package org.springframework.security.acls.domain;

import java.util.List;
import junit.framework.Assert;
import junit.framework.TestCase;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.acls.model.Acl;
import org.springframework.security.acls.model.NotFoundException;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.class */
public class AclImplementationSecurityCheckTests extends TestCase {
    private static final String TARGET_CLASS = "org.springframework.security.acls.TargetObject";

    protected void setUp() throws Exception {
        SecurityContextHolder.clearContext();
    }

    protected void tearDown() throws Exception {
        SecurityContextHolder.clearContext();
    }

    public void testSecurityCheckNoACEs() throws Exception {
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("user", "password", new String[]{"ROLE_GENERAL", "ROLE_AUDITING", "ROLE_OWNERSHIP"});
        testingAuthenticationToken.setAuthenticated(true);
        SecurityContextHolder.getContext().setAuthentication(testingAuthenticationToken);
        ObjectIdentityImpl objectIdentityImpl = new ObjectIdentityImpl(TARGET_CLASS, new Long(100L));
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl = new AclAuthorizationStrategyImpl(new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), new GrantedAuthorityImpl("ROLE_GENERAL")});
        AclImpl aclImpl = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        aclAuthorizationStrategyImpl.securityCheck(aclImpl, 2);
        aclAuthorizationStrategyImpl.securityCheck(aclImpl, 1);
        aclAuthorizationStrategyImpl.securityCheck(aclImpl, 0);
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl2 = new AclAuthorizationStrategyImpl(new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), new GrantedAuthorityImpl("ROLE_THREE")});
        AclImpl aclImpl2 = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl2, new ConsoleAuditLogger());
        try {
            aclAuthorizationStrategyImpl2.securityCheck(aclImpl2, 2);
            Assert.fail("It should have thrown NotFoundException");
        } catch (NotFoundException e) {
        }
        try {
            aclAuthorizationStrategyImpl2.securityCheck(aclImpl2, 1);
            Assert.fail("It should have thrown NotFoundException");
        } catch (NotFoundException e2) {
        }
        try {
            aclAuthorizationStrategyImpl2.securityCheck(aclImpl2, 0);
            Assert.fail("It should have thrown NotFoundException");
        } catch (NotFoundException e3) {
        }
    }

    public void testSecurityCheckWithMultipleACEs() throws Exception {
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("user", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_GENERAL")});
        testingAuthenticationToken.setAuthenticated(true);
        SecurityContextHolder.getContext().setAuthentication(testingAuthenticationToken);
        ObjectIdentityImpl objectIdentityImpl = new ObjectIdentityImpl(TARGET_CLASS, new Long(100L));
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl = new AclAuthorizationStrategyImpl(new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), new GrantedAuthorityImpl("ROLE_GENERAL")});
        AclImpl aclImpl = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        aclImpl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), false);
        aclAuthorizationStrategyImpl.securityCheck(aclImpl, 2);
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 1);
            Assert.fail("It should have thrown AccessDeniedException");
        } catch (AccessDeniedException e) {
        }
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 0);
            Assert.fail("It should have thrown AccessDeniedException");
        } catch (AccessDeniedException e2) {
        }
        aclImpl.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), true);
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 1);
            Assert.fail("It should have thrown AccessDeniedException");
        } catch (AccessDeniedException e3) {
        }
        AclImpl aclImpl2 = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        aclImpl2.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), true);
        aclAuthorizationStrategyImpl.securityCheck(aclImpl2, 1);
        aclImpl2.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), false);
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl2, 1);
            Assert.assertTrue(true);
        } catch (AccessDeniedException e4) {
            Assert.fail("It shouldn't have thrown AccessDeniedException");
        }
        AclImpl aclImpl3 = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl3, 1);
            Assert.fail("It should have thrown NotFoundException");
        } catch (NotFoundException e5) {
            Assert.assertTrue(true);
        }
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl3, 2);
            Assert.assertTrue(true);
        } catch (NotFoundException e6) {
            Assert.fail("It shouldn't have thrown NotFoundException");
        }
    }

    public void testSecurityCheckWithInheritableACEs() throws Exception {
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("user", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_GENERAL")});
        testingAuthenticationToken.setAuthenticated(true);
        SecurityContextHolder.getContext().setAuthentication(testingAuthenticationToken);
        ObjectIdentityImpl objectIdentityImpl = new ObjectIdentityImpl(TARGET_CLASS, new Long(100L));
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl = new AclAuthorizationStrategyImpl(new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), new GrantedAuthorityImpl("ROLE_GENERAL")});
        AclImpl aclImpl = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        aclImpl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), true);
        AclImpl aclImpl2 = new AclImpl(objectIdentityImpl, new Long(2L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl2, 0);
            Assert.fail("It should have thrown NotFoundException");
        } catch (NotFoundException e) {
            Assert.assertTrue(true);
        }
        aclImpl2.setParent(aclImpl);
        aclImpl2.setEntriesInheriting(true);
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl2, 0);
            Assert.assertTrue(true);
        } catch (NotFoundException e2) {
            Assert.fail("It shouldn't have thrown NotFoundException");
        }
        AclImpl aclImpl3 = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        AclImpl aclImpl4 = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger());
        aclImpl3.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(testingAuthenticationToken), true);
        aclImpl4.setEntriesInheriting(true);
        aclImpl4.setParent(aclImpl3);
        aclImpl2.setParent(aclImpl4);
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl2, 0);
            Assert.assertTrue(true);
        } catch (NotFoundException e3) {
            Assert.fail("It shouldn't have thrown NotFoundException");
        }
    }

    public void testSecurityCheckPrincipalOwner() throws Exception {
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("user", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_ONE")});
        testingAuthenticationToken.setAuthenticated(true);
        SecurityContextHolder.getContext().setAuthentication(testingAuthenticationToken);
        ObjectIdentityImpl objectIdentityImpl = new ObjectIdentityImpl(TARGET_CLASS, new Long(100L));
        AclAuthorizationStrategyImpl aclAuthorizationStrategyImpl = new AclAuthorizationStrategyImpl(new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), new GrantedAuthorityImpl("ROLE_GENERAL")});
        AclImpl aclImpl = new AclImpl(objectIdentityImpl, new Long(1L), aclAuthorizationStrategyImpl, new ConsoleAuditLogger(), (Acl) null, (List) null, false, new PrincipalSid(testingAuthenticationToken));
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 2);
            Assert.assertTrue(true);
        } catch (AccessDeniedException e) {
            Assert.fail("It shouldn't have thrown AccessDeniedException");
        }
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 1);
            Assert.fail("It shouldn't have thrown AccessDeniedException");
        } catch (NotFoundException e2) {
            Assert.assertTrue(true);
        }
        try {
            aclAuthorizationStrategyImpl.securityCheck(aclImpl, 0);
            Assert.assertTrue(true);
        } catch (AccessDeniedException e3) {
            Assert.fail("It shouldn't have thrown AccessDeniedException");
        }
    }
}
