package org.graylog2.rest.resources.dashboards;

import java.security.Principal;
import java.util.Collections;
import java.util.List;
import javax.ws.rs.core.UriBuilder;
import org.apache.shiro.subject.Subject;
import org.assertj.core.api.Assertions;
import org.graylog2.dashboards.Dashboard;
import org.graylog2.dashboards.DashboardService;
import org.graylog2.plugin.database.users.User;
import org.graylog2.rest.models.dashboards.requests.CreateDashboardRequest;
import org.graylog2.shared.bindings.GuiceInjectorHolder;
import org.graylog2.shared.system.activities.ActivityWriter;
import org.graylog2.shared.users.UserService;
import org.joda.time.DateTime;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnit;
import org.mockito.junit.MockitoRule;

/* loaded from: input_file:org/graylog2/rest/resources/dashboards/DashboardsResourceTest.class */
public class DashboardsResourceTest {

    @Rule
    public final MockitoRule mockitoRule = MockitoJUnit.rule();

    @Mock
    private DashboardService dashboardService;

    @Mock
    private ActivityWriter activityWriter;

    @Mock
    private Subject subject;

    @Mock
    private Principal principal;

    @Mock
    private UserService userService;

    @Mock
    private User user;
    private DashboardsTestResource dashboardsResource;

    /* loaded from: input_file:org/graylog2/rest/resources/dashboards/DashboardsResourceTest$DashboardsTestResource.class */
    private static class DashboardsTestResource extends DashboardsResource {
        private final Subject subject;

        DashboardsTestResource(DashboardService dashboardService, ActivityWriter activityWriter, Subject subject, UserService userService) {
            super(dashboardService, activityWriter);
            this.subject = subject;
            this.userService = userService;
        }

        protected void checkPermission(String str) {
        }

        protected void checkPermission(String str, String str2) {
        }

        protected void checkAnyPermission(String[] strArr, String str) {
        }

        protected Subject getSubject() {
            return this.subject;
        }

        protected UriBuilder getUriBuilderToSelf() {
            return UriBuilder.fromUri("http://testserver/api");
        }
    }

    public DashboardsResourceTest() {
        GuiceInjectorHolder.createInjector(Collections.emptyList());
    }

    @Before
    public void setUp() throws Exception {
        Mockito.when(this.subject.getPrincipal()).thenReturn(this.principal);
        Mockito.when(this.principal.toString()).thenReturn("testuser");
        Mockito.when(this.userService.load((String) ArgumentMatchers.eq("testuser"))).thenReturn(this.user);
        Mockito.when(this.user.getName()).thenReturn("testuser");
        this.dashboardsResource = new DashboardsTestResource(this.dashboardService, this.activityWriter, this.subject, this.userService);
    }

    @Test
    public void creatingADashboardAddsRequiredPermissionsForNonAdmin() throws Exception {
        Dashboard dashboard = (Dashboard) Mockito.mock(Dashboard.class);
        Mockito.when(this.dashboardService.create((String) ArgumentMatchers.eq("foo"), (String) ArgumentMatchers.eq("bar"), ArgumentMatchers.anyString(), (DateTime) ArgumentMatchers.any())).thenReturn(dashboard);
        Mockito.when(this.dashboardService.save(dashboard)).thenReturn("dashboardId");
        this.dashboardsResource.create(CreateDashboardRequest.create("foo", "bar"));
        ArgumentCaptor forClass = ArgumentCaptor.forClass(User.class);
        ((UserService) Mockito.verify(this.userService, Mockito.times(1))).save((User) forClass.capture());
        ArgumentCaptor forClass2 = ArgumentCaptor.forClass(List.class);
        ((User) Mockito.verify(this.user, Mockito.times(1))).setPermissions((List) forClass2.capture());
        Assertions.assertThat((User) forClass.getValue()).isNotNull();
        Assertions.assertThat((List) forClass2.getValue()).containsExactly(new String[]{"dashboards:read:dashboardId", "dashboards:edit:dashboardId"});
    }

    @Test
    public void creatingADashboardDoesNotAddPermissionsForAdmin() throws Exception {
        Mockito.when(Boolean.valueOf(this.user.isLocalAdmin())).thenReturn(true);
        Dashboard dashboard = (Dashboard) Mockito.mock(Dashboard.class);
        Mockito.when(this.dashboardService.create((String) ArgumentMatchers.eq("foo"), (String) ArgumentMatchers.eq("bar"), ArgumentMatchers.anyString(), (DateTime) ArgumentMatchers.any())).thenReturn(dashboard);
        Mockito.when(this.dashboardService.save(dashboard)).thenReturn("dashboardId");
        this.dashboardsResource.create(CreateDashboardRequest.create("foo", "bar"));
        ((UserService) Mockito.verify(this.userService, Mockito.never())).save(this.user);
    }
}
