package org.springframework.security.acls.jdbc;

import java.io.IOException;
import junit.framework.TestCase;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Ehcache;
import org.springframework.cache.ehcache.EhCacheFactoryBean;
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DataSourceTransactionManager;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.acls.MutableAcl;
import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
import org.springframework.security.acls.domain.AclImpl;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.domain.ConsoleAuditLogger;
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
import org.springframework.security.acls.sid.GrantedAuthoritySid;
import org.springframework.security.acls.sid.PrincipalSid;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.support.DefaultTransactionDefinition;

/* loaded from: input_file:org/springframework/security/acls/jdbc/AclPermissionInheritanceTests.class */
public class AclPermissionInheritanceTests extends TestCase {
    private JdbcMutableAclService aclService;
    private JdbcTemplate jdbcTemplate;
    private DriverManagerDataSource dataSource;
    private DataSourceTransactionManager txManager;
    private TransactionStatus txStatus;

    /* loaded from: input_file:org/springframework/security/acls/jdbc/AclPermissionInheritanceTests$TestDomainObject.class */
    public static class TestDomainObject {
        private Long id;

        public Long getId() {
            return this.id;
        }

        public void setId(Long l) {
            this.id = l;
        }
    }

    protected void setUp() throws Exception {
        this.dataSource = new DriverManagerDataSource();
        this.dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
        this.dataSource.setUrl("jdbc:hsqldb:mem:permissiontest");
        this.dataSource.setUsername("sa");
        this.dataSource.setPassword("");
        this.jdbcTemplate = new JdbcTemplate(this.dataSource);
        this.txManager = new DataSourceTransactionManager();
        this.txManager.setDataSource(this.dataSource);
        this.txStatus = this.txManager.getTransaction(new DefaultTransactionDefinition());
        this.aclService = createAclService(this.dataSource);
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("system", "secret", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_IGNORED")}));
    }

    protected void tearDown() throws Exception {
        this.txManager.rollback(this.txStatus);
        SecurityContextHolder.clearContext();
    }

    public void test1() throws Exception {
        createAclSchema(this.jdbcTemplate);
        ObjectIdentityImpl objectIdentityImpl = new ObjectIdentityImpl(TestDomainObject.class, new Long(1L));
        MutableAcl createAcl = this.aclService.createAcl(objectIdentityImpl);
        MutableAcl createAcl2 = this.aclService.createAcl(new ObjectIdentityImpl(TestDomainObject.class, new Long(2L)));
        createAcl2.setParent(createAcl);
        this.aclService.updateAcl(createAcl2);
        AclImpl readAclById = this.aclService.readAclById(objectIdentityImpl);
        readAclById.insertAce(0, BasePermission.READ, new PrincipalSid("john"), true);
        this.aclService.updateAcl(readAclById);
        AclImpl readAclById2 = this.aclService.readAclById(objectIdentityImpl);
        readAclById2.insertAce(1, BasePermission.READ, new PrincipalSid("joe"), true);
        this.aclService.updateAcl(readAclById2);
        MutableAcl parentAcl = this.aclService.readAclById(new ObjectIdentityImpl(TestDomainObject.class, new Long(2L))).getParentAcl();
        assertEquals("Fails because child has a stale reference to its parent", 2, parentAcl.getEntries().length);
        assertEquals(1, parentAcl.getEntries()[0].getPermission().getMask());
        assertEquals(new PrincipalSid("john"), parentAcl.getEntries()[0].getSid());
        assertEquals(1, parentAcl.getEntries()[1].getPermission().getMask());
        assertEquals(new PrincipalSid("joe"), parentAcl.getEntries()[1].getSid());
    }

    public void test2() throws Exception {
        createAclSchema(this.jdbcTemplate);
        MutableAcl createAcl = this.aclService.createAcl(new ObjectIdentityImpl(TestDomainObject.class, new Long(1L)));
        MutableAcl createAcl2 = this.aclService.createAcl(new ObjectIdentityImpl(TestDomainObject.class, new Long(2L)));
        createAcl2.setParent(createAcl);
        this.aclService.updateAcl(createAcl2);
        createAcl.insertAce(0, BasePermission.ADMINISTRATION, new GrantedAuthoritySid("ROLE_ADMINISTRATOR"), true);
        this.aclService.updateAcl(createAcl);
        createAcl.insertAce(1, BasePermission.DELETE, new PrincipalSid("terry"), true);
        this.aclService.updateAcl(createAcl);
        MutableAcl parentAcl = this.aclService.readAclById(new ObjectIdentityImpl(TestDomainObject.class, new Long(2L))).getParentAcl();
        assertEquals(2, parentAcl.getEntries().length);
        assertEquals(16, parentAcl.getEntries()[0].getPermission().getMask());
        assertEquals(new GrantedAuthoritySid("ROLE_ADMINISTRATOR"), parentAcl.getEntries()[0].getSid());
        assertEquals(8, parentAcl.getEntries()[1].getPermission().getMask());
        assertEquals(new PrincipalSid("terry"), parentAcl.getEntries()[1].getSid());
    }

    private JdbcMutableAclService createAclService(DriverManagerDataSource driverManagerDataSource) throws IOException {
        GrantedAuthorityImpl grantedAuthorityImpl = new GrantedAuthorityImpl("ROLE_ADMINISTRATOR");
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl = new AclAuthorizationStrategyImpl(new GrantedAuthorityImpl[]{grantedAuthorityImpl, grantedAuthorityImpl, grantedAuthorityImpl});
        EhCacheManagerFactoryBean ehCacheManagerFactoryBean = new EhCacheManagerFactoryBean();
        ehCacheManagerFactoryBean.afterPropertiesSet();
        CacheManager cacheManager = (CacheManager) ehCacheManagerFactoryBean.getObject();
        EhCacheFactoryBean ehCacheFactoryBean = new EhCacheFactoryBean();
        ehCacheFactoryBean.setCacheName("aclAche");
        ehCacheFactoryBean.setCacheManager(cacheManager);
        ehCacheFactoryBean.afterPropertiesSet();
        EhCacheBasedAclCache ehCacheBasedAclCache = new EhCacheBasedAclCache((Ehcache) ehCacheFactoryBean.getObject());
        return new JdbcMutableAclService(driverManagerDataSource, new BasicLookupStrategy(driverManagerDataSource, ehCacheBasedAclCache, aclAuthorizationStrategyImpl, new ConsoleAuditLogger()), ehCacheBasedAclCache);
    }

    private void createAclSchema(JdbcTemplate jdbcTemplate) {
        jdbcTemplate.execute("DROP TABLE ACL_ENTRY IF EXISTS;");
        jdbcTemplate.execute("DROP TABLE ACL_OBJECT_IDENTITY IF EXISTS;");
        jdbcTemplate.execute("DROP TABLE ACL_CLASS IF EXISTS");
        jdbcTemplate.execute("DROP TABLE ACL_SID IF EXISTS");
        jdbcTemplate.execute("CREATE TABLE ACL_SID(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,PRINCIPAL BOOLEAN NOT NULL,SID VARCHAR_IGNORECASE(100) NOT NULL,CONSTRAINT UNIQUE_UK_1 UNIQUE(SID,PRINCIPAL));");
        jdbcTemplate.execute("CREATE TABLE ACL_CLASS(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,CLASS VARCHAR_IGNORECASE(100) NOT NULL,CONSTRAINT UNIQUE_UK_2 UNIQUE(CLASS));");
        jdbcTemplate.execute("CREATE TABLE ACL_OBJECT_IDENTITY(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,OBJECT_ID_CLASS BIGINT NOT NULL,OBJECT_ID_IDENTITY BIGINT NOT NULL,PARENT_OBJECT BIGINT,OWNER_SID BIGINT,ENTRIES_INHERITING BOOLEAN NOT NULL,CONSTRAINT UNIQUE_UK_3 UNIQUE(OBJECT_ID_CLASS,OBJECT_ID_IDENTITY),CONSTRAINT FOREIGN_FK_1 FOREIGN KEY(PARENT_OBJECT)REFERENCES ACL_OBJECT_IDENTITY(ID),CONSTRAINT FOREIGN_FK_2 FOREIGN KEY(OBJECT_ID_CLASS)REFERENCES ACL_CLASS(ID),CONSTRAINT FOREIGN_FK_3 FOREIGN KEY(OWNER_SID)REFERENCES ACL_SID(ID));");
        jdbcTemplate.execute("CREATE TABLE ACL_ENTRY(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,ACL_OBJECT_IDENTITY BIGINT NOT NULL,ACE_ORDER INT NOT NULL,SID BIGINT NOT NULL,MASK INTEGER NOT NULL,GRANTING BOOLEAN NOT NULL,AUDIT_SUCCESS BOOLEAN NOT NULL,AUDIT_FAILURE BOOLEAN NOT NULL,CONSTRAINT UNIQUE_UK_4 UNIQUE(ACL_OBJECT_IDENTITY,ACE_ORDER),CONSTRAINT FOREIGN_FK_4 FOREIGN KEY(ACL_OBJECT_IDENTITY) REFERENCES ACL_OBJECT_IDENTITY(ID),CONSTRAINT FOREIGN_FK_5 FOREIGN KEY(SID) REFERENCES ACL_SID(ID));");
    }
}
