package com.evolveum.midpoint.model.intest.rbac;

import com.evolveum.icf.dummy.resource.ConflictException;
import com.evolveum.icf.dummy.resource.SchemaViolationException;
import com.evolveum.midpoint.model.api.ModelExecuteOptions;
import com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.util.PrismAsserts;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.PolicyViolationException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.io.File;
import java.io.FileNotFoundException;
import java.net.ConnectException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;
import java.util.stream.Collectors;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.testng.AssertJUnit;
import org.testng.annotations.Test;

@ContextConfiguration(locations = {"classpath:ctx-model-intest-test-main.xml"})
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
/* loaded from: input_file:com/evolveum/midpoint/model/intest/rbac/TestMetaMeta.class */
public class TestMetaMeta extends AbstractRbacTest {
    protected static final String ROLE_META_META_WORLD_OID = "fd52fec2-bd56-11e7-9143-b381baa5aaed";
    protected static final String ROLE_META_META_WORLD_NAME = "World";
    protected static final String ROLE_META_GREEK_GROUP_OID = "d6cf3170-bd57-11e7-be18-6fc3f5bc8e28";
    protected static final String ROLE_META_GREEK_GROUP_NAME = "Greeks";
    protected static final String ROLE_META_LATIN_GROUP_OID = "5ecd5e8a-bd58-11e7-b4b2-2f6fc8d9b267";
    protected static final String ROLE_META_LATIN_GROUP_NAME = "Romans";
    protected static final String GROUP_ALPHA_NAME = "alpha";
    protected static final String GROUP_BETA_NAME = "beta";
    protected static final String GROUP_A_NAME = "a";
    protected Map<String, String> groupRoleOidMap = new HashMap();
    protected static final String ROLE_META_META_LEGACY_OID = "7c1c759c-bd68-11e7-ae5e-276b40bf04e6";
    protected static final String ROLE_META_META_LEGACY_NAME = "Legacy";
    protected static final String ROLE_META_LEGACY_ONE_OID = "e902b8d8-bd68-11e7-a98c-f7b5a9a28d97";
    protected static final String ROLE_META_LEGACY_ONE_NAME = "metaone";
    protected static final String GROUP_ONE_NAME = "one";
    private String groupOneRoleOid;
    protected static final File TEST_DIR = new File("src/test/resources/rbac/metameta");
    protected static final File ROLE_META_META_WORLD_FILE = new File(TEST_DIR, "role-meta-meta-world.xml");
    protected static final File ROLE_META_GREEK_GROUP_FILE = new File(TEST_DIR, "role-meta-greek-group.xml");
    protected static final File ROLE_META_LATIN_GROUP_FILE = new File(TEST_DIR, "role-meta-latin-group.xml");
    protected static final File ROLE_META_META_LEGACY_FILE = new File(TEST_DIR, "role-meta-meta-legacy.xml");
    protected static final File ROLE_META_LEGACY_ONE_FILE = new File(TEST_DIR, "role-meta-legacy-one.xml");

    @Override // com.evolveum.midpoint.model.intest.rbac.AbstractRbacTest, com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest, com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest
    public void initSystem(Task task, OperationResult operationResult) throws Exception {
        super.initSystem(task, operationResult);
    }

    @Test
    public void test050AddMetaMeta() throws Exception {
        displayTestTitle("test050AddMetaMeta");
        Task createTask = createTask("test050AddMetaMeta");
        OperationResult result = createTask.getResult();
        addObject(ROLE_META_META_WORLD_FILE, createTask, result);
        assertSuccess(result);
        PrismObject object = getObject(RoleType.class, ROLE_META_META_WORLD_OID);
        display("Metametarole after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", ROLE_META_META_WORLD_NAME, asObjectable.getName());
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[0]);
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
        String lowerCase = ROLE_META_META_WORLD_NAME.toLowerCase();
        AssertJUnit.assertNotNull("No dummy group " + lowerCase, getDummyGroup(null, lowerCase));
    }

    @Test
    public void test100AddGreeks() throws Exception {
        displayTestTitle("test100AddGreeks");
        Task createTask = createTask("test100AddGreeks");
        OperationResult result = createTask.getResult();
        addObject(ROLE_META_GREEK_GROUP_FILE, createTask, result);
        assertSuccess(result);
        assertMetaRole(ROLE_META_GREEK_GROUP_OID, ROLE_META_GREEK_GROUP_NAME);
    }

    @Test
    public void test110AddRomans() throws Exception {
        displayTestTitle("test110AddRomans");
        Task createTask = createTask("test110AddRomans");
        OperationResult result = createTask.getResult();
        addObject(ROLE_META_LATIN_GROUP_FILE, createTask, result);
        assertSuccess(result);
        assertMetaRole(ROLE_META_LATIN_GROUP_OID, ROLE_META_LATIN_GROUP_NAME);
    }

    @Test
    public void test200CreateAlpha() throws Exception {
        displayTestTitle("test200CreateAlpha");
        Task createTask = createTask("test200CreateAlpha");
        OperationResult result = createTask.getResult();
        String addGreekRole = addGreekRole(GROUP_ALPHA_NAME, createTask, result);
        assertSuccess(result);
        rememberGroupRoleOid(GROUP_ALPHA_NAME, addGreekRole);
        readAndAssertGreekGroupRole(addGreekRole, GROUP_ALPHA_NAME);
    }

    @Test
    public void test202CreateBeta() throws Exception {
        displayTestTitle("test202CreateBeta");
        Task createTask = createTask("test202CreateBeta");
        OperationResult result = createTask.getResult();
        String addGreekRole = addGreekRole(GROUP_BETA_NAME, createTask, result);
        assertSuccess(result);
        rememberGroupRoleOid(GROUP_BETA_NAME, addGreekRole);
        readAndAssertGreekGroupRole(addGreekRole, GROUP_BETA_NAME);
    }

    @Test
    public void test210CreateA() throws Exception {
        displayTestTitle("test210CreateA");
        Task createTask = createTask("test210CreateA");
        OperationResult result = createTask.getResult();
        String addLatinkRole = addLatinkRole(GROUP_A_NAME, createTask, result);
        assertSuccess(result);
        rememberGroupRoleOid(GROUP_A_NAME, addLatinkRole);
        readAndAssertLatinGroupRole(addLatinkRole, GROUP_A_NAME);
    }

    @Test
    public void test300AssignAlphaToJack() throws Exception {
        displayTestTitle("test300AssignAlphaToJack");
        Task createTask = createTask("test300AssignAlphaToJack");
        OperationResult result = createTask.getResult();
        assignGroupRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_ALPHA_NAME, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        readAndAssertGreekGroupMember(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_ALPHA_NAME);
    }

    @Test
    public void test309UnassignAlphaFromJack() throws Exception {
        displayTestTitle("test309UnassignAlphaFromJack");
        Task createTask = createTask("test309UnassignAlphaFromJack");
        OperationResult result = createTask.getResult();
        unassignGroupRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_ALPHA_NAME, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        PrismObject user = getUser(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        display("User after", user);
        assertAssignments(user, 0);
        assertRoleMembershipRef(user, new String[0]);
        assertNoDummyAccount("jack");
        assertNoDummyGroupMember(null, GROUP_ALPHA_NAME, "jack");
    }

    @Test
    public void test310AssignAToJack() throws Exception {
        displayTestTitle("test310AssignAToJack");
        Task createTask = createTask("test310AssignAToJack");
        OperationResult result = createTask.getResult();
        assignGroupRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_A_NAME, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        readAndAssertGreekGroupMember(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_A_NAME);
    }

    @Test
    public void test312AssignBetaToJack() throws Exception {
        displayTestTitle("test312AssignBetaToJack");
        Task createTask = createTask("test312AssignBetaToJack");
        OperationResult result = createTask.getResult();
        assignGroupRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_BETA_NAME, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        readAndAssertGreekGroupMember(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, GROUP_BETA_NAME, GROUP_A_NAME);
    }

    @Test
    public void test319UnassignBetaAFromJack() throws Exception {
        displayTestTitle("test319UnassignBetaAFromJack");
        Task createTask = createTask("test319UnassignBetaAFromJack");
        OperationResult result = createTask.getResult();
        ObjectDelta createAssignmentFocusDelta = createAssignmentFocusDelta(UserType.class, AbstractConfiguredModelIntegrationTest.USER_JACK_OID, getGroupRoleOid(GROUP_BETA_NAME), RoleType.COMPLEX_TYPE, null, (Consumer) null, false);
        createAssignmentFocusDelta.addModification(createAssignmentModification(getGroupRoleOid(GROUP_A_NAME), RoleType.COMPLEX_TYPE, null, null, null, false));
        this.modelService.executeChanges(MiscSchemaUtil.createCollection(new ObjectDelta[]{createAssignmentFocusDelta}), (ModelExecuteOptions) null, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        PrismObject user = getUser(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        display("User after", user);
        assertAssignments(user, 0);
        assertRoleMembershipRef(user, new String[0]);
        assertNoDummyAccount("jack");
        assertNoDummyGroupMember(null, GROUP_ALPHA_NAME, "jack");
        assertNoDummyGroupMember(null, GROUP_BETA_NAME, "jack");
        assertNoDummyGroupMember(null, GROUP_A_NAME, "jack");
    }

    @Test
    public void test900LegacyAddMetaMeta() throws Exception {
        displayTestTitle("test900LegacyAddMetaMeta");
        Task createTask = createTask("test900LegacyAddMetaMeta");
        OperationResult result = createTask.getResult();
        addObject(ROLE_META_META_LEGACY_FILE, createTask, result);
        assertSuccess(result);
        PrismObject object = getObject(RoleType.class, ROLE_META_META_LEGACY_OID);
        display("Metametarole after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", ROLE_META_META_LEGACY_NAME, asObjectable.getName());
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[0]);
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
        String lowerCase = ROLE_META_META_LEGACY_NAME.toLowerCase();
        AssertJUnit.assertNotNull("No dummy group " + lowerCase, getDummyGroup(null, lowerCase));
    }

    @Test
    public void test910LegacyAddMetaLegacyOne() throws Exception {
        displayTestTitle("test910LegacyAddMetaLegacyOne");
        Task createTask = createTask("test910LegacyAddMetaLegacyOne");
        OperationResult result = createTask.getResult();
        addObject(ROLE_META_LEGACY_ONE_FILE, createTask, result);
        assertSuccess(result);
        PrismObject object = getObject(RoleType.class, ROLE_META_LEGACY_ONE_OID);
        display("Metarole after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", ROLE_META_LEGACY_ONE_NAME, asObjectable.getName());
        assertAssigned(object, ROLE_META_META_LEGACY_OID, RoleType.COMPLEX_TYPE);
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[]{ROLE_META_META_LEGACY_OID});
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
        String lowerCase = ROLE_META_LEGACY_ONE_NAME.toLowerCase();
        AssertJUnit.assertNotNull("No dummy group " + lowerCase, getDummyGroup(null, lowerCase));
    }

    @Test
    public void test920LegacyCreateGroupOne() throws Exception {
        displayTestTitle("test920LegacyCreateGroupOne");
        Task createTask = createTask("test920LegacyCreateGroupOne");
        OperationResult result = createTask.getResult();
        PrismObject createObject = createObject(RoleType.class, GROUP_ONE_NAME);
        createObject.asObjectable().beginAssignment().targetRef(ROLE_META_LEGACY_ONE_OID, RoleType.COMPLEX_TYPE);
        this.groupOneRoleOid = addObject(createObject, createTask, result);
        assertSuccess(result);
        PrismObject object = getObject(RoleType.class, this.groupOneRoleOid);
        display("Role after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", GROUP_ONE_NAME, asObjectable.getName());
        assertAssigned(object, ROLE_META_LEGACY_ONE_OID, RoleType.COMPLEX_TYPE);
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[]{ROLE_META_LEGACY_ONE_OID});
        AssertJUnit.assertNotNull("No dummy group one", getDummyGroup(null, GROUP_ONE_NAME));
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
    }

    @Test
    public void test930LegacyAssignGroupOneToJack() throws Exception {
        displayTestTitle("test930LegacyAssignGroupOneToJack");
        Task createTask = createTask("test930LegacyAssignGroupOneToJack");
        OperationResult result = createTask.getResult();
        assignRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, this.groupOneRoleOid, createTask, result);
        assertSuccess(result);
        display("Dummy resource", getDummyResource());
        PrismObject user = getUser(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        display("User after", user);
        assertAssignedRole(user, this.groupOneRoleOid);
        assertAssignments(user, 1);
        assertRoleMembershipRef(user, new String[]{this.groupOneRoleOid});
        display("User shadow (model)", getShadowModel(getSingleLinkOid(user)));
        assertDefaultDummyAccount(user.getName().getOrig(), user.asObjectable().getFullName().getOrig(), true);
        assertDummyGroupMember(null, ROLE_META_LEGACY_ONE_NAME, user.getName().getOrig());
        assertNoDummyGroupMember(null, GROUP_ONE_NAME, user.getName().getOrig());
    }

    private PrismObject<UserType> readAndAssertGreekGroupMember(String str, String... strArr) throws ConnectException, FileNotFoundException, SchemaViolationException, ConflictException, ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException, InterruptedException {
        PrismObject user = getUser(str);
        display("User after", user);
        List list = (List) Arrays.stream(strArr).map(this::getGroupRoleOid).collect(Collectors.toList());
        assertAssignedRoles(user, list);
        assertAssignments(user, list.size());
        assertRoleMembershipRefs(user, list);
        display("User shadow (model)", getShadowModel(getSingleLinkOid(user)));
        assertDefaultDummyAccount(user.getName().getOrig(), user.asObjectable().getFullName().getOrig(), true);
        for (String str2 : strArr) {
            assertDummyGroupMember(null, str2, user.getName().getOrig());
        }
        return user;
    }

    private void rememberGroupRoleOid(String str, String str2) {
        this.groupRoleOidMap.put(str, str2);
    }

    private String getGroupRoleOid(String str) {
        return this.groupRoleOidMap.get(str);
    }

    private void assignGroupRole(String str, String str2, Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException {
        assignRole(str, getGroupRoleOid(str2), task, operationResult);
    }

    private void unassignGroupRole(String str, String str2, Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException {
        unassignRole(str, getGroupRoleOid(str2), task, operationResult);
    }

    private PrismObject<RoleType> readAndAssertGreekGroupRole(String str, String str2) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SchemaViolationException, ConflictException, InterruptedException {
        return readAndAssertGroupRole(str, ROLE_META_GREEK_GROUP_OID, str2);
    }

    private PrismObject<RoleType> readAndAssertLatinGroupRole(String str, String str2) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SchemaViolationException, ConflictException, InterruptedException {
        return readAndAssertGroupRole(str, ROLE_META_LATIN_GROUP_OID, str2);
    }

    private PrismObject<RoleType> readAndAssertGroupRole(String str, String str2, String str3) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SchemaViolationException, ConflictException, InterruptedException {
        PrismObject<RoleType> object = getObject(RoleType.class, str);
        display("Role after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", str3, asObjectable.getName());
        assertAssigned(object, str2, RoleType.COMPLEX_TYPE);
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[]{str2});
        AssertJUnit.assertNotNull("No dummy group " + str3, getDummyGroup(null, str3));
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
        return object;
    }

    private PrismObject<RoleType> assertMetaRole(String str, String str2) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SchemaViolationException, ConflictException, InterruptedException {
        PrismObject<RoleType> object = getObject(RoleType.class, str);
        display("Metarole after", object);
        assertObject(object);
        RoleType asObjectable = object.asObjectable();
        PrismAsserts.assertEqualsPolyString("Wrong " + object + " name", str2, asObjectable.getName());
        assertAssigned(object, ROLE_META_META_WORLD_OID, RoleType.COMPLEX_TYPE);
        assertAssignments(object, 1);
        assertRoleMembershipRef(object, new String[]{ROLE_META_META_WORLD_OID});
        assertLinks(object, 1);
        display("Role shadow (model)", getShadowModel(((ObjectReferenceType) asObjectable.getLinkRef().get(0)).getOid()));
        String lowerCase = str2.toLowerCase();
        AssertJUnit.assertNotNull("No dummy group " + lowerCase, getDummyGroup(null, lowerCase));
        return object;
    }

    private String addGreekRole(String str, Task task, OperationResult operationResult) throws SchemaException, ObjectAlreadyExistsException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException {
        return addGrupRole(str, ROLE_META_GREEK_GROUP_OID, task, operationResult);
    }

    private String addLatinkRole(String str, Task task, OperationResult operationResult) throws SchemaException, ObjectAlreadyExistsException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException {
        return addGrupRole(str, ROLE_META_LATIN_GROUP_OID, task, operationResult);
    }

    private String addGrupRole(String str, String str2, Task task, OperationResult operationResult) throws SchemaException, ObjectAlreadyExistsException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException {
        return addObject(createGroupRole(str, str2), task, operationResult);
    }

    private PrismObject<RoleType> createGroupRole(String str, String str2) throws SchemaException {
        PrismObject<RoleType> createObject = createObject(RoleType.class, str);
        createObject.asObjectable().beginAssignment().targetRef(str2, RoleType.COMPLEX_TYPE);
        return createObject;
    }
}
