthorizationEntity2);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertDoNothingWhenAuthorizationDisabled() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        ArrayList arrayList = new ArrayList();
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(false);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, arrayList);
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsWithArrayAssertNoErrorWhenNamespaceAuthorizedToAllRoles() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity2.setIamRoleName("iamRoleName2");
        arrayList.add(namespaceIamRoleAuthorizationEntity2);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, new String[]{"iamRoleName1", "iamRoleName2"});
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertRoleNameIsTrimmed() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        List asList = Arrays.asList(StringUtils.wrap("iamRoleName1", "      \t\t "), StringUtils.wrap("iamRoleName2", "      \t\t "));
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity2.setIamRoleName("iamRoleName2");
        arrayList.add(namespaceIamRoleAuthorizationEntity2);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }

    @Test
    public void checkPermissionsAssertRoleNameIsCaseInsensitive() {
        NamespaceEntity namespaceEntity = new NamespaceEntity();
        List asList = Arrays.asList(StringUtils.capitalize("iamRoleName1"), StringUtils.capitalize("iamRoleName2"));
        ArrayList arrayList = new ArrayList();
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity.setIamRoleName("iamRoleName1");
        arrayList.add(namespaceIamRoleAuthorizationEntity);
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity();
        namespaceIamRoleAuthorizationEntity2.setIamRoleName("iamRoleName2");
        arrayList.add(namespaceIamRoleAuthorizationEntity2);
        Mockito.when(this.configurationHelper.getBooleanProperty((ConfigurationValue) Matchers.any())).thenReturn(true);
        Mockito.when(this.namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations((NamespaceEntity) Matchers.any())).thenReturn(arrayList);
        this.namespaceIamRoleAuthorizationHelper.checkPermissions(namespaceEntity, asList);
        ((ConfigurationHelper) Mockito.verify(this.configurationHelper)).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED);
        ((NamespaceIamRoleAuthorizationDao) Mockito.verify(this.namespaceIamRoleAuthorizationDao)).getNamespaceIamRoleAuthorizations(namespaceEntity);
        Mockito.verifyNoMoreInteractions(new Object[]{this.configurationHelper, this.namespaceIamRoleAuthorizationDao});
    }
}
