package com.atlassian.jira;

import com.atlassian.fugue.Option;
import com.atlassian.jira.pageobjects.BaseJiraWebTest;
import com.atlassian.jira.pageobjects.config.CreateUser;
import com.atlassian.jira.pageobjects.config.LoginAs;
import com.atlassian.jira.pageobjects.pages.ViewProfilePage;
import com.atlassian.jira.pageobjects.pages.viewissue.ViewIssuePage;
import com.atlassian.jira.plugins.thirdparty.balsamiq.TestJiraBalsamiqMockupsPlugin;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.pageobjects.Page;
import com.atlassian.pageobjects.elements.query.Poller;
import com.atlassian.pageobjects.elements.query.Queries;
import com.atlassian.pageobjects.elements.query.TimedQuery;
import com.atlassian.pageobjects.elements.timeout.Timeouts;
import com.atlassian.test.categories.OnDemandAcceptanceTest;
import java.net.URI;
import org.hamcrest.Description;
import org.hamcrest.Matcher;
import org.hamcrest.TypeSafeMatcher;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({OnDemandAcceptanceTest.class})
/* loaded from: input_file:com/atlassian/jira/TestAlacarteJiraAccessEnforcement.class */
public class TestAlacarteJiraAccessEnforcement extends BaseJiraWebTest {
    private static final String ADMIN_USER = "admin";
    private static final String JIRA_USER = "jira";
    private static final String JIRA_USER_PASSWORD = "jira123!";
    private static final String CONFLUENCE_USER = "confluence";
    private static final String CONFLUENCE_USER_PASSWORD = "confluence123!";
    private static final String TEST_PROJECT_KEY = "TST";
    private static final long DEFAULT_PERMISSION_SCHEMA = 0;
    private static final String JIRA_PERMISSION_BROWSE_PROJECTS = "BROWSE_PROJECTS";
    private static String testIssueKey;

    /* loaded from: input_file:com/atlassian/jira/TestAlacarteJiraAccessEnforcement$FakePage.class */
    public static class FakePage implements Page {
        public String getUrl() {
            throw new UnsupportedOperationException();
        }
    }

    @BeforeClass
    public static void before() {
        jira.backdoor().project().addProject(TestJiraBalsamiqMockupsPlugin.PROJECT_NAME, "TST", ADMIN_USER);
        testIssueKey = jira.backdoor().issues().createIssue("TST", "Issue summary").key();
    }

    @AfterClass
    public static void after() {
        jira.backdoor().project().deleteProject("TST");
    }

    @Test
    @LoginAs(user = JIRA_USER, password = JIRA_USER_PASSWORD, targetPage = ViewProfilePage.class)
    @CreateUser(username = JIRA_USER, password = JIRA_USER_PASSWORD)
    public void testProfilePageAccessForJiraUser() {
        ViewProfilePage viewProfilePage = (ViewProfilePage) jira.getPageBinder().bind(ViewProfilePage.class, new Object[0]);
        Assert.assertTrue("A user with JIRA permission has to see the activity stream", viewProfilePage.hasActivityStream());
        Assert.assertTrue("A user with JIRA permission has to see the user details", viewProfilePage.hasProfileDetails());
        Assert.assertTrue("A user with JIRA permission has to see the JIRA user preferences", viewProfilePage.hasProfilePreferences());
        Assert.assertTrue("A user with JIRA permission has to see the filters drop-down", viewProfilePage.hasFilters());
    }

    @Test
    @LoginAs(anonymous = true)
    public void testAnonymousCanAccessGeneralPages() {
        jira.gotoLoginPage();
        jira.gotoHomePage();
    }

    @Test
    @CreateUser(username = CONFLUENCE_USER, password = CONFLUENCE_USER_PASSWORD, user = false, groupnames = {"confluence-users"})
    public void testUserWithNoJiraAccessCanAccessNonAccessibleSpecificJiraPages() {
        ProjectPermissionKey projectPermissionKey = new ProjectPermissionKey(JIRA_PERMISSION_BROWSE_PROJECTS);
        backdoor.permissionSchemes().addEveryonePermission(Long.valueOf(DEFAULT_PERMISSION_SCHEMA), projectPermissionKey);
        try {
            jira.gotoLoginPage().login(CONFLUENCE_USER, CONFLUENCE_USER_PASSWORD, ViewIssuePage.class, new Object[]{testIssueKey});
            backdoor.permissionSchemes().removeEveryonePermission(Long.valueOf(DEFAULT_PERMISSION_SCHEMA), projectPermissionKey);
        } catch (Throwable th) {
            backdoor.permissionSchemes().removeEveryonePermission(Long.valueOf(DEFAULT_PERMISSION_SCHEMA), projectPermissionKey);
            throw th;
        }
    }

    @Test
    @CreateUser(username = CONFLUENCE_USER, password = CONFLUENCE_USER_PASSWORD, user = false, groupnames = {"confluence-users"})
    public void testConfluenceUserGetsSentToConfluenceAfterLogin() {
        jira.gotoLoginPage().loginAndFollowRedirect(CONFLUENCE_USER, CONFLUENCE_USER_PASSWORD, FakePage.class, new Object[0]);
        Poller.waitUntil(currentUrl(), pathStartsWith("/wiki"));
    }

    private TimedQuery<URI> currentUrl() {
        return Queries.forSupplier((Timeouts) jira.injector().getInstance(Timeouts.class), () -> {
            return URI.create(jira.getTester().getDriver().getCurrentUrl());
        });
    }

    private Matcher<URI> pathStartsWith(final String str) {
        return new TypeSafeMatcher<URI>() { // from class: com.atlassian.jira.TestAlacarteJiraAccessEnforcement.1
            /* JADX INFO: Access modifiers changed from: protected */
            public boolean matchesSafely(URI uri) {
                Option option = Option.option(uri.getPath());
                String str2 = str;
                return option.exists(str3 -> {
                    return str3.startsWith(str2);
                });
            }

            public void describeTo(Description description) {
                description.appendText("a URI with a path that starts with").appendValue(str);
            }
        };
    }
}
