package org.geoserver.security.decorators;

import java.util.ArrayList;
import java.util.List;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import org.easymock.EasyMock;
import org.geoserver.security.AccessLimits;
import org.geoserver.security.WrapperPolicy;
import org.geoserver.security.impl.SecureObjectsTest;
import org.geotools.api.data.DataAccess;
import org.geotools.api.data.DataStore;
import org.geotools.api.data.FeatureSource;
import org.geotools.api.data.FeatureStore;
import org.geotools.api.data.Query;
import org.geotools.api.data.SimpleFeatureSource;
import org.geotools.api.data.SimpleFeatureStore;
import org.geotools.api.feature.Feature;
import org.geotools.api.feature.simple.SimpleFeatureType;
import org.geotools.api.feature.type.FeatureType;
import org.geotools.api.filter.Filter;
import org.geotools.data.complex.feature.type.ComplexFeatureTypeImpl;
import org.geotools.data.simple.SimpleFeatureCollection;
import org.geotools.factory.CommonFactoryFinder;
import org.geotools.feature.FeatureCollection;
import org.geotools.feature.NameImpl;
import org.geotools.util.logging.Logging;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/geoserver/security/decorators/SecuredFeatureSourceTest.class */
public class SecuredFeatureSourceTest extends SecureObjectsTest {

    /* renamed from: org.geoserver.security.decorators.SecuredFeatureSourceTest$1LogHandler, reason: invalid class name */
    /* loaded from: input_file:org/geoserver/security/decorators/SecuredFeatureSourceTest$1LogHandler.class */
    class C1LogHandler extends Handler {
        List<String> messages = new ArrayList();

        C1LogHandler() {
        }

        @Override // java.util.logging.Handler
        public void publish(LogRecord logRecord) {
            this.messages.add(logRecord.getMessage());
        }

        @Override // java.util.logging.Handler
        public void flush() {
        }

        @Override // java.util.logging.Handler
        public void close() throws SecurityException {
        }
    }

    @Test
    public void testReadOnlyFeatureSourceDataStore() throws Exception {
        DataStore dataStore = (DataStore) EasyMock.createNiceMock(DataStore.class);
        EasyMock.replay(new Object[]{dataStore});
        SimpleFeatureSource simpleFeatureSource = (SimpleFeatureSource) EasyMock.createNiceMock(SimpleFeatureSource.class);
        SimpleFeatureCollection simpleFeatureCollection = (SimpleFeatureCollection) EasyMock.createNiceMock(SimpleFeatureCollection.class);
        EasyMock.expect(simpleFeatureCollection.getSchema()).andReturn((SimpleFeatureType) EasyMock.createNiceMock(SimpleFeatureType.class));
        EasyMock.replay(new Object[]{simpleFeatureCollection});
        EasyMock.expect(simpleFeatureSource.getDataStore()).andReturn(dataStore);
        EasyMock.expect(simpleFeatureSource.getFeatures()).andReturn(simpleFeatureCollection).anyTimes();
        EasyMock.expect(simpleFeatureSource.getFeatures((Filter) EasyMock.anyObject())).andReturn(simpleFeatureCollection).anyTimes();
        EasyMock.expect(simpleFeatureSource.getFeatures((Query) EasyMock.anyObject())).andReturn(simpleFeatureCollection).anyTimes();
        EasyMock.replay(new Object[]{simpleFeatureSource});
        SecuredFeatureSource securedFeatureSource = new SecuredFeatureSource(simpleFeatureSource, WrapperPolicy.hide((AccessLimits) null));
        Assert.assertTrue(securedFeatureSource.getDataStore() instanceof ReadOnlyDataStore);
        securedFeatureSource.getFeatures();
        Assert.assertTrue(securedFeatureSource.policy.isHide());
        Assert.assertTrue(securedFeatureSource.getFeatures(Filter.INCLUDE) instanceof SecuredFeatureCollection);
        Assert.assertTrue(securedFeatureSource.getFeatures(new Query()) instanceof SecuredFeatureCollection);
    }

    @Test
    public void testReadOnlyFeatureStore() throws Exception {
        SimpleFeatureType simpleFeatureType = (SimpleFeatureType) EasyMock.createNiceMock(SimpleFeatureType.class);
        EasyMock.expect(simpleFeatureType.getName()).andReturn(new NameImpl("testFT"));
        EasyMock.replay(new Object[]{simpleFeatureType});
        SimpleFeatureStore simpleFeatureStore = (SimpleFeatureStore) EasyMock.createNiceMock(SimpleFeatureStore.class);
        EasyMock.expect(simpleFeatureStore.getSchema()).andReturn(simpleFeatureType);
        EasyMock.replay(new Object[]{simpleFeatureStore});
        try {
            new SecuredFeatureStore(simpleFeatureStore, WrapperPolicy.readOnlyChallenge((AccessLimits) null)).addFeatures((FeatureCollection) EasyMock.createNiceMock(SimpleFeatureCollection.class));
            Assert.fail("This should have thrown a security exception");
        } catch (Exception e) {
            if (ReadOnlyDataStoreTest.isSpringSecurityException(e)) {
                return;
            }
            Assert.fail("Should have failed with a security exception");
        }
    }

    @Test
    public <T extends FeatureType, F extends Feature> void testReadOnlyFeatureSourceDataAccess() throws Exception {
        DataAccess dataAccess = (DataAccess) EasyMock.createNiceMock(DataAccess.class);
        EasyMock.replay(new Object[]{dataAccess});
        FeatureSource featureSource = (FeatureSource) EasyMock.createNiceMock(FeatureSource.class);
        EasyMock.expect(featureSource.getDataStore()).andReturn(dataAccess);
        EasyMock.replay(new Object[]{featureSource});
        Assert.assertTrue(new SecuredFeatureSource(featureSource, WrapperPolicy.readOnlyChallenge((AccessLimits) null)).getDataStore() instanceof ReadOnlyDataAccess);
    }

    @Test
    public <T extends FeatureType, F extends Feature> void testSecuredFeatureSourceLoggingWithComplex() throws Exception {
        FeatureType featureType = (FeatureType) EasyMock.createNiceMock(ComplexFeatureTypeImpl.class);
        EasyMock.expect(featureType.getName()).andReturn(new NameImpl("testComplexFt"));
        List list = (List) EasyMock.createNiceMock(List.class);
        EasyMock.expect(Integer.valueOf(list.size())).andReturn(3).anyTimes();
        EasyMock.replay(new Object[]{list});
        EasyMock.expect(featureType.getDescriptors()).andReturn(list).anyTimes();
        EasyMock.replay(new Object[]{featureType});
        DataAccess dataAccess = (DataAccess) EasyMock.createNiceMock(DataAccess.class);
        EasyMock.replay(new Object[]{dataAccess});
        FeatureStore featureStore = (FeatureStore) EasyMock.createNiceMock(FeatureStore.class);
        EasyMock.expect(featureStore.getSchema()).andReturn(featureType).anyTimes();
        FeatureCollection featureCollection = (FeatureCollection) EasyMock.createNiceMock(FeatureCollection.class);
        EasyMock.expect(featureStore.getDataStore()).andReturn(dataAccess);
        EasyMock.expect(featureStore.getFeatures()).andReturn(featureCollection).anyTimes();
        EasyMock.expect(featureStore.getFeatures((Filter) EasyMock.anyObject())).andReturn(featureCollection).anyTimes();
        EasyMock.expect(featureStore.getFeatures((Query) EasyMock.anyObject())).andReturn(featureCollection).anyTimes();
        EasyMock.expect(featureCollection.getSchema()).andReturn(featureType).anyTimes();
        EasyMock.replay(new Object[]{featureStore});
        EasyMock.replay(new Object[]{featureCollection});
        Logger logger = Logging.getLogger(SecuredFeatureSource.class);
        C1LogHandler c1LogHandler = new C1LogHandler();
        logger.addHandler(c1LogHandler);
        c1LogHandler.setLevel(Level.SEVERE);
        logger.addHandler(c1LogHandler);
        try {
            SecuredFeatureStore securedFeatureStore = new SecuredFeatureStore(featureStore, WrapperPolicy.readOnlyHide((AccessLimits) null));
            Query query = new Query("testComplextFt");
            ArrayList arrayList = new ArrayList(1);
            arrayList.add(CommonFactoryFinder.getFilterFactory().property("someProperty"));
            query.setProperties(arrayList);
            securedFeatureStore.getFeatures(query);
            Assert.assertFalse(c1LogHandler.messages.contains("Complex store returned more properties than allowed by security (because they are required by the schema). Either the security setup is broken or you have a security breach"));
            logger.removeHandler(c1LogHandler);
        } catch (Throwable th) {
            logger.removeHandler(c1LogHandler);
            throw th;
        }
    }
}
