package org.geoserver.security.impl;

import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.geoserver.security.AbstractSecurityServiceTest;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerRoleStore;
import org.geoserver.security.GeoServerUserGroupService;
import org.geoserver.security.GeoServerUserGroupStore;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/geoserver/security/impl/AbstractUserDetailsServiceTest.class */
public abstract class AbstractUserDetailsServiceTest extends AbstractSecurityServiceTest {
    protected GeoServerRoleService roleService;
    protected GeoServerUserGroupService usergroupService;
    protected GeoServerRoleStore roleStore;
    protected GeoServerUserGroupStore usergroupStore;

    protected void setServices(String str) throws Exception {
        this.roleService = createRoleService(str);
        this.usergroupService = createUserGroupService(str);
        this.roleStore = createStore(this.roleService);
        this.usergroupStore = createStore(this.usergroupService);
        getSecurityManager().setActiveRoleService(this.roleService);
    }

    @Test
    public void testConfiguration() throws Exception {
        setServices("config");
        Assert.assertEquals(this.roleService, getSecurityManager().getActiveRoleService());
        Assert.assertEquals(this.usergroupService.getName(), getSecurityManager().loadUserGroupService("config").getName());
        Assert.assertTrue(this.roleService.canCreateStore());
        Assert.assertTrue(this.usergroupService.canCreateStore());
    }

    @Test
    public void testRoleCalculation() throws Exception {
        setServices("rolecalulation");
        insertValues(this.roleStore);
        insertValues(this.usergroupStore);
        boolean z = true;
        try {
            this.usergroupService.loadUserByUsername("theUser");
        } catch (UsernameNotFoundException e) {
            z = false;
        }
        if (z) {
            Assert.fail("No UsernameNotFoundException thrown");
        }
        GeoServerUser createUserObject = this.usergroupStore.createUserObject("theUser", "", true);
        this.usergroupStore.addUser(createUserObject);
        Set<GeoServerRole> hashSet = new HashSet<>();
        checkRoles("theUser", hashSet);
        GeoServerRole createRoleObject = this.roleStore.createRoleObject("userrole1");
        this.roleStore.addRole(createRoleObject);
        this.roleStore.associateRoleToUser(createRoleObject, "theUser");
        hashSet.add(createRoleObject);
        checkRoles("theUser", hashSet);
        GeoServerRole createRoleObject2 = this.roleStore.createRoleObject("userrole2");
        this.roleStore.addRole(createRoleObject2);
        this.roleStore.associateRoleToUser(createRoleObject2, "theUser");
        hashSet.add(createRoleObject2);
        checkRoles("theUser", hashSet);
        GeoServerUserGroup createGroupObject = this.usergroupStore.createGroupObject("theGroup1", true);
        this.usergroupStore.addGroup(createGroupObject);
        this.usergroupStore.associateUserToGroup(createUserObject, createGroupObject);
        GeoServerRole createRoleObject3 = this.roleStore.createRoleObject("grouprole1a");
        this.roleStore.addRole(createRoleObject3);
        this.roleStore.associateRoleToGroup(createRoleObject3, "theGroup1");
        hashSet.add(createRoleObject3);
        checkRoles("theUser", hashSet);
        GeoServerRole createRoleObject4 = this.roleStore.createRoleObject("grouprole1b");
        this.roleStore.addRole(createRoleObject4);
        this.roleStore.associateRoleToGroup(createRoleObject4, "theGroup1");
        hashSet.add(createRoleObject4);
        checkRoles("theUser", hashSet);
        GeoServerUserGroup createGroupObject2 = this.usergroupStore.createGroupObject("theGroup2", false);
        this.usergroupStore.addGroup(createGroupObject2);
        this.usergroupStore.associateUserToGroup(createUserObject, createGroupObject2);
        GeoServerRole createRoleObject5 = this.roleStore.createRoleObject("grouprole2a");
        this.roleStore.addRole(createRoleObject5);
        this.roleStore.associateRoleToGroup(createRoleObject5, "theGroup2");
        checkRoles("theUser", hashSet);
        createGroupObject2.setEnabled(true);
        this.usergroupStore.updateGroup(createGroupObject2);
        hashSet.add(createRoleObject5);
        checkRoles("theUser", hashSet);
        GeoServerRole createRoleObject6 = this.roleStore.createRoleObject("grouprole2aa");
        this.roleStore.addRole(createRoleObject6);
        this.roleStore.setParentRole(createRoleObject5, createRoleObject6);
        hashSet.add(createRoleObject6);
        checkRoles("theUser", hashSet);
        GeoServerRole createRoleObject7 = this.roleStore.createRoleObject("grouprole2aaa");
        this.roleStore.addRole(createRoleObject7);
        this.roleStore.setParentRole(createRoleObject6, createRoleObject7);
        hashSet.add(createRoleObject7);
        checkRoles("theUser", hashSet);
        GeoServerRole roleByName = this.roleStore.getRoleByName("grouprole2aa");
        this.roleStore.setParentRole(roleByName, (GeoServerRole) null);
        hashSet.remove(createRoleObject7);
        checkRoles("theUser", hashSet);
        this.roleStore.removeRole(roleByName);
        hashSet.remove(roleByName);
        checkRoles("theUser", hashSet);
        this.usergroupStore.removeGroup(createGroupObject2);
        hashSet.remove(this.roleStore.getRoleByName("grouprole2a"));
        checkRoles("theUser", hashSet);
        GeoServerRole roleByName2 = this.roleStore.getRoleByName("grouprole1b");
        this.roleStore.disAssociateRoleFromGroup(roleByName2, createGroupObject.getGroupname());
        hashSet.remove(roleByName2);
        checkRoles("theUser", hashSet);
        GeoServerRole roleByName3 = this.roleStore.getRoleByName("userrole2");
        this.roleStore.disAssociateRoleFromUser(roleByName3, createUserObject.getUsername());
        hashSet.remove(roleByName3);
        checkRoles("theUser", hashSet);
    }

    @Test
    public void testPersonalizedRoles() throws Exception {
        setServices("personalizedRoles");
        insertValues(this.roleStore);
        insertValues(this.usergroupStore);
        GeoServerUser createUserObject = this.usergroupStore.createUserObject("persUser", "", true);
        createUserObject.getProperties().put("propertyA", "A");
        createUserObject.getProperties().put("propertyB", "B");
        createUserObject.getProperties().put("propertyC", "C");
        this.usergroupStore.addUser(createUserObject);
        GeoServerRole createRoleObject = this.roleStore.createRoleObject("persrole1");
        createRoleObject.getProperties().put("propertyA", "");
        createRoleObject.getProperties().put("propertyX", "X");
        this.roleStore.addRole(createRoleObject);
        this.roleStore.associateRoleToUser(createRoleObject, "persUser");
        GeoServerRole createRoleObject2 = this.roleStore.createRoleObject("persrole2");
        createRoleObject2.getProperties().put("propertyB", "");
        createRoleObject2.getProperties().put("propertyY", "Y");
        this.roleStore.addRole(createRoleObject2);
        this.roleStore.associateRoleToUser(createRoleObject2, "persUser");
        syncbackends();
        for (GeoServerRole geoServerRole : this.usergroupService.loadUserByUsername("persUser").getAuthorities()) {
            if ("persrole1".equals(geoServerRole.getAuthority())) {
                Assert.assertEquals("A", geoServerRole.getProperties().get("propertyA"));
                Assert.assertEquals("X", geoServerRole.getProperties().get("propertyX"));
                GeoServerRole roleByName = this.roleStore.getRoleByName(geoServerRole.getAuthority());
                Assert.assertFalse(geoServerRole.isAnonymous());
                Assert.assertTrue(roleByName.isAnonymous());
                Assert.assertNotSame(geoServerRole, roleByName);
                Assert.assertNotEquals(geoServerRole, roleByName);
                Assert.assertEquals(createUserObject.getUsername(), geoServerRole.getUserName());
                Assert.assertNull(roleByName.getUserName());
            } else if ("persrole2".equals(geoServerRole.getAuthority())) {
                Assert.assertEquals("B", geoServerRole.getProperties().get("propertyB"));
                Assert.assertEquals("Y", geoServerRole.getProperties().get("propertyY"));
            } else {
                Assert.fail("Unknown role " + geoServerRole.getAuthority() + "for user " + "persUser");
            }
        }
    }

    protected void checkRoles(String str, Set<GeoServerRole> set) throws IOException {
        syncbackends();
        Collection authorities = this.usergroupService.loadUserByUsername(str).getAuthorities();
        Assert.assertEquals(set.size(), authorities.size());
        Iterator<GeoServerRole> it = set.iterator();
        while (it.hasNext()) {
            Assert.assertTrue(authorities.contains(it.next()));
        }
    }

    protected void syncbackends() throws IOException {
        this.roleStore.store();
        this.usergroupStore.store();
    }
}
