package org.wso2.mb.integration.tests.amqp.functional;

import java.io.IOException;
import java.net.URISyntaxException;
import java.rmi.RemoteException;
import javax.jms.JMSException;
import javax.naming.NamingException;
import javax.xml.stream.XMLStreamException;
import javax.xml.xpath.XPathExpressionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.wso2.carbon.andes.stub.AndesAdminServiceBrokerManagerAdminException;
import org.wso2.carbon.andes.stub.admin.types.QueueRolePermission;
import org.wso2.carbon.authenticator.stub.LoginAuthenticationExceptionException;
import org.wso2.carbon.authenticator.stub.LogoutAuthenticationExceptionException;
import org.wso2.carbon.automation.engine.context.AutomationContext;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.engine.context.beans.User;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;
import org.wso2.carbon.integration.common.utils.LoginLogoutClient;
import org.wso2.carbon.integration.common.utils.exceptions.AutomationUtilException;
import org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException;
import org.wso2.carbon.user.mgt.stub.types.carbon.FlaggedName;
import org.wso2.mb.integration.common.clients.AndesClient;
import org.wso2.mb.integration.common.clients.configurations.AndesJMSConsumerClientConfiguration;
import org.wso2.mb.integration.common.clients.configurations.AndesJMSPublisherClientConfiguration;
import org.wso2.mb.integration.common.clients.exceptions.AndesClientConfigurationException;
import org.wso2.mb.integration.common.clients.exceptions.AndesClientException;
import org.wso2.mb.integration.common.clients.operations.clients.AndesAdminClient;
import org.wso2.mb.integration.common.clients.operations.utils.AndesClientUtils;
import org.wso2.mb.integration.common.clients.operations.utils.ExchangeType;
import org.wso2.mb.integration.common.utils.backend.MBIntegrationBaseTest;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/wso2/mb/integration/tests/amqp/functional/QueueUserAuthorizationTestCase.class */
public class QueueUserAuthorizationTestCase extends MBIntegrationBaseTest {
    private static final Logger log = LoggerFactory.getLogger(QueueUserAuthorizationTestCase.class);
    private static final String ADD_QUEUE_PERMISSION = "/permission/admin/manage/queue/add";
    private static final String CREATE_PUB_SUB_QUEUE_ROLE = "create_pub_sub_queue_role";
    private static final String PUB_SUB_QUEUE_ROLE = "pub_sub_queue_role";
    private static final String NO_PERMISSION_QUEUE_ROLE = "no_permission_queue_role";
    private static final String QUEUE_PREFIX = "Q_";
    private UserManagementClient userManagementClient;

    @BeforeMethod(alwaysRun = true)
    public void initialize() throws Exception {
        super.init(TestUserMode.SUPER_TENANT_ADMIN);
        this.userManagementClient = new UserManagementClient(this.backendURL, "admin", "admin");
        this.userManagementClient.updateUserListOfRole("admin", (String[]) null, new String[]{"authUser1", "authUser2", "authUser3", "authUser4", "authUser5"});
        this.userManagementClient.addRole(CREATE_PUB_SUB_QUEUE_ROLE, new String[]{"authUser1", "authUser2"}, new String[]{ADD_QUEUE_PERMISSION});
        this.userManagementClient.addRole(PUB_SUB_QUEUE_ROLE, new String[]{"authUser3", "authUser4"}, new String[0]);
        this.userManagementClient.addRole(NO_PERMISSION_QUEUE_ROLE, new String[]{"authUser5"}, new String[0]);
    }

    @AfterMethod(alwaysRun = true)
    public void cleanUpAfterScenario() throws RemoteException, UserAdminUserAdminException {
        this.userManagementClient.deleteRole(CREATE_PUB_SUB_QUEUE_ROLE);
        this.userManagementClient.deleteRole(PUB_SUB_QUEUE_ROLE);
        this.userManagementClient.deleteRole(NO_PERMISSION_QUEUE_ROLE);
        for (FlaggedName flaggedName : this.userManagementClient.getAllRolesNames("*", 10)) {
            if (QUEUE_PREFIX.contains(flaggedName.getItemName())) {
                this.userManagementClient.deleteRole(flaggedName.getItemName());
            }
        }
    }

    @Test(groups = {"wso2.mb", "queue"})
    public void performQueuePermissionTestCase() throws AndesClientConfigurationException, NamingException, IOException, XPathExpressionException, AndesClientException, JMSException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue1");
    }

    @Test(groups = {"wso2.mb", "queue"}, expectedExceptions = {JMSException.class}, expectedExceptionsMessageRegExp = ".*Permission denied.*")
    public void performQueuePermissionSameRoleUsersWithNoPublishOrConsume() throws AndesClientConfigurationException, NamingException, IOException, XPathExpressionException, AndesClientException, JMSException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue2");
        createPublishAndSubscribeFromUser("authUser2", "authQueue2");
    }

    @Test(groups = {"wso2.mb", "queue"})
    public void performQueuePermissionSameRoleUsersWithPublishOrConsume() throws AndesClientConfigurationException, NamingException, IOException, XPathExpressionException, AndesClientException, JMSException, UserAdminUserAdminException, LoginAuthenticationExceptionException, XMLStreamException, LogoutAuthenticationExceptionException, URISyntaxException, SAXException, AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue3");
        QueueRolePermission queueRolePermission = new QueueRolePermission();
        queueRolePermission.setRoleName(CREATE_PUB_SUB_QUEUE_ROLE);
        queueRolePermission.setAllowedToConsume(true);
        queueRolePermission.setAllowedToPublish(true);
        updateQueueRoleConsumePublishPermission("authQueue3", queueRolePermission);
        log.info("Consume and publish permissions updated for create_pub_sub_queue_role");
        createPublishAndSubscribeFromUser("authUser2", "authQueue3");
    }

    @Test(groups = {"wso2.mb", "queue"})
    public void performQueuePermissionSameRoleUsersWithAdminCreated() throws AndesClientConfigurationException, NamingException, IOException, XPathExpressionException, AndesClientException, JMSException, UserAdminUserAdminException, LoginAuthenticationExceptionException, XMLStreamException, LogoutAuthenticationExceptionException, URISyntaxException, SAXException, AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
        createPublishAndSubscribeFromUser("superAdmin", "authQueue8");
        QueueRolePermission queueRolePermission = new QueueRolePermission();
        queueRolePermission.setRoleName(CREATE_PUB_SUB_QUEUE_ROLE);
        queueRolePermission.setAllowedToConsume(true);
        queueRolePermission.setAllowedToPublish(true);
        updateQueueRoleConsumePublishPermission("authQueue8", queueRolePermission);
        log.info("Consumer and publish permissions updated for create_pub_sub_queue_role");
        createPublishAndSubscribeFromUser("authUser1", "authQueue8");
        createPublishAndSubscribeFromUser("authUser2", "authQueue8");
    }

    @Test(groups = {"wso2.mb", "queue"}, expectedExceptions = {JMSException.class}, expectedExceptionsMessageRegExp = ".*Permission denied.*")
    public void performQueuePermissionDifferentRoleUsersWithNoPermissions() throws JMSException, NamingException, AndesClientConfigurationException, AndesClientException, XPathExpressionException, IOException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue4");
        createPublishAndSubscribeFromUser("authUser5", "authQueue4");
    }

    @Test(groups = {"wso2.mb", "queue"}, expectedExceptions = {JMSException.class}, expectedExceptionsMessageRegExp = ".*Permission denied.*")
    public void performQueuePermissionSameUserRemovedFromRole() throws IOException, UserAdminUserAdminException, JMSException, NamingException, AndesClientConfigurationException, AndesClientException, XPathExpressionException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue5");
        this.userManagementClient.addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_QUEUE_ROLE}, new String[]{CREATE_PUB_SUB_QUEUE_ROLE, "Internal/Q_authQueue5"});
        log.info("Removing authUser1 from create_pub_sub_queue_role and Internal/Q_authQueue5");
        createPublishAndSubscribeFromUser("authUser1", "authQueue5");
    }

    @Test(groups = {"wso2.mb", "queue"})
    public void performQueuePermissionSameRoleAssignedPermissions() throws IOException, LoginAuthenticationExceptionException, URISyntaxException, LogoutAuthenticationExceptionException, XMLStreamException, AndesAdminServiceBrokerManagerAdminException, SAXException, XPathExpressionException, UserAdminUserAdminException, JMSException, AndesClientConfigurationException, AndesClientException, NamingException, AutomationUtilException {
        createPublishAndSubscribeFromUser("authUser1", "authQueue6");
        QueueRolePermission queueRolePermission = new QueueRolePermission();
        queueRolePermission.setRoleName(CREATE_PUB_SUB_QUEUE_ROLE);
        queueRolePermission.setAllowedToConsume(true);
        queueRolePermission.setAllowedToPublish(true);
        updateQueueRoleConsumePublishPermission("authQueue6", queueRolePermission);
        log.info("Consumer and publish permissions updated for create_pub_sub_queue_role");
        this.userManagementClient.addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_QUEUE_ROLE}, new String[]{CREATE_PUB_SUB_QUEUE_ROLE, "Internal/Q_authQueue6"});
        log.info("Removing authUser1 from create_pub_sub_queue_role and Internal/Q_authQueue6");
        createPublishAndSubscribeFromUser("authUser2", "authQueue6");
    }

    @Test(groups = {"wso2.mb", "queue"})
    public void performQueuePermissionDifferentRolesAssignedPermissions() throws IOException, XPathExpressionException, AndesAdminServiceBrokerManagerAdminException, URISyntaxException, SAXException, XMLStreamException, UserAdminUserAdminException, LoginAuthenticationExceptionException, LogoutAuthenticationExceptionException, JMSException, AndesClientConfigurationException, AndesClientException, NamingException, AutomationUtilException {
        createPublishAndSubscribeFromUser("superAdmin", "authQueue7");
        QueueRolePermission queueRolePermission = new QueueRolePermission();
        queueRolePermission.setRoleName(PUB_SUB_QUEUE_ROLE);
        queueRolePermission.setAllowedToConsume(true);
        queueRolePermission.setAllowedToPublish(true);
        updateQueueRoleConsumePublishPermission("authQueue7", queueRolePermission);
        log.info("Consumer and publish permissions updated for pub_sub_queue_role");
        createPublishAndSubscribeFromUser("authUser3", "authQueue7");
    }

    @Test(groups = {"wso2.mb", "queue"}, expectedExceptions = {JMSException.class}, expectedExceptionsMessageRegExp = ".*Permission denied.*")
    public void performQueuePermissionDifferentRolesNoPermissions() throws IOException, XPathExpressionException, AndesAdminServiceBrokerManagerAdminException, URISyntaxException, SAXException, XMLStreamException, UserAdminUserAdminException, LoginAuthenticationExceptionException, LogoutAuthenticationExceptionException, JMSException, AndesClientConfigurationException, AndesClientException, NamingException, AutomationUtilException {
        createPublishAndSubscribeFromUser("superAdmin", "authQueue9");
        QueueRolePermission queueRolePermission = new QueueRolePermission();
        queueRolePermission.setRoleName(PUB_SUB_QUEUE_ROLE);
        queueRolePermission.setAllowedToConsume(true);
        queueRolePermission.setAllowedToPublish(true);
        updateQueueRoleConsumePublishPermission("authQueue9", queueRolePermission);
        log.info("Consumer and publish permissions updated for pub_sub_queue_role");
        createPublishAndSubscribeFromUser("authUser1", "authQueue9");
    }

    @AfterClass
    public void cleanUpQueues() throws IOException, XPathExpressionException, LogoutAuthenticationExceptionException, URISyntaxException, SAXException, XMLStreamException, LoginAuthenticationExceptionException, AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
        LoginLogoutClient loginLogoutClient = new LoginLogoutClient(((MBIntegrationBaseTest) this).automationContext);
        AndesAdminClient andesAdminClient = new AndesAdminClient(((MBIntegrationBaseTest) this).backendURL, loginLogoutClient.login());
        andesAdminClient.deleteQueue("authQueue1");
        andesAdminClient.deleteQueue("authQueue2");
        andesAdminClient.deleteQueue("authQueue3");
        andesAdminClient.deleteQueue("authQueue4");
        andesAdminClient.deleteQueue("authQueue5");
        andesAdminClient.deleteQueue("authQueue6");
        andesAdminClient.deleteQueue("authQueue7");
        andesAdminClient.deleteQueue("authQueue8");
        andesAdminClient.deleteQueue("authQueue9");
        loginLogoutClient.logout();
    }

    private void createPublishAndSubscribeFromUser(String str, String str2) throws XPathExpressionException, AndesClientConfigurationException, IOException, JMSException, AndesClientException, NamingException {
        User contextUser = new AutomationContext("MB", "mb001", "superTenant", str).getContextTenant().getContextUser();
        AndesJMSConsumerClientConfiguration andesJMSConsumerClientConfiguration = new AndesJMSConsumerClientConfiguration(getAMQPPort().intValue(), contextUser.getUserNameWithoutDomain(), contextUser.getPassword(), ExchangeType.QUEUE, str2);
        andesJMSConsumerClientConfiguration.setMaximumMessagesToReceived(10L);
        andesJMSConsumerClientConfiguration.setAsync(false);
        AndesJMSPublisherClientConfiguration andesJMSPublisherClientConfiguration = new AndesJMSPublisherClientConfiguration(getAMQPPort().intValue(), contextUser.getUserNameWithoutDomain(), contextUser.getPassword(), ExchangeType.QUEUE, str2);
        andesJMSPublisherClientConfiguration.setNumberOfMessagesToSend(10L);
        AndesClient andesClient = new AndesClient(andesJMSConsumerClientConfiguration, true);
        andesClient.startClient();
        AndesClient andesClient2 = new AndesClient(andesJMSPublisherClientConfiguration, true);
        andesClient2.startClient();
        AndesClientUtils.waitForMessagesAndShutdown(andesClient, 10000L);
        Assert.assertEquals(andesClient2.getSentMessageCount(), 10L, "Message sending failed for user : " + contextUser.getUserNameWithoutDomain());
        Assert.assertEquals(andesClient.getReceivedMessageCount(), 10L, "Message receiving failed for user : " + contextUser.getUserNameWithoutDomain());
    }

    public void updateQueueRoleConsumePublishPermission(String str, QueueRolePermission queueRolePermission) throws XPathExpressionException, IOException, URISyntaxException, SAXException, XMLStreamException, LoginAuthenticationExceptionException, AndesAdminServiceBrokerManagerAdminException, LogoutAuthenticationExceptionException, UserAdminUserAdminException, AutomationUtilException {
        LoginLogoutClient loginLogoutClient = new LoginLogoutClient(((MBIntegrationBaseTest) this).automationContext);
        new AndesAdminClient(((MBIntegrationBaseTest) this).backendURL, loginLogoutClient.login()).updatePermissionForQueue(str, queueRolePermission);
        loginLogoutClient.logout();
    }
}
