package org.openvpms.web.test;

import io.restassured.RestAssured;
import java.io.File;
import java.io.FileInputStream;
import java.util.HashMap;
import org.codehaus.cargo.container.InstalledLocalContainer;
import org.codehaus.cargo.container.deployable.WAR;
import org.codehaus.cargo.container.jetty.Jetty9xExistingLocalConfiguration;
import org.codehaus.cargo.container.jetty.Jetty9xInstalledLocalContainer;
import org.codehaus.cargo.container.property.LoggingLevel;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.openvpms.archetype.rules.security.FirewallSettings;
import org.openvpms.archetype.test.ArchetypeServiceTest;
import org.openvpms.archetype.test.builder.practice.TestPracticeFactory;
import org.openvpms.archetype.test.builder.security.TestFirewallBuilder;
import org.openvpms.archetype.test.builder.user.TestUserFactory;
import org.openvpms.component.business.dao.im.plugin.PluginDAO;
import org.openvpms.component.model.user.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/* loaded from: input_file:org/openvpms/web/test/FirewallIntegrationTestCase.class */
public class FirewallIntegrationTestCase extends ArchetypeServiceTest {

    @Autowired
    private TestPracticeFactory practiceFactory;

    @Autowired
    private TestUserFactory userFactory;

    @Autowired
    private PluginDAO pluginDAO;
    private int port;
    private User user1;
    private User user2;
    private InstalledLocalContainer container;
    private TestFirewallBuilder firewallBuilder;

    @Before
    public void setUp() throws Exception {
        this.practiceFactory.newPractice().enablePlugins().build();
        this.firewallBuilder = new TestFirewallBuilder(getArchetypeService());
        installPlugins();
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        this.user1 = this.userFactory.newUser().connectFromAnywhere(true).password(bCryptPasswordEncoder.encode("password1")).build();
        this.user2 = this.userFactory.newUser().connectFromAnywhere(false).password(bCryptPasswordEncoder.encode("password2")).build();
    }

    @After
    public void tearDown() {
        if (this.container != null) {
            this.container.stop();
        }
    }

    @Test
    public void testUnrestrictedAccess() {
        this.firewallBuilder.accessType(FirewallSettings.AccessType.UNRESTRICTED).allowedAddresses(new String[0]).build();
        startJetty();
        checkUnrestrictedAccess("127.0.0.1", "192.168.1.1", this.user1, this.user2);
    }

    @Test
    public void testAllowedOnly() {
        this.firewallBuilder.accessType(FirewallSettings.AccessType.ALLOWED_ONLY).allowedAddresses(new String[]{"127.0.0.1"}).build();
        startJetty();
        checkAllowedOnly("127.0.0.1", "192.168.1.1", this.user1, this.user2);
    }

    @Test
    public void testAllowedUser() {
        this.firewallBuilder.accessType(FirewallSettings.AccessType.ALLOWED_USER).allowedAddresses(new String[]{"127.0.0.1"}).build();
        startJetty();
        checkAllowedUser("127.0.0.1", "192.168.1.1", this.user1, this.user2);
    }

    protected void checkUnrestrictedAccess(String str, String str2, User user, User user2) {
        checkGet("/openvpms/login", str, 200);
        checkGet("/openvpms/login", str2, 200);
        checkGet("/openvpms/forgotpassword", str, 200);
        checkGet("/openvpms/forgotpassword", str2, 200);
        checkGet("/openvpms/resetpassword", str, 200);
        checkGet("/openvpms/resetpassword", str2, 200);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str, 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str2, 401);
        checkGet("/openvpms/plugins/servlet/test-servlet", str, 200);
        checkGet("/openvpms/plugins/servlet/test-servlet", str2, 200);
        checkGet("/openvpms/rest/hello/1/hello", str, 200);
        checkGet("/openvpms/rest/hello/1/hello", str2, 200);
    }

    protected void checkAllowedOnly(String str, String str2, User user, User user2) {
        checkGet("/openvpms/login", str, 200);
        checkGet("/openvpms/login", str2, 401);
        checkGet("/openvpms/forgotpassword", str, 200);
        checkGet("/openvpms/forgotpassword", str2, 401);
        checkGet("/openvpms/resetpassword", str, 200);
        checkGet("/openvpms/resetpassword", str2, 401);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "password1", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "password1", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user2.getUsername(), "password2", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user2.getUsername(), "password2", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str, 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str2, 401);
        checkGet("/openvpms/plugins/servlet/test-servlet", str, 200);
        checkGet("/openvpms/plugins/servlet/test-servlet", str2, 401);
        checkGet("/openvpms/rest/hello/1/hello", str, 200);
        checkGet("/openvpms/rest/hello/1/hello", str2, 401);
    }

    protected void checkAllowedUser(String str, String str2, User user, User user2) {
        checkGet("/openvpms/login", str, 200);
        checkGet("/openvpms/login", str2, 200);
        checkGet("/openvpms/forgotpassword", str, 200);
        checkGet("/openvpms/forgotpassword", str2, 200);
        checkGet("/openvpms/resetpassword", str, 200);
        checkGet("/openvpms/resetpassword", str2, 200);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "password1", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v2/locations", str, user2.getUsername(), "password2", 200);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user2.getUsername(), "password2", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user2.getUsername(), "password2", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v1/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/ws/booking/v2/locations", str2, user.getUsername(), "incorrect", 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str, 401);
        checkGet("/openvpms/webdav/12345/67890/foo.odt", str2, 401);
        checkGet("/openvpms/plugins/servlet/test-servlet", str, 200);
        checkGet("/openvpms/plugins/servlet/test-servlet", str2, 200);
        checkGet("/openvpms/rest/hello/1/hello", str, 200);
        checkGet("/openvpms/rest/hello/1/hello", str2, 200);
    }

    protected void checkGet(String str, String str2, int i) {
        RestAssured.given().header("X-Forwarded-For", str2, new Object[0]).get("http://localhost:" + this.port + str, new Object[0]).then().statusCode(i);
    }

    protected void checkGet(String str, String str2, String str3, String str4, int i) {
        RestAssured.given().header("X-Forwarded-For", str2, new Object[0]).auth().basic(str3, str4).get("http://localhost:" + this.port + str, new Object[0]).then().statusCode(i);
    }

    protected void startJetty() {
        startJetty(null);
    }

    protected void startJettyDebug() {
        startJetty("-Xdebug\n-Xrunjdwp:transport=dt_shmem,server=y,suspend=n,address=openvpms_dev\n-Xnoagent\n-Djava.compiler=NONE");
    }

    protected void startJetty(String str) {
        Jetty9xExistingLocalConfiguration jetty9xExistingLocalConfiguration = new Jetty9xExistingLocalConfiguration(getPath("target/jetty"));
        jetty9xExistingLocalConfiguration.addDeployable(new WAR(getPath("target/openvpms.war")));
        jetty9xExistingLocalConfiguration.setProperty("cargo.logging", LoggingLevel.HIGH.getLevel());
        if (str != null) {
            jetty9xExistingLocalConfiguration.setProperty("cargo.jvmargs", str);
        }
        this.container = new Jetty9xInstalledLocalContainer(jetty9xExistingLocalConfiguration);
        this.container.setHome(getPath("target/jetty"));
        this.container.setOutput("target/cargo.log");
        HashMap hashMap = new HashMap();
        hashMap.put("openvpms.key", System.getProperty("openvpms.key"));
        hashMap.put("db.url", System.getProperty("db.url"));
        hashMap.put("catalina.base", ".");
        this.container.setSystemProperties(hashMap);
        this.container.start();
        this.port = Integer.parseInt(this.container.getConfiguration().getPropertyValue("cargo.servlet.port"));
        System.out.println("Jetty listening on port " + this.port);
    }

    private String getPath(String str) {
        return new File(str).getAbsolutePath();
    }

    private void installPlugins() throws Exception {
        installPlugin("org.openvpms.openvpms-test-rest-plugin", "openvpms-test-rest-plugin.jar");
        installPlugin("org.openvpms.openvpms-test-servlet-plugin", "openvpms-test-servlet-plugin.jar");
    }

    private void installPlugin(String str, String str2) throws Exception {
        FileInputStream fileInputStream = new FileInputStream("target/" + str2);
        Throwable th = null;
        try {
            try {
                this.pluginDAO.save(str, str2, fileInputStream);
                if (fileInputStream != null) {
                    if (0 == 0) {
                        fileInputStream.close();
                        return;
                    }
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (fileInputStream != null) {
                if (th != null) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th4;
        }
    }
}
