package org.exoplatform.services.jcr.impl.access;

import java.security.AccessControlException;
import java.util.ArrayList;
import javax.jcr.AccessDeniedException;
import javax.jcr.Node;
import org.exoplatform.services.jcr.JcrImplBaseTest;
import org.exoplatform.services.jcr.access.PermissionType;
import org.exoplatform.services.jcr.core.CredentialsImpl;
import org.exoplatform.services.jcr.impl.core.NodeImpl;
import org.exoplatform.services.jcr.impl.core.SessionImpl;
import org.exoplatform.services.security.IdentityConstants;
import org.exoplatform.services.security.MembershipEntry;

/* loaded from: input_file:org/exoplatform/services/jcr/impl/access/TestUserAccess.class */
public class TestUserAccess extends JcrImplBaseTest {
    private NodeImpl testRoot;

    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public void setUp() throws Exception {
        super.setUp();
        this.testRoot = this.root.addNode("testUserAccess");
        this.root.save();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public void tearDown() throws Exception {
        SessionImpl systemSession = this.repository.getSystemSession(this.session.getWorkspace().getName());
        if (systemSession.getRootNode().hasNode("testUserAccess")) {
            systemSession.getRootNode().getNode("testUserAccess").remove();
            systemSession.save();
        }
        super.tearDown();
    }

    public void testUser() throws Exception {
        NodeImpl addNode = this.testRoot.addNode("mary");
        addNode.addMixin("exo:privilegeable");
        if (!this.session.getUserID().equals("mary")) {
            addNode.setPermission("mary", PermissionType.ALL);
            addNode.removePermission(this.session.getUserID());
        }
        addNode.removePermission(IdentityConstants.ANY);
        this.testRoot.save();
        try {
            NodeImpl item = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()), this.session.getWorkspace().getName()).getItem(addNode.getPath());
            Node addNode2 = item.addNode("test");
            addNode2.setProperty("property", "any data");
            item.save();
            addNode2.remove();
            item.save();
        } catch (AccessControlException e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }

    public void testRoot() throws Exception {
        NodeImpl addNode = this.testRoot.addNode("root");
        addNode.addMixin("exo:privilegeable");
        if (!this.session.getUserID().equals("root")) {
            addNode.setPermission("root", PermissionType.ALL);
            addNode.removePermission(this.session.getUserID());
        }
        addNode.removePermission(IdentityConstants.ANY);
        this.testRoot.save();
        try {
            NodeImpl item = this.repository.login(new CredentialsImpl("root", "exo".toCharArray()), this.session.getWorkspace().getName()).getItem(addNode.getPath());
            Node addNode2 = item.addNode("test");
            addNode2.setProperty("property", "any data");
            item.save();
            addNode2.remove();
            item.save();
        } catch (AccessControlException e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }

    public void testRootAndAnyRead() throws Exception {
        NodeImpl addNode = this.testRoot.addNode("root");
        addNode.addMixin("exo:privilegeable");
        if (!this.session.getUserID().equals("root")) {
            addNode.setPermission("root", PermissionType.ALL);
        }
        addNode.setPermission(this.session.getUserID(), PermissionType.ALL);
        addNode.removePermission(IdentityConstants.ANY);
        addNode.setPermission(IdentityConstants.ANY, new String[]{"read"});
        addNode.removePermission(this.session.getUserID());
        this.testRoot.save();
        try {
            NodeImpl item = this.repository.login(new CredentialsImpl("root", "exo".toCharArray()), this.session.getWorkspace().getName()).getItem(addNode.getPath());
            Node addNode2 = item.addNode("test");
            addNode2.setProperty("property", "any data");
            item.save();
            addNode2.remove();
            item.save();
        } catch (AccessControlException e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }

    public void testDynamicUserRead() throws Exception {
        NodeImpl addNode = this.testRoot.addNode("mary_dynamic");
        addNode.addMixin("exo:privilegeable");
        if (!this.session.getUserID().equals("mary")) {
            addNode.setPermission("*:/platform/users", new String[]{"read"});
            addNode.setPermission("mary", PermissionType.ALL);
            addNode.removePermission(this.session.getUserID());
        }
        addNode.removePermission(IdentityConstants.ANY);
        this.testRoot.save();
        NodeImpl item = this.repository.login(new CredentialsImpl("mary", "exo".toCharArray()), this.session.getWorkspace().getName()).getItem(addNode.getPath());
        item.addNode("test").setProperty("property", "any data");
        item.save();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new MembershipEntry("/platform/administrators"));
        try {
            this.repository.getDynamicSession(this.session.getWorkspace().getName(), arrayList).getItem(addNode.getPath());
            fail("Dynamic session with membership '*:/platform/users' should not read node with membership '*:/platform/users'");
        } catch (AccessDeniedException e) {
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new MembershipEntry("/platform/users"));
        try {
            this.repository.getDynamicSession(this.session.getWorkspace().getName(), arrayList2).getItem(addNode.getPath());
        } catch (AccessDeniedException e2) {
            e2.printStackTrace();
            fail("Dynamic session with membership '*:/platform/users' should read node with membership '*:/platform/users'. Exception message :" + e2.getMessage());
        }
        try {
            NodeImpl item2 = this.repository.getDynamicSession(this.session.getWorkspace().getName(), arrayList2).getItem(addNode.getPath());
            item2.addNode("test2");
            item2.save();
            fail("Dynamic session with membership '*:/platform/users' should be not add child node with membership '*:/platform/users READ'");
        } catch (AccessDeniedException e3) {
        }
        try {
            NodeImpl item3 = this.repository.getDynamicSession(this.session.getWorkspace().getName(), arrayList2).getItem(addNode.getPath());
            item3.getNode("test").remove();
            item3.save();
            fail("Dynamic session with membership '*:/platform/users' should be not remove child node with membership '*:/platform/users READ'");
        } catch (AccessDeniedException e4) {
        }
    }
}
