package org.apache.jackrabbit.oak.jcr.security.user;

import com.google.common.collect.ImmutableMap;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import javax.annotation.Nonnull;
import javax.jcr.RepositoryException;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction;
import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction;
import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/jcr/security/user/UserImportWithActionsTest.class */
public class UserImportWithActionsTest extends AbstractImportTest {
    private final TestActionProvider actionProvider = new TestActionProvider();

    /* loaded from: input_file:org/apache/jackrabbit/oak/jcr/security/user/UserImportWithActionsTest$TestAction.class */
    private final class TestAction implements AuthorizableAction {
        private String id;
        private String pw;

        private TestAction() {
        }

        public void init(SecurityProvider securityProvider, ConfigurationParameters configurationParameters) {
        }

        public void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException {
            this.id = group.getID();
        }

        public void onCreate(User user, String str, Root root, NamePathMapper namePathMapper) throws RepositoryException {
            this.id = user.getID();
            this.pw = str;
        }

        public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException {
        }

        public void onPasswordChange(User user, String str, Root root, NamePathMapper namePathMapper) throws RepositoryException {
            this.pw = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/jackrabbit/oak/jcr/security/user/UserImportWithActionsTest$TestActionProvider.class */
    public final class TestActionProvider implements AuthorizableActionProvider {
        private final List<AuthorizableAction> actions;

        private TestActionProvider() {
            this.actions = new ArrayList();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void addAction(AuthorizableAction authorizableAction) {
            this.actions.add(authorizableAction);
        }

        public List<? extends AuthorizableAction> getAuthorizableActions(@Nonnull SecurityProvider securityProvider) {
            return this.actions;
        }
    }

    @Override // org.apache.jackrabbit.oak.jcr.security.user.AbstractImportTest
    protected String getImportBehavior() {
        return "besteffort";
    }

    @Override // org.apache.jackrabbit.oak.jcr.security.user.AbstractImportTest
    protected String getTargetPath() {
        throw new UnsupportedOperationException();
    }

    private void setAuthorizableActions(AuthorizableAction authorizableAction) {
        this.actionProvider.addAction(authorizableAction);
    }

    @Override // org.apache.jackrabbit.oak.jcr.security.user.AbstractImportTest
    protected ConfigurationParameters getConfigurationParameters() {
        HashMap hashMap = new HashMap();
        hashMap.put("authorizableActionProvider", this.actionProvider);
        return ConfigurationParameters.of(ImmutableMap.of("org.apache.jackrabbit.oak.user", ConfigurationParameters.of(hashMap)));
    }

    @Test
    public void testActionExecutionForUser() throws Exception {
        TestAction testAction = new TestAction();
        setAuthorizableActions(testAction);
        doImport("/rep:security/rep:authorizables/rep:users", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>pw</sv:value></sv:property>   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property></sv:node>");
        Assert.assertEquals(testAction.id, "t");
        Assert.assertEquals(testAction.pw, "pw");
    }

    @Test
    public void testActionExecutionForGroup() throws Exception {
        TestAction testAction = new TestAction();
        setAuthorizableActions(testAction);
        doImport("/rep:security/rep:authorizables/rep:groups", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property></sv:node>");
        Assert.assertEquals(testAction.id, "g");
        Assert.assertNull(testAction.pw);
    }

    @Test
    public void testAccessControlActionExecutionForUser() throws Exception {
        AccessControlAction accessControlAction = new AccessControlAction();
        accessControlAction.init(this.securityProvider, ConfigurationParameters.of(Collections.singletonMap("userPrivilegeNames", new String[]{"{http://www.jcp.org/jcr/1.0}all"})));
        setAuthorizableActions(accessControlAction);
        doImport("/rep:security/rep:authorizables/rep:users", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property></sv:node>");
        Authorizable authorizable = this.userMgr.getAuthorizable("t");
        Assert.assertNotNull(authorizable);
        Assert.assertFalse(authorizable.isGroup());
        AccessControlList[] policies = this.adminSession.getAccessControlManager().getPolicies(authorizable.getPath());
        Assert.assertNotNull(policies);
        Assert.assertEquals(1L, policies.length);
        Assert.assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] accessControlEntries = policies[0].getAccessControlEntries();
        Assert.assertEquals(1L, accessControlEntries.length);
        Assert.assertEquals("tPrincipal", accessControlEntries[0].getPrincipal().getName());
    }

    @Test
    public void testAccessControlActionExecutionForUser2() throws Exception {
        AccessControlAction accessControlAction = new AccessControlAction();
        accessControlAction.init(this.securityProvider, ConfigurationParameters.of(Collections.singletonMap("userPrivilegeNames", new String[]{"{http://www.jcp.org/jcr/1.0}all"})));
        setAuthorizableActions(accessControlAction);
        doImport("/rep:security/rep:authorizables/rep:users", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property></sv:node>");
        Authorizable authorizable = this.userMgr.getAuthorizable("t");
        Assert.assertNotNull(authorizable);
        Assert.assertFalse(authorizable.isGroup());
        AccessControlList[] policies = this.adminSession.getAccessControlManager().getPolicies(authorizable.getPath());
        Assert.assertNotNull(policies);
        Assert.assertEquals(1L, policies.length);
        Assert.assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] accessControlEntries = policies[0].getAccessControlEntries();
        Assert.assertEquals(1L, accessControlEntries.length);
        Assert.assertEquals("tPrincipal", accessControlEntries[0].getPrincipal().getName());
    }

    @Test
    public void testAccessControlActionExecutionForGroup() throws Exception {
        AccessControlAction accessControlAction = new AccessControlAction();
        accessControlAction.init(this.securityProvider, ConfigurationParameters.of(Collections.singletonMap("groupPrivilegeNames", new String[]{"{http://www.jcp.org/jcr/1.0}read"})));
        setAuthorizableActions(accessControlAction);
        doImport("/rep:security/rep:authorizables/rep:groups", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property></sv:node>");
        Authorizable authorizable = this.userMgr.getAuthorizable("g");
        Assert.assertNotNull(authorizable);
        Assert.assertTrue(authorizable.isGroup());
        AccessControlList[] policies = this.adminSession.getAccessControlManager().getPolicies(authorizable.getPath());
        Assert.assertNotNull(policies);
        Assert.assertEquals(1L, policies.length);
        Assert.assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] accessControlEntries = policies[0].getAccessControlEntries();
        Assert.assertEquals(1L, accessControlEntries.length);
        Assert.assertEquals("gPrincipal", accessControlEntries[0].getPrincipal().getName());
    }
}
