package org.springframework.security.taglibs.velocity;

import junit.framework.TestCase;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.support.StaticApplicationContext;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.acl.AclEntry;
import org.springframework.security.acl.AclManager;
import org.springframework.security.acl.basic.AclObjectIdentity;
import org.springframework.security.acl.basic.SimpleAclEntry;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.userdetails.User;

/* loaded from: input_file:spring-security-taglibs-2.0.8.RELEASE-tests.jar:org/springframework/security/taglibs/velocity/AuthzImplTest.class */
public class AuthzImplTest extends TestCase {
    private Authz authz = new AuthzImpl();
    private ConfigurableApplicationContext ctx;

    /* loaded from: input_file:spring-security-taglibs-2.0.8.RELEASE-tests.jar:org/springframework/security/taglibs/velocity/AuthzImplTest$MockAclEntry.class */
    private class MockAclEntry implements AclEntry {
        private static final long serialVersionUID = 1;

        private MockAclEntry() {
        }
    }

    /* loaded from: input_file:spring-security-taglibs-2.0.8.RELEASE-tests.jar:org/springframework/security/taglibs/velocity/AuthzImplTest$MockAclObjectIdentity.class */
    private static class MockAclObjectIdentity implements AclObjectIdentity {
        private MockAclObjectIdentity() {
        }
    }

    protected void setUp() throws Exception {
        super.setUp();
        this.ctx = new StaticApplicationContext();
        final AclEntry[] aclEntryArr = {new MockAclEntry(), new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ)};
        this.ctx.getBeanFactory().registerSingleton("aclManager", new AclManager() { // from class: org.springframework.security.taglibs.velocity.AuthzImplTest.1
            String object = "object1";
            String principal = "rod";

            @Override // org.springframework.security.acl.AclManager
            public AclEntry[] getAcls(Object obj) {
                if (obj.equals(this.object)) {
                    return aclEntryArr;
                }
                return null;
            }

            @Override // org.springframework.security.acl.AclManager
            public AclEntry[] getAcls(Object obj, Authentication authentication) {
                if (obj.equals(this.object) && authentication.getPrincipal().equals(this.principal)) {
                    return aclEntryArr;
                }
                return null;
            }
        });
    }

    protected void tearDown() throws Exception {
        this.ctx.close();
    }

    public void testIllegalArgumentExceptionThrownIfHasPermissionNotValidFormat() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("john", "crow", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        try {
            this.authz.hasPermission(null, "0,5, 6");
        } catch (IllegalArgumentException e) {
            assertTrue(true);
        }
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionDeniedWhenAclManagerUnawareOfObject() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rod", "koala", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertFalse(this.authz.hasPermission(new Integer(54), new Long(SimpleAclEntry.ADMINISTRATION).toString()));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionDeniedWhenNoListOfPermissionsGiven() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rod", "koala", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertFalse(this.authz.hasPermission("object1", null));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionDeniedWhenPrincipalDoesNotHoldAnyPermissions() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("john", "crow", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertFalse(this.authz.hasPermission("object1", new Integer(SimpleAclEntry.ADMINISTRATION) + "," + new Integer(SimpleAclEntry.READ)));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionDeniedWhenPrincipalDoesNotHoldRequiredPermissions() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rod", "koala", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertFalse(this.authz.hasPermission("object1", new Integer(SimpleAclEntry.DELETE).toString()));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionDeniedWhenSecurityContextEmpty() {
        SecurityContextHolder.getContext().setAuthentication(null);
        this.authz.setAppCtx(this.ctx);
        assertFalse(this.authz.hasPermission("object1", new Long(SimpleAclEntry.ADMINISTRATION).toString()));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testInclusionPermittedWhenDomainObjectIsNull() {
        this.authz.setAppCtx(this.ctx);
        assertTrue(this.authz.hasPermission(null, new Integer(SimpleAclEntry.READ).toString()));
    }

    public void testOperationWhenPrincipalHoldsPermissionOfMultipleList() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rod", "koala", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertTrue(this.authz.hasPermission("object1", new Integer(SimpleAclEntry.ADMINISTRATION) + "," + new Integer(SimpleAclEntry.READ)));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testOperationWhenPrincipalHoldsPermissionOfSingleList() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rod", "koala", new GrantedAuthority[0]));
        this.authz.setAppCtx(this.ctx);
        assertTrue(this.authz.hasPermission("object1", new Integer(SimpleAclEntry.READ).toString()));
        SecurityContextHolder.getContext().setAuthentication(null);
    }

    public void testOperationWhenPrincipalIsAString() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("rodAsString", "koala", new GrantedAuthority[0]));
        assertEquals("rodAsString", this.authz.getPrincipal());
    }

    public void testOperationWhenPrincipalIsAUserDetailsInstance() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new User("rodUserDetails", "koala", true, true, true, true, new GrantedAuthority[0]), "koala", new GrantedAuthority[0]));
        assertEquals("rodUserDetails", this.authz.getPrincipal());
    }

    public void testOperationWhenPrincipalIsNull() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken((Object) null, "koala", new GrantedAuthority[0]));
        assertNull(this.authz.getPrincipal());
    }

    public void testOperationWhenSecurityContextIsNull() {
        SecurityContextHolder.getContext().setAuthentication(null);
        assertEquals(null, this.authz.getPrincipal());
        SecurityContextHolder.getContext().setAuthentication(null);
    }
}
