package org.apache.jetspeed.services.security.registry;

import java.util.Vector;
import junit.awtui.TestRunner;
import junit.framework.Assert;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import org.apache.jetspeed.om.BaseSecurityReference;
import org.apache.jetspeed.om.SecurityReference;
import org.apache.jetspeed.om.profile.psml.PsmlEntry;
import org.apache.jetspeed.om.registry.RegistryEntry;
import org.apache.jetspeed.om.registry.SecurityEntry;
import org.apache.jetspeed.om.registry.base.BaseSecurityAccess;
import org.apache.jetspeed.om.registry.base.BaseSecurityAllow;
import org.apache.jetspeed.om.registry.base.BaseSecurityEntry;
import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.jetspeed.services.JetspeedPortalAccessController;
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.services.Registry;
import org.apache.jetspeed.services.resources.JetspeedResources;
import org.apache.jetspeed.services.security.JetspeedRoleManagement;
import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.util.StringUtils;
import org.apache.turbine.util.TurbineConfig;

/* loaded from: input_file:WEB-INF/lib/jetspeed-1.4-b4.jar:org/apache/jetspeed/services/security/registry/TestAccessController.class */
public class TestAccessController extends TestCase {
    private static String ADMIN_PORTLET = "GlobalAdminPortlet";
    private static SecurityReference adminSecurityRef = new BaseSecurityReference();
    private static String ALL_PORTLET = "HelloVelocity";
    private static SecurityReference defaultSecurityRef = new BaseSecurityReference();
    private static String TEST_GROUP = "Jetspeed";
    private static String TEST_SECURITY_PAGE = "SecurityTest";
    private static String USER_PORTLET = "SkinBrowser";
    private static String USERANON_PORTLET = "Welcome";
    private static SecurityReference userSecurityRef = new BaseSecurityReference();
    private static SecurityReference userAllAnonViewSecurityRef = new BaseSecurityReference();
    private static TurbineConfig config;
    static Class class$org$apache$jetspeed$services$security$registry$TestAccessController;

    public TestAccessController(String str) {
        super(str);
    }

    public static void main(String[] strArr) {
        Class cls;
        String[] strArr2 = new String[1];
        if (class$org$apache$jetspeed$services$security$registry$TestAccessController == null) {
            cls = class$("org.apache.jetspeed.services.security.registry.TestAccessController");
            class$org$apache$jetspeed$services$security$registry$TestAccessController = cls;
        } else {
            cls = class$org$apache$jetspeed$services$security$registry$TestAccessController;
        }
        strArr2[0] = cls.getName();
        TestRunner.main(strArr2);
    }

    public void setup() {
        System.out.println("Setup: Testing categories of Profiler Service");
    }

    public static Test suite() {
        Class cls;
        if (class$org$apache$jetspeed$services$security$registry$TestAccessController == null) {
            cls = class$("org.apache.jetspeed.services.security.registry.TestAccessController");
            class$org$apache$jetspeed$services$security$registry$TestAccessController = cls;
        } else {
            cls = class$org$apache$jetspeed$services$security$registry$TestAccessController;
        }
        return new TestSuite(cls);
    }

    public void testVerifyEnvironment() throws Exception {
        Assert.assertEquals("Using TurbineAccessController", "org.apache.jetspeed.services.security.registry.RegistryAccessController", JetspeedResources.getString("services.PortalAccessController.classname"));
        Registry.addEntry(Registry.SECURITY, (RegistryEntry) createSecurityEntry("admin_only", JetspeedSecurity.JETSPEED_ROLE_ADMIN, "*"));
        Assert.assertNotNull("Getting admin_only security ", Registry.getEntry(Registry.SECURITY, "admin_only"));
        Registry.addEntry(Registry.SECURITY, (RegistryEntry) createSecurityEntry("user_only", "user", "*"));
        Assert.assertNotNull("Getting user_only security ", Registry.getEntry(Registry.SECURITY, "user_only"));
        Registry.addEntry(Registry.SECURITY, (RegistryEntry) createSecurityEntry("wide_open", null, "*"));
        Assert.assertNotNull("Getting wide_open security ", Registry.getEntry(Registry.SECURITY, "wide_open"));
        Registry.addEntry(Registry.SECURITY, (RegistryEntry) createSecurityEntry("all_users-view_anon", "user", "*"));
        Assert.assertNotNull("Getting all_users-view_anon security ", Registry.getEntry(Registry.SECURITY, "all_users-view_anon"));
        SecurityEntry securityEntry = (SecurityEntry) Registry.getEntry(Registry.SECURITY, "all_users-view_anon");
        Vector accesses = securityEntry.getAccesses();
        Assert.assertEquals("Getting number of accesses for all_users-view_anon", 1, accesses.size());
        BaseSecurityAllow baseSecurityAllow = new BaseSecurityAllow();
        baseSecurityAllow.setRole("guest");
        Vector vector = new Vector();
        vector.addElement(baseSecurityAllow);
        BaseSecurityAccess baseSecurityAccess = new BaseSecurityAccess();
        baseSecurityAccess.setAction(JetspeedSecurity.PERMISSION_VIEW);
        baseSecurityAccess.setAllows(vector);
        accesses.addElement(baseSecurityAccess);
        securityEntry.setAccesses(accesses);
        Assert.assertEquals("Getting number of accesses for all_users-view_anon", 2, securityEntry.getAccesses().size());
        Assert.assertNotNull("Getting admin user", JetspeedSecurity.getUser(JetspeedSecurity.JETSPEED_ROLE_ADMIN));
        Assert.assertTrue("Admin user has Admin role", JetspeedRoleManagement.hasRole(JetspeedSecurity.JETSPEED_ROLE_ADMIN, JetspeedSecurity.JETSPEED_ROLE_ADMIN));
        Assert.assertTrue("Admin user has User role", JetspeedRoleManagement.hasRole(JetspeedSecurity.JETSPEED_ROLE_ADMIN, "user"));
        Assert.assertNotNull("Getting turbine user", JetspeedSecurity.getUser("turbine"));
        Assert.assertTrue("Turbine user does not have Admin role", !JetspeedRoleManagement.hasRole("turbine", JetspeedSecurity.JETSPEED_ROLE_ADMIN));
        Assert.assertTrue("Turbine user has User role", JetspeedRoleManagement.hasRole("turbine", "user"));
        Assert.assertNotNull("Getting anonymous user", JetspeedSecurity.getAnonymousUser());
        Assert.assertTrue("anonymous user does not have Admin role", !JetspeedRoleManagement.hasRole(JetspeedSecurity.getAnonymousUser().getUserName(), JetspeedSecurity.JETSPEED_ROLE_ADMIN));
        Assert.assertTrue("anonymous user does not have User role", !JetspeedRoleManagement.hasRole(JetspeedSecurity.getAnonymousUser().getUserName(), "user"));
        Assert.assertTrue("anonymous user does not have Guest role", JetspeedRoleManagement.hasRole(JetspeedSecurity.getAnonymousUser().getUserName(), "guest"));
        Assert.assertNotNull("adminSecurityRef", adminSecurityRef);
        adminSecurityRef.setParent("admin_only");
        Assert.assertNotNull(new StringBuffer().append("Getting security for ").append(adminSecurityRef.getParent()).toString(), Registry.getEntry(Registry.SECURITY, adminSecurityRef.getParent()));
        Assert.assertNotNull("userSecurityRef", userSecurityRef);
        userSecurityRef.setParent("user_only");
        Assert.assertNotNull(new StringBuffer().append("Getting security for ").append(userSecurityRef.getParent()).toString(), Registry.getEntry(Registry.SECURITY, userSecurityRef.getParent()));
        Assert.assertNotNull("defaultSecurityRef", defaultSecurityRef);
        defaultSecurityRef.setParent("wide_open");
        Assert.assertNotNull(new StringBuffer().append("Getting security for ").append(defaultSecurityRef.getParent()).toString(), Registry.getEntry(Registry.SECURITY, defaultSecurityRef.getParent()));
        Assert.assertNotNull("userAllAnonViewSecurityRef", userAllAnonViewSecurityRef);
        userAllAnonViewSecurityRef.setParent("all_users-view_anon");
        Assert.assertNotNull(new StringBuffer().append("Getting security for ").append(userAllAnonViewSecurityRef.getParent()).toString(), Registry.getEntry(Registry.SECURITY, defaultSecurityRef.getParent()));
    }

    public void testRequiredActions() throws Exception {
        JetspeedUser user = JetspeedSecurity.getUser(JetspeedSecurity.JETSPEED_ROLE_ADMIN);
        Assert.assertNotNull("Getting admin user", user);
        user.setHasLoggedIn(Boolean.TRUE);
        JetspeedUser user2 = JetspeedSecurity.getUser("turbine");
        Assert.assertNotNull("Getting turbine user", user2);
        user2.setHasLoggedIn(Boolean.TRUE);
        JetspeedUser anonymousUser = JetspeedSecurity.getAnonymousUser();
        Assert.assertNotNull("Getting anonymous user", anonymousUser);
        PsmlEntry createEntry = createEntry(ADMIN_PORTLET, "ST_01.admin", adminSecurityRef);
        PsmlEntry createEntry2 = createEntry(USER_PORTLET, "ST_01.user", userSecurityRef);
        PsmlEntry createEntry3 = createEntry(ALL_PORTLET, "ST_01.all", defaultSecurityRef);
        PsmlEntry createEntry4 = createEntry(USERANON_PORTLET, "ST_01.userAnon", userAllAnonViewSecurityRef);
        Assert.assertEquals(new StringBuffer().append("Admin user has view access to ").append(ADMIN_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user, createEntry, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Turbine user DOES NOT have view access to ").append(ADMIN_PORTLET).toString(), false, JetspeedPortalAccessController.checkPermission(user2, createEntry, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Anonymous user DOES NOT have view access to ").append(ADMIN_PORTLET).toString(), false, JetspeedPortalAccessController.checkPermission(anonymousUser, createEntry, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Admin user has view access to ").append(USER_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user, createEntry2, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Turbine user has view access to ").append(USER_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user2, createEntry2, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Anonymous user DOES NOT have view access to ").append(USER_PORTLET).toString(), false, JetspeedPortalAccessController.checkPermission(anonymousUser, createEntry2, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Admin user has view access to ").append(ALL_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user, createEntry3, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Turbine user has view access to ").append(ALL_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user2, createEntry3, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Anonymous user has view access to ").append(ALL_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(anonymousUser, createEntry3, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Admin user has view access to ").append(USERANON_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user, createEntry4, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Admin user has maximize access to ").append(USERANON_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(user2, createEntry4, JetspeedSecurity.PERMISSION_MAXIMIZE));
        Assert.assertEquals(new StringBuffer().append("Anonymous user has view access to ").append(USERANON_PORTLET).toString(), true, JetspeedPortalAccessController.checkPermission(anonymousUser, createEntry4, JetspeedSecurity.PERMISSION_VIEW));
        Assert.assertEquals(new StringBuffer().append("Anonymous user has maximize access to ").append(USERANON_PORTLET).toString(), false, JetspeedPortalAccessController.checkPermission(anonymousUser, createEntry4, JetspeedSecurity.PERMISSION_MAXIMIZE));
    }

    private PsmlEntry createEntry(String str, String str2, SecurityReference securityReference) {
        PsmlEntry psmlEntry = new PsmlEntry();
        psmlEntry.setParent(str);
        if (str2 != null) {
            psmlEntry.setId(str2);
        }
        if (securityReference != null) {
            psmlEntry.setSecurityRef(securityReference);
        }
        return psmlEntry;
    }

    private SecurityEntry createSecurityEntry(String str, String str2, String str3) {
        Vector vector = null;
        if (str2 != null) {
            BaseSecurityAllow baseSecurityAllow = new BaseSecurityAllow();
            baseSecurityAllow.setRole(str2);
            vector = new Vector();
            vector.addElement(baseSecurityAllow);
        }
        BaseSecurityAccess baseSecurityAccess = new BaseSecurityAccess();
        baseSecurityAccess.setAction(str3);
        baseSecurityAccess.setAllows(vector);
        Vector vector2 = new Vector();
        vector2.addElement(baseSecurityAccess);
        BaseSecurityEntry baseSecurityEntry = new BaseSecurityEntry();
        baseSecurityEntry.setName(str);
        baseSecurityEntry.setAccesses(vector2);
        return baseSecurityEntry;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        config = null;
        try {
            config = new TurbineConfig("../webapp", TurbineServices.PROPERTIES_PATH_DEFAULT);
            config.init();
        } catch (Exception e) {
            Assert.fail(StringUtils.stackTrace(e));
        }
    }
}
