package org.exoplatform.services.jcr.impl.access;

import java.security.AccessControlException;
import java.util.HashMap;
import java.util.List;
import javax.jcr.AccessDeniedException;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.Property;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import org.exoplatform.services.jcr.BaseStandaloneTest;
import org.exoplatform.services.jcr.access.AccessControlEntry;
import org.exoplatform.services.jcr.access.AccessControlList;
import org.exoplatform.services.jcr.access.AccessManager;
import org.exoplatform.services.jcr.access.PermissionType;
import org.exoplatform.services.jcr.core.CredentialsImpl;
import org.exoplatform.services.jcr.core.ExtendedNode;
import org.exoplatform.services.jcr.impl.core.NodeImpl;
import org.exoplatform.services.jcr.impl.core.SessionImpl;
import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.IdentityConstants;

/* loaded from: input_file:org/exoplatform/services/jcr/impl/access/TestAccess.class */
public class TestAccess extends BaseStandaloneTest {
    private ExtendedNode accessTestRoot;

    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public void setUp() throws Exception {
        super.setUp();
        if (this.session.getRootNode().hasNode("accessTestRoot")) {
            this.accessTestRoot = this.session.getRootNode().getNode("accessTestRoot");
        } else {
            this.accessTestRoot = this.session.getRootNode().addNode("accessTestRoot");
            this.session.save();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public void tearDown() throws Exception {
        super.tearDown();
    }

    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public String getRepositoryName() {
        return "db1";
    }

    public void testNoAccessControllable() throws Exception {
        AccessControlList acl = this.root.getACL();
        assertEquals(IdentityConstants.SYSTEM, acl.getOwner());
        assertEquals(PermissionType.ALL.length, acl.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl.getPermissionEntries().get(0)).getPermission());
    }

    public void testOwneable() throws Exception {
        ExtendedNode addNode = this.session.getRootNode().addNode("testACNode");
        addNode.addMixin("exo:owneable");
        AccessControlList acl = addNode.getACL();
        assertEquals(this.session.getUserID(), acl.getOwner());
        assertEquals(PermissionType.ALL.length, acl.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl.getPermissionEntries().get(0)).getPermission());
    }

    public void testPrivilegeable() throws Exception {
        ExtendedNode addNode = this.session.getRootNode().addNode("testACNode");
        addNode.addMixin("exo:privilegeable");
        AccessControlList acl = addNode.getACL();
        assertEquals(IdentityConstants.SYSTEM, acl.getOwner());
        assertEquals(PermissionType.ALL.length, acl.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl.getPermissionEntries().get(0)).getPermission());
    }

    public void testDefaultAccessControllable() throws Exception {
        ExtendedNode addNode = this.session.getRootNode().addNode("testACNode");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        AccessControlList acl = addNode.getACL();
        assertEquals(this.session.getUserID(), acl.getOwner());
        assertEquals(PermissionType.ALL.length, acl.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl.getPermissionEntries().get(0)).getPermission());
        this.session.save();
        ExtendedNode node = this.session.getRootNode().getNode("testACNode");
        this.repository.login(new CredentialsImpl("mary", "exo".toCharArray())).getRootNode().getNode("testACNode");
        AccessControlList acl2 = node.getACL();
        assertEquals(this.session.getUserID(), acl2.getOwner());
        assertEquals(PermissionType.ALL.length, acl2.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl2.getPermissionEntries().get(0)).getPermission());
    }

    public void testIfPermissionSaved() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("testIfPermissionSaved");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        this.session.save();
        if (log.isDebugEnabled()) {
            log.debug("NODE PERM 1 >>> " + addNode.getACL().dump());
        }
        HashMap hashMap = new HashMap();
        hashMap.put("john", new String[]{"add_node", "read"});
        addNode.setPermissions(hashMap);
        if (log.isDebugEnabled()) {
            log.debug("NODE PERM 1 >>> " + addNode.getACL().dump());
        }
        this.session.save();
        if (log.isDebugEnabled()) {
            log.debug("NODE PERM 2 >>> " + addNode.getACL().dump());
        }
        NodeImpl node = this.repository.getSystemSession().getRootNode().getNode("accessTestRoot/testIfPermissionSaved");
        if (log.isDebugEnabled()) {
            log.debug("NODE PERM 4 >>> " + addNode.getACL().dump());
        }
        if (log.isDebugEnabled()) {
            log.debug("TEST PERM >>> " + node.getACL().dump());
        }
        showPermissions("accessTestRoot/testIfPermissionSaved");
        AccessControlList acl = node.getACL();
        assertEquals(this.session.getUserID(), acl.getOwner());
        assertEquals(2, acl.getPermissionEntries().size());
        List permissionEntries = acl.getPermissionEntries();
        assertEquals("john", ((AccessControlEntry) permissionEntries.get(0)).getIdentity());
        assertEquals("add_node", ((AccessControlEntry) permissionEntries.get(0)).getPermission());
        assertEquals("read", ((AccessControlEntry) permissionEntries.get(1)).getPermission());
    }

    public void testPermissionInheritance() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("testPermissionInheritance");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", new String[]{"add_node", "read"});
        addNode.setPermissions(hashMap);
        NodeImpl addNode2 = addNode.addNode("node1");
        assertEquals(addNode.getACL(), addNode2.getACL());
        assertEquals(addNode.getACL(), addNode2.addNode("node1").getACL());
    }

    public void testSessionCheckPermission() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("testSessionCheckPermission");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", new String[]{"add_node", "read"});
        addNode.setPermissions(hashMap);
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        login.checkPermission("/accessTestRoot/testSessionCheckPermission", "read");
        try {
            login.checkPermission("/accessTestRoot/testSessionCheckPermission", "set_property");
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e) {
        }
        try {
            this.repository.login(new CredentialsImpl("mary", "exo".toCharArray())).checkPermission("/accessTestRoot/testSessionCheckPermission", "read");
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e2) {
        }
    }

    public void testRead() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("testRead");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", new String[]{"read"});
        addNode.setPermissions(hashMap);
        addNode.addNode("node1");
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        login.getItem("/accessTestRoot/testRead");
        login.getItem("/accessTestRoot/testRead/jcr:primaryType");
        login.getItem("/accessTestRoot/testRead/node1");
        assertEquals(4L, login.getItem("/accessTestRoot/testRead").getProperties().getSize());
        assertEquals(1L, login.getItem("/accessTestRoot").getNodes().getSize());
        Session login2 = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        try {
            login2.getItem("/accessTestRoot/testRead");
            fail("AccessDeniedException should have been thrown ");
        } catch (AccessDeniedException e) {
        }
        assertEquals(0L, login2.getItem("/accessTestRoot").getNodes().getSize());
        try {
            login2.getItem("/accessTestRoot/testRead/node1");
            fail("AccessDeniedException should have been thrown ");
        } catch (AccessDeniedException e2) {
        }
    }

    public void testAddNode() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testAddNode");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", new String[]{"add_node", "read"});
        hashMap.put("mary", new String[]{"read"});
        addNode.setPermissions(hashMap);
        this.session.save();
        assertEquals(this.credentials.getUserID(), this.accessTestRoot.getNode("testAddNode").getACL().getOwner());
        this.accessTestRoot.getNode("testAddNode").addNode("ownersNode");
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        login.getRootNode().getNode("accessTestRoot/testAddNode").addNode("illegal");
        try {
            login.save();
            fail("AccessDeniedException should have been thrown ");
        } catch (AccessDeniedException e) {
            login.refresh(false);
        }
        Session login2 = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        login2.getRootNode().getNode("accessTestRoot/testAddNode").addNode("legal");
        login2.save();
        login2.getRootNode().getNode("accessTestRoot/testAddNode").setProperty("illegal", "test");
        try {
            login2.save();
            fail("AccessDeniedException should have been thrown ");
        } catch (AccessDeniedException e2) {
            login2.refresh(false);
        }
    }

    public void testModifyAndReadItem() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testModifyAndReadNode");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", PermissionType.ALL);
        hashMap.put("mary", new String[]{"read"});
        addNode.setPermissions(hashMap);
        this.session.save();
        assertEquals(this.credentials.getUserID(), this.session.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").getACL().getOwner());
        this.session.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").addNode("ownersNode");
        this.session.save();
        this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        login.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").setProperty("legal", "test");
        login.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").setProperty("illegal", "test");
        login.save();
        login.getRootNode().getProperty("accessTestRoot/testModifyAndReadNode/legal").remove();
        login.save();
        login.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").getProperty("illegal");
        assertEquals(1L, login.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").getProperties("illegal").getSize());
        Session login2 = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        login2.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").getProperty("illegal").remove();
        try {
            login2.save();
            fail("PathNotFoundException or AccessDenied should have been thrown ");
        } catch (AccessDeniedException e) {
            login2.refresh(false);
            login.save();
        }
        login2.getRootNode().getNode("accessTestRoot/testModifyAndReadNode").setProperty("illegal2", "test");
        try {
            login2.save();
            fail("PathNotFoundException or AccessDenied should have been thrown ");
        } catch (AccessDeniedException e2) {
            login2.refresh(false);
        }
    }

    public void testCheckAndCleanPermissions() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testCheckAndCleanPermissions");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        HashMap hashMap = new HashMap();
        hashMap.put("john", PermissionType.ALL);
        hashMap.put("mary", new String[]{"read"});
        addNode.setPermissions(hashMap);
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        Session login2 = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        login.checkPermission("/accessTestRoot/testCheckAndCleanPermissions", "add_node");
        try {
            login2.checkPermission("/accessTestRoot/testCheckAndCleanPermissions", "add_node");
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e) {
        }
        login2.checkPermission("/accessTestRoot/testCheckAndCleanPermissions", "read");
        ExtendedNode node = login2.getRootNode().getNode("accessTestRoot/testCheckAndCleanPermissions");
        try {
            node.setPermissions(hashMap);
            login2.save();
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e2) {
            login2.refresh(false);
        }
        AccessControlList acl = node.getACL();
        assertEquals(this.credentials.getUserID(), acl.getOwner());
        assertEquals(5, acl.getPermissionEntries().size());
        try {
            node.clearACL();
            login2.save();
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e3) {
            login2.refresh(false);
        }
        ExtendedNode node2 = login.getRootNode().getNode("accessTestRoot/testCheckAndCleanPermissions");
        node2.clearACL();
        login.save();
        AccessControlList acl2 = node2.getACL();
        assertEquals(this.credentials.getUserID(), acl2.getOwner());
        assertEquals(PermissionType.ALL.length, acl2.getPermissionEntries().size());
        assertEquals(PermissionType.ALL[0], ((AccessControlEntry) acl2.getPermissionEntries().get(0)).getPermission());
    }

    public void testPrivilegeableAddNode() throws Exception {
        Node addNode = this.session.getRootNode().addNode("testACNode");
        addNode.addMixin("exo:privilegeable");
        try {
            addNode.addNode("privilegeable");
            this.session.save();
        } catch (AccessControlException e) {
            fail("AccessControlException should not have been thrown ");
        }
        try {
            this.session.getRootNode().getNode("testACNode/privilegeable");
        } catch (RepositoryException e2) {
            fail("PathNotFoundException or AccessDenied  should not have been thrown ");
        }
    }

    public void testAddSaveAndRead() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testSetAndRemovePermission");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", PermissionType.ALL);
        String owner = addNode.getACL().getOwner();
        assertEquals(8, addNode.getACL().getPermissionEntries().size());
        this.accessTestRoot.save();
        NodeImpl node = this.repository.login(new CredentialsImpl("john", "exo".toCharArray())).getRootNode().getNode("accessTestRoot/testSetAndRemovePermission");
        assertEquals(8, node.getACL().getPermissionEntries().size());
        assertEquals(node.getACL().getOwner(), owner);
    }

    public void testSetAndRemovePermission() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testSetAndRemovePermission");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", PermissionType.ALL);
        assertEquals(PermissionType.ALL.length * 2, addNode.getACL().getPermissionEntries().size());
        addNode.setPermission("mary", new String[]{"read"});
        assertEquals((PermissionType.ALL.length * 2) + 1, addNode.getACL().getPermissionEntries().size());
        addNode.removePermission("john");
        assertEquals(PermissionType.ALL.length + 1, addNode.getACL().getPermissionEntries().size());
    }

    public void testReplacePermission() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testReplacePermission");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", PermissionType.ALL);
        assertEquals(PermissionType.ALL.length * 2, addNode.getACL().getPermissionEntries().size());
        addNode.setPermission("john", new String[]{"read"});
        assertEquals(PermissionType.ALL.length + 1, addNode.getACL().getPermissionEntries().size());
        addNode.removePermission("john");
        assertEquals(PermissionType.ALL.length, addNode.getACL().getPermissionEntries().size());
    }

    public void testRemoveSpecified() throws Exception {
        AccessManager accessManager = this.accessTestRoot.getSession().getAccessManager();
        ExtendedNode addNode = this.accessTestRoot.addNode("testRemoveSpecified");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", PermissionType.ALL);
        assertEquals(PermissionType.ALL.length * 2, addNode.getACL().getPermissionEntries().size());
        addNode.setPermission("mary", PermissionType.ALL);
        this.accessTestRoot.save();
        Session login = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        ExtendedNode node = login.getRootNode().getNode("accessTestRoot").getNode("testRemoveSpecified");
        node.removePermission(IdentityConstants.ANY);
        assertTrue(accessManager.hasPermission(node.getACL(), "read", new Identity("john")));
        node.removePermission("john", "read");
        assertTrue(accessManager.hasPermission(node.getACL(), "set_property", new Identity("john")));
        assertFalse(accessManager.hasPermission(node.getACL(), "read", new Identity("john")));
        assertTrue(accessManager.hasPermission(node.getACL(), "read", new Identity("mary")));
        node.remove();
        login.save();
    }

    public void testOperationsByOwner() throws Exception {
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        Node node = login.getRootNode().getNode("accessTestRoot");
        node.addMixin("exo:privilegeable");
        Node addNode = node.addNode("testByOwnerNode");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        login.save();
        login.logout();
        this.accessTestRoot = this.session.getRootNode().getNode("accessTestRoot");
        this.accessTestRoot.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        this.accessTestRoot.removePermission("john");
        this.accessTestRoot.removePermission(IdentityConstants.ANY);
        this.accessTestRoot.setPermission("john", new String[]{"read"});
        ExtendedNode node2 = this.accessTestRoot.getNode("testByOwnerNode");
        node2.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        node2.removePermission("john");
        node2.removePermission(IdentityConstants.ANY);
        node2.setPermission("john", new String[]{"read"});
        this.session.save();
        Session login2 = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        Node node3 = login2.getRootNode().getNode("accessTestRoot").getNode("testByOwnerNode");
        try {
            Property property = node3.setProperty("prop1", "val1");
            login2.save();
            property.remove();
            login2.save();
            Node addNode2 = node3.addNode("test2");
            login2.save();
            addNode2.remove();
            login2.save();
        } catch (AccessControlException e) {
            fail("AccessControlException should not have been thrown ");
        }
        node3.remove();
        login2.save();
    }

    public void testRemoveExoOwnable() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testRemoveExoOwnable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", new String[]{"read", "remove", "add_node", "set_property"});
        addNode.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        addNode.addNode("subroot");
        this.accessTestRoot.getSession().save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        ExtendedNode node = login.getRootNode().getNode("accessTestRoot").getNode("testRemoveExoOwnable").getNode("subroot");
        node.addMixin("exo:owneable");
        assertEquals("john", node.getProperty("exo:owner").getString());
        assertEquals("john", node.getACL().getOwner());
        node.addNode("node");
        login.save();
        login.logout();
        Session login2 = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        ExtendedNode node2 = login2.getRootNode().getNode("accessTestRoot/testRemoveExoOwnable/subroot");
        assertEquals("john", node2.getProperty("exo:owner").getString());
        assertEquals("john", node2.getACL().getOwner());
        node2.getNode("node").remove();
        login2.save();
        addNode.remove();
        this.accessTestRoot.getSession().save();
    }

    public void testAnonim() throws RepositoryException {
        ExtendedNode addNode = this.accessTestRoot.addNode("testAnonim");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl(IdentityConstants.ANONIM, "".toCharArray()));
        addNode.setPermission(addNode.getSession().getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        this.session.save();
        try {
            login.checkPermission("." + addNode.getPath(), "read");
            fail();
        } catch (AccessControlException e) {
        }
        addNode.setPermission(IdentityConstants.ANY, new String[]{"read"});
        this.session.save();
        try {
            login.checkPermission(addNode.getPath(), "read");
            login.getRootNode().getNode("." + addNode.getPath());
            login.checkPermission(addNode.getPath(), "remove");
            fail();
        } catch (AccessControlException e2) {
        }
        addNode.removePermission(IdentityConstants.ANY);
        this.session.save();
        try {
            login.checkPermission("." + addNode.getPath(), "read");
            fail();
        } catch (AccessControlException e3) {
        }
        addNode.setPermission(IdentityConstants.ANY, new String[]{"read", "set_property", "remove"});
        this.session.save();
        try {
            login.checkPermission(addNode.getPath(), "read");
            login.getRootNode().getNode("." + addNode.getPath());
            login.checkPermission(addNode.getPath(), "set_property");
            login.checkPermission(addNode.getPath(), "remove");
            login.checkPermission(addNode.getPath(), "add_node");
            fail();
        } catch (AccessControlException e4) {
        }
        try {
            login.checkPermission(addNode.getPath(), "read,add_node");
            fail();
        } catch (AccessControlException e5) {
        }
        try {
            login.checkPermission(addNode.getPath(), "add_node,set_property,remove");
            fail();
        } catch (AccessControlException e6) {
        }
    }

    public void testDualCheckPermissions() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("DualCheckPermissions");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", new String[]{"read", "add_node", "set_property"});
        addNode.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        this.accessTestRoot.save();
        AccessManager accessManager = this.accessTestRoot.getSession().getAccessManager();
        SessionImpl login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        assertTrue(accessManager.hasPermission(addNode.getACL(), new String[]{"read", "add_node"}, login.getUserState().getIdentity()));
        assertTrue(accessManager.hasPermission(addNode.getACL(), new String[]{"read", "set_property"}, login.getUserState().getIdentity()));
        assertTrue(accessManager.hasPermission(addNode.getACL(), new String[]{"add_node", "set_property"}, login.getUserState().getIdentity()));
        assertFalse(accessManager.hasPermission(addNode.getACL(), new String[]{"read", "remove"}, login.getUserState().getIdentity()));
    }

    public void testEmptyPermissions() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testEmptyPermissions");
        addNode.addMixin("exo:privilegeable");
        this.session.save();
        addNode.removePermission(IdentityConstants.ANY);
        try {
            this.session.checkPermission(addNode.getPath(), "read");
            fail();
        } catch (AccessControlException e) {
        }
        try {
            this.session.save();
            fail();
        } catch (RepositoryException e2) {
        }
        this.session.refresh(false);
        ExtendedNode addNode2 = this.accessTestRoot.addNode("testEmptyPermissions2");
        addNode2.addMixin("exo:privilegeable");
        this.session.save();
        addNode2.setPermission(IdentityConstants.ANY, new String[0]);
        try {
            this.session.save();
            fail();
        } catch (RepositoryException e3) {
        }
    }

    public void testPerseEntries() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testPerseEntries");
        addNode.addMixin("exo:privilegeable");
        this.session.save();
        addNode.setPermission(IdentityConstants.ANY, PermissionType.ALL);
        this.session.save();
        this.session.checkPermission(addNode.getPath(), "add_node");
        this.session.checkPermission(addNode.getPath(), "set_property");
        this.session.checkPermission(addNode.getPath(), "read");
        this.session.checkPermission(addNode.getPath(), "remove");
        try {
            this.session.checkPermission(addNode.getPath(), "bla-bla");
        } catch (AccessControlException e) {
        }
        try {
            this.session.checkPermission(addNode.getPath(), "");
        } catch (AccessControlException e2) {
        }
    }

    public void testRemoveAllPermissions() throws Exception {
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        ExtendedNode addNode = login.getRootNode().addNode("testNode");
        addNode.addMixin("exo:privilegeable");
        login.save();
        HashMap hashMap = new HashMap();
        hashMap.put("admin", PermissionType.ALL);
        addNode.setPermissions(hashMap);
        try {
            addNode.addNode("d");
            login.save();
            fail();
        } catch (AccessDeniedException e) {
        }
        this.session.getRootNode().getNode("testNode").remove();
    }

    public void testPermissionAfterImport() throws Exception {
        Session login = this.repository.login(new CredentialsImpl("root", "exo".toCharArray()));
        login.importXML("/", BaseStandaloneTest.class.getResourceAsStream("/import-export/testPermdocview.xml"), 0);
        login.save();
        ExtendedNode item = login.getItem("/a");
        int i = 0;
        for (AccessControlEntry accessControlEntry : item.getACL().getPermissionEntries()) {
            String identity = accessControlEntry.getIdentity();
            String permission = accessControlEntry.getPermission();
            if (identity.equals("*:/platform/administrators") || identity.equals("root")) {
                assertTrue(permission.equals("read") || permission.equals("remove") || permission.equals("set_property") || permission.equals("add_node"));
                i++;
            } else if (identity.equals("validator:/platform/users")) {
                assertTrue(permission.equals("read") || permission.equals("set_property"));
                i++;
            }
        }
        assertEquals(10, i);
        item.remove();
        login.save();
    }

    public void testAccessControlEntryEquals() throws PathNotFoundException, RepositoryException {
        this.root.addNode("testNode");
        AccessControlEntry accessControlEntry = (AccessControlEntry) this.session.getItem("/testNode").getACL().getPermissionEntries().get(0);
        assertTrue(accessControlEntry.equals(accessControlEntry));
        assertFalse(accessControlEntry.equals(new Object()));
    }

    public void testAddMixinOwneable() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testSetOwneable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("john", new String[]{"add_node", "read", "remove", "set_property"});
        addNode.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        try {
            login.getRootNode().getNode("accessTestRoot/testSetOwneable").addMixin("exo:owneable");
            login.save();
        } catch (AccessControlException e) {
            fail();
        }
        login.logout();
        ExtendedNode addNode2 = this.accessTestRoot.addNode("testSetOwneable1");
        addNode2.addMixin("exo:privilegeable");
        addNode2.setPermission("mary", new String[]{"read", "set_property"});
        addNode2.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        addNode2.removePermission(IdentityConstants.ANY);
        this.session.save();
        Session login2 = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        try {
            login2.getRootNode().getNode("accessTestRoot/testSetOwneable1").addMixin("exo:owneable");
            login2.save();
            fail();
        } catch (AccessControlException e2) {
        }
        login2.logout();
        addNode.remove();
        addNode2.remove();
        this.session.save();
    }

    public void testAddMixinOwneable2() throws Exception {
        ExtendedNode addNode = this.accessTestRoot.addNode("testSetOwneable");
        addNode.addMixin("exo:privilegeable");
        addNode.addMixin("exo:owneable");
        addNode.setPermission("mary", new String[]{"read", "add_node", "set_property"});
        addNode.setPermission(this.accessTestRoot.getSession().getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        this.session.save();
        addNode.addNode("adminNode");
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()));
        ExtendedNode node = login.getRootNode().getNode("accessTestRoot/testSetOwneable/adminNode");
        try {
            node.addMixin("exo:owneable");
            login.save();
            node.remove();
            login.save();
            fail();
        } catch (AccessControlException e) {
            assertEquals(node.getACL().getOwner(), "admin");
        }
        try {
            ExtendedNode addNode2 = node.addNode("maryNode");
            addNode2.addMixin("exo:owneable");
            login.save();
            assertEquals(addNode2.getACL().getOwner(), "mary");
        } catch (AccessControlException e2) {
            fail();
        }
        login.logout();
        addNode.remove();
        this.session.save();
    }

    private void showPermissions(String str) throws RepositoryException {
        AccessControlList acl = this.repository.getSystemSession().getRootNode().getNode(str).getACL();
        if (log.isDebugEnabled()) {
            log.debug("DUMP: " + acl.dump());
        }
    }
}
