package org.apache.jackrabbit.core.security.authorization.principalbased;

import java.security.Principal;
import java.util.Map;
import javax.jcr.AccessDeniedException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.Value;
import javax.jcr.security.AccessControlException;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.security.TestPrincipal;
import org.apache.jackrabbit.core.security.authorization.AbstractWriteTest;
import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.util.Text;

/* loaded from: input_file:org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.class */
public class WriteTest extends AbstractWriteTest {
    @Override // org.apache.jackrabbit.core.security.authorization.AbstractEvaluationTest
    protected boolean isExecutable() {
        return EvaluationUtil.isExecutable(this.superuser, this.acMgr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jackrabbit.core.security.authorization.AbstractEvaluationTest
    public JackrabbitAccessControlList getPolicy(AccessControlManager accessControlManager, String str, Principal principal) throws RepositoryException, AccessDeniedException, NotExecutableException {
        return EvaluationUtil.getPolicy(accessControlManager, str, principal);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jackrabbit.core.security.authorization.AbstractEvaluationTest
    public Map<String, Value> getRestrictions(Session session, String str) throws RepositoryException, NotExecutableException {
        return EvaluationUtil.getRestrictions(session, str);
    }

    public void testAutocreatedProperties() throws RepositoryException, NotExecutableException {
        givePrivileges(this.path, this.testUser.getPrincipal(), privilegesFromName("{internal}write"), getRestrictions(this.superuser, this.path));
        Map<String, Value> restrictions = getRestrictions(this.superuser, this.path);
        restrictions.put(this.superuser.getJCRName(ACLTemplate.P_GLOB), this.superuser.getValueFactory().createValue("/afolder/jcr:created"));
        withdrawPrivileges(this.path, this.testUser.getPrincipal(), privilegesFromName("{http://www.jcp.org/jcr/1.0}read"), restrictions);
        assertFalse(getTestSession().getNode(this.path).addNode("afolder", "nt:folder").hasProperty("jcr:created"));
    }

    public void testEditor() throws NotExecutableException, RepositoryException {
        UserManager userManager = getUserManager(this.superuser);
        User user = null;
        try {
            user = userManager.createUser("t", "t");
            if (!userManager.isAutoSave()) {
                this.superuser.save();
            }
            Principal principal = user.getPrincipal();
            JackrabbitAccessControlManager accessControlManager = getAccessControlManager(this.superuser);
            JackrabbitAccessControlPolicy[] applicablePolicies = accessControlManager.getApplicablePolicies(principal);
            assertEquals(1, applicablePolicies.length);
            assertTrue(applicablePolicies[0] instanceof ACLTemplate);
            JackrabbitAccessControlPolicy[] applicablePolicies2 = accessControlManager.getApplicablePolicies(principal);
            assertEquals(1, applicablePolicies2.length);
            assertEquals(1L, accessControlManager.getApplicablePolicies(applicablePolicies2[0].getPath()).getSize());
            assertEquals(0, accessControlManager.getPolicies(principal).length);
            assertEquals(0, accessControlManager.getPolicies(applicablePolicies2[0].getPath()).length);
            accessControlManager.setPolicy(applicablePolicies2[0].getPath(), applicablePolicies2[0]);
            assertEquals(0, accessControlManager.getApplicablePolicies(principal).length);
            assertEquals(1, accessControlManager.getPolicies(principal).length);
            assertEquals(1, accessControlManager.getPolicies(applicablePolicies2[0].getPath()).length);
            this.superuser.refresh(false);
            if (user != null) {
                user.remove();
                if (userManager.isAutoSave()) {
                    return;
                }
                this.superuser.save();
            }
        } catch (Throwable th) {
            this.superuser.refresh(false);
            if (user != null) {
                user.remove();
                if (!userManager.isAutoSave()) {
                    this.superuser.save();
                }
            }
            throw th;
        }
    }

    public void testEditor2() throws NotExecutableException, RepositoryException {
        UserManager userManager = getUserManager(this.superuser);
        User user = null;
        User user2 = null;
        try {
            User createUser = userManager.createUser("t", "t");
            User createUser2 = userManager.createUser("tt", "tt", new TestPrincipal("tt"), "t/tt");
            if (!userManager.isAutoSave()) {
                this.superuser.save();
            }
            ItemBasedPrincipal principal = createUser.getPrincipal();
            ItemBasedPrincipal principal2 = createUser2.getPrincipal();
            if (!(principal instanceof ItemBasedPrincipal) || !(principal2 instanceof ItemBasedPrincipal) || !Text.isDescendant(principal.getPath(), principal2.getPath())) {
                throw new NotExecutableException();
            }
            JackrabbitAccessControlManager accessControlManager = getAccessControlManager(this.superuser);
            AccessControlPolicy[] applicablePolicies = accessControlManager.getApplicablePolicies(principal2);
            accessControlManager.setPolicy(applicablePolicies[0].getPath(), applicablePolicies[0]);
            assertEquals("rep:PrincipalAccessControl", this.superuser.getNode(accessControlManager.getApplicablePolicies(principal)[0].getPath()).getPrimaryNodeType().getName());
            this.superuser.refresh(false);
            if (createUser2 != null) {
                createUser2.remove();
            }
            if (createUser != null) {
                createUser.remove();
            }
            if (userManager.isAutoSave()) {
                return;
            }
            this.superuser.save();
        } catch (Throwable th) {
            this.superuser.refresh(false);
            if (0 != 0) {
                user2.remove();
            }
            if (0 != 0) {
                user.remove();
            }
            if (!userManager.isAutoSave()) {
                this.superuser.save();
            }
            throw th;
        }
    }

    public void testPrincipalNameDiffersFromID() throws Exception {
        UserManager userManager = getUserManager(this.superuser);
        User user = null;
        try {
            user = userManager.createUser("t@foo.org", "t", new PrincipalImpl("t"), (String) null);
            if (!userManager.isAutoSave()) {
                this.superuser.save();
            }
            Principal principal = user.getPrincipal();
            JackrabbitAccessControlList policy = getPolicy(this.acMgr, this.path, principal);
            policy.addEntry(principal, privilegesFromName("{http://www.jcp.org/jcr/1.0}read"), true, getRestrictions(this.superuser, this.path));
            this.acMgr.setPolicy(policy.getPath(), policy);
            JackrabbitAccessControlList[] policies = this.acMgr.getPolicies(policy.getPath());
            assertEquals(1, policies.length);
            JackrabbitAccessControlList jackrabbitAccessControlList = policies[0];
            jackrabbitAccessControlList.addEntry(principal, privilegesFromName("{http://www.jcp.org/jcr/1.0}write"), true, getRestrictions(this.superuser, this.path));
            this.acMgr.setPolicy(jackrabbitAccessControlList.getPath(), jackrabbitAccessControlList);
            if (user != null) {
                user.remove();
            }
        } catch (Throwable th) {
            if (user != null) {
                user.remove();
            }
            throw th;
        }
    }

    public void testNotItemBasedPrincipal() throws Exception {
        try {
            Principal everyone = this.superuser.getPrincipalManager().getEveryone();
            JackrabbitAccessControlList policy = getPolicy(this.acMgr, this.path, everyone);
            policy.addEntry(everyone, privilegesFromName("{http://www.jcp.org/jcr/1.0}read"), true, getRestrictions(this.superuser, this.path));
            this.acMgr.setPolicy(policy.getPath(), policy);
            JackrabbitAccessControlList[] policies = this.acMgr.getPolicies(policy.getPath());
            assertEquals(1, policies.length);
            JackrabbitAccessControlList jackrabbitAccessControlList = policies[0];
            jackrabbitAccessControlList.addEntry(everyone, privilegesFromName("{http://www.jcp.org/jcr/1.0}write"), true, getRestrictions(this.superuser, this.path));
            this.acMgr.setPolicy(jackrabbitAccessControlList.getPath(), jackrabbitAccessControlList);
            this.superuser.refresh(false);
        } catch (Throwable th) {
            this.superuser.refresh(false);
            throw th;
        }
    }

    public void testInvalidPrincipal() throws Exception {
        String str;
        String str2 = "unknown";
        while (true) {
            str = str2;
            if (!this.superuser.getPrincipalManager().hasPrincipal(str)) {
                break;
            } else {
                str2 = str + "_";
            }
        }
        PrincipalImpl principalImpl = new PrincipalImpl(str);
        if (!(this.acMgr instanceof JackrabbitAccessControlManager)) {
            throw new NotExecutableException();
        }
        try {
            JackrabbitAccessControlPolicy[] applicablePolicies = this.acMgr.getApplicablePolicies(principalImpl);
            assertNotNull(applicablePolicies);
            assertEquals(0, applicablePolicies.length);
        } catch (AccessControlException e) {
        }
        try {
            JackrabbitAccessControlPolicy[] policies = this.acMgr.getPolicies(principalImpl);
            assertNotNull(policies);
            assertEquals(0, policies.length);
        } catch (AccessControlException e2) {
        }
    }
}
