package org.apache.jackrabbit.core.security.authorization;

import java.security.Principal;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import javax.jcr.Credentials;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.security.TestPrincipal;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.class */
public abstract class AbstractEvaluationTest extends AbstractAccessControlTest {
    private static Logger log = LoggerFactory.getLogger(AbstractEvaluationTest.class);
    private String uid;
    protected User testUser;
    protected Credentials creds;
    protected Group testGroup;
    private Session testSession;
    private AccessControlManager testAccessControlManager;
    private Node trn;
    private Set<String> toClear = new HashSet();

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUp() throws Exception {
        super.setUp();
        if (!isExecutable()) {
            this.superuser.logout();
            throw new NotExecutableException();
        }
        try {
            UserManager userManager = getUserManager(this.superuser);
            this.uid = "testUser" + UUID.randomUUID();
            this.creds = new SimpleCredentials(this.uid, this.uid.toCharArray());
            this.testUser = userManager.createUser(this.uid, this.uid);
            if (!userManager.isAutoSave()) {
                this.superuser.save();
            }
        } catch (Exception e) {
            this.superuser.logout();
            throw e;
        }
    }

    protected void tearDown() throws Exception {
        Authorizable authorizable;
        try {
            for (String str : this.toClear) {
                try {
                    for (AccessControlPolicy accessControlPolicy : this.acMgr.getPolicies(str)) {
                        this.acMgr.removePolicy(str, accessControlPolicy);
                    }
                    this.superuser.save();
                } catch (RepositoryException e) {
                    log.debug(e.getMessage());
                }
            }
            if (this.testSession != null && this.testSession.isLive()) {
                this.testSession.logout();
            }
            if (this.testGroup != null && this.testUser != null) {
                if (this.testGroup.isDeclaredMember(this.testUser)) {
                    this.testGroup.removeMember(this.testUser);
                }
                this.testGroup.remove();
            }
            if (this.uid != null && (authorizable = getUserManager(this.superuser).getAuthorizable(this.uid)) != null) {
                authorizable.remove();
            }
            if (!getUserManager(this.superuser).isAutoSave() && this.superuser.hasPendingChanges()) {
                this.superuser.save();
            }
        } finally {
            super.tearDown();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static UserManager getUserManager(Session session) throws NotExecutableException {
        if (!(session instanceof JackrabbitSession)) {
            throw new NotExecutableException();
        }
        try {
            return ((JackrabbitSession) session).getUserManager();
        } catch (RepositoryException e) {
            throw new NotExecutableException();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Session getTestSession() throws RepositoryException {
        if (this.testSession == null) {
            this.testSession = getHelper().getRepository().login(this.creds);
        }
        return this.testSession;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AccessControlManager getTestACManager() throws NotExecutableException, RepositoryException {
        if (this.testAccessControlManager == null) {
            this.testAccessControlManager = getAccessControlManager(getTestSession());
        }
        return this.testAccessControlManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Group getTestGroup() throws RepositoryException, NotExecutableException {
        if (this.testGroup == null) {
            TestPrincipal testPrincipal = new TestPrincipal("testGroup" + UUID.randomUUID());
            UserManager userManager = getUserManager(this.superuser);
            this.testGroup = userManager.createGroup(testPrincipal);
            this.testGroup.addMember(this.testUser);
            if (!userManager.isAutoSave() && this.superuser.hasPendingChanges()) {
                this.superuser.save();
            }
        }
        return this.testGroup;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Node getTestNode() throws RepositoryException {
        if (this.trn == null) {
            this.trn = getTestSession().getItem(this.testRootNode.getPath());
        }
        return this.trn;
    }

    protected abstract boolean isExecutable();

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkReadOnly(String str) throws RepositoryException, NotExecutableException {
        Privilege[] privileges = getTestACManager().getPrivileges(str);
        assertTrue(privileges.length == 1);
        assertEquals(privilegesFromName("{http://www.jcp.org/jcr/1.0}read")[0], privileges[0]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract JackrabbitAccessControlList getPolicy(AccessControlManager accessControlManager, String str, Principal principal) throws RepositoryException, NotExecutableException;

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract Map<String, Value> getRestrictions(Session session, String str) throws RepositoryException, NotExecutableException;

    /* JADX INFO: Access modifiers changed from: protected */
    public JackrabbitAccessControlList modifyPrivileges(String str, String str2, boolean z) throws NotExecutableException, RepositoryException {
        return modifyPrivileges(str, this.testUser.getPrincipal(), privilegesFromName(str2), z, getRestrictions(this.superuser, str));
    }

    private JackrabbitAccessControlList modifyPrivileges(String str, Principal principal, Privilege[] privilegeArr, boolean z, Map<String, Value> map) throws NotExecutableException, RepositoryException {
        JackrabbitAccessControlList policy = getPolicy(this.acMgr, str, principal);
        policy.addEntry(principal, privilegeArr, z, map);
        this.acMgr.setPolicy(policy.getPath(), policy);
        this.superuser.save();
        this.toClear.add(policy.getPath());
        return policy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JackrabbitAccessControlList givePrivileges(String str, Privilege[] privilegeArr, Map<String, Value> map) throws NotExecutableException, RepositoryException {
        return modifyPrivileges(str, this.testUser.getPrincipal(), privilegeArr, true, map);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JackrabbitAccessControlList givePrivileges(String str, Principal principal, Privilege[] privilegeArr, Map<String, Value> map) throws NotExecutableException, RepositoryException {
        return modifyPrivileges(str, principal, privilegeArr, true, map);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JackrabbitAccessControlList withdrawPrivileges(String str, Privilege[] privilegeArr, Map<String, Value> map) throws NotExecutableException, RepositoryException {
        return modifyPrivileges(str, this.testUser.getPrincipal(), privilegeArr, false, map);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JackrabbitAccessControlList withdrawPrivileges(String str, Principal principal, Privilege[] privilegeArr, Map<String, Value> map) throws NotExecutableException, RepositoryException {
        return modifyPrivileges(str, principal, privilegeArr, false, map);
    }
}
