package org.geoserver.web;

import org.geoserver.security.ResourceAccessManager;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:org/geoserver/web/WorkspaceAdminComponentAuthorizerTest.class */
public class WorkspaceAdminComponentAuthorizerTest extends GeoServerWicketTestSupport {
    private WorkspaceAdminComponentAuthorizer authorizer;
    private ResourceAccessManager accessManager;

    @Before
    public void setUp() {
        this.accessManager = new WorkspaceAdminComponentAuthorizer().getAccessManager();
        this.authorizer = new WorkspaceAdminComponentAuthorizer() { // from class: org.geoserver.web.WorkspaceAdminComponentAuthorizerTest.1
            ResourceAccessManager getAccessManager() {
                return WorkspaceAdminComponentAuthorizerTest.this.accessManager;
            }
        };
    }

    @After
    public void after() {
        RequestContextHolder.setRequestAttributes((RequestAttributes) null);
    }

    private boolean isAccessAllowed(Authentication authentication) {
        return this.authorizer.isAccessAllowed(GeoServerBasePage.class, authentication);
    }

    @Test
    public void testGetAccessManager() {
        this.authorizer = new WorkspaceAdminComponentAuthorizer();
        Assert.assertNotNull(this.authorizer.getAccessManager());
    }

    @Test
    public void testAdmin() {
        Assert.assertTrue(isAccessAllowed(admin()));
    }

    @Test
    public void testNull() {
        Assert.assertFalse(isAccessAllowed(null));
    }

    @Test
    public void testNoAccessManager() {
        this.accessManager = null;
        Assert.assertNull(this.authorizer.getAccessManager());
        Assert.assertFalse(isAccessAllowed(user("test", "ROLE_1")));
    }

    @Test
    public void testNotAuthenticated() {
        Authentication user = user("test", new String[0]);
        user.setAuthenticated(false);
        Assert.assertFalse(isAccessAllowed(user));
    }

    @Test
    public void testNotWorkspaceAdmin() {
        Assert.assertFalse(isAccessAllowed(user("test", "ROLE_USER")));
    }

    @Test
    public void testIsWorkspaceAdmin() {
        Authentication user = user("test", "ROLE_USER");
        this.accessManager = (ResourceAccessManager) Mockito.mock(ResourceAccessManager.class);
        Mockito.when(Boolean.valueOf(this.accessManager.isWorkspaceAdmin(user, getCatalog()))).thenReturn(true);
        Assert.assertTrue(isAccessAllowed(user));
    }

    @Test
    public void testRequestCache() {
        Authentication user = user("test", "ROLE_USER");
        this.accessManager = (ResourceAccessManager) Mockito.mock(ResourceAccessManager.class);
        Mockito.when(Boolean.valueOf(this.accessManager.isWorkspaceAdmin(user, getCatalog()))).thenReturn(true);
        ServletRequestAttributes servletRequestAttributes = new ServletRequestAttributes(new MockHttpServletRequest());
        RequestContextHolder.setRequestAttributes(servletRequestAttributes);
        this.authorizer = (WorkspaceAdminComponentAuthorizer) Mockito.spy(this.authorizer);
        Assert.assertTrue(isAccessAllowed(user));
        Assert.assertTrue(isAccessAllowed(user));
        Assert.assertTrue(isAccessAllowed(user));
        ((WorkspaceAdminComponentAuthorizer) Mockito.verify(this.authorizer, Mockito.times(1))).setCachedValue(true);
        ((WorkspaceAdminComponentAuthorizer) Mockito.verify(this.authorizer, Mockito.times(1))).isWorkspaceAdmin(user);
        Assert.assertEquals(Boolean.TRUE, servletRequestAttributes.getAttribute("WORKSPACEADMIN_COMPONENT_AUTHORIZER_VALUE", 0));
    }

    private Authentication admin() {
        login();
        return SecurityContextHolder.getContext().getAuthentication();
    }

    private Authentication user(String str, String... strArr) {
        login(str, "pwd", strArr);
        return SecurityContextHolder.getContext().getAuthentication();
    }
}
