package com.ibm.fhir.smart.test;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.ibm.fhir.config.FHIRRequestContext;
import com.ibm.fhir.model.resource.Bundle;
import com.ibm.fhir.model.resource.Condition;
import com.ibm.fhir.model.resource.Observation;
import com.ibm.fhir.model.resource.OperationOutcome;
import com.ibm.fhir.model.resource.Parameters;
import com.ibm.fhir.model.resource.Patient;
import com.ibm.fhir.model.resource.Practitioner;
import com.ibm.fhir.model.resource.Provenance;
import com.ibm.fhir.model.resource.Resource;
import com.ibm.fhir.model.test.TestUtil;
import com.ibm.fhir.model.type.Element;
import com.ibm.fhir.model.type.Id;
import com.ibm.fhir.model.type.Instant;
import com.ibm.fhir.model.type.Meta;
import com.ibm.fhir.model.type.Reference;
import com.ibm.fhir.model.type.String;
import com.ibm.fhir.model.type.Uri;
import com.ibm.fhir.model.type.code.BundleType;
import com.ibm.fhir.model.type.code.HTTPVerb;
import com.ibm.fhir.model.type.code.IssueType;
import com.ibm.fhir.model.type.code.ResourceType;
import com.ibm.fhir.persistence.context.FHIRPersistenceEvent;
import com.ibm.fhir.persistence.context.impl.FHIRSystemHistoryContextImpl;
import com.ibm.fhir.search.SearchConstants;
import com.ibm.fhir.search.context.impl.FHIRSearchContextImpl;
import com.ibm.fhir.search.parameters.QueryParameter;
import com.ibm.fhir.search.parameters.QueryParameterValue;
import com.ibm.fhir.server.spi.interceptor.FHIRPersistenceInterceptorException;
import com.ibm.fhir.server.spi.operation.FHIROperationContext;
import com.ibm.fhir.smart.AuthzPolicyEnforcementPersistenceInterceptor;
import com.ibm.fhir.smart.Scope;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

/* loaded from: input_file:com/ibm/fhir/smart/test/AuthzPolicyEnforcementTest.class */
public class AuthzPolicyEnforcementTest {
    private static final String PATIENT_ID = "11111111-1111-1111-1111-111111111111";
    private static final String OBSERVATION_ID = "11111111-1111-1111-1111-111111111111";
    private static final String CONDITION_ID = "11111111-1111-1111-1111-111111111111";
    private static final String PATIENT_PROVENANCE_ID = "11111111-1111-1111-1111-111111111111";
    private static final String OBSERVATION_PROVENANCE_ID = "11111111-1111-1111-1111-111111111111";
    private static final List<Scope.Permission> READ_APPROVED = Arrays.asList(Scope.Permission.READ, Scope.Permission.ALL);
    private static final List<Scope.Permission> WRITE_APPROVED = Arrays.asList(Scope.Permission.WRITE, Scope.Permission.ALL);
    private AuthzPolicyEnforcementPersistenceInterceptor interceptor;
    private Patient patient;
    private Observation observation;
    private Condition condition;
    private Provenance patientProvenance;
    private Provenance observationProvenance;
    private Map<String, Object> properties;

    @BeforeClass
    public void setup() throws Exception {
        System.setProperty("java.util.logging.config.file", ClassLoader.getSystemResource("logging.properties").getPath());
        FHIRRequestContext.set(new FHIRRequestContext("default"));
        this.interceptor = new AuthzPolicyEnforcementPersistenceInterceptor();
        Provenance minimalResource = TestUtil.getMinimalResource(Provenance.class);
        this.patient = TestUtil.getMinimalResource(Patient.class);
        this.patient = this.patient.toBuilder().id("11111111-1111-1111-1111-111111111111").meta(Meta.builder().lastUpdated(Instant.now()).versionId(Id.of("1")).build()).build();
        this.patientProvenance = minimalResource.toBuilder().id("11111111-1111-1111-1111-111111111111").target(new Reference[]{Reference.builder().reference(String.string("Patient/11111111-1111-1111-1111-111111111111")).build()}).meta(Meta.builder().lastUpdated(Instant.now()).versionId(Id.of("1")).build()).build();
        this.observation = TestUtil.getMinimalResource(Observation.class);
        this.observation = this.observation.toBuilder().id("11111111-1111-1111-1111-111111111111").subject(Reference.builder().reference(String.string("Patient/11111111-1111-1111-1111-111111111111")).build()).encounter(Reference.builder().reference(String.string("Encounter/good")).build()).meta(Meta.builder().lastUpdated(Instant.now()).versionId(Id.of("1")).build()).build();
        this.observationProvenance = minimalResource.toBuilder().id("11111111-1111-1111-1111-111111111111").target(new Reference[]{Reference.builder().reference(String.string("Observation/11111111-1111-1111-1111-111111111111")).build()}).meta(Meta.builder().lastUpdated(Instant.now()).versionId(Id.of("1")).build()).build();
        this.condition = TestUtil.getMinimalResource(Condition.class);
        this.condition = this.condition.toBuilder().id("11111111-1111-1111-1111-111111111111").subject(Reference.builder().reference(String.string("Patient/11111111-1111-1111-1111-111111111111/_history/1")).build()).meta(Meta.builder().lastUpdated(Instant.now()).versionId(Id.of("1")).build()).build();
        this.properties = new HashMap();
        this.properties.put("PERSISTENCE_IMPL", new MockPersistenceImpl(this.patient, this.observation));
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testCreate(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.interceptor.beforeCreate(new FHIRPersistenceEvent(this.patient, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.interceptor.beforeCreate(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            this.interceptor.beforeCreate(new FHIRPersistenceEvent(this.condition, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testUpdate(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            FHIRPersistenceEvent fHIRPersistenceEvent = new FHIRPersistenceEvent(this.patient, this.properties);
            fHIRPersistenceEvent.setPrevFhirResource(this.patient);
            this.interceptor.beforeUpdate(fHIRPersistenceEvent);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            FHIRPersistenceEvent fHIRPersistenceEvent2 = new FHIRPersistenceEvent(this.observation, this.properties);
            fHIRPersistenceEvent2.setPrevFhirResource(this.observation);
            this.interceptor.beforeUpdate(fHIRPersistenceEvent2);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            FHIRPersistenceEvent fHIRPersistenceEvent3 = new FHIRPersistenceEvent(this.condition, this.properties);
            fHIRPersistenceEvent3.setPrevFhirResource(this.condition);
            this.interceptor.beforeUpdate(fHIRPersistenceEvent3);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testDelete(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            FHIRPersistenceEvent fHIRPersistenceEvent = new FHIRPersistenceEvent();
            fHIRPersistenceEvent.setPrevFhirResource(this.patient);
            this.interceptor.beforeDelete(fHIRPersistenceEvent);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            FHIRPersistenceEvent fHIRPersistenceEvent2 = new FHIRPersistenceEvent();
            fHIRPersistenceEvent2.setPrevFhirResource(this.observation);
            this.interceptor.beforeDelete(fHIRPersistenceEvent2);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, WRITE_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            FHIRPersistenceEvent fHIRPersistenceEvent3 = new FHIRPersistenceEvent();
            fHIRPersistenceEvent3.setPrevFhirResource(this.condition);
            this.interceptor.beforeDelete(fHIRPersistenceEvent3);
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, WRITE_APPROVED, permission));
        }
    }

    @Test
    public void testDirectPatientInteraction() throws FHIRPersistenceInterceptorException {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/Patient.read", "11111111-1111-1111-1111-111111111111"));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.properties.put("RESOURCE_ID", "11111111-1111-1111-1111-111111111111");
            FHIRPersistenceEvent fHIRPersistenceEvent = new FHIRPersistenceEvent(this.patient, this.properties);
            this.interceptor.beforeRead(fHIRPersistenceEvent);
            this.interceptor.beforeVread(fHIRPersistenceEvent);
            this.interceptor.beforeHistory(fHIRPersistenceEvent);
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.fail("Patient interaction was not allowed but should have been", e);
        }
        this.properties.put("RESOURCE_TYPE", "Patient");
        this.properties.put("RESOURCE_ID", "bogus");
        FHIRPersistenceEvent fHIRPersistenceEvent2 = new FHIRPersistenceEvent(this.patient, this.properties);
        try {
            this.interceptor.beforeRead(fHIRPersistenceEvent2);
            Assert.fail("Patient read was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e2) {
        }
        try {
            this.interceptor.beforeVread(fHIRPersistenceEvent2);
            Assert.fail("Patient vread was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e3) {
        }
        try {
            this.interceptor.beforeHistory(fHIRPersistenceEvent2);
            Assert.fail("Patient history was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e4) {
        }
    }

    @Test
    public void testBeforeSearch_systemLevel() throws FHIRPersistenceInterceptorException {
        FHIRSearchContextImpl fHIRSearchContextImpl = new FHIRSearchContextImpl();
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("user/*.read", "11111111-1111-1111-1111-111111111111"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.fail("System search interaction was not allowed but should have been", e);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/*.read", "11111111-1111-1111-1111-111111111111"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
            Assert.fail("System search interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertEquals(e2.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e2.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e2.getIssues().get(0)).getDetails().getText().getValue(), "Whole-system interactions require a user or system scope with a wildcard resource type: ('user'|'system') '/' '*' '.' ('read'|'*')");
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/*.read", "11111111-1111-1111-1111-111111111111"));
            fHIRSearchContextImpl.setSearchResourceTypes(List.of("Patient", "Observation"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.fail("System search interaction was not allowed but should have been", e3);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/Patient.read system/Observation.read", "11111111-1111-1111-1111-111111111111"));
            fHIRSearchContextImpl.setSearchResourceTypes(List.of("Patient", "Observation"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.fail("System search interaction was not allowed but should have been", e4);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/Patient.read patient/Observation.read", "11111111-1111-1111-1111-111111111111"));
            fHIRSearchContextImpl.setSearchResourceTypes(List.of("Patient", "Observation"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
            Assert.fail("System search interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.assertEquals(e5.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getDetails().getText().getValue(), "'patient' scoped access tokens are not supported for system-level interactions against patient compartment resource types like Patient");
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/Practitioner.read", "11111111-1111-1111-1111-111111111111"));
            fHIRSearchContextImpl.setSearchResourceTypes(List.of("Practitioner"));
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent((Resource) null, this.properties));
        } catch (FHIRPersistenceInterceptorException e6) {
            Assert.fail("System search interaction was not allowed but should have been", e6);
        }
    }

    @Test(dataProvider = "scopeStringForSearch")
    public void testBeforeSearch(String str, List<String> list, Set<ResourceType.Value> set) throws FHIRPersistenceInterceptorException {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, "11111111-1111-1111-1111-111111111111"));
        Practitioner practitioner = null;
        try {
            practitioner = TestUtil.getMinimalResource(Practitioner.class);
        } catch (Exception e) {
            Assert.fail("Practitioner resource could not be created");
        }
        QueryParameterValue queryParameterValue = new QueryParameterValue();
        QueryParameter queryParameter = new QueryParameter(SearchConstants.Type.REFERENCE, "test", (SearchConstants.Modifier) null, (String) null, true);
        queryParameter.getValues().add(queryParameterValue);
        FHIRSearchContextImpl fHIRSearchContextImpl = new FHIRSearchContextImpl();
        fHIRSearchContextImpl.getSearchParameters().add(queryParameter);
        try {
            queryParameterValue.setValueString("Patient/11111111-1111-1111-1111-111111111111");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.fail("Patient compartment interaction was not allowed but should have been", e2);
        }
        try {
            queryParameterValue.setValueString("Patient/bogus");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("Patient compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e3) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e3.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e3.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e3.getIssues().get(0)).getDetails().getText().getValue(), "Interaction with 'Patient/bogus' is not permitted for patient context [11111111-1111-1111-1111-111111111111]");
            } else {
                Assert.fail("Patient compartment interaction was not allowed but should have been", e3);
            }
        }
        try {
            queryParameterValue.setValueString("Encounter/good");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.fail("Patient compartment interaction was not allowed but should have been", e4);
        }
        try {
            queryParameterValue.setValueString("Encounter/bad");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("Encounter compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e5) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e5.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getDetails().getText().getValue(), "Interaction with 'Encounter/bad' is not permitted for patient context [11111111-1111-1111-1111-111111111111]");
            } else {
                Assert.fail("Encounter compartment interaction was not allowed but should have been", e5);
            }
        }
        try {
            queryParameterValue.setValueString("Encounter/bogus");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("Encounter compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e6) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e6.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e6.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e6.getIssues().get(0)).getDetails().getText().getValue(), "The resource 'Encounter/bogus' does not exist.");
            } else {
                Assert.fail("Encounter compartment interaction was not allowed but should have been", e6);
            }
        }
        try {
            queryParameterValue.setValueString("Device/11111111-1111-1111-1111-111111111111");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("Device compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e7) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e7.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e7.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e7.getIssues().get(0)).getDetails().getText().getValue(), "Compartment search for compartment type 'Device' is not permitted.");
            } else {
                Assert.fail("Device compartment interaction was not allowed but should have been", e7);
            }
        }
        try {
            queryParameterValue.setValueString("Practitioner/11111111-1111-1111-1111-111111111111");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("Practitioner compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e8) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e8.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e8.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e8.getIssues().get(0)).getDetails().getText().getValue(), "Compartment search for compartment type 'Practitioner' is not permitted.");
            } else {
                Assert.fail("Practitioner compartment interaction was not allowed but should have been", e8);
            }
        }
        try {
            queryParameterValue.setValueString("RelatedPerson/11111111-1111-1111-1111-111111111111");
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.fail("RelatedPerson compartment interaction was allowed but should not be");
            }
        } catch (FHIRPersistenceInterceptorException e9) {
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(e9.getIssues().size(), 1);
                Assert.assertEquals(((OperationOutcome.Issue) e9.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
                Assert.assertEquals(((OperationOutcome.Issue) e9.getIssues().get(0)).getDetails().getText().getValue(), "Compartment search for compartment type 'RelatedPerson' is not permitted.");
            } else {
                Assert.fail("RelatedPerson compartment interaction was not allowed but should have been", e9);
            }
        }
        try {
            queryParameterValue.setValueString("Patient/11111111-1111-1111-1111-111111111111");
            this.properties.put("RESOURCE_TYPE", "AllergyIntolerance");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(practitioner, this.properties));
            Assert.fail("AllergyIntolerance interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e10) {
            Assert.assertEquals(e10.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e10.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e10.getIssues().get(0)).getDetails().getText().getValue(), "read permission for 'AllergyIntolerance' is not granted by any of the provided scopes: [[" + str.replace(" ", ", ") + "]]");
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl2 = new FHIRSearchContextImpl();
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl2);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(fHIRSearchContextImpl2.getSearchParameters().size(), 1);
                for (QueryParameter queryParameter2 : fHIRSearchContextImpl2.getSearchParameters()) {
                    Assert.assertTrue(queryParameter2.isInclusionCriteria());
                    Assert.assertEquals(((QueryParameterValue) queryParameter2.getValues().get(0)).getValueString(), "Patient/11111111-1111-1111-1111-111111111111");
                }
            } else {
                Assert.assertEquals(fHIRSearchContextImpl2.getSearchParameters().size(), 0);
            }
        } catch (FHIRPersistenceInterceptorException e11) {
            Assert.fail("Patient interaction was not allowed but should have been", e11);
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl3 = new FHIRSearchContextImpl();
            QueryParameterValue queryParameterValue2 = new QueryParameterValue();
            queryParameterValue2.setValueCode("final");
            fHIRSearchContextImpl3.getSearchParameters().add(new QueryParameter(SearchConstants.Type.TOKEN, "status", (SearchConstants.Modifier) null, (String) null, Collections.singletonList(queryParameterValue2)));
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl3);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.OBSERVATION)) {
                Assert.assertEquals(fHIRSearchContextImpl3.getSearchParameters().size(), 2);
                List searchParameters = fHIRSearchContextImpl3.getSearchParameters();
                QueryParameter queryParameter3 = (QueryParameter) searchParameters.get(0);
                Assert.assertTrue("ibm-internal-Patient-Compartment".equals(queryParameter3.getCode()));
                Assert.assertEquals(queryParameter3.getType(), SearchConstants.Type.REFERENCE);
                Assert.assertTrue(queryParameter3.isInclusionCriteria());
                Assert.assertFalse(queryParameter3.isChained());
                Assert.assertEquals(queryParameter3.getValues().size(), 1);
                Assert.assertEquals(((QueryParameterValue) queryParameter3.getValues().get(0)).getValueString(), "Patient/11111111-1111-1111-1111-111111111111");
                queryParameter3.getNextParameter();
                Assert.assertEquals(((QueryParameter) searchParameters.get(1)).getCode(), "status");
                Assert.assertEquals(((QueryParameterValue) ((QueryParameter) searchParameters.get(1)).getValues().get(0)).getValueCode(), "final");
            } else {
                Assert.assertEquals(fHIRSearchContextImpl3.getSearchParameters().size(), 1);
            }
        } catch (FHIRPersistenceInterceptorException e12) {
            Assert.fail("Patient interaction was not allowed but should have been", e12);
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl4 = new FHIRSearchContextImpl();
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl4);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(this.observation, this.properties));
            if (set.contains(ResourceType.Value.PATIENT)) {
                Assert.assertEquals(fHIRSearchContextImpl4.getSearchParameters().size(), 1);
                for (QueryParameter queryParameter4 : fHIRSearchContextImpl4.getSearchParameters()) {
                    Assert.assertTrue(queryParameter4.isInclusionCriteria());
                    Assert.assertEquals(((QueryParameterValue) queryParameter4.getValues().get(0)).getValueString(), "Patient/11111111-1111-1111-1111-111111111111");
                }
            } else {
                Assert.assertEquals(fHIRSearchContextImpl4.getSearchParameters().size(), 0);
            }
        } catch (FHIRPersistenceInterceptorException e13) {
            Assert.fail("Patient interaction was not allowed but should have been", e13);
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl5 = new FHIRSearchContextImpl();
            this.properties.put("RESOURCE_TYPE", "Practitioner");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl5);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(practitioner, this.properties));
            Assert.assertEquals(fHIRSearchContextImpl5.getSearchParameters().size(), 0);
        } catch (FHIRPersistenceInterceptorException e14) {
            Assert.fail("Patient interaction was not allowed but should have been", e14);
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl6 = new FHIRSearchContextImpl();
            this.properties.put("RESOURCE_TYPE", "AllergyIntolerance");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl6);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(practitioner, this.properties));
            Assert.fail("AllergyIntolerance interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e15) {
            Assert.assertEquals(e15.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e15.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e15.getIssues().get(0)).getDetails().getText().getValue(), "read permission for 'AllergyIntolerance' is not granted by any of the provided scopes: [[" + str.replace(" ", ", ") + "]]");
        }
        try {
            FHIRSearchContextImpl fHIRSearchContextImpl7 = new FHIRSearchContextImpl();
            this.properties.put("RESOURCE_TYPE", "Medication");
            this.properties.put("SEARCH_CONTEXT_IMPL", fHIRSearchContextImpl7);
            this.interceptor.beforeSearch(new FHIRPersistenceEvent(practitioner, this.properties));
            Assert.fail("Medication interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e16) {
            Assert.assertEquals(e16.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e16.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e16.getIssues().get(0)).getDetails().getText().getValue(), "read permission for 'Medication' is not granted by any of the provided scopes: [[" + str.replace(" ", ", ") + "]]");
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testRead(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.interceptor.afterRead(new FHIRPersistenceEvent(this.patient, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.interceptor.afterRead(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            this.interceptor.afterRead(new FHIRPersistenceEvent(this.condition, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Provenance");
            this.interceptor.afterRead(new FHIRPersistenceEvent(this.patientProvenance, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Provenance");
            this.interceptor.afterRead(new FHIRPersistenceEvent(this.observationProvenance, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testVRead(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.interceptor.afterVread(new FHIRPersistenceEvent(this.patient, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.interceptor.afterVread(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            this.interceptor.afterVread(new FHIRPersistenceEvent(this.condition, this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
    }

    @Test
    public void testBeforeHistory() throws FHIRPersistenceInterceptorException {
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/*.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl = new FHIRSystemHistoryContextImpl();
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.fail("System history interaction was not allowed but should have been", e);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/*.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl2 = new FHIRSystemHistoryContextImpl();
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl2);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.fail("System history interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertEquals(e2.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e2.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e2.getIssues().get(0)).getDetails().getText().getValue(), "Whole-system interactions require a user or system scope with a wildcard resource type: ('user'|'system') '/' '*' '.' ('read'|'*')");
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/*.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl3 = new FHIRSystemHistoryContextImpl();
            fHIRSystemHistoryContextImpl3.addResourceType("Patient");
            fHIRSystemHistoryContextImpl3.addResourceType("Observation");
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl3);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.fail("System history interaction was not allowed but should have been", e3);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/Patient.read system/Observation.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl4 = new FHIRSystemHistoryContextImpl();
            fHIRSystemHistoryContextImpl4.addResourceType("Patient");
            fHIRSystemHistoryContextImpl4.addResourceType("Observation");
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl4);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.fail("System history interaction was not allowed but should have been", e4);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/Patient.read patient/Observation.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl5 = new FHIRSystemHistoryContextImpl();
            fHIRSystemHistoryContextImpl5.addResourceType("Patient");
            fHIRSystemHistoryContextImpl5.addResourceType("Observation");
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl5);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.fail("System history interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.assertEquals(e5.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e5.getIssues().get(0)).getDetails().getText().getValue(), "'patient' scoped access tokens are not supported for system-level interactions against patient compartment resource types like Patient");
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/*.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl6 = new FHIRSystemHistoryContextImpl();
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl6);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e6) {
            Assert.fail("System history interaction was not allowed but should have been", e6);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/Observation.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl7 = new FHIRSystemHistoryContextImpl();
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl7);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
        } catch (FHIRPersistenceInterceptorException e7) {
            Assert.fail("System history interaction was not allowed but should have been", e7);
        }
        try {
            FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/Observation.read", "11111111-1111-1111-1111-111111111111"));
            FHIRSystemHistoryContextImpl fHIRSystemHistoryContextImpl8 = new FHIRSystemHistoryContextImpl();
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.properties.remove("RESOURCE_ID");
            this.properties.put("SYSTEM_HISTORY_CONTEXT_IMPL", fHIRSystemHistoryContextImpl8);
            this.interceptor.beforeHistory(new FHIRPersistenceEvent(this.observation, this.properties));
            Assert.fail("System history interaction was allowed but should not be");
        } catch (FHIRPersistenceInterceptorException e8) {
            Assert.assertEquals(e8.getIssues().size(), 1);
            Assert.assertEquals(((OperationOutcome.Issue) e8.getIssues().get(0)).getCode(), IssueType.FORBIDDEN);
            Assert.assertEquals(((OperationOutcome.Issue) e8.getIssues().get(0)).getDetails().getText().getValue(), "'patient' scoped access tokens are not supported for system-level interactions against patient compartment resource types like Observation");
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testHistory(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.patient).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.observation).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.condition).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
    }

    @Test
    public void testHistoryWithDeletes() {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("patient/*.read", "11111111-1111-1111-1111-111111111111"));
        try {
            this.properties.put("RESOURCE_TYPE", "Resource");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).request(Bundle.Entry.Request.builder().method(HTTPVerb.DELETE).url(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).build()).response(Bundle.Entry.Response.builder().status("200").etag("W/\"2\"").lastModified(Instant.now()).build()).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).request(Bundle.Entry.Request.builder().method(HTTPVerb.POST).url(Uri.of("Patient")).build()).response(Bundle.Entry.Response.builder().status("200").etag("W/\"1\"").lastModified(Instant.now()).build()).resource(this.patient).build()}).build(), this.properties));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.fail("Patient history was not allowed but should have been", e);
        }
    }

    @Test(dataProvider = "scopeStringPreferReturnMinimalProvider")
    public void testHistoryPreferReturnMinimal(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.properties.put("RESOURCE_TYPE", "Patient");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Observation");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Observation/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.properties.put("RESOURCE_TYPE", "Condition");
            this.interceptor.afterHistory(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.HISTORY).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Condition/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
    }

    @Test(dataProvider = "scopeStringProvider")
    public void testSearch(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.patient).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.observation).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.condition).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.patient).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.observation).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.patient).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.patientProvenance).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.observation).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().resource(this.observationProvenance).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e6) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
    }

    @Test(dataProvider = "scopeStringPreferReturnMinimalProvider")
    public void testSearchPreferReturnMinimal(String str, List<String> list, Set<ResourceType.Value> set, Scope.Permission permission) {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders(str, list));
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Observation/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Condition/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.CONDITION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Observation/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Patient/11111111-1111-1111-1111-111111111111")).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Provenance/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.PATIENT, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
        try {
            this.interceptor.afterSearch(new FHIRPersistenceEvent(Bundle.builder().type(BundleType.SEARCHSET).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Observation/11111111-1111-1111-1111-111111111111")).build()}).entry(new Bundle.Entry[]{Bundle.Entry.builder().fullUrl(Uri.of("Provenance/11111111-1111-1111-1111-111111111111")).build()}).build(), this.properties));
            Assert.assertTrue(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        } catch (FHIRPersistenceInterceptorException e6) {
            Assert.assertFalse(shouldSucceed(set, ResourceType.Value.OBSERVATION, READ_APPROVED, permission) && shouldSucceed(set, ResourceType.Value.PROVENANCE, READ_APPROVED, permission));
        }
    }

    @Test
    public void testBeforeInvoke() throws FHIRPersistenceInterceptorException {
        FHIRRequestContext.get().setHttpHeaders(buildRequestHeaders("system/*.read", "11111111-1111-1111-1111-111111111111"));
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(Parameters.Parameter.builder().name(String.string("_type")).value((Element) null).build());
            Parameters.Builder builder = Parameters.builder();
            builder.id(UUID.randomUUID().toString());
            builder.parameter(arrayList);
            Parameters build = builder.build();
            FHIROperationContext createResourceTypeOperationContext = FHIROperationContext.createResourceTypeOperationContext("export");
            createResourceTypeOperationContext.setProperty("REQUEST_PARAMETERS", build);
            this.interceptor.beforeInvoke(createResourceTypeOperationContext);
        } catch (FHIRPersistenceInterceptorException e) {
            Assert.fail("Null Check failed", e);
        }
        try {
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(Parameters.Parameter.builder().name(String.string("_type")).value((Element) null).build());
            Parameters.Builder builder2 = Parameters.builder();
            builder2.id(UUID.randomUUID().toString());
            builder2.parameter(arrayList2);
            Parameters build2 = builder2.build();
            FHIROperationContext createInstanceOperationContext = FHIROperationContext.createInstanceOperationContext("export");
            createInstanceOperationContext.setProperty("REQUEST_PARAMETERS", build2);
            this.interceptor.beforeInvoke(createInstanceOperationContext);
        } catch (FHIRPersistenceInterceptorException e2) {
            Assert.fail("Null Check failed", e2);
        }
        try {
            ArrayList arrayList3 = new ArrayList();
            arrayList3.add(Parameters.Parameter.builder().name(String.string("_type")).value((Element) null).build());
            Parameters.Builder builder3 = Parameters.builder();
            builder3.id(UUID.randomUUID().toString());
            builder3.parameter(arrayList3);
            Parameters build3 = builder3.build();
            FHIROperationContext createSystemOperationContext = FHIROperationContext.createSystemOperationContext("export");
            createSystemOperationContext.setProperty("REQUEST_PARAMETERS", build3);
            this.interceptor.beforeInvoke(createSystemOperationContext);
        } catch (FHIRPersistenceInterceptorException e3) {
            Assert.fail("Null Check failed", e3);
        }
        try {
            ArrayList arrayList4 = new ArrayList();
            arrayList4.add(Parameters.Parameter.builder().name(String.string("_type")).value("Observation").build());
            Parameters.Builder builder4 = Parameters.builder();
            builder4.id(UUID.randomUUID().toString());
            builder4.parameter(arrayList4);
            Parameters build4 = builder4.build();
            FHIROperationContext createResourceTypeOperationContext2 = FHIROperationContext.createResourceTypeOperationContext("export");
            createResourceTypeOperationContext2.setProperty("REQUEST_PARAMETERS", build4);
            this.interceptor.beforeInvoke(createResourceTypeOperationContext2);
        } catch (FHIRPersistenceInterceptorException e4) {
            Assert.fail("Actual Check failed", e4);
        }
        try {
            ArrayList arrayList5 = new ArrayList();
            arrayList5.add(Parameters.Parameter.builder().name(String.string("_type")).value("Observation").build());
            Parameters.Builder builder5 = Parameters.builder();
            builder5.id(UUID.randomUUID().toString());
            builder5.parameter(arrayList5);
            Parameters build5 = builder5.build();
            FHIROperationContext createInstanceOperationContext2 = FHIROperationContext.createInstanceOperationContext("export");
            createInstanceOperationContext2.setProperty("REQUEST_PARAMETERS", build5);
            this.interceptor.beforeInvoke(createInstanceOperationContext2);
        } catch (FHIRPersistenceInterceptorException e5) {
            Assert.fail("Actual Check failed", e5);
        }
        try {
            ArrayList arrayList6 = new ArrayList();
            arrayList6.add(Parameters.Parameter.builder().name(String.string("_type")).value("Observation").build());
            Parameters.Builder builder6 = Parameters.builder();
            builder6.id(UUID.randomUUID().toString());
            builder6.parameter(arrayList6);
            Parameters build6 = builder6.build();
            FHIROperationContext createSystemOperationContext2 = FHIROperationContext.createSystemOperationContext("export");
            createSystemOperationContext2.setProperty("REQUEST_PARAMETERS", build6);
            this.interceptor.beforeInvoke(createSystemOperationContext2);
        } catch (FHIRPersistenceInterceptorException e6) {
            Assert.fail("Actual Check failed", e6);
        }
        try {
            ArrayList arrayList7 = new ArrayList();
            arrayList7.add(Parameters.Parameter.builder().name(String.string("_type")).value("Bundle").build());
            Parameters.Builder builder7 = Parameters.builder();
            builder7.id(UUID.randomUUID().toString());
            builder7.parameter(arrayList7);
            Parameters build7 = builder7.build();
            FHIROperationContext createInstanceOperationContext3 = FHIROperationContext.createInstanceOperationContext("export");
            createInstanceOperationContext3.setProperty("REQUEST_PARAMETERS", build7);
            this.interceptor.beforeInvoke(createInstanceOperationContext3);
        } catch (IllegalStateException e7) {
            Assert.assertEquals(e7.getMessage(), "Requested resource is outside of the Patient Compartment");
        } catch (FHIRPersistenceInterceptorException e8) {
            Assert.fail("Requested Resource outside Compartment Check failed", e8);
        }
        try {
            ArrayList arrayList8 = new ArrayList();
            arrayList8.add(Parameters.Parameter.builder().name(String.string("_type")).value("DoesntExist").build());
            Parameters.Builder builder8 = Parameters.builder();
            builder8.id(UUID.randomUUID().toString());
            builder8.parameter(arrayList8);
            Parameters build8 = builder8.build();
            FHIROperationContext createInstanceOperationContext4 = FHIROperationContext.createInstanceOperationContext("export");
            createInstanceOperationContext4.setProperty("REQUEST_PARAMETERS", build8);
            this.interceptor.beforeInvoke(createInstanceOperationContext4);
        } catch (IllegalStateException e9) {
            Assert.assertEquals(e9.getMessage(), "Requested resource is not configured");
        } catch (FHIRPersistenceInterceptorException e10) {
            Assert.fail("Requested Resource outside Compartment Check failed", e10);
        }
        try {
            ArrayList arrayList9 = new ArrayList();
            arrayList9.add(Parameters.Parameter.builder().name(String.string("_type")).value("DoesntExist").build());
            Parameters.Builder builder9 = Parameters.builder();
            builder9.id(UUID.randomUUID().toString());
            builder9.parameter(arrayList9);
            Parameters build9 = builder9.build();
            FHIROperationContext createSystemOperationContext3 = FHIROperationContext.createSystemOperationContext("export");
            createSystemOperationContext3.setProperty("REQUEST_PARAMETERS", build9);
            this.interceptor.beforeInvoke(createSystemOperationContext3);
        } catch (IllegalStateException e11) {
            Assert.assertEquals(e11.getMessage(), "Requested resource is not configured");
        } catch (FHIRPersistenceInterceptorException e12) {
            Assert.fail("Requested Resource outside Compartment Check failed", e12);
        }
    }

    private Map<String, List<String>> buildRequestHeaders(String str, String str2) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("Authorization", Collections.singletonList("Bearer " + JWT.create().withClaim("patient_id", str2).withClaim("scope", str).sign(Algorithm.none())));
        return linkedHashMap;
    }

    private Map<String, List<String>> buildRequestHeaders(String str, List<String> list) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("Authorization", Collections.singletonList("Bearer " + JWT.create().withClaim("patient_id", list).withClaim("scope", str).sign(Algorithm.none())));
        return linkedHashMap;
    }

    private boolean shouldSucceed(Set<ResourceType.Value> set, ResourceType.Value value, List<Scope.Permission> list, Scope.Permission permission) {
        if (set.contains(ResourceType.Value.RESOURCE) && list.contains(permission)) {
            return true;
        }
        return set.contains(value) && list.contains(permission);
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "scopeStringProvider")
    public static Object[][] scopeStrings() {
        Set singleton = Collections.singleton(ResourceType.Value.RESOURCE);
        Set singleton2 = Collections.singleton(ResourceType.Value.PATIENT);
        Set singleton3 = Collections.singleton(ResourceType.Value.OBSERVATION);
        Set singleton4 = Collections.singleton(ResourceType.Value.PROVENANCE);
        List singletonList = Collections.singletonList("11111111-1111-1111-1111-111111111111");
        return new Object[]{new Object[]{"patient/*.*", null, singleton, null}, new Object[]{"patient/*.*", singletonList, singleton, Scope.Permission.ALL}, new Object[]{"patient/*.read", singletonList, singleton, Scope.Permission.READ}, new Object[]{"patient/*.write", singletonList, singleton, Scope.Permission.WRITE}, new Object[]{"patient/Patient.*", singletonList, singleton2, Scope.Permission.ALL}, new Object[]{"patient/Patient.read", singletonList, singleton2, Scope.Permission.READ}, new Object[]{"patient/Patient.write", singletonList, singleton2, Scope.Permission.WRITE}, new Object[]{"patient/Patient.* patient/Provenance.*", singletonList, union(singleton2, singleton4), Scope.Permission.ALL}, new Object[]{"patient/Observation.*", singletonList, singleton3, Scope.Permission.ALL}, new Object[]{"patient/Observation.read", singletonList, singleton3, Scope.Permission.READ}, new Object[]{"patient/Observation.write", singletonList, singleton3, Scope.Permission.WRITE}, new Object[]{"patient/Observation.* patient/Provenance.*", singletonList, union(singleton3, singleton4), Scope.Permission.ALL}, new Object[]{"openid profile patient/Patient.*", singletonList, singleton2, Scope.Permission.ALL}, new Object[]{"openid patient/Patient.read profile", singletonList, singleton2, Scope.Permission.READ}, new Object[]{"patient/Patient.write openid profile", singletonList, singleton2, Scope.Permission.WRITE}, new Object[]{"patient/Patient.read patient/Observation.read", singletonList, union(singleton2, singleton3), Scope.Permission.READ}, new Object[]{"user/*.*", singletonList, singleton, Scope.Permission.ALL}, new Object[]{"user/Patient.read", singletonList, singleton2, Scope.Permission.READ}, new Object[]{"user/Observation.write", singletonList, singleton3, Scope.Permission.WRITE}, new Object[]{"system/*.*", singletonList, singleton, Scope.Permission.ALL}, new Object[]{"system/Patient.read", singletonList, singleton2, Scope.Permission.READ}, new Object[]{"system/Observation.write", singletonList, singleton3, Scope.Permission.WRITE}, new Object[]{"openid profile", singletonList, Collections.EMPTY_SET, null}, new Object[]{"user/*.*", null, singleton, Scope.Permission.ALL}, new Object[]{"system/*.*", null, singleton, Scope.Permission.ALL}};
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "scopeStringPreferReturnMinimalProvider")
    public static Object[][] scopeStringPreferReturnMinimal() {
        Set singleton = Collections.singleton(ResourceType.Value.RESOURCE);
        Set singleton2 = Collections.singleton(ResourceType.Value.PATIENT);
        Set singleton3 = Collections.singleton(ResourceType.Value.OBSERVATION);
        Set singleton4 = Collections.singleton(ResourceType.Value.PROVENANCE);
        List singletonList = Collections.singletonList("11111111-1111-1111-1111-111111111111");
        return new Object[]{new Object[]{"patient/*.*", null, singleton, null}, new Object[]{"patient/*.*", singletonList, Collections.EMPTY_SET, null}, new Object[]{"patient/*.read", singletonList, Collections.EMPTY_SET, null}, new Object[]{"patient/*.write", singletonList, Collections.EMPTY_SET, null}, new Object[]{"patient/Patient.* patient/Provenance.*", singletonList, Collections.EMPTY_SET, null}, new Object[]{"patient/Observation.* patient/Provenance.*", singletonList, Collections.EMPTY_SET, null}, new Object[]{"user/*.*", singletonList, singleton, Scope.Permission.ALL}, new Object[]{"user/*.read", singletonList, singleton, Scope.Permission.READ}, new Object[]{"user/*.write", singletonList, singleton, Scope.Permission.WRITE}, new Object[]{"user/Patient.* user/Provenance.*", singletonList, union(singleton2, singleton4), Scope.Permission.ALL}, new Object[]{"user/Observation.* user/Provenance.*", singletonList, union(singleton3, singleton4), Scope.Permission.ALL}, new Object[]{"system/*.*", singletonList, singleton, Scope.Permission.ALL}, new Object[]{"system/*.read", singletonList, singleton, Scope.Permission.READ}, new Object[]{"system/*.write", singletonList, singleton, Scope.Permission.WRITE}, new Object[]{"system/Patient.* system/Provenance.*", singletonList, union(singleton2, singleton4), Scope.Permission.ALL}, new Object[]{"system/Observation.* system/Provenance.*", singletonList, union(singleton3, singleton4), Scope.Permission.ALL}, new Object[]{"openid profile", singletonList, Collections.EMPTY_SET, null}, new Object[]{"user/*.*", null, singleton, Scope.Permission.ALL}, new Object[]{"system/*.*", null, singleton, Scope.Permission.ALL}};
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "scopeStringForSearch")
    public static Object[][] scopeStringsForSearch() {
        Set singleton = Collections.singleton(ResourceType.Value.PATIENT);
        Set singleton2 = Collections.singleton(ResourceType.Value.OBSERVATION);
        List singletonList = Collections.singletonList("11111111-1111-1111-1111-111111111111");
        return new Object[]{new Object[]{"patient/Patient.read patient/Observation.read patient/Practitioner.read", singletonList, union(singleton, singleton2)}, new Object[]{"user/Patient.read user/Observation.read user/Practitioner.read", singletonList, Collections.EMPTY_SET}, new Object[]{"system/Patient.read system/Observation.read system/Practitioner.read", singletonList, Collections.EMPTY_SET}};
    }

    private static <T> Set<T> union(Set<T> set, Set<T> set2) {
        return (Set) Stream.concat(set.stream(), set2.stream()).collect(Collectors.toSet());
    }
}
