package org.acme;

import javax.inject.Inject;
import org.cotrix.action.Action;
import org.cotrix.action.Actions;
import org.cotrix.action.ResourceType;
import org.cotrix.application.DelegationPolicy;
import org.cotrix.application.PermissionDelegationService;
import org.cotrix.application.impl.delegation.DefaultDelegationService;
import org.cotrix.domain.dsl.Roles;
import org.cotrix.domain.dsl.Users;
import org.cotrix.domain.user.Role;
import org.cotrix.domain.user.User;
import org.cotrix.repository.UserRepository;
import org.cotrix.test.ApplicationTest;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:org/acme/PermissionDelegationTest.class */
public class PermissionDelegationTest extends ApplicationTest {
    static Action doit = Actions.action("doit", new String[0]);
    PermissionDelegationService service;

    @Inject
    UserRepository repository;
    DelegationPolicy policy;

    @Before
    public void setup() {
        this.policy = (DelegationPolicy) Mockito.mock(DelegationPolicy.class);
        this.service = new DefaultDelegationService(Users.user().name("current").fullName("current").email("current@me.com").build(), this.repository, this.policy);
    }

    @Test
    public void delegatesExistingPermission() {
        this.service.delegate(new Action[]{doit}).to(billCan(doit));
        Assert.assertEquals(1L, r0.permissions().size());
    }

    @Test
    public void delegatesExistingRole() {
        Role aRole = aRole();
        this.service.delegate(new Role[]{aRole}).to(billIs(aRole));
        Assert.assertEquals(1L, r0.roles().size());
    }

    @Test(expected = IllegalStateException.class)
    public void doesNotRevokeNotExistentPermission() {
        User build = Users.user().name("bill").fullName("bill").noMail().build();
        this.repository.add(build);
        this.service.revoke(new Action[]{doit}).from(build);
    }

    @Test
    public void consultsPolicyForDelegation() {
        this.service.delegate(new Action[]{doit}).to(bill());
        ((DelegationPolicy) Mockito.verify(this.policy)).validateDelegation((User) Mockito.any(User.class), (User) Mockito.any(User.class), (Action[]) Mockito.anyVararg());
    }

    @Test
    public void consultsPolicyForRevocation() {
        this.service.revoke(new Action[]{doit}).from(billCan(doit));
        ((DelegationPolicy) Mockito.verify(this.policy)).validateRevocation((User) Mockito.any(User.class), (User) Mockito.any(User.class), (Action[]) Mockito.anyVararg());
    }

    @Test
    public void persistsDelegation() {
        User bill = bill();
        this.service.delegate(new Action[]{doit}).to(bill);
        Assert.assertTrue(((User) this.repository.lookup(bill.id())).can(doit));
    }

    @Test
    public void persistsRoleDelegation() {
        Role aRole = aRole();
        User bill = bill();
        this.service.delegate(new Role[]{aRole}).to(bill);
        Assert.assertTrue(((User) this.repository.lookup(bill.id())).is(aRole));
    }

    @Test
    public void persistsRevocation() {
        User build = Users.user().name("bill").fullName("bill").email("bill@me.com").can(new Action[]{doit}).build();
        this.repository.add(build);
        this.service.revoke(new Action[]{doit}).from(build);
        Assert.assertFalse(((User) this.repository.lookup(build.id())).can(doit));
    }

    @Test
    public void rolesAreRevoked() {
        Role aRole = aRole();
        Role aRole2 = aRole();
        User billIs = billIs(aRole, aRole2);
        this.service.revoke(new Role[]{aRole2}).from(billIs);
        Assert.assertFalse(((User) this.repository.lookup(billIs.id())).is(aRole2));
    }

    @Test
    public void revokingLastRoleRemovesUser() {
        Role aRole = aRole();
        User billIs = billIs(aRole);
        this.service.revoke(new Role[]{aRole}).from(billIs);
        Assert.assertNull(this.repository.lookup(billIs.id()));
    }

    @Test
    public void revokingARolePreservesItsParents() {
        Role buildAsRoleFor = Roles.role("parent").buildAsRoleFor(ResourceType.application);
        Role buildAsRoleFor2 = Roles.role("child").is(new Role[]{buildAsRoleFor}).buildAsRoleFor(ResourceType.application);
        User billIs = billIs(buildAsRoleFor2);
        this.service.revoke(new Role[]{buildAsRoleFor2}).from(billIs);
        User user = (User) this.repository.lookup(billIs.id());
        Assert.assertFalse(user.is(buildAsRoleFor2));
        Assert.assertTrue(user.is(buildAsRoleFor));
    }

    private User bill() {
        User build = Users.user().name("bill").fullName("bill").email("bill@me.com").build();
        this.repository.add(build);
        return build;
    }

    private User billCan(Action... actionArr) {
        User build = Users.user().name("bill").fullName("bill").email("bill@me.com").can(actionArr).build();
        this.repository.add(build);
        return build;
    }

    private User billIs(Role... roleArr) {
        User build = Users.user().name("bill").fullName("bill").email("bill@me.com").is(roleArr).build();
        this.repository.add(build);
        return build;
    }

    private Role aRole() {
        return Users.user().name("role").fullName("role").noMail().buildAsRoleFor(ResourceType.application);
    }
}
