package com.atlassian.crowd.acceptance.tests.rest.service;

import com.atlassian.crowd.acceptance.rest.RestServer;
import com.atlassian.crowd.acceptance.tests.cluster.testutil.AuditLogClient;
import com.atlassian.crowd.acceptance.tests.rest.service.util.RestPageUtil;
import com.atlassian.crowd.audit.AuditLogAuthorType;
import com.atlassian.crowd.audit.AuditLogEntityType;
import com.atlassian.crowd.audit.AuditLogEventType;
import com.atlassian.crowd.plugin.rest.entity.ErrorEntity;
import com.atlassian.crowd.plugin.rest.entity.PropertyEntity;
import com.atlassian.crowd.plugin.rest.entity.PropertyRestrictionEntity;
import com.atlassian.crowd.plugin.rest.entity.audit.AuditLogAuthorRestDTO;
import com.atlassian.crowd.plugin.rest.entity.audit.AuditLogChangesetRestDTO;
import com.atlassian.crowd.plugin.rest.entity.audit.AuditLogEntityRestDTO;
import com.atlassian.crowd.plugin.rest.entity.audit.AuditLogEntryRestDTO;
import com.atlassian.crowd.plugin.rest.entity.audit.query.AuditLogAuthorRestrictionRestDTO;
import com.atlassian.crowd.plugin.rest.entity.audit.query.AuditLogQueryRestDTO;
import com.google.common.base.Charsets;
import com.google.common.collect.Iterables;
import com.google.common.io.Resources;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import io.restassured.response.ResponseBodyExtractionOptions;
import java.io.IOException;
import java.util.Date;
import java.util.List;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.hamcrest.Matcher;
import org.hamcrest.Matchers;
import org.junit.Assert;

/* loaded from: input_file:com/atlassian/crowd/acceptance/tests/rest/service/AuditResourceTest.class */
public class AuditResourceTest extends RestCrowdServiceAcceptanceTestCase {
    private static final AuditLogChangesetRestDTO MINIMAL_VALID_CHANGESET = AuditLogChangesetRestDTO.builder().setAuthor(AuditLogAuthorRestDTO.builder().setType(AuditLogAuthorType.OTHER).build()).setEventType(AuditLogEventType.OTHER).build();
    private static final AuditLogChangesetRestDTO PLUGIN_EVENT_CHANGESET = AuditLogChangesetRestDTO.builder().setAuthor(AuditLogAuthorRestDTO.builder().setType(AuditLogAuthorType.PLUGIN).build()).setEventType(AuditLogEventType.OTHER).build();

    public AuditResourceTest(String str) {
        super(str);
    }

    public AuditResourceTest(String str, RestServer restServer) {
        super(str, restServer);
    }

    private final UriBuilder auditBase() {
        return getBaseUriBuilder("admin", "1.0").path("auditlog");
    }

    private WebResource getSearchResource(String str, String str2) {
        return getWebResource(str, str2, auditBase().path("query").build(new Object[0]));
    }

    private WebResource getSearchResource() {
        return getWebResource(auditBase().path("query").build(new Object[0]));
    }

    private WebResource getAuthenticatedSearchResource() {
        return getSearchResource("admin", "admin");
    }

    private WebResource getCreateResource() {
        return getWebResource(auditBase().build(new Object[0]));
    }

    private WebResource getAuthenticatedCreateResource() {
        return getCreateResource("admin", "admin");
    }

    private WebResource getCreateResource(String str, String str2) {
        return getWebResource(str, str2, auditBase().build(new Object[0]));
    }

    public void testSearchInaccessibleForUnauthenticatedUsers() {
        Assert.assertThat("Anonymous user should get a 401 status code", ((ClientResponse) getSearchResource().type(MediaType.APPLICATION_JSON_TYPE).entity(new PropertyRestrictionEntity(new PropertyEntity("bla", "string"), "exactly_matches", "bla"), MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
    }

    public void testSearchInaccessibleForNonAdmins() throws IOException {
        Assert.assertThat("User wihout admin rights should get a 401 status code", ((ClientResponse) getSearchResource("regularuser", "regularuser").queryParam("limit", "1").type(MediaType.APPLICATION_JSON_TYPE).entity(AuditLogQueryRestDTO.builder().build()).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
    }

    public void testCreateInaccessibleForUnauthenticatedUsers() {
        Assert.assertThat("Anonymous user should get a 401 status code", ((ClientResponse) getCreateResource().entity(MINIMAL_VALID_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
    }

    public void testCreateInaccessibleForNonAdmins() {
        Assert.assertThat("User without admin rights should get a 401 status code", ((ClientResponse) getCreateResource("regularuser", "regularuser").entity(MINIMAL_VALID_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
    }

    public void testCreateChangesetWithAllPossibleProperties() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Date date = new Date();
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(AuditLogChangesetRestDTO.builder().setId(1234L).setTimestamp(new Date(1L)).setAuthor(AuditLogAuthorRestDTO.builder().setName("admin").setType(AuditLogAuthorType.USER).setId(32770L).build()).addEntity(AuditLogEntityRestDTO.builder().setType(AuditLogEntityType.APPLICATION).setId(884737L).setName("aliases").setPrimary(true).build()).setEventType(AuditLogEventType.OTHER).setEventMessage("Custom event!").addEntry(new AuditLogEntryRestDTO("custom property", "old", "new")).build(), MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        List<AuditLogChangesetRestDTO> searchForChangesets = searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build());
        Assert.assertThat(Integer.valueOf(searchForChangesets.size()), Matchers.is(1));
        AuditLogChangesetRestDTO auditLogChangesetRestDTO = searchForChangesets.get(0);
        AuditLogEntityRestDTO auditLogEntityRestDTO = (AuditLogEntityRestDTO) Iterables.getOnlyElement(auditLogChangesetRestDTO.getEntities());
        Assert.assertThat(auditLogChangesetRestDTO.getId(), Matchers.allOf(Matchers.notNullValue(), Matchers.not(Matchers.is(1234L))));
        Assert.assertThat(auditLogChangesetRestDTO.getTimestamp(), Matchers.greaterThanOrEqualTo(date));
        Assert.assertThat(auditLogChangesetRestDTO.getAuthor().getType(), Matchers.is(AuditLogAuthorType.USER));
        Assert.assertThat(auditLogChangesetRestDTO.getAuthor().getName(), Matchers.is("admin"));
        Assert.assertThat(auditLogChangesetRestDTO.getAuthor().getId(), Matchers.is(32770L));
        Assert.assertThat(auditLogChangesetRestDTO.getAuthor().getDisplayName(), Matchers.is("bob the builder"));
        Assert.assertThat(auditLogChangesetRestDTO.getEventType(), Matchers.is(AuditLogEventType.OTHER));
        Assert.assertThat(auditLogEntityRestDTO.getType(), Matchers.is(AuditLogEntityType.APPLICATION));
        Assert.assertThat(auditLogEntityRestDTO.getId(), Matchers.is(884737L));
        Assert.assertThat(auditLogEntityRestDTO.getName(), Matchers.is("aliases"));
        Assert.assertThat(auditLogChangesetRestDTO.getEntries(), Matchers.hasItem(new AuditLogEntryRestDTO("custom property", "old", "new")));
    }

    public void testCreateChangesetWithMinimalAmountOfData() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Assert.assertThat(Integer.valueOf(searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build()).size()), Matchers.is(0));
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(MINIMAL_VALID_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        Assert.assertThat(Integer.valueOf(searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build()).size()), Matchers.is(1));
    }

    public void testBadRequestWhenCreatingChangesetWithoutEventType() throws IOException {
        ClientResponse clientResponse = (ClientResponse) getAuthenticatedCreateResource().entity(AuditLogChangesetRestDTO.builder().setAuthor(AuditLogAuthorRestDTO.builder().setType(AuditLogAuthorType.OTHER).build()).build(), MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class);
        Assert.assertThat(clientResponse.getClientResponseStatus(), Matchers.is(ClientResponse.Status.BAD_REQUEST));
        ErrorEntity errorEntity = (ErrorEntity) clientResponse.getEntity(ErrorEntity.class);
        Assert.assertThat(errorEntity.getReason(), Matchers.is(ErrorEntity.ErrorReason.ILLEGAL_ARGUMENT));
        Assert.assertThat(errorEntity.getMessage(), Matchers.is("Event type not set"));
    }

    public void testBadRequestWhenCreatingChangesetWithoutAuthorType() throws IOException {
        ClientResponse clientResponse = (ClientResponse) getAuthenticatedCreateResource().entity(AuditLogChangesetRestDTO.builder().setEventType(AuditLogEventType.OTHER).build(), MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class);
        Assert.assertThat(clientResponse.getClientResponseStatus(), Matchers.is(ClientResponse.Status.BAD_REQUEST));
        ErrorEntity errorEntity = (ErrorEntity) clientResponse.getEntity(ErrorEntity.class);
        Assert.assertThat(errorEntity.getReason(), Matchers.is(ErrorEntity.ErrorReason.ILLEGAL_ARGUMENT));
        Assert.assertThat(errorEntity.getMessage(), Matchers.is("Author not set"));
    }

    public void testSearchByAuthorTypeEnum() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(PLUGIN_EVENT_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        List<AuditLogChangesetRestDTO> searchForChangesets = searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAuthor(new AuditLogAuthorRestrictionRestDTO((Long) null, (String) null, AuditLogAuthorType.PLUGIN)).build());
        Assert.assertThat(Integer.valueOf(searchForChangesets.size()), Matchers.is(1));
        Assert.assertThat(searchForChangesets.get(0).getAuthor().getType(), Matchers.is(AuditLogAuthorType.PLUGIN));
    }

    public void testSearchByEventTypeEnum() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(PLUGIN_EVENT_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        List<AuditLogChangesetRestDTO> searchForChangesets = searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build());
        Assert.assertThat(Integer.valueOf(searchForChangesets.size()), Matchers.is(1));
        Assert.assertThat(searchForChangesets.get(0).getEventType(), Matchers.is(AuditLogEventType.OTHER));
    }

    public void testSearchByTimestamp() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Date date = new Date();
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(PLUGIN_EVENT_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        List<AuditLogChangesetRestDTO> searchForChangesets = searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().setOnOrAfter(new Date(date.getTime())).build());
        ResponseBodyExtractionOptions auditEvents = AuditLogClient.getAuditEvents(getServerUriBuilder().build(new Object[0]).toString());
        Assert.assertThat(Integer.valueOf(searchForChangesets.size()), Matchers.is(1));
        Assert.assertThat(searchForChangesets.get(0).getAuthor().getType(), Matchers.is(AuditLogAuthorType.PLUGIN));
        Assert.assertThat(searchForChangesets.get(0).getTimestamp(), Matchers.is(Matchers.greaterThanOrEqualTo(date)));
        Assert.assertThat(auditEvents.path("results[0].timestamp", new String[0]), Matchers.matchesPattern("[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}\\+[0-9]{4}"));
    }

    public void testAdditionalRestEntriesAppended() throws IOException {
        intendToModifyData();
        WebResource authenticatedCreateResource = getAuthenticatedCreateResource();
        WebResource authenticatedSearchResource = getAuthenticatedSearchResource();
        Assert.assertThat(Integer.valueOf(searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build()).size()), Matchers.is(0));
        Assert.assertThat(((ClientResponse) authenticatedCreateResource.entity(MINIMAL_VALID_CHANGESET, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getClientResponseStatus(), Matchers.is(ClientResponse.Status.CREATED));
        Assert.assertThat(searchForChangesets(authenticatedSearchResource, AuditLogQueryRestDTO.builder().addAction(AuditLogEventType.OTHER).build()).get(0).getEntries(), Matchers.containsInAnyOrder(new AuditLogEntryRestDTO[]{new AuditLogEntryRestDTO("API User", "", "admin"), new AuditLogEntryRestDTO("API User Directory ID", "", "2"), new AuditLogEntryRestDTO("Created By", "", "REST API")}));
    }

    public void testShouldAcceptEntitiesIn212Format() throws IOException {
        String resources = Resources.toString(Resources.getResource(getClass(), "AuditResourceTest-changeset-2.12.json"), Charsets.UTF_8);
        intendToModifyData();
        int status = ((ClientResponse) getAuthenticatedCreateResource().entity(resources, MediaType.APPLICATION_JSON_TYPE).post(ClientResponse.class)).getStatus();
        List<AuditLogChangesetRestDTO> searchForChangesets = searchForChangesets(getAuthenticatedSearchResource(), AuditLogQueryRestDTO.builder().addAuthor(new AuditLogAuthorRestrictionRestDTO((Long) null, "sample-2.12-author", AuditLogAuthorType.USER)).build());
        Assert.assertThat(Integer.valueOf(status), Matchers.is(Integer.valueOf(ClientResponse.Status.CREATED.getStatusCode())));
        Assert.assertThat(searchForChangesets, Matchers.contains(Matchers.allOf(new Matcher[]{Matchers.hasProperty("author", Matchers.equalTo(AuditLogAuthorRestDTO.builder().setType(AuditLogAuthorType.USER).setName("sample-2.12-author").setId(1L).build())), Matchers.hasProperty("entities", Matchers.contains(Matchers.equalTo(AuditLogEntityRestDTO.builder().setType(AuditLogEntityType.APPLICATION).setPrimary(true).setName("JIRA 7.4").setId(123L).build()))), Matchers.hasProperty("authorId", Matchers.nullValue()), Matchers.hasProperty("authorType", Matchers.nullValue()), Matchers.hasProperty("authorName", Matchers.nullValue()), Matchers.hasProperty("entityId", Matchers.nullValue()), Matchers.hasProperty("entityType", Matchers.nullValue()), Matchers.hasProperty("entityName", Matchers.nullValue())})));
    }

    private List<AuditLogChangesetRestDTO> searchForChangesets(WebResource webResource, AuditLogQueryRestDTO auditLogQueryRestDTO) {
        return RestPageUtil.extractRestPageFromJson((String) webResource.entity(auditLogQueryRestDTO, MediaType.APPLICATION_JSON_TYPE).post(String.class), AuditLogChangesetRestDTO.class).getResults();
    }
}
