package org.apache.jackrabbit.oak.security.user;

import java.util.Iterator;
import java.util.UUID;
import javax.annotation.Nullable;
import javax.jcr.SimpleCredentials;
import javax.jcr.nodetype.ConstraintViolationException;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
import org.apache.jackrabbit.oak.spi.security.principal.SystemUserPrincipal;
import org.apache.jackrabbit.oak.spi.security.user.UserIdCredentials;
import org.apache.jackrabbit.oak.util.NodeUtil;
import org.apache.jackrabbit.oak.util.TreeUtil;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/security/user/SystemUserImplTest.class */
public class SystemUserImplTest extends AbstractSecurityTest {
    private UserManager userMgr;
    private String uid;
    private User user;

    @Override // org.apache.jackrabbit.oak.AbstractSecurityTest
    @Before
    public void before() throws Exception {
        super.before();
        this.userMgr = getUserManager(this.root);
        this.uid = "testUser" + UUID.randomUUID();
    }

    @Override // org.apache.jackrabbit.oak.AbstractSecurityTest
    public void after() throws Exception {
        try {
            if (this.user != null) {
                this.user.remove();
                this.root.commit();
            }
        } finally {
            super.after();
        }
    }

    private User createUser(@Nullable String str) throws Exception {
        User createSystemUser = this.userMgr.createSystemUser(this.uid, str);
        this.root.commit();
        return createSystemUser;
    }

    @Test
    public void testCreateSystemUser() throws Exception {
        this.user = createUser(null);
        Assert.assertTrue(this.user instanceof SystemUserImpl);
    }

    @Test
    public void testSystemUserTree() throws Exception {
        this.user = createUser(null);
        Tree tree = this.root.getTree(this.user.getPath());
        Assert.assertFalse(tree.hasProperty("rep:password"));
        Assert.assertEquals("rep:SystemUser", TreeUtil.getPrimaryTypeName(tree));
    }

    @Test
    public void testGetCredentials() throws Exception {
        this.user = createUser(null);
        UserIdCredentials credentials = this.user.getCredentials();
        Assert.assertTrue(credentials instanceof UserIdCredentials);
        Assert.assertEquals(this.uid, credentials.getUserId());
    }

    @Test
    public void testHasNoPassword() throws Exception {
        this.user = createUser(null);
        Assert.assertFalse(this.root.getTree(this.user.getPath()).hasProperty("rep:password"));
    }

    @Test
    public void testCreateUserWithAbsolutePath() throws Exception {
        try {
            this.user = createUser("/any/path/to/the/new/user");
            Assert.fail("ConstraintViolationException expected");
        } catch (ConstraintViolationException e) {
        }
    }

    @Test
    public void testCreateUserWithAbsolutePath2() throws Exception {
        try {
            this.user = createUser("/rep:security/rep:authorizables/rep:users/any/path/to/the/new/user");
            Assert.fail("ConstraintViolationException expected");
        } catch (ConstraintViolationException e) {
        }
    }

    @Test
    public void testCreateUserWithAbsolutePath3() throws Exception {
        String str = "/rep:security/rep:authorizables/rep:users/system/any/path/to/the/new/user";
        this.user = createUser(str);
        Assert.assertTrue(this.user.getPath().startsWith(str));
    }

    @Test
    public void testCreateUserWithRelativePath() throws Exception {
        try {
            this.user = createUser("any/path");
            Assert.fail("ConstraintViolationException expected");
        } catch (ConstraintViolationException e) {
        }
    }

    @Test
    public void testCreateUserWithRelativePath2() throws Exception {
        this.user = createUser("system/any/path");
        Assert.assertNotNull(this.user.getID());
        Assert.assertTrue(this.user.getPath().contains("any/path"));
    }

    @Test
    public void testCreateSystemUserWithOtherPath() throws Exception {
        String str = null;
        try {
            try {
                NodeUtil addChild = new NodeUtil(this.root.getTree("/rep:security/rep:authorizables/rep:users")).addChild("systemUser", "rep:SystemUser");
                addChild.setString("rep:principalName", "systemUser");
                addChild.setString("rep:authorizableId", "systemUser");
                str = addChild.getTree().getPath();
                this.root.commit();
                Assert.fail();
                this.root.refresh();
                if (str != null) {
                    Tree tree = this.root.getTree(str);
                    if (tree.exists()) {
                        tree.remove();
                        this.root.commit();
                    }
                }
            } catch (CommitFailedException e) {
                Assert.assertTrue(e.isConstraintViolation());
                this.root.refresh();
                if (str != null) {
                    Tree tree2 = this.root.getTree(str);
                    if (tree2.exists()) {
                        tree2.remove();
                        this.root.commit();
                    }
                }
            }
        } catch (Throwable th) {
            this.root.refresh();
            if (str != null) {
                Tree tree3 = this.root.getTree(str);
                if (tree3.exists()) {
                    tree3.remove();
                    this.root.commit();
                }
            }
            throw th;
        }
    }

    @Test
    public void testLoginAsSystemUser() throws Exception {
        this.user = createUser(null);
        try {
            login(new SimpleCredentials(this.uid, new char[0])).close();
            Assert.fail();
        } catch (LoginException e) {
        }
    }

    @Test
    public void testLoginAsSystemUser2() throws Exception {
        this.user = createUser(null);
        try {
            login(this.user.getCredentials()).close();
            Assert.fail();
        } catch (LoginException e) {
        }
    }

    @Test
    public void testImpersonateSystemUser() throws Exception {
        this.user = createUser(null);
        login(new ImpersonationCredentials(new SimpleCredentials(this.uid, new char[0]), this.adminSession.getAuthInfo())).close();
    }

    @Test
    public void testImpersonateDisabledSystemUser() throws Exception {
        this.user = createUser(null);
        this.user.disable("disabled");
        this.root.commit();
        try {
            login(new ImpersonationCredentials(new SimpleCredentials(this.uid, new char[0]), this.adminSession.getAuthInfo())).close();
            Assert.fail();
        } catch (LoginException e) {
        }
    }

    @Test
    public void testGetPrincipal() throws Exception {
        this.user = createUser(null);
        Assert.assertTrue(this.user.getPrincipal() instanceof SystemUserPrincipal);
    }

    @Test
    public void testAddToGroup() throws Exception {
        this.user = createUser(null);
        Group group = null;
        try {
            group = this.userMgr.createGroup("testGroup");
            group.addMember(this.user);
            this.root.commit();
            Assert.assertTrue(group.isMember(this.user));
            Assert.assertTrue(group.isDeclaredMember(this.user));
            boolean z = false;
            Iterator declaredMemberOf = this.user.declaredMemberOf();
            while (declaredMemberOf.hasNext() && !z) {
                if (group.getID().equals(((Group) declaredMemberOf.next()).getID())) {
                    z = true;
                }
            }
            Assert.assertTrue(z);
            if (group != null) {
                group.remove();
                this.root.commit();
            }
        } catch (Throwable th) {
            if (group != null) {
                group.remove();
                this.root.commit();
            }
            throw th;
        }
    }
}
