package com.atlassian.crowd.plugins.usermanagement.servlet.resource;

import com.atlassian.crowd.acceptance.rest.RestServer;
import com.atlassian.crowd.plugins.usermanagement.rest.resource.RestResourceTest;
import com.google.common.collect.ImmutableList;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
import java.net.URI;
import java.util.Iterator;
import javax.ws.rs.core.UriBuilder;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:com/atlassian/crowd/plugins/usermanagement/servlet/resource/ServletResourcesTest.class */
public class ServletResourcesTest extends RestResourceTest {
    private static final String USERS_SERVLET_PATH = "users";
    private static final String GROUPS_SERVLET_PATH = "groups";
    private static final String APPS_SERVLET_PATH = "apps";

    public ServletResourcesTest() {
        super("xml/usermanagement_testdata_sysadmin.xml");
    }

    protected ServletResourcesTest(RestServer restServer) {
        super(restServer);
    }

    @Test
    public void testPublicSignUpServletIsAnonymousAccessible() {
        ensureAnonymousAccess("GET", ImmutableList.of(USERS_SERVLET_PATH, "sign-up"), getBaseUriBuilderForServlet());
    }

    @Test
    public void testResetPasswordServletIsAnonymousAccessible() {
        ensureAnonymousAccess("GET", ImmutableList.of(USERS_SERVLET_PATH, "resetpassword"), getBaseUriBuilderForServlet());
    }

    @Test
    public void testUsersServletPathIsAccessible() {
        ensureAuthenticatedAccess("GET", ImmutableList.of(USERS_SERVLET_PATH, "add"), getBaseUriBuilderForServlet());
    }

    @Test
    public void testGroupsServletPathIsAccessible() {
        ensureAuthenticatedAccess("GET", ImmutableList.of(GROUPS_SERVLET_PATH), getBaseUriBuilderForServlet());
    }

    @Test
    public void testAppsServletPathIsAccessible() {
        ensureAuthenticatedAccess("GET", ImmutableList.of("apps"), getBaseUriBuilderForServlet());
    }

    private void ensureAnonymousAccess(String str, ImmutableList<String> immutableList, UriBuilder uriBuilder) {
        buildPaths(immutableList, uriBuilder);
        ClientResponse clientResponse = (ClientResponse) this.restResourceHelper.getWebResource(uriBuilder.build(new Object[0])).method(str, ClientResponse.class);
        Assert.assertNotNull(clientResponse);
        int status = clientResponse.getStatus();
        Assert.assertTrue("Cannot find the servlet", status != 404);
        Assert.assertTrue("Response is Unauthorized, but we expect it allow anonymous access", status != 401);
    }

    private void ensureAuthenticatedAccess(String str, ImmutableList<String> immutableList, UriBuilder uriBuilder) {
        buildPaths(immutableList, uriBuilder);
        ClientResponse clientResponse = (ClientResponse) getWebResourceNoRedirects(uriBuilder.build(new Object[0])).method(str, ClientResponse.class);
        Assert.assertNotNull(clientResponse);
        int status = clientResponse.getStatus();
        Assert.assertTrue("Cannot find the servlet", status != 404);
        Assert.assertTrue("Response is Authorised, but we expect a forbidden", status == 403);
        ClientResponse clientResponse2 = (ClientResponse) getAuthenticatedWebResourceNoRedirects(uriBuilder.build(new Object[0]), "regularuser", "regularuser").method(str, ClientResponse.class);
        Assert.assertNotNull(clientResponse2);
        Assert.assertThat("Regular users are redirected to login page (Crowd) or unauthorised (Horde)", Integer.valueOf(clientResponse2.getStatus()), Matchers.isOneOf(new Integer[]{302, 401}));
        ClientResponse clientResponse3 = (ClientResponse) this.restResourceHelper.getAuthenticatedWebResourceAsAdmin(uriBuilder.build(new Object[0])).method(str, ClientResponse.class);
        Assert.assertNotNull(clientResponse3);
        Assert.assertTrue("Response is authorised for admin user", clientResponse3.getStatus() == 200);
    }

    private void buildPaths(ImmutableList<String> immutableList, UriBuilder uriBuilder) {
        Iterator it = immutableList.iterator();
        while (it.hasNext()) {
            uriBuilder.path((String) it.next());
        }
    }

    private UriBuilder getBaseUriBuilderForServlet() {
        return UriBuilder.fromUri(this.restResourceHelper.getRestServer().getBaseUrl().toString()).path("plugins").path("servlet").path("um");
    }

    private WebResource getAuthenticatedWebResourceNoRedirects(URI uri, String str, String str2) {
        Client create = Client.create();
        create.setFollowRedirects(false);
        create.addFilter(new HTTPBasicAuthFilter(str, str2));
        return this.restResourceHelper.getRestServer().decorateClient(create).resource(uri);
    }

    private WebResource getWebResourceNoRedirects(URI uri) {
        Client create = Client.create();
        create.setFollowRedirects(false);
        return this.restResourceHelper.getRestServer().decorateClient(create).resource(uri);
    }
}
