package io.jenkins.blueocean.service.embedded.rest;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.fasterxml.jackson.annotation.JsonProperty;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.model.Node;
import hudson.model.TopLevelItem;
import hudson.model.TopLevelItemDescriptor;
import hudson.model.User;
import hudson.security.ACL;
import hudson.security.AccessControlled;
import hudson.security.Permission;
import io.jenkins.blueocean.commons.ServiceException;
import io.jenkins.blueocean.rest.ApiHead;
import io.jenkins.blueocean.rest.factory.organization.AbstractOrganization;
import io.jenkins.blueocean.rest.hal.Link;
import io.jenkins.blueocean.rest.model.BluePipeline;
import io.jenkins.blueocean.rest.model.BluePipelineContainer;
import io.jenkins.blueocean.rest.model.BlueUser;
import io.jenkins.blueocean.rest.model.BlueUserContainer;
import io.jenkins.blueocean.rest.model.BlueUserPermission;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import jenkins.model.ModifiableTopLevelItemGroup;
import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.apache.commons.lang.StringUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.kohsuke.stapler.WebMethod;
import org.kohsuke.stapler.verb.DELETE;
import org.mockito.Mockito;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;

@PrepareForTest({Jenkins.class, User.class})
@RunWith(PowerMockRunner.class)
/* loaded from: input_file:io/jenkins/blueocean/service/embedded/rest/UserImplPermissionTest.class */
public class UserImplPermissionTest {
    private TestOrganization testOrganization;
    private User user;
    private Authentication authentication;

    /* renamed from: jenkins, reason: collision with root package name */
    private Jenkins f0jenkins;

    /* loaded from: input_file:io/jenkins/blueocean/service/embedded/rest/UserImplPermissionTest$TestOrganization.class */
    public static class TestOrganization extends AbstractOrganization implements ModifiableTopLevelItemGroup, AccessControlled {
        private final String name;
        private final String displayName;
        private final UserContainerImpl users = new UserContainerImpl(this, this);

        public TestOrganization(@NonNull String str, @CheckForNull String str2) {
            this.name = str;
            this.displayName = str2 != null ? str2 : str;
        }

        @Override // io.jenkins.blueocean.rest.model.BlueOrganization
        public String getName() {
            return this.name;
        }

        @Override // io.jenkins.blueocean.rest.model.BlueOrganization
        public String getDisplayName() {
            return this.displayName;
        }

        @Override // io.jenkins.blueocean.rest.factory.organization.AbstractOrganization
        @Nonnull
        public ModifiableTopLevelItemGroup getGroup() {
            return this;
        }

        @Override // io.jenkins.blueocean.rest.model.BlueOrganization
        public BluePipelineContainer getPipelines() {
            return new PipelineContainerImpl(this, this, this);
        }

        @WebMethod(name = {JsonProperty.USE_DEFAULT_NAME})
        @DELETE
        public void delete() {
            throw new ServiceException.NotImplementedException("Not implemented yet");
        }

        @Override // io.jenkins.blueocean.rest.model.BlueOrganization
        public BlueUserContainer getUsers() {
            return this.users;
        }

        @Override // io.jenkins.blueocean.rest.model.BlueOrganization
        public BlueUser getUser() {
            User current = User.current();
            if (current == null) {
                throw new ServiceException.NotFoundException("No authenticated user found");
            }
            return new UserImpl(this, current, new UserContainerImpl(this, this));
        }

        @Override // io.jenkins.blueocean.rest.Reachable
        public Link getLink() {
            return ApiHead.INSTANCE().getLink().rel("organizations/" + getName());
        }

        /* renamed from: doCreateItem, reason: merged with bridge method [inline-methods] */
        public TopLevelItem m441doCreateItem(StaplerRequest staplerRequest, StaplerResponse staplerResponse) throws IOException, ServletException {
            return null;
        }

        public String getFullName() {
            return this.name;
        }

        public String getFullDisplayName() {
            return this.name;
        }

        public Collection<TopLevelItem> getItems() {
            return null;
        }

        public String getUrl() {
            return null;
        }

        public String getUrlChildPrefix() {
            return null;
        }

        /* renamed from: getItem, reason: merged with bridge method [inline-methods] */
        public TopLevelItem m442getItem(String str) throws AccessDeniedException {
            return null;
        }

        public File getRootDirFor(TopLevelItem topLevelItem) {
            return null;
        }

        public void onRenamed(TopLevelItem topLevelItem, String str, String str2) throws IOException {
        }

        public void onDeleted(TopLevelItem topLevelItem) throws IOException {
        }

        public File getRootDir() {
            return null;
        }

        public void save() throws IOException {
        }

        public <T extends TopLevelItem> T copy(T t, String str) throws IOException {
            return null;
        }

        public TopLevelItem createProjectFromXML(String str, InputStream inputStream) throws IOException {
            return null;
        }

        public TopLevelItem createProject(TopLevelItemDescriptor topLevelItemDescriptor, String str, boolean z) throws IOException {
            return null;
        }

        public ACL getACL() {
            return null;
        }

        public void checkPermission(Permission permission) throws AccessDeniedException {
        }

        public boolean hasPermission(Permission permission) {
            return true;
        }
    }

    @Before
    public void setup() throws IOException {
        this.testOrganization = new TestOrganization("org", "orgDisplayName");
        this.user = (User) Mockito.mock(User.class);
        Mockito.when(this.user.getId()).thenReturn("some_user");
        this.authentication = new Authentication() { // from class: io.jenkins.blueocean.service.embedded.rest.UserImplPermissionTest.1
            public String getName() {
                return "some_user";
            }

            public GrantedAuthority[] getAuthorities() {
                return null;
            }

            public Object getCredentials() {
                return null;
            }

            public Object getDetails() {
                return null;
            }

            public Object getPrincipal() {
                return null;
            }

            public boolean isAuthenticated() {
                return false;
            }

            public void setAuthenticated(boolean z) throws IllegalArgumentException {
            }
        };
        this.f0jenkins = (Jenkins) Mockito.mock(Jenkins.class);
        Mockito.when(this.f0jenkins.getACL()).thenReturn(new ACL() { // from class: io.jenkins.blueocean.service.embedded.rest.UserImplPermissionTest.2
            public boolean hasPermission(Authentication authentication, Permission permission) {
                return false;
            }
        });
        PowerMockito.mockStatic(Jenkins.class, new Class[0]);
        Mockito.when(Jenkins.getAuthentication()).thenReturn(this.authentication);
        Mockito.when(Jenkins.getInstance()).thenReturn(this.f0jenkins);
        try {
            Node.class.getDeclaredMethod("hasPermission", Permission.class);
        } catch (NoSuchMethodException e) {
            Mockito.when(Boolean.valueOf(this.f0jenkins.hasPermission((Permission) Mockito.any()))).thenAnswer(new Answer<Boolean>() { // from class: io.jenkins.blueocean.service.embedded.rest.UserImplPermissionTest.3
                /* renamed from: answer, reason: merged with bridge method [inline-methods] */
                public Boolean m440answer(InvocationOnMock invocationOnMock) {
                    return Boolean.valueOf(((Jenkins) invocationOnMock.getMock()).getACL().hasPermission((Permission) invocationOnMock.getArgumentAt(0, Permission.class)));
                }
            });
        }
        PowerMockito.mockStatic(User.class, new Class[0]);
        Mockito.when(User.get("some_user", false, Collections.EMPTY_MAP)).thenReturn(this.user);
    }

    @Test
    public void useTestAgainstOrgBaseOnFolder() {
        checkPermissions(new UserImpl(this.testOrganization, this.user, this.testOrganization).getPermission(), false, true);
    }

    @Test
    public void useTestAgainstJenkinsRoot() {
        OrganizationImpl organizationImpl = new OrganizationImpl("jenkins", this.f0jenkins);
        UserImpl userImpl = new UserImpl(organizationImpl, this.user, organizationImpl);
        checkPermissions(userImpl.getPermission(), false, false);
        Mockito.when(this.f0jenkins.getACL()).thenReturn(new ACL() { // from class: io.jenkins.blueocean.service.embedded.rest.UserImplPermissionTest.4
            public boolean hasPermission(Authentication authentication, Permission permission) {
                return true;
            }
        });
        checkPermissions(userImpl.getPermission(), true, true);
    }

    private void checkPermissions(BlueUserPermission blueUserPermission, boolean z, boolean z2) {
        Assert.assertEquals("User permission does not match", Boolean.valueOf(blueUserPermission.isAdministration()), Boolean.valueOf(z));
        Map<String, Boolean> pipelinePermission = blueUserPermission.getPipelinePermission();
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), pipelinePermission.get(BluePipeline.CREATE_PERMISSION));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), pipelinePermission.get(BluePipeline.READ_PERMISSION));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), pipelinePermission.get(BluePipeline.START_PERMISSION));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), pipelinePermission.get(BluePipeline.STOP_PERMISSION));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), pipelinePermission.get(BluePipeline.CONFIGURE_PERMISSION));
        Map<String, Boolean> credentialPermission = blueUserPermission.getCredentialPermission();
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), credentialPermission.get(CredentialsProvider.CREATE.name.toLowerCase()));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), credentialPermission.get(CredentialsProvider.VIEW.name.toLowerCase()));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), credentialPermission.get(CredentialsProvider.DELETE.name.toLowerCase()));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), credentialPermission.get(CredentialsProvider.UPDATE.name.toLowerCase()));
        Assert.assertEquals("User permission does not match", Boolean.valueOf(z2), credentialPermission.get(StringUtils.uncapitalize(CredentialsProvider.MANAGE_DOMAINS.name)));
    }
}
