package org.molgenis.data.security.owned;

import com.google.common.collect.ImmutableMap;
import com.google.gson.Gson;
import java.util.Collections;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.Captor;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.molgenis.data.Entity;
import org.molgenis.data.Repository;
import org.molgenis.data.meta.model.EntityType;
import org.molgenis.data.security.EntityIdentity;
import org.molgenis.security.core.PermissionSet;
import org.molgenis.test.AbstractMockitoTest;
import org.molgenis.validation.JsonValidationException;
import org.molgenis.validation.JsonValidator;
import org.springframework.security.acls.domain.AclAuthorizationStrategy;
import org.springframework.security.acls.domain.AclImpl;
import org.springframework.security.acls.domain.AuditLogger;
import org.springframework.security.acls.domain.PrincipalSid;
import org.springframework.security.acls.model.AccessControlEntry;
import org.springframework.security.acls.model.MutableAclService;

/* loaded from: input_file:org/molgenis/data/security/owned/OwnershipDecoratorTest.class */
class OwnershipDecoratorTest extends AbstractMockitoTest {
    private OwnershipDecoratorFactory ownershipDecoratorFactory;

    @Mock
    private Entity entity;

    @Mock
    private EntityType entityType;

    @Mock
    private Repository<Entity> delegate;

    @Mock
    private MutableAclService mutableAclService;

    @Mock
    private AclAuthorizationStrategy authorizationStrategy;

    @Mock
    private AuditLogger auditLogger;

    @Captor
    private ArgumentCaptor<Stream<Entity>> streamCaptor;
    private OwnershipDecorator ownershipDecorator;
    private JsonValidator validator = new JsonValidator();

    OwnershipDecoratorTest() {
    }

    @BeforeEach
    void beforeMethod() {
        this.ownershipDecoratorFactory = new OwnershipDecoratorFactory(new Gson(), this.mutableAclService);
        this.ownershipDecorator = this.ownershipDecoratorFactory.createDecoratedRepository(this.delegate, ImmutableMap.of("ownerAttribute", "owner"));
    }

    @Test
    void testAdd() {
        EntityIdentity entityIdentity = new EntityIdentity("MyQuestionnaire", "id");
        Mockito.when(this.entity.getString("owner")).thenReturn("username");
        Mockito.when(this.entity.getIdValue()).thenReturn("id");
        Mockito.when(this.entity.getEntityType()).thenReturn(this.entityType);
        Mockito.when(this.entityType.getId()).thenReturn("MyQuestionnaire");
        AclImpl aclImpl = new AclImpl(entityIdentity, 1, this.authorizationStrategy, this.auditLogger);
        aclImpl.insertAce(0, PermissionSet.WRITE, new PrincipalSid("otheruser"), true);
        Mockito.when(this.mutableAclService.readAclById(entityIdentity)).thenReturn(aclImpl);
        this.ownershipDecorator.add(this.entity);
        ((Repository) Mockito.verify(this.delegate)).add(this.entity);
        ((MutableAclService) Mockito.verify(this.mutableAclService)).updateAcl(aclImpl);
        PrincipalSid principalSid = new PrincipalSid("username");
        Assertions.assertEquals(principalSid, aclImpl.getOwner());
        Assertions.assertEquals(1, aclImpl.getEntries().size());
        AccessControlEntry accessControlEntry = (AccessControlEntry) aclImpl.getEntries().get(0);
        Assertions.assertEquals(principalSid, accessControlEntry.getSid());
        Assertions.assertEquals(PermissionSet.WRITE, accessControlEntry.getPermission());
        Assertions.assertTrue(accessControlEntry.isGranting());
    }

    @Test
    void testAddStream() {
        EntityIdentity entityIdentity = new EntityIdentity("MyQuestionnaire", "id");
        Mockito.when(this.entity.getString("owner")).thenReturn("username");
        Mockito.when(this.entity.getIdValue()).thenReturn("id");
        Mockito.when(this.entity.getEntityType()).thenReturn(this.entityType);
        Mockito.when(this.entityType.getId()).thenReturn("MyQuestionnaire");
        AclImpl aclImpl = new AclImpl(entityIdentity, 1, this.authorizationStrategy, this.auditLogger);
        aclImpl.insertAce(0, PermissionSet.WRITE, new PrincipalSid("otheruser"), true);
        Mockito.when(this.mutableAclService.readAclById(entityIdentity)).thenReturn(aclImpl);
        this.ownershipDecorator.add(Stream.of(this.entity));
        ((Repository) Mockito.verify(this.delegate)).add((Stream) this.streamCaptor.capture());
        Assertions.assertEquals(Collections.singletonList(this.entity), ((Stream) this.streamCaptor.getValue()).collect(Collectors.toList()));
        ((MutableAclService) Mockito.verify(this.mutableAclService)).updateAcl(aclImpl);
        PrincipalSid principalSid = new PrincipalSid("username");
        Assertions.assertEquals(principalSid, aclImpl.getOwner());
        Assertions.assertEquals(1, aclImpl.getEntries().size());
        AccessControlEntry accessControlEntry = (AccessControlEntry) aclImpl.getEntries().get(0);
        Assertions.assertEquals(principalSid, accessControlEntry.getSid());
        Assertions.assertEquals(PermissionSet.WRITE, accessControlEntry.getPermission());
        Assertions.assertTrue(accessControlEntry.isGranting());
    }

    @Test
    void testGetFactorySchema() {
        this.validator.validate("{ownerAttribute: 'owner'}", this.ownershipDecoratorFactory.getSchema());
    }

    @Test
    void testFactorySchemaChecksForOwnerAttribute() {
        org.assertj.core.api.Assertions.assertThat(((Exception) Assertions.assertThrows(JsonValidationException.class, () -> {
            this.validator.validate("{}", this.ownershipDecoratorFactory.getSchema());
        })).getMessage()).containsPattern("violations: #: required key \\[ownerAttribute\\] not found");
    }

    @Test
    void testFactorySchemaChecksOwnerAttributeType() {
        org.assertj.core.api.Assertions.assertThat(((Exception) Assertions.assertThrows(JsonValidationException.class, () -> {
            this.validator.validate("{ownerAttribute: 1}", this.ownershipDecoratorFactory.getSchema());
        })).getMessage()).containsPattern("violations: #/ownerAttribute: expected type: String, found: Integer");
    }

    @Test
    void testGetFactoryDescription() {
        Assertions.assertEquals("When entities are added to the decorated repository, their owner is set to the value of the ownerAttribute.", this.ownershipDecoratorFactory.getDescription());
    }

    @Test
    void testGetFactoryLabel() {
        Assertions.assertEquals("Ownership decorator", this.ownershipDecoratorFactory.getLabel());
    }

    @Test
    void testGetFactoryId() {
        Assertions.assertEquals("ownership", this.ownershipDecoratorFactory.getId());
    }
}
