package org.springframework.security.web.access;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.intercept.RunAsManager;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

/* loaded from: input_file:org/springframework/security/web/access/WebInvocationPrivilegeEvaluatorTests.class */
public class WebInvocationPrivilegeEvaluatorTests {
    private AccessDecisionManager adm;
    private FilterInvocationSecurityMetadataSource ods;
    private RunAsManager ram;
    private FilterSecurityInterceptor interceptor;

    @Before
    public final void setUp() {
        this.interceptor = new FilterSecurityInterceptor();
        this.ods = (FilterInvocationSecurityMetadataSource) Mockito.mock(FilterInvocationSecurityMetadataSource.class);
        this.adm = (AccessDecisionManager) Mockito.mock(AccessDecisionManager.class);
        this.ram = (RunAsManager) Mockito.mock(RunAsManager.class);
        this.interceptor.setAuthenticationManager((AuthenticationManager) Mockito.mock(AuthenticationManager.class));
        this.interceptor.setSecurityMetadataSource(this.ods);
        this.interceptor.setAccessDecisionManager(this.adm);
        this.interceptor.setRunAsManager(this.ram);
        this.interceptor.setApplicationEventPublisher((ApplicationEventPublisher) Mockito.mock(ApplicationEventPublisher.class));
        SecurityContextHolder.clearContext();
    }

    @Test
    public void permitsAccessIfNoMatchingAttributesAndPublicInvocationsAllowed() throws Exception {
        WebInvocationPrivilegeEvaluator webInvocationPrivilegeEvaluator = new WebInvocationPrivilegeEvaluator(this.interceptor);
        Mockito.when(this.ods.getAttributes(Mockito.anyObject())).thenReturn((Object) null);
        Assert.assertTrue(webInvocationPrivilegeEvaluator.isAllowed("/context", "/foo/index.jsp", "GET", (Authentication) Mockito.mock(Authentication.class)));
    }

    @Test
    public void deniesAccessIfNoMatchingAttributesAndPublicInvocationsNotAllowed() throws Exception {
        WebInvocationPrivilegeEvaluator webInvocationPrivilegeEvaluator = new WebInvocationPrivilegeEvaluator(this.interceptor);
        Mockito.when(this.ods.getAttributes(Mockito.anyObject())).thenReturn((Object) null);
        this.interceptor.setRejectPublicInvocations(true);
        Assert.assertFalse(webInvocationPrivilegeEvaluator.isAllowed("/context", "/foo/index.jsp", "GET", (Authentication) Mockito.mock(Authentication.class)));
    }

    @Test
    public void deniesAccessIfAuthenticationIsNull() throws Exception {
        Assert.assertFalse(new WebInvocationPrivilegeEvaluator(this.interceptor).isAllowed("/foo/index.jsp", (Authentication) null));
    }

    @Test
    public void allowsAccessIfAccessDecisionMangerDoes() throws Exception {
        Assert.assertTrue(new WebInvocationPrivilegeEvaluator(this.interceptor).isAllowed("/foo/index.jsp", new TestingAuthenticationToken("test", "Password", new String[]{"MOCK_INDEX"})));
    }

    @Test
    public void deniesAccessIfAccessDecisionMangerDoes() throws Exception {
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("test", "Password", new String[]{"MOCK_INDEX"});
        WebInvocationPrivilegeEvaluator webInvocationPrivilegeEvaluator = new WebInvocationPrivilegeEvaluator(this.interceptor);
        ((AccessDecisionManager) Mockito.doThrow(new AccessDeniedException("")).when(this.adm)).decide((Authentication) Mockito.any(Authentication.class), Mockito.anyObject(), Mockito.anyList());
        Assert.assertFalse(webInvocationPrivilegeEvaluator.isAllowed("/foo/index.jsp", testingAuthenticationToken));
    }

    @Test(expected = UnsupportedOperationException.class)
    public void dummyChainRejectsInvocation() throws Exception {
        WebInvocationPrivilegeEvaluator.DUMMY_CHAIN.doFilter((ServletRequest) Mockito.mock(HttpServletRequest.class), (ServletResponse) Mockito.mock(HttpServletResponse.class));
    }
}
