package com.evolveum.midpoint.model.intest.security;

import com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.io.File;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.testng.annotations.Test;

@ContextConfiguration(locations = {"classpath:ctx-model-intest-test-main.xml"})
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
/* loaded from: input_file:com/evolveum/midpoint/model/intest/security/TestSecurityMedium.class */
public class TestSecurityMedium extends AbstractSecurityTest {
    protected static final String USER_EMPLOYEE_FRED_OID = "4e63d9a2-d575-11e9-9c19-cb0e0207a10e";
    protected static final String ROLE_EMPLOYEE_MANAGER_OID = "5549cb8e-d573-11e9-a61e-7f2eff22715a";
    protected static final int NUMBER_OF_IMPORTED_ROLES = 1;
    protected static final File USER_EMPLOYEE_FRED_FILE = new File(TEST_DIR, "user-employee-fred.xml");
    protected static final File ROLE_EMPLOYEE_MANAGER_FILE = new File(TEST_DIR, "role-employee-manager.xml");

    @Override // com.evolveum.midpoint.model.intest.security.AbstractSecurityTest, com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest, com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest
    public void initSystem(Task task, OperationResult operationResult) throws Exception {
        super.initSystem(task, operationResult);
        repoAddObjectFromFile(ARCHETYPE_EMPLOYEE_FILE, operationResult);
        repoAddObjectFromFile(ROLE_EMPLOYEE_MANAGER_FILE, operationResult);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.model.intest.security.AbstractSecurityTest, com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest, com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest
    public int getNumberOfRoles() {
        return super.getNumberOfRoles() + NUMBER_OF_IMPORTED_ROLES;
    }

    @Test
    public void test000Sanity() throws Exception {
        displayTestTitle("test000Sanity");
        cleanupAutzTest(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        displayWhen("test000Sanity");
        assertSearch(UserType.class, null, 11);
        assertSearch(RoleType.class, null, getNumberOfRoles());
        assertReadAllow(11);
        assertReadAllowRaw(11);
        assertAddAllow();
        assertAddAllowRaw();
        assertModifyAllow();
        assertDeleteAllow();
        assertGlobalStateUntouched();
    }

    @Test
    public void test100AutzEmployeeManager() throws Exception {
        displayTestTitle("test100AutzEmployeeManager");
        cleanupAutzTest(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        assignRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, ROLE_EMPLOYEE_MANAGER_OID);
        login("jack");
        displayWhen("test100AutzEmployeeManager");
        assertGetDeny(UserType.class, AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        assertGetDeny(UserType.class, "c0c010c0-d34d-b33f-f00d-111111111116");
        assertGetDeny(UserType.class, "c0c010c0-d34d-b33f-f00d-1c1c11cc11c2");
        assertGetDeny(UserType.class, "65e66ea2-30de-11e7-b852-4b46724fcdaa");
        assertSearch(UserType.class, null, 0);
        assertSearch(ObjectType.class, null, 0);
        assertSearch(OrgType.class, null, 0);
        assertAddDeny();
        assertModifyDeny();
        assertDeleteDeny();
        assertGlobalStateUntouched();
    }

    @Test
    public void test102AutzEmployeeManagerAddEmployee() throws Exception {
        displayTestTitle("test102AutzEmployeeManagerAddEmployee");
        cleanupAutzTest(AbstractConfiguredModelIntegrationTest.USER_JACK_OID);
        assignRole(AbstractConfiguredModelIntegrationTest.USER_JACK_OID, ROLE_EMPLOYEE_MANAGER_OID);
        login("jack");
        displayWhen("test102AutzEmployeeManagerAddEmployee");
        assertAddAllow(USER_EMPLOYEE_FRED_FILE);
        assertSearch(UserType.class, null, NUMBER_OF_IMPORTED_ROLES);
        assertSearch(ObjectType.class, null, NUMBER_OF_IMPORTED_ROLES);
        assertSearch(OrgType.class, null, 0);
        assertModifyDeny();
        assertDeleteDeny();
        assertGlobalStateUntouched();
    }
}
