package com.atlassian.crowd.acceptance.tests.rest.service;

import com.atlassian.crowd.acceptance.rest.RestServer;
import com.atlassian.crowd.directory.ApacheDS15;
import com.atlassian.crowd.directory.rest.endpoint.DefaultRegion;
import com.atlassian.crowd.plugin.rest.entity.AzureAdConnectionTestEntity;
import com.atlassian.crowd.plugin.rest.entity.CrowdConnectionTestEntity;
import com.atlassian.crowd.plugin.rest.entity.LdapConnectionTestEntity;
import com.atlassian.crowd.plugin.rest.entity.LdapSearchTestEntity;
import com.atlassian.crowd.plugin.rest.service.resource.plugins.PluginSettingsResource;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import com.sun.jersey.api.client.WebResource;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.hamcrest.Matchers;
import org.junit.Assert;

/* loaded from: input_file:com/atlassian/crowd/acceptance/tests/rest/service/DirectoryResourceTest.class */
public class DirectoryResourceTest extends RestCrowdServiceAcceptanceTestCase {
    protected static final String REST_SERVICE_NAME = "directorymanagement";
    protected static final String SETTINGS_RESOURCE = "directory";

    public DirectoryResourceTest(String str) {
        super(str);
    }

    public DirectoryResourceTest(String str, RestServer restServer) {
        super(str, restServer);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase
    public UriBuilder getBaseUriBuilder() {
        return getBaseUriBuilder(REST_SERVICE_NAME, "1");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase
    public WebResource getRootWebResource(String str, String str2) {
        return getWebResource(str, str2, getBaseUriBuilder().build(new Object[0]));
    }

    public void testValidationShouldFailOnInvalidDirectoryAttributesForCrowd() {
        try {
            getWebResource("admin", "admin", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testcrowd").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new CrowdConnectionTestEntity("http://hostname:8095/crowd", "", "", "", (Integer) null, "", "")).post();
            fail("Invalid Directory attributes must be a reason to generate ValidationFailedException");
        } catch (UniformInterfaceException e) {
            Assert.assertThat("User should get a 400 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.BAD_REQUEST));
        }
    }

    public void testValidationShouldFailOnInvalidDirectoryAttributesForAzureAd() {
        try {
            getWebResource("admin", "admin", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testazuread").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new AzureAdConnectionTestEntity("", "", "", (String) null, (String) null, (String) null, DefaultRegion.GERMANY.name())).post();
            fail("Invalid Directory attributes must be a reason to generate ValidationFailedException");
        } catch (UniformInterfaceException e) {
            Assert.assertThat("User should get a 400 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.BAD_REQUEST));
        }
    }

    public void testAnonymousCannotUseCrowdResource() {
        try {
            getWebResource(getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testcrowd").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new CrowdConnectionTestEntity("http://127.0.0.1:8095/crowd", "crowd", "qybhDMZh", "", (Integer) null, "", "")).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Anonymous user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testNonAdminCannotUseCrowdResource() {
        try {
            getWebResource("regularuser", "regularuser", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testcrowd").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new CrowdConnectionTestEntity("http://127.0.0.1:8095/crowd", "crowd", "qybhDMZh", "", (Integer) null, "", "")).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Regular user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testAdminCanUseCrowdResource() {
        Assert.assertThat("Admin user should receive a no-content response", ((ClientResponse) getWebResource("admin", "admin", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testcrowd").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new CrowdConnectionTestEntity("http://127.0.0.1:8095/crowd", "crowd", "qybhDMZh", "", (Integer) null, "", "")).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.NO_CONTENT));
    }

    public void testAnonymousCannotUseLdapResource() {
        try {
            getWebResource(getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testldap").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapConnectionTestEntity("ldap://localhost:389/", "dc=test,dc=com", "admin", "cn=admin,dc=test,dc=com", "com.atlassian.crowd.directory.OpenLDAP")).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Anonymous user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testNonAdminCannotUseLdapResource() {
        try {
            getWebResource("regularuser", "regularuser", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testldap").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapConnectionTestEntity("ldap://localhost:12389/", "dc=example,dc=com", "secret", "uid=admin,ou=system", ApacheDS15.class.getName())).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Regular user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testAdminCanUseLdapResource() {
        Assert.assertThat("Admin user should receive a 409 status code (there's no LDAP to test against)", ((ClientResponse) getWebResource("admin", "admin", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testldap").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapConnectionTestEntity("ldap://localhost:389/", "dc=test,dc=com", "admin", "cn=admin,dc=test,dc=com", "com.atlassian.crowd.directory.OpenLDAP")).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.CONFLICT));
    }

    public void testAnonymousCannotUseTestSearchResource() {
        try {
            getWebResource(getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testsearch").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapSearchTestEntity("GROUP", "ldap://localhost:389/", "dc=test,dc=com", "cn=admin,dc=test,dc=com", "admin", "cn", "(objectCategory=Group)", "com.atlassian.crowd.directory.OpenLDAP", (String) null, (String) null, false, (Integer) null)).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Anonymous user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testNonAdminCannotUseTestSearchResource() {
        try {
            getWebResource("regularuser", "regularuser", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testsearch").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapSearchTestEntity("GROUP", "ldap://localhost:389/", "dc=test,dc=com", "cn=admin,dc=test,dc=com", "admin", "cn", "(objectCategory=Group)", "com.atlassian.crowd.directory.OpenLDAP", (String) null, (String) null, false, (Integer) null)).post();
            fail("Anonymous user should not get an OK status code when accessing " + PluginSettingsResource.class.getSimpleName());
        } catch (UniformInterfaceException e) {
            Assert.assertThat("Regular user should get a 401 status code", e.getResponse().getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.UNAUTHORIZED));
        }
    }

    public void testAdminCanUseTestSearchResource() {
        Assert.assertThat("Admin user should receive a 500 status code (there's no LDAP to test against)", ((ClientResponse) getWebResource("admin", "admin", getBaseUriBuilder().path(SETTINGS_RESOURCE).path("testsearch").build(new Object[0])).type(MediaType.APPLICATION_JSON_TYPE).entity(new LdapSearchTestEntity("GROUP", "ldap://localhost:389/", "dc=test,dc=com", "cn=admin,dc=test,dc=com", "admin", "cn", "(objectCategory=Group)", "com.atlassian.crowd.directory.OpenLDAP", (String) null, (String) null, false, (Integer) null)).post(ClientResponse.class)).getClientResponseStatus(), Matchers.equalTo(ClientResponse.Status.INTERNAL_SERVER_ERROR));
    }
}
