package org.kie.server.integrationtests.jbpm;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import org.assertj.core.api.Assertions;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.kie.api.KieServices;
import org.kie.internal.KieInternalServices;
import org.kie.internal.process.CorrelationKey;
import org.kie.server.api.model.ReleaseId;
import org.kie.server.api.model.instance.TaskSummary;
import org.kie.server.api.model.instance.WorkItemInstance;
import org.kie.server.integrationtests.config.TestConfig;
import org.kie.server.integrationtests.shared.KieServerDeployer;

/* loaded from: input_file:org/kie/server/integrationtests/jbpm/ProcessUserTaskServicesSecurityIntegrationTest.class */
public class ProcessUserTaskServicesSecurityIntegrationTest extends JbpmKieServerBaseIntegrationTest {
    private static ReleaseId releaseId = new ReleaseId("org.kie.server.testing", "secured-project", "1.0.0.Final");
    private static final String NO_PERMISSION_MSG = "User %s does not have permission to access this asset";

    @BeforeClass
    public static void buildAndDeployArtifacts() {
        KieServerDeployer.buildAndDeployCommonMavenParent();
        KieServerDeployer.buildAndDeployMavenProjectFromResource("/kjars-sources/secured-project");
        kieContainer = KieServices.Factory.get().newKieContainer(releaseId);
        createContainer("secured-project", releaseId);
    }

    @Test
    public void testNonAllowedUserCannotStartProcess() {
        assertClientException(() -> {
            this.processClient.startProcess("secured-project", "secured-project.usertask");
        }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
    }

    @Test
    public void testNonAllowedUserCannotStartProcessWithCorrelationKey() {
        CorrelationKey newCorrelationKey = KieInternalServices.Factory.get().newCorrelationKeyFactory().newCorrelationKey("key");
        assertClientException(() -> {
            this.processClient.startProcess("secured-project", "secured-project.usertask", newCorrelationKey);
        }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
    }

    @Test
    public void testNonAllowedUserCannotAbortProcess() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.abortProcessInstance("secured-project", startProcessAsAdministrator);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotAbortMultipleProcesses() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        Long startProcessAsAdministrator2 = startProcessAsAdministrator("secured-project.usertask");
        ArrayList arrayList = new ArrayList(Arrays.asList(startProcessAsAdministrator, startProcessAsAdministrator2));
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.abortProcessInstances("secured-project", arrayList);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
            abortProcessAsAdministrator(startProcessAsAdministrator);
            abortProcessAsAdministrator(startProcessAsAdministrator2);
            changeUser(TestConfig.getUsername());
        } catch (Throwable th) {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            abortProcessAsAdministrator(startProcessAsAdministrator2);
            changeUser(TestConfig.getUsername());
            throw th;
        }
    }

    @Test
    public void testNonAllowedUserCannotSignalProcess() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.signalprocess");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.signalProcessInstance("secured-project", startProcessAsAdministrator, "Signal2", "My custom string event");
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotSignalMultipleProcesses() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        Long startProcessAsAdministrator2 = startProcessAsAdministrator("secured-project.usertask");
        ArrayList arrayList = new ArrayList(Arrays.asList(startProcessAsAdministrator, startProcessAsAdministrator2));
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.signalProcessInstances("secured-project", arrayList, "Signal2", "My custom string event");
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
            abortProcessAsAdministrator(startProcessAsAdministrator);
            abortProcessAsAdministrator(startProcessAsAdministrator2);
            changeUser(TestConfig.getUsername());
        } catch (Throwable th) {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            abortProcessAsAdministrator(startProcessAsAdministrator2);
            changeUser(TestConfig.getUsername());
            throw th;
        }
    }

    @Test
    public void testNonAllowedUserCannotSetProcessVariables() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.setProcessVariables("secured-project", startProcessAsAdministrator, new HashMap());
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotSetProcessVariable() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.setProcessVariable("secured-project", startProcessAsAdministrator, "stringData", "custom value");
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotGetWorkItemByProcessInstance() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.workitem");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.getWorkItemByProcessInstance("secured-project", startProcessAsAdministrator);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotGetWorkItem() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.workitem");
        try {
            Long workItem = getWorkItem(startProcessAsAdministrator);
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.getWorkItem("secured-project", startProcessAsAdministrator, workItem);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotCompleteWorkItem() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.workitem");
        try {
            Long workItem = getWorkItem(startProcessAsAdministrator);
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.completeWorkItem("secured-project", startProcessAsAdministrator, workItem, new HashMap());
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserCannotAbortWorkItem() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.workitem");
        try {
            Long workItem = getWorkItem(startProcessAsAdministrator);
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.abortWorkItem("secured-project", startProcessAsAdministrator, workItem);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedUserForStartingProcessCanCompleteTask() throws Exception {
        try {
            Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
            changeUser("yoda");
            List findTasksAssignedAsPotentialOwner = this.taskClient.findTasksAssignedAsPotentialOwner("yoda", 0, 10);
            Assertions.assertThat(findTasksAssignedAsPotentialOwner).isNotNull().hasSize(1);
            Long id = ((TaskSummary) findTasksAssignedAsPotentialOwner.get(0)).getId();
            this.taskClient.startTask("secured-project", id, "yoda");
            this.taskClient.completeAutoProgress("secured-project", id, "yoda", new HashMap());
            Assert.assertNotNull(this.processClient.getProcessInstance("secured-project", startProcessAsAdministrator));
            Assert.assertEquals(2L, r0.getState().intValue());
            changeUser(TestConfig.getUsername());
        } catch (Throwable th) {
            changeUser(TestConfig.getUsername());
            throw th;
        }
    }

    @Test
    public void testNonAllowedGetProcessInstanceVariable() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.getProcessInstanceVariable("secured-project", startProcessAsAdministrator, "myVar");
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedGetProcessInstanceVariables() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.getProcessInstanceVariables("secured-project", startProcessAsAdministrator);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    @Test
    public void testNonAllowedGetAvailableSignals() throws Exception {
        Long startProcessAsAdministrator = startProcessAsAdministrator("secured-project.usertask");
        try {
            changeUser("yoda");
            assertClientException(() -> {
                this.processClient.getAvailableSignals("secured-project", startProcessAsAdministrator);
            }, 403, String.format(NO_PERMISSION_MSG, "yoda"));
        } finally {
            abortProcessAsAdministrator(startProcessAsAdministrator);
            changeUser(TestConfig.getUsername());
        }
    }

    private Long startProcessAsAdministrator(String str) throws Exception {
        changeUser("administrator");
        Long startProcess = this.processClient.startProcess("secured-project", str);
        Assert.assertNotNull(startProcess);
        Assert.assertTrue(startProcess.longValue() > 0);
        return startProcess;
    }

    private void abortProcessAsAdministrator(Long l) throws Exception {
        if (l != null) {
            changeUser("administrator");
            this.processClient.abortProcessInstance("secured-project", l);
        }
    }

    private Long getWorkItem(Long l) {
        List workItemByProcessInstance = this.processClient.getWorkItemByProcessInstance("secured-project", l);
        Assertions.assertThat(workItemByProcessInstance).isNotNull().hasSize(1);
        return ((WorkItemInstance) workItemByProcessInstance.get(0)).getId();
    }
}
