package org.exoplatform.services.jcr.impl.access;

import java.security.AccessControlException;
import javax.jcr.AccessDeniedException;
import javax.jcr.Property;
import javax.jcr.Session;
import org.exoplatform.services.jcr.BaseStandaloneTest;
import org.exoplatform.services.jcr.access.PermissionType;
import org.exoplatform.services.jcr.core.CredentialsImpl;
import org.exoplatform.services.jcr.core.ExtendedNode;
import org.exoplatform.services.jcr.impl.core.NodeImpl;

/* loaded from: input_file:org/exoplatform/services/jcr/impl/access/TestAccessExoPrivilegeable.class */
public class TestAccessExoPrivilegeable extends BaseStandaloneTest {
    private ExtendedNode accessTestRoot;

    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public void setUp() throws Exception {
        super.setUp();
        this.accessTestRoot = this.session.getRootNode().addNode("accessTestRoot");
        this.session.save();
    }

    @Override // org.exoplatform.services.jcr.BaseStandaloneTest
    public String getRepositoryName() {
        return "db1";
    }

    public void testSessionCheckPermission() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("testSessionCheckPermission");
        addNode.addMixin("exo:owneable");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("exo", PermissionType.ALL);
        addNode.setPermission("john", new String[]{"read"});
        addNode.removePermission("any");
        this.session.save();
        Session login = this.repository.login(new CredentialsImpl("john", "exo".toCharArray()));
        login.checkPermission("/accessTestRoot/testSessionCheckPermission", "read");
        try {
            login.checkPermission("/accessTestRoot/testSessionCheckPermission", "set_property");
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e) {
        }
        try {
            this.repository.login(new CredentialsImpl("mary", "exo".toCharArray())).checkPermission("/accessTestRoot/testSessionCheckPermission", "read");
            fail("AccessControlException should have been thrown ");
        } catch (AccessControlException e2) {
        }
    }

    public void testSubNodePermissions() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("node1");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("exo", new String[]{"read"});
        addNode.setPermission("*:/platform/administrators", PermissionType.ALL);
        addNode.removePermission("any");
        this.accessTestRoot.save();
        NodeImpl addNode2 = addNode.addNode("subnode");
        addNode2.addMixin("exo:privilegeable");
        addNode.save();
        Session login = this.repository.login(new CredentialsImpl("exo", "exo".toCharArray()));
        try {
            NodeImpl item = login.getItem(addNode2.getPath());
            assertEquals("User 'exo' permissions are wrong", "read", (String) item.getACL().getPermissions("exo").get(0));
            assertEquals("User 'exo' permissions are wrong", "exo read", item.getProperty("exo:permissions").getValues()[0].getString());
            login.logout();
        } catch (Throwable th) {
            login.logout();
            throw th;
        }
    }

    public void testSubNodeInheritedPermissions() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("node1");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("exo", new String[]{"read"});
        addNode.setPermission("*:/platform/administrators", PermissionType.ALL);
        addNode.removePermission("any");
        this.accessTestRoot.save();
        NodeImpl addNode2 = addNode.addNode("subnode");
        addNode2.addMixin("exo:owneable");
        addNode.save();
        Session login = this.repository.login(new CredentialsImpl("exo", "exo".toCharArray()));
        try {
            assertEquals("User 'exo' permissions are wrong", "read", (String) login.getItem(addNode2.getPath()).getACL().getPermissions("exo").get(0));
            login.logout();
        } catch (Throwable th) {
            login.logout();
            throw th;
        }
    }

    public void testGetNodeWithoutParentREAD() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("node1");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("exo", new String[]{"set_property"});
        addNode.setPermission("*:/platform/administrators", PermissionType.ALL);
        addNode.removePermission("any");
        addNode.setProperty("property", "property");
        NodeImpl addNode2 = addNode.addNode("subnode");
        Property property = addNode2.setProperty("property1", "property1");
        addNode2.addMixin("exo:privilegeable");
        addNode2.setPermission("exo", new String[]{"read", "set_property"});
        this.accessTestRoot.save();
        Session login = this.repository.login(new CredentialsImpl("exo", "exo".toCharArray()));
        NodeImpl item = login.getItem(this.accessTestRoot.getPath());
        try {
            item.getNode("node1");
            fail("Node " + addNode.getPath() + " has no permissions for read by 'exo'");
        } catch (AccessDeniedException e) {
        }
        try {
            assertNotNull("Node should be accessible", item.getNode("node1/subnode"));
        } catch (AccessDeniedException e2) {
            e2.printStackTrace();
            fail("User 'exo' shoould be able to get the node " + addNode2.getPath());
        }
        try {
            assertNotNull("Property should be accessible", item.getProperty("node1/subnode/property1"));
        } catch (AccessDeniedException e3) {
            e3.printStackTrace();
            fail("User 'exo' shoould be able to get the property " + property.getPath());
        }
        try {
            assertNotNull("Node should be accessible", login.getItem(addNode2.getPath()));
        } catch (AccessDeniedException e4) {
            e4.printStackTrace();
            fail("User 'exo' shoould be able to get the node " + addNode2.getPath());
        }
        try {
            assertNotNull("Property should be accessible", login.getItem(property.getPath()));
        } catch (AccessDeniedException e5) {
            e5.printStackTrace();
            fail("User 'exo' shoould be able to get the property " + property.getPath());
        }
    }

    public void testGetPropertyWithoutParentREAD() throws Exception {
        NodeImpl addNode = this.accessTestRoot.addNode("node1");
        addNode.addMixin("exo:privilegeable");
        addNode.setPermission("exo", new String[]{"add_node"});
        addNode.setPermission("*:/platform/administrators", PermissionType.ALL);
        addNode.removePermission("any");
        Property property = addNode.setProperty("property", "property");
        this.accessTestRoot.save();
        try {
            this.repository.login(new CredentialsImpl("exo", "exo".toCharArray())).getItem(this.accessTestRoot.getPath()).getProperty("node1/property").getString();
            fail("User 'exo' hasn't rights to get property " + property.getPath());
        } catch (AccessDeniedException e) {
        }
    }
}
