package com.atlassian.crowd.plugins.usermanagement.rest.resource;

import com.atlassian.crowd.acceptance.rest.RestServer;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.sun.jersey.api.client.ClientResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.apache.commons.lang.RandomStringUtils;
import org.codehaus.jackson.JsonNode;
import org.codehaus.jackson.node.ArrayNode;
import org.codehaus.jackson.node.JsonNodeFactory;
import org.codehaus.jackson.node.ObjectNode;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:com/atlassian/crowd/plugins/usermanagement/rest/resource/UsersResourceTest.class */
public class UsersResourceTest extends RestResourceTest {
    private UsersResourceHelper usersResourceHelper;

    public UsersResourceTest() {
        super("xml/usermanagement_testdata_sysadmin.xml");
    }

    protected UsersResourceTest(RestServer restServer) {
        super(restServer);
    }

    @Override // com.atlassian.crowd.plugins.usermanagement.rest.resource.RestResourceTest
    @Before
    public void setUp() throws Exception {
        super.setUp();
        this.usersResourceHelper = new UsersResourceHelper(this.restResourceHelper);
    }

    @Test
    public void nonAdminUserShouldNotBeAbleToAccessTheResource() {
        ClientResponse clientResponse = (ClientResponse) this.restResourceHelper.getAuthenticatedWebResource(this.restResourceHelper.getBaseUriBuilder().path(GoogleAppsUserResourceTest.USER_PATH).path("search").build(new Object[0]), "dir1user", "dir1user").accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).get(ClientResponse.class);
        Assert.assertNotNull(clientResponse);
        Assert.assertThat(clientResponse, HttpMatchers.isUnauthorized());
    }

    @Test
    public void anonymousUserShouldNotBeAbleToAccessTheResource() {
        ClientResponse clientResponse = (ClientResponse) this.restResourceHelper.getWebResource(this.restResourceHelper.getBaseUriBuilder().path(GoogleAppsUserResourceTest.USER_PATH).path("search").build(new Object[0])).accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).get(ClientResponse.class);
        Assert.assertNotNull(clientResponse);
        Assert.assertThat(clientResponse, HttpMatchers.isUnauthorized());
    }

    @Test
    public void searchForUsersWithNoFilterOrPaging() throws Exception {
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.search((String) null).size()), CoreMatchers.is(5));
    }

    @Test
    public void searchForUsersWithEmptyFilterOrPaging() throws Exception {
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.search("").size()), CoreMatchers.is(5));
    }

    @Test
    public void searchForUsersWithExactFilterNoPaging() throws Exception {
        ArrayNode search = this.usersResourceHelper.search("secondadmin");
        Assert.assertThat(Integer.valueOf(search.size()), CoreMatchers.is(1));
        Assert.assertThat(search.get(0), Matchers.isUser("secondadmin", "Second Admin", "secondadmin@example.net"));
    }

    @Test
    public void searchForUsersWithPartialFilterNoPaging() throws Exception {
        ArrayNode search = this.usersResourceHelper.search("second");
        Assert.assertThat(Integer.valueOf(search.size()), CoreMatchers.is(1));
        Assert.assertThat(search.get(0), Matchers.isUser("secondadmin", "Second Admin", "secondadmin@example.net"));
    }

    @Test
    public void searchForUsersWithFilterNoPagingNoResults() throws Exception {
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.search("blabla").size()), CoreMatchers.is(0));
    }

    @Test
    public void searchForUserWithFilterOnEmailNoPaging() throws Exception {
        ArrayNode search = this.usersResourceHelper.search("doflynn");
        Assert.assertThat(Integer.valueOf(search.size()), CoreMatchers.is(1));
        Assert.assertThat(search.get(0), Matchers.isUser("eeeep", "Zeee Pop!", "doflynn@atlassian.com"));
    }

    @Test
    public void searchForUserWithFilterOnDisplayNameNoPaging() throws IOException {
        ArrayNode search = this.usersResourceHelper.search("builder");
        Assert.assertThat(Integer.valueOf(search.size()), CoreMatchers.is(1));
        Assert.assertThat(search.get(0), Matchers.isUser("admin", "bob the builder", "bob@example.net"));
    }

    @Test
    public void addingUserWithNoBody() throws Exception {
        Assert.assertThat(this.usersResourceHelper.create((String) null, (String) null, (String) null, (String) null), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithEmtpyNameNoDisplayNameNoEmailNoPassword() throws Exception {
        Assert.assertThat(this.usersResourceHelper.create("", (String) null, (String) null, (String) null), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithNameWithInvalidEmailDisplayNamePassword_1() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "sam", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithNameWithInvalidEmailDisplayNamePassword_2() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "sam@", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithNameWithInvalidEmailDisplayNamePassword_3() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "@example.com", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithNameWithInvalidEmailDisplayNamePassword_4() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "@", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithNameWithEmailDisplayNameNoPassword() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "sam@example.com", (String) null), HttpMatchers.preconditionFailed());
    }

    @Test
    public void addingUserWithAllRequiredAttributes() throws Exception {
        intendToModify();
        ClientResponse create = this.usersResourceHelper.create("sam", "Sam Smith", "sam@example.com", "secret");
        Assert.assertThat(create, HttpMatchers.isSuccessful());
        Assert.assertThat(getNewlyCreatedEntity(create), Matchers.isUser("sam", "Sam Smith", "sam@example.com", true));
    }

    @Test
    public void addingDuplicateUser() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "sam@example.com", "secret"), HttpMatchers.isSuccessful());
        Assert.assertThat(this.usersResourceHelper.create("sam", "Sam Smith", "sam@example.com", "secret"), HttpMatchers.isFailed());
    }

    @Test
    @Ignore("What's an invalid username?")
    public void addingUserWithInvalidName() throws Exception {
        Assert.assertThat(this.usersResourceHelper.create("+$/!@~\\bla,;.", "Sam Smith", "sam@example.com", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void addingUserWithUsernameWithMaximumSize() throws Exception {
        intendToModify();
        String generateUsernameWithMaxLength = generateUsernameWithMaxLength();
        Assert.assertThat(getNewlyCreatedEntity(this.usersResourceHelper.create(generateUsernameWithMaxLength, "Sam Smith", "sam@example.com", "secret")), Matchers.isUser(generateUsernameWithMaxLength, "Sam Smith", "sam@example.com", true));
    }

    @Test
    public void addingUserWithUsernameThatExceedsMaximumSize() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.create(generateUsernameExceedingLength(), "Sam Smith", "sam@example.com", "secret"), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithBlankUsername() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update(" ", "Second Admin", "secondadmin@example.net", true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithEmptyUsername() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update("", "Second Admin", "secondadmin@example.net", true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithUsernameThatHasMaxLength() throws Exception {
        intendToModify();
        String generateUsernameWithMaxLength = generateUsernameWithMaxLength();
        Assert.assertThat(this.usersResourceHelper.create(generateUsernameWithMaxLength, "Big Username", "a@big.com", "secret"), HttpMatchers.isSuccessful());
        Assert.assertThat(this.usersResourceHelper.update(generateUsernameWithMaxLength, "Big Username Updated", "amodified@big.com", true), HttpMatchers.isSuccessful());
        ClientResponse clientResponse = this.usersResourceHelper.get(generateUsernameWithMaxLength);
        Assert.assertThat(clientResponse, HttpMatchers.isSuccessful());
        Assert.assertThat(this.restResourceHelper.asJson(clientResponse), Matchers.isUser(generateUsernameWithMaxLength, "Big Username Updated", "amodified@big.com"));
    }

    @Test
    public void updateUserWithUsernameThatExceedsMaximumSize() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update(generateUsernameExceedingLength(), "Big Username Updated", "amodified@big.com", true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithNullEmail() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update("secondadmin", "Second Admin", (String) null, true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithEmptyEmail() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update("secondadmin", "Second Admin", "", true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithBlankEmail() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update("secondadmin", "Second Admin", " ", true), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserWithValidData() throws Exception {
        ClientResponse clientResponse = this.usersResourceHelper.get("secondadmin");
        Assert.assertThat(clientResponse, HttpMatchers.isSuccessful());
        Assert.assertThat(this.restResourceHelper.asJson(clientResponse), Matchers.isUser("secondadmin", "Second Admin", "secondadmin@example.net"));
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.update("secondadmin", "Second admin in directory 1", "secondadmin@example.com", true), HttpMatchers.isSuccessful());
        ClientResponse clientResponse2 = this.usersResourceHelper.get("secondadmin");
        Assert.assertThat(clientResponse2, HttpMatchers.isSuccessful());
        Assert.assertThat(this.restResourceHelper.asJson(clientResponse2), Matchers.isUser("secondadmin", "Second admin in directory 1", "secondadmin@example.com"));
    }

    @Test
    public void updateSysadminForbidden() throws Exception {
        Assert.assertThat(this.usersResourceHelper.update("admin", "Super User", "admin@example.com", true), HttpMatchers.isForbidden());
    }

    @Test
    public void updateUserPassword() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.updatePassword("dir1user", "p455w0rD"), HttpMatchers.isSuccessful());
    }

    @Test
    public void updateUserPasswordWithoutUsername() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.updatePassword((String) null, "p455w0rD"), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateUserPasswordForNonExistingUser() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.updatePassword("nonexistinguser", "p455w0rD"), HttpMatchers.isNotFound());
    }

    @Test
    public void updateUserPasswordWithoutPassword() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.updatePassword("dir1user", (String) null), HttpMatchers.isBadRequest());
    }

    @Test
    public void updateSysadminPasswordForbidden() throws Exception {
        Assert.assertThat(this.usersResourceHelper.updatePassword("admin", "p455w0rD"), HttpMatchers.isForbidden());
    }

    @Test
    public void addAndRemoveMemberships() throws Exception {
        intendToModify();
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(1));
        ClientResponse addMembership = this.usersResourceHelper.addMembership("secondadmin", Lists.newArrayList(new String[]{"crowd-testers"}));
        Assert.assertThat(addMembership, HttpMatchers.isSuccessful());
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(2));
        this.usersResourceHelper.removeMembership("secondadmin", "crowd-testers");
        Assert.assertThat(addMembership, HttpMatchers.isSuccessful());
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(1));
    }

    @Test
    public void addAndRemoveMultipleMemberships() throws Exception {
        intendToModify();
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(1));
        Assert.assertThat(this.usersResourceHelper.addMembership("secondadmin", Lists.newArrayList(new String[]{"crowd-testers", "crowd-users"})), HttpMatchers.isSuccessful());
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(3));
        Assert.assertThat(this.usersResourceHelper.removeMembership("secondadmin", "crowd-testers"), HttpMatchers.isSuccessful());
        Assert.assertThat(this.usersResourceHelper.removeMembership("secondadmin", "crowd-users"), HttpMatchers.isSuccessful());
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(1));
    }

    @Test
    public void addExistingMembership() throws Exception {
        intendToModify();
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(1));
        Assert.assertThat(this.usersResourceHelper.addMembership("secondadmin", Lists.newArrayList(new String[]{"crowd-testers"})), HttpMatchers.isSuccessful());
        Assert.assertThat(this.usersResourceHelper.addMembership("secondadmin", Lists.newArrayList(new String[]{"crowd-testers", "crowd-users"})), HttpMatchers.isSuccessful());
        Assert.assertThat(Integer.valueOf(this.usersResourceHelper.getMemberships("secondadmin", (String) null).size()), CoreMatchers.is(3));
    }

    @Test
    public void addMembershipOfSysadminIsForbidden() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.addMembership("admin", ImmutableList.of("crowd-testers")), HttpMatchers.isForbidden());
    }

    @Test
    public void removeMembershipOfSysadminIsForbidden() throws Exception {
        intendToModify();
        Assert.assertThat(this.usersResourceHelper.removeMembership("admin", "badgers"), HttpMatchers.isForbidden());
    }

    @Test
    public void resetPasswordWithInvalidToken() {
        UriBuilder path = this.restResourceHelper.getBaseUriBuilder().path(GoogleAppsUserResourceTest.USER_PATH).path("resetpassword");
        path.queryParam("username", new Object[]{"secondadmin"});
        path.queryParam("directoryId", new Object[]{123});
        path.queryParam("token", new Object[]{"secret789"});
        ObjectNode objectNode = new ObjectNode(JsonNodeFactory.instance);
        objectNode.put("value", "the-password");
        ClientResponse clientResponse = (ClientResponse) this.restResourceHelper.getAuthenticatedWebResourceAsAdmin(path.build(new Object[0])).accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).entity(objectNode.toString(), MediaType.APPLICATION_JSON_TYPE).put(ClientResponse.class);
        Assert.assertNotNull(clientResponse);
        Assert.assertThat(clientResponse, HttpMatchers.isFailed());
    }

    private JsonNode getNewlyCreatedEntity(ClientResponse clientResponse) throws URISyntaxException, IOException {
        String str = (String) clientResponse.getHeaders().getFirst("Location");
        Assert.assertThat(str, CoreMatchers.notNullValue());
        ClientResponse clientResponse2 = (ClientResponse) this.restResourceHelper.getAuthenticatedWebResourceAsAdmin(new URI(str)).get(ClientResponse.class);
        Assert.assertThat(clientResponse2, HttpMatchers.isSuccessful());
        return this.restResourceHelper.asJson(clientResponse2);
    }

    private String generateUsernameWithExceedingLength(int i) {
        return RandomStringUtils.randomAlphanumeric(255 + i);
    }

    private String generateUsernameWithMaxLength() {
        return generateUsernameWithExceedingLength(0);
    }

    private String generateUsernameExceedingLength() {
        return generateUsernameWithExceedingLength(1);
    }
}
