package edu.cornell.mannlib.vitro.webapp.auth.policy;

import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
import edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent;
import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
import edu.cornell.mannlib.vitro.webapp.auth.objects.NamedAccessObject;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.TestAuthorizationRequest;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Set;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageByUriTemplateTest.class */
public class SuppressDisplayIndividualPageByUriTemplateTest extends PolicyTest {
    private static final String TEST_ENTITY = "test:entity";
    public static final String POLICY_PATH = "../home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_uri.n3";

    @Parameterized.Parameter(0)
    public AccessOperation ao;

    @Parameterized.Parameter(1)
    public AccessObjectType type;

    @Parameterized.Parameter(2)
    public String roleUri;

    @Parameterized.Parameter(3)
    public int rulesCount;

    @Parameterized.Parameter(4)
    public Set<Integer> attrCount;

    @Test
    public void testLoadPolicy() {
        load(POLICY_PATH);
        if (this.roleUri.equals("http://vitro.mannlib.cornell.edu/ns/vitro/authorization#CUSTOM")) {
            PolicyTemplateController.createRoleDataSets("http://vitro.mannlib.cornell.edu/ns/vitro/authorization#CUSTOM");
        }
        EntityPolicyController.grantAccess(TEST_ENTITY, this.type, this.ao, this.roleUri, new String[]{NamedKeyComponent.SUPPRESSION_BY_URI.toString()});
        String dataSetUriByKey = this.loader.getDataSetUriByKey(new String[]{NamedKeyComponent.SUPPRESSION_BY_URI.toString(), this.ao.toString(), this.type.toString(), this.roleUri});
        Assert.assertFalse(dataSetUriByKey == null);
        DynamicPolicy loadPolicyFromTemplateDataSet = this.loader.loadPolicyFromTemplateDataSet(dataSetUriByKey);
        Assert.assertTrue(loadPolicyFromTemplateDataSet != null);
        Assert.assertEquals(2000L, loadPolicyFromTemplateDataSet.getPriority());
        countRulesAndAttributes(loadPolicyFromTemplateDataSet, 1, Collections.singleton(4));
        policyDeniesAccess(loadPolicyFromTemplateDataSet);
        policyNotAffectsOtherTypes(loadPolicyFromTemplateDataSet);
        policyNotAffectsOtherEntities(loadPolicyFromTemplateDataSet);
        policyNotAffectsOtherOperations(loadPolicyFromTemplateDataSet);
        policyNotAffectsOtherRoles(loadPolicyFromTemplateDataSet);
    }

    private void policyNotAffectsOtherRoles(DynamicPolicy dynamicPolicy) {
        TestAuthorizationRequest testAuthorizationRequest = new TestAuthorizationRequest(new IndividualAccessObject(TEST_ENTITY), this.ao);
        testAuthorizationRequest.setRoleUris(Arrays.asList(this.roleUri + "_NOT_EXISTS"));
        Assert.assertEquals(DecisionResult.INCONCLUSIVE, dynamicPolicy.decide(testAuthorizationRequest).getDecisionResult());
    }

    private void policyNotAffectsOtherEntities(DynamicPolicy dynamicPolicy) {
        TestAuthorizationRequest testAuthorizationRequest = new TestAuthorizationRequest(new IndividualAccessObject("test:anothe_entity"), this.ao);
        testAuthorizationRequest.setRoleUris(Arrays.asList(this.roleUri));
        Assert.assertEquals(DecisionResult.INCONCLUSIVE, dynamicPolicy.decide(testAuthorizationRequest).getDecisionResult());
    }

    private void policyNotAffectsOtherOperations(DynamicPolicy dynamicPolicy) {
        TestAuthorizationRequest testAuthorizationRequest = new TestAuthorizationRequest(new IndividualAccessObject(TEST_ENTITY), AccessOperation.ADD);
        testAuthorizationRequest.setRoleUris(Arrays.asList(this.roleUri));
        Assert.assertEquals(DecisionResult.INCONCLUSIVE, dynamicPolicy.decide(testAuthorizationRequest).getDecisionResult());
    }

    private void policyNotAffectsOtherTypes(DynamicPolicy dynamicPolicy) {
        TestAuthorizationRequest testAuthorizationRequest = new TestAuthorizationRequest(new NamedAccessObject(TEST_ENTITY), this.ao);
        testAuthorizationRequest.setRoleUris(Arrays.asList(this.roleUri));
        Assert.assertEquals(DecisionResult.INCONCLUSIVE, dynamicPolicy.decide(testAuthorizationRequest).getDecisionResult());
    }

    private void policyDeniesAccess(DynamicPolicy dynamicPolicy) {
        TestAuthorizationRequest testAuthorizationRequest = new TestAuthorizationRequest(new IndividualAccessObject(TEST_ENTITY), this.ao);
        testAuthorizationRequest.setRoleUris(Arrays.asList(this.roleUri));
        Assert.assertEquals(DecisionResult.UNAUTHORIZED, dynamicPolicy.decide(testAuthorizationRequest).getDecisionResult());
    }

    @Parameterized.Parameters
    public static Collection<Object[]> requests() {
        return Arrays.asList(new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, PolicyTest.ADMIN, 1, num(4)}, new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, PolicyTest.CURATOR, 1, num(4)}, new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, PolicyTest.EDITOR, 1, num(4)}, new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, PolicyTest.SELF_EDITOR, 1, num(4)}, new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, PolicyTest.PUBLIC, 1, num(4)}, new Object[]{AccessOperation.DISPLAY, AccessObjectType.INDIVIDUAL, "http://vitro.mannlib.cornell.edu/ns/vitro/authorization#CUSTOM", 1, num(4)});
    }

    private static Set<Integer> num(int i) {
        return Collections.singleton(Integer.valueOf(i));
    }
}
