package org.neo4j.security;

import java.util.Set;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.neo4j.dbms.api.DatabaseManagementService;
import org.neo4j.function.Suppliers;
import org.neo4j.graphdb.GraphDatabaseService;
import org.neo4j.graphdb.Label;
import org.neo4j.graphdb.Node;
import org.neo4j.graphdb.Transaction;
import org.neo4j.internal.kernel.api.security.AbstractSecurityLog;
import org.neo4j.kernel.impl.security.Credential;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.server.security.SecureHasher;
import org.neo4j.server.security.SystemGraphCredential;
import org.neo4j.server.security.systemgraph.SecurityGraphHelper;
import org.neo4j.server.security.systemgraph.versions.KnownCommunitySecurityComponentVersion;
import org.neo4j.string.UTF8;
import org.neo4j.test.extension.ImpermanentDbmsExtension;
import org.neo4j.test.extension.Inject;

@ImpermanentDbmsExtension
/* loaded from: input_file:org/neo4j/security/SecurityGraphHelperTest.class */
public class SecurityGraphHelperTest {

    @Inject
    private DatabaseManagementService dbms;
    private SecurityGraphHelper securityGraphHelper;
    private AbstractSecurityLog securityLog;
    GraphDatabaseService system;

    @BeforeEach
    void setUp() {
        this.system = this.dbms.database("system");
        this.securityLog = (AbstractSecurityLog) Mockito.mock(AbstractSecurityLog.class);
        this.securityGraphHelper = new SecurityGraphHelper(Suppliers.lazySingleton(() -> {
            return this.system;
        }), new SecureHasher(), this.securityLog);
    }

    @Test
    void getUserByIdShouldReturnNullUserIdIsNull() {
        Assertions.assertThat(this.securityGraphHelper.getUserById((String) null)).isNull();
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Looking up user with id 'null'");
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Cannot look up user with id = null");
        Mockito.verifyNoMoreInteractions(new Object[]{this.securityLog});
    }

    @Test
    void getUserByIdShouldReturnUserWithNativeAuthForLegacyUserWhenCredentialsSet() {
        createUser(new User("alice", "userId", SystemGraphCredential.createCredentialForPassword(UTF8.encode("password"), new SecureHasher()), false, false));
        User userById = this.securityGraphHelper.getUserById("userId");
        Assertions.assertThat(userById.id()).isEqualTo("userId");
        Assertions.assertThat(userById.name()).isEqualTo("alice");
        Assertions.assertThat(userById.auth()).isEqualTo(Set.of(new User.Auth("native", "userId")));
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Looking up user with id 'userId'");
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Found user: User[name=alice, id=userId, credential=*****, passwordChangeRequired=false, suspended=false, auth=[Auth[provider=native, id=userId]]]");
        Mockito.verifyNoMoreInteractions(new Object[]{this.securityLog});
    }

    @Test
    void getUserByIdShouldReturnUserWithoutNativeAuthForLegacyUserWhenCredentialsNotSet() {
        createUser(new User("alice", "userId", (Credential) null, false, false));
        User userById = this.securityGraphHelper.getUserById("userId");
        Assertions.assertThat(userById.id()).isEqualTo("userId");
        Assertions.assertThat(userById.name()).isEqualTo("alice");
        Assertions.assertThat(userById.auth()).isEqualTo(Set.of());
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Looking up user with id 'userId'");
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Found user: User[name=alice, id=userId, credential=null, passwordChangeRequired=false, suspended=false, auth=[]]");
        Mockito.verifyNoMoreInteractions(new Object[]{this.securityLog});
    }

    @Test
    void getUserByIdShouldReturnNullWhenUserDoesNotExist() {
        Assertions.assertThat(this.securityGraphHelper.getUserById("userId")).isNull();
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("Looking up user with id 'userId'");
        ((AbstractSecurityLog) Mockito.verify(this.securityLog)).debug("User with id 'userId' not found");
        Mockito.verifyNoMoreInteractions(new Object[]{this.securityLog});
    }

    void createUser(User user) {
        Transaction beginTx = this.system.beginTx();
        try {
            Node createNode = beginTx.createNode(new Label[]{KnownCommunitySecurityComponentVersion.USER_LABEL});
            createNode.setProperty("name", user.name());
            createNode.setProperty("id", user.id());
            if (user.credential() != null && user.credential().value() != null) {
                createNode.setProperty("credentials", user.credential().value().serialize());
                createNode.setProperty("passwordChangeRequired", Boolean.valueOf(user.passwordChangeRequired()));
            }
            beginTx.commit();
            if (beginTx != null) {
                beginTx.close();
            }
        } catch (Throwable th) {
            if (beginTx != null) {
                try {
                    beginTx.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
