package pl.edu.icm.unity.engine;

import org.junit.Assert;
import org.junit.Test;
import pl.edu.icm.unity.exceptions.AuthorizationException;
import pl.edu.icm.unity.stdext.attr.EnumAttribute;
import pl.edu.icm.unity.stdext.credential.PasswordToken;
import pl.edu.icm.unity.types.EntityState;
import pl.edu.icm.unity.types.basic.AttributeVisibility;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Group;
import pl.edu.icm.unity.types.basic.IdentityParam;
import pl.edu.icm.unity.types.basic.IdentityTaV;

/* loaded from: input_file:pl/edu/icm/unity/engine/TestAuthorization.class */
public class TestAuthorization extends DBIntegrationTestBase {
    private void setAdminsRole(String str) throws Exception {
        EnumAttribute enumAttribute = new EnumAttribute("sys:AuthorizationRole", "/", AttributeVisibility.local, str);
        this.insecureAttrsMan.setAttribute(new EntityParam(new IdentityTaV("userName", "admin")), enumAttribute, true);
    }

    @Test
    public void test() throws Exception {
        setAdminsRole("Contents Manager");
        try {
            this.serverMan.resetDatabase();
            Assert.fail("reset db possible for contents man");
        } catch (AuthorizationException e) {
        }
        EntityParam entityParam = new EntityParam(this.idsMan.addEntity(new IdentityParam("userName", "user1"), "Password requirement", EntityState.valid, false).getEntityId());
        this.attrsMan.setAttribute(entityParam, new EnumAttribute("sys:AuthorizationRole", "/", AttributeVisibility.local, "Regular User"), false);
        setupUserContext("user1", false);
        try {
            this.serverMan.resetDatabase();
            Assert.fail("reset db possible for user");
        } catch (AuthorizationException e2) {
        }
        try {
            this.groupsMan.addGroup(new Group("/A"));
            Assert.fail("addGrp possible for user");
        } catch (AuthorizationException e3) {
        }
        this.attrsMan.getAttributes(entityParam, "/", (String) null);
        setupUserContext("admin", false);
        this.groupsMan.addGroup(new Group("/A"));
        this.groupsMan.addMemberFromParent("/A", entityParam);
        this.attrsMan.removeAttribute(entityParam, "/", "sys:AuthorizationRole");
        this.attrsMan.setAttribute(entityParam, new EnumAttribute("sys:AuthorizationRole", "/A", AttributeVisibility.local, "System Manager"), false);
        setupUserContext("user1", false);
        try {
            this.serverMan.resetDatabase();
            Assert.fail("reset db possible for user");
        } catch (AuthorizationException e4) {
        }
        this.groupsMan.addGroup(new Group("/A/B"));
        this.groupsMan.removeGroup("/A/B", true);
        this.groupsMan.addGroup(new Group("/A/G"));
        this.groupsMan.addMemberFromParent("/A/G", entityParam);
        this.attrsMan.setAttribute(entityParam, new EnumAttribute("sys:AuthorizationRole", "/A/G", AttributeVisibility.local, "Anonymous User"), false);
        this.groupsMan.addGroup(new Group("/A/G/Z"));
        try {
            this.groupsMan.addGroup(new Group("/B"));
            Assert.fail("addGrp possible for no-role");
        } catch (AuthorizationException e5) {
        }
        setupUserContext("admin", false);
        this.attrsMan.setAttribute(entityParam, new EnumAttribute("sys:AuthorizationRole", "/", AttributeVisibility.local, "Regular User"), false);
        setupUserContext("admin", true);
        try {
            this.attrsMan.setAttribute(entityParam, new EnumAttribute("sys:AuthorizationRole", "/", AttributeVisibility.local, "Inspector"), true);
            Assert.fail("set attributes with outdated credential");
        } catch (AuthorizationException e6) {
        }
        this.idsMan.setEntityCredential(entityParam, "Password credential", new PasswordToken("foo12!~").toJson());
        this.idsMan.getIdentityTypes();
    }
}
