package com.openexchange.groupware.infostore.webdav;

import com.openexchange.ajax.mail.filter.fields.RuleFields;
import com.openexchange.configuration.AJAXConfig;
import com.openexchange.database.provider.DBPoolProvider;
import com.openexchange.dav.StatusCodes;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.Init;
import com.openexchange.groupware.container.FolderObject;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.infostore.DocumentMetadata;
import com.openexchange.groupware.infostore.database.impl.DocumentMetadataImpl;
import com.openexchange.groupware.infostore.facade.impl.InfostoreFacadeImpl;
import com.openexchange.groupware.ldap.User;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.groupware.results.TimedResult;
import com.openexchange.groupware.userconfiguration.UserConfiguration;
import com.openexchange.groupware.userconfiguration.UserConfigurationStorage;
import com.openexchange.server.impl.DBPool;
import com.openexchange.server.impl.OCLPermission;
import com.openexchange.session.Session;
import com.openexchange.sessiond.impl.SessionObjectWrapper;
import com.openexchange.setuptools.TestConfig;
import com.openexchange.setuptools.TestContextToolkit;
import com.openexchange.tools.iterator.SearchIteratorAdapter;
import com.openexchange.tools.oxfolder.OXFolderAccess;
import com.openexchange.tools.oxfolder.OXFolderManager;
import com.openexchange.tools.session.ServerSessionAdapter;
import com.openexchange.tools.session.SessionHolder;
import com.openexchange.webdav.protocol.TestWebdavFactoryBuilder;
import com.openexchange.webdav.protocol.WebdavCollection;
import com.openexchange.webdav.protocol.WebdavPath;
import com.openexchange.webdav.protocol.WebdavProperty;
import com.openexchange.webdav.protocol.WebdavProtocolException;
import com.openexchange.webdav.protocol.WebdavResource;
import java.io.ByteArrayInputStream;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import junit.framework.TestCase;

/* loaded from: input_file:com/openexchange/groupware/infostore/webdav/PermissionTest.class */
public class PermissionTest extends TestCase implements SessionHolder {
    private Context ctx;
    private Session session;
    private User user;
    private User user1;
    private User user2;
    private UserConfiguration userConfig;
    private UserConfiguration userConfig1;
    private UserConfiguration userConfig2;
    private User cleanupUser;
    private Session session1;
    private Session session2;
    private FolderObject root;
    private InfostoreWebdavFactory factory;
    private final List<FolderObject> clean = new ArrayList();

    private static String getUsername(String str) {
        int indexOf = str.indexOf(64);
        return indexOf == -1 ? str : str.substring(0, indexOf);
    }

    public void setUp() throws Exception {
        Init.startServer();
        AJAXConfig.init();
        TestConfig testConfig = new TestConfig();
        TestContextToolkit testContextToolkit = new TestContextToolkit();
        String contextName = testConfig.getContextName();
        this.ctx = (null == contextName || contextName.trim().length() == 0) ? testContextToolkit.getDefaultContext() : testContextToolkit.getContextByName(contextName);
        UserStorage userStorage = UserStorage.getInstance();
        UserConfigurationStorage userConfigurationStorage = UserConfigurationStorage.getInstance();
        this.session1 = SessionObjectWrapper.createSessionObject(userStorage.getUserId(getUsername(AJAXConfig.getProperty(AJAXConfig.Property.LOGIN)), this.ctx), this.ctx, getClass().getName());
        this.user1 = userStorage.getUser(this.session1.getUserId(), this.ctx);
        this.userConfig1 = userConfigurationStorage.getUserConfiguration(this.user1.getId(), this.ctx);
        this.session2 = SessionObjectWrapper.createSessionObject(userStorage.getUserId(getUsername(AJAXConfig.getProperty(AJAXConfig.Property.SECONDUSER)), this.ctx), this.ctx, getClass().getName());
        this.user2 = userStorage.getUser(this.session2.getUserId(), this.ctx);
        this.userConfig2 = userConfigurationStorage.getUserConfiguration(this.user2.getId(), this.ctx);
        this.root = new OXFolderAccess(this.ctx).getFolderObject(15);
        this.cleanupUser = this.user1;
        switchUser(this.user1);
        TestWebdavFactoryBuilder.setUp();
        this.factory = TestWebdavFactoryBuilder.buildFactory();
        this.factory.setSessionHolder(this);
        this.factory.beginRequest();
    }

    public void tearDown() throws Exception {
        switchUser(this.cleanupUser);
        Collections.reverse(this.clean);
        Iterator<FolderObject> it = this.clean.iterator();
        while (it.hasNext()) {
            rm(it.next().getObjectID());
        }
        this.clean.clear();
        this.factory.endRequest(200);
        Init.stopServer();
    }

    public void testListSubfolders() throws Exception {
        createFolder(createFolder(this.root, "parent", adminPermission(this.user1), permission(this.user2, false, 2, 0, 0, 0)), "sub", adminPermission(this.user1), permission(this.user2, false, 2, 0, 0, 0));
        switchUser(this.user2);
        List children = this.factory.resolveCollection(new WebdavPath(new String[]{"public_infostore", "parent"})).getChildren();
        assertEquals(1, children.size());
        assertEquals("sub", ((WebdavResource) children.get(0)).getDisplayName());
    }

    public void testProppatchDocumentWithoutWritePermissions() throws Exception {
        FolderObject createFolder = createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 2, 4, 0, 0));
        WebdavResource resolveResource = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), touch(createFolder, "testDocument").getFileName()}));
        switchUser(this.user2);
        WebdavProperty webdavProperty = new WebdavProperty("http://www.open-xchange.com/testProperties", RuleFields.TEST);
        webdavProperty.setValue("foo");
        resolveResource.putProperty(webdavProperty);
        try {
            resolveResource.save();
            fail("Shouldn't be able to save this, as user2 doesn't have write permissions");
        } catch (WebdavProtocolException e) {
            if (e.getStatus() != 403) {
                e.printStackTrace();
            }
            assertEquals("Expected Forbidden Status", StatusCodes.SC_FORBIDDEN, e.getStatus());
        }
    }

    public void testProppatchFolderWithoutWritePermissions() throws Exception {
        WebdavCollection resolveCollection = this.factory.resolveCollection(new WebdavPath(new String[]{"public_infostore", createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 2, 4, 0, 0)).getFolderName()}));
        switchUser(this.user2);
        WebdavProperty webdavProperty = new WebdavProperty("http://www.open-xchange.com/testProperties", RuleFields.TEST);
        webdavProperty.setValue("foo");
        resolveCollection.putProperty(webdavProperty);
        try {
            resolveCollection.save();
            fail("Shouldn't be able to save this, as user2 doesn't have write permissions");
        } catch (WebdavProtocolException e) {
            if (e.getStatus() != 403) {
                e.printStackTrace();
            }
            assertEquals("Expected Forbidden Status", StatusCodes.SC_FORBIDDEN, e.getStatus());
        }
    }

    public void testUpdateDocumentWithWritePermissionsOnly() throws Exception {
        FolderObject createFolder = createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 2, 0, 4, 0));
        WebdavResource resolveResource = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), touch(createFolder, "testDocument").getFileName()}));
        switchUser(this.user2);
        try {
            resolveResource.putBodyAndGuessLength(new ByteArrayInputStream(new byte[]{1, 2, 3}));
            resolveResource.save();
            assertTrue(true);
        } catch (OXException e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }

    public void testUpdateFolderWithWritePermissionsOnly() throws Exception {
        WebdavCollection resolveCollection = this.factory.resolveCollection(new WebdavPath(new String[]{"public_infostore", createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 2, 0, 4, 0)).getFolderName()}));
        switchUser(this.user2);
        try {
            resolveCollection.setDisplayName("rename");
            resolveCollection.save();
            assertTrue(true);
        } catch (OXException e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }

    public void testDontDulicateDocumentsWithCreateAndWritePermissions() throws Exception {
        FolderObject createFolder = createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 4, 0, 2, 0));
        switchUser(this.user2);
        WebdavResource resolveResource = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), "test.bin"}));
        resolveResource.putBodyAndGuessLength(new ByteArrayInputStream(new byte[0]));
        resolveResource.create();
        this.factory.endRequest(200);
        this.factory.beginRequest();
        WebdavResource resolveResource2 = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), "test.bin"}));
        resolveResource2.putBodyAndGuessLength(new ByteArrayInputStream(new byte[]{1, 2, 3}));
        assertTrue(resolveResource2.exists());
        resolveResource2.save();
        switchUser(this.user1);
        TimedResult documents = this.factory.getDatabase().getDocuments(createFolder.getObjectID(), getContext(), this.user, this.userConfig);
        HashMap hashMap = new HashMap();
        Iterator it = SearchIteratorAdapter.toIterable(documents.results()).iterator();
        while (it.hasNext()) {
            String fileName = ((DocumentMetadata) it.next()).getFileName();
            assertNotNull(fileName);
            assertEquals("test.bin", fileName);
            Integer num = 0;
            if (null != hashMap.get(fileName)) {
                num = (Integer) hashMap.get(fileName);
            }
            hashMap.put(fileName, Integer.valueOf(num.intValue() + 1));
        }
        assertTrue(hashMap.values().size() > 0);
        Iterator it2 = hashMap.values().iterator();
        while (it2.hasNext()) {
            assertEquals(new Integer(1), (Integer) it2.next());
        }
    }

    public void testDontDulicateOtherPersonsDocumentWithCreateAndWritePermissions() throws Exception {
        FolderObject createFolder = createFolder(this.root, RuleFields.TEST + System.currentTimeMillis(), adminPermission(this.user1), permission(this.user2, false, 4, 0, 2, 0));
        WebdavResource resolveResource = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), "test.bin"}));
        resolveResource.putBodyAndGuessLength(new ByteArrayInputStream(new byte[0]));
        resolveResource.create();
        switchUser(this.user2);
        WebdavResource resolveResource2 = this.factory.resolveResource(new WebdavPath(new String[]{"public_infostore", createFolder.getFolderName(), "test.bin"}));
        try {
            resolveResource2.putBodyAndGuessLength(new ByteArrayInputStream(new byte[]{1, 2, 3}));
            resolveResource2.save();
            fail("Could update document even without write permissions to it");
        } catch (WebdavProtocolException e) {
            if (e.getStatus() != 403) {
                e.printStackTrace();
            }
            assertEquals(StatusCodes.SC_FORBIDDEN, e.getStatus());
        }
    }

    public void testDisallowSavingInRootVirtualFolder() throws Exception {
        WebdavResource resolveResource = this.factory.resolveResource("/test.txt");
        try {
            resolveResource.putBodyAndGuessLength(new ByteArrayInputStream(new byte[]{1, 2, 3}));
            resolveResource.save();
            fail("Shouldn't be able to save in root folder");
        } catch (WebdavProtocolException e) {
            if (e.getStatus() != 403) {
                e.printStackTrace();
            }
            assertEquals(StatusCodes.SC_FORBIDDEN, e.getStatus());
        }
    }

    public OCLPermission adminPermission(User user) {
        return permission(user, true, 128, 128, 128, 128);
    }

    public OCLPermission permission(User user, boolean z, int i, int i2, int i3, int i4) {
        OCLPermission oCLPermission = new OCLPermission();
        oCLPermission.setAllPermission(i, i2, i3, i4);
        oCLPermission.setEntity(user.getId());
        oCLPermission.setFolderAdmin(z);
        oCLPermission.setGroupPermission(false);
        return oCLPermission;
    }

    public FolderObject createFolder(FolderObject folderObject, String str, OCLPermission... oCLPermissionArr) throws OXException, OXException {
        if (oCLPermissionArr.length == 0) {
            oCLPermissionArr = new OCLPermission[]{adminPermission(this.cleanupUser)};
        }
        Connection connection = null;
        try {
            connection = DBPool.pickupWriteable(this.ctx);
            OXFolderManager oXFolderManager = OXFolderManager.getInstance(this.session, connection, connection);
            FolderObject folderObject2 = new FolderObject();
            folderObject2.setFolderName(str);
            folderObject2.setParentFolderID(folderObject.getObjectID());
            folderObject2.setModule(8);
            folderObject2.setType(2);
            folderObject2.setPermissionsAsArray(oCLPermissionArr);
            FolderObject createFolder = oXFolderManager.createFolder(folderObject2, true, System.currentTimeMillis());
            this.clean.add(createFolder);
            if (connection != null) {
                DBPool.pushWrite(this.ctx, connection);
            }
            return createFolder;
        } catch (Throwable th) {
            if (connection != null) {
                DBPool.pushWrite(this.ctx, connection);
            }
            throw th;
        }
    }

    private DocumentMetadata touch(FolderObject folderObject, String str) throws Exception {
        InfostoreFacadeImpl infostoreFacadeImpl = new InfostoreFacadeImpl(new DBPoolProvider());
        infostoreFacadeImpl.startTransaction();
        try {
            try {
                DocumentMetadataImpl documentMetadataImpl = new DocumentMetadataImpl();
                documentMetadataImpl.setFileName(str);
                documentMetadataImpl.setFolderId(folderObject.getObjectID());
                infostoreFacadeImpl.saveDocument(documentMetadataImpl, new ByteArrayInputStream(new byte[]{1}), System.currentTimeMillis(), ServerSessionAdapter.valueOf(this.session, getContext()));
                infostoreFacadeImpl.finish();
                return documentMetadataImpl;
            } catch (Exception e) {
                infostoreFacadeImpl.rollback();
                throw e;
            }
        } catch (Throwable th) {
            infostoreFacadeImpl.finish();
            throw th;
        }
    }

    public void switchUser(User user) {
        if (user.getId() == this.user1.getId()) {
            this.session = this.session1;
            this.user = this.user1;
            this.userConfig = this.userConfig1;
        } else {
            if (user.getId() != this.user2.getId()) {
                throw new IllegalArgumentException("I don't know user " + user.getId());
            }
            this.session = this.session2;
            this.user = this.user2;
            this.userConfig = this.userConfig2;
        }
    }

    protected void rm(int i) throws SQLException, OXException, OXException, Exception {
        OXFolderManager.getInstance(this.session).deleteFolder(new FolderObject(i), true, System.currentTimeMillis());
    }

    public Session getSessionObject() {
        return this.session;
    }

    public Context getContext() {
        return this.ctx;
    }

    public User getUser() {
        return null;
    }
}
