package org.dspace.app.rest;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.jayway.jsonpath.JsonPath;
import com.jayway.jsonpath.Predicate;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.sql.SQLException;
import java.time.temporal.ChronoUnit;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import javax.servlet.http.Cookie;
import org.dspace.app.requestitem.RequestItem;
import org.dspace.app.requestitem.service.RequestItemService;
import org.dspace.app.rest.converter.RequestItemConverter;
import org.dspace.app.rest.matcher.RequestCopyMatcher;
import org.dspace.app.rest.model.RequestItemRest;
import org.dspace.app.rest.repository.RequestItemRepository;
import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
import org.dspace.authorize.AuthorizeException;
import org.dspace.builder.BitstreamBuilder;
import org.dspace.builder.CollectionBuilder;
import org.dspace.builder.CommunityBuilder;
import org.dspace.builder.ItemBuilder;
import org.dspace.builder.RequestItemBuilder;
import org.dspace.content.Bitstream;
import org.dspace.content.Collection;
import org.dspace.content.Item;
import org.dspace.eperson.EPerson;
import org.exparity.hamcrest.date.DateMatchers;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.test.web.servlet.result.MockMvcResultMatchers;

/* loaded from: input_file:org/dspace/app/rest/RequestItemRepositoryIT.class */
public class RequestItemRepositoryIT extends AbstractControllerIntegrationTest {
    public static final String URI_ROOT = "http://localhost/api/tools/itemrequests";
    public static final String URI_SINGULAR_ROOT = "http://localhost/api/tools/itemrequest";

    @Autowired(required = true)
    RequestItemConverter requestItemConverter;

    @Autowired(required = true)
    RequestItemService requestItemService;
    private Collection collection;
    private Item item;
    private Bitstream bitstream;

    @Before
    public void init() throws SQLException, AuthorizeException, IOException {
        this.context.turnOffAuthorisationSystem();
        this.context.setCurrentUser(this.eperson);
        this.parentCommunity = CommunityBuilder.createCommunity(this.context).withName("Community").build();
        this.collection = CollectionBuilder.createCollection(this.context, this.parentCommunity).withName("Collection").withAdminGroup(new EPerson[]{this.eperson}).build();
        this.item = ItemBuilder.createItem(this.context, this.collection).withTitle("Item").build();
        this.bitstream = BitstreamBuilder.createBitstream(this.context, this.item, new ByteArrayInputStream(new byte[0])).withName("Bitstream").build();
        this.context.restoreAuthSystemState();
    }

    @Test
    public void testFindAll() throws Exception {
        System.out.println("findAll");
        getClient().perform(MockMvcRequestBuilders.get(URI_ROOT, new Object[0])).andExpect(MockMvcResultMatchers.status().isMethodNotAllowed());
    }

    @Test
    public void testFindOneAuthenticated() throws Exception {
        System.out.println("findOne (authenticated)");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build();
        getClient(getAuthToken(this.eperson.getEmail(), this.password)).perform(MockMvcRequestBuilders.get("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0])).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.content().contentType(this.contentType)).andExpect(MockMvcResultMatchers.jsonPath("$", Matchers.is(RequestCopyMatcher.matchRequestCopy(build))));
    }

    @Test
    public void testFindOneNotAuthenticated() throws Exception {
        System.out.println("findOne (not authenticated)");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build();
        getClient().perform(MockMvcRequestBuilders.get("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0])).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.content().contentType(this.contentType)).andExpect(MockMvcResultMatchers.jsonPath("$", Matchers.is(RequestCopyMatcher.matchRequestCopy(build))));
    }

    @Test
    public void testFindOneNonexistent() throws Exception {
        System.out.println("findOne (nonexistent request)");
        getClient().perform(MockMvcRequestBuilders.get("http://localhost/api/tools/itemrequests/impossible", new Object[0])).andExpect(MockMvcResultMatchers.status().isNotFound());
    }

    @Test
    public void testCreateAndReturnAuthenticated() throws SQLException, AuthorizeException, IOException, Exception {
        System.out.println("createAndReturn (authenticated)");
        RequestItemRest requestItemRest = new RequestItemRest();
        requestItemRest.setAllfiles(true);
        requestItemRest.setItemId(this.item.getID().toString());
        requestItemRest.setRequestEmail(this.eperson.getEmail());
        requestItemRest.setRequestName(this.eperson.getFullName());
        requestItemRest.setRequestMessage("Please send me a copy of this.");
        try {
            getClient(getAuthToken(this.eperson.getEmail(), this.password)).perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(new ObjectMapper().writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isCreated()).andExpect(MockMvcResultMatchers.jsonPath("$", new Object[0]).doesNotExist());
            Iterator findByItem = this.requestItemService.findByItem(this.context, this.item);
            String str = null;
            while (findByItem.hasNext()) {
                RequestItem requestItem = (RequestItem) findByItem.next();
                if (requestItem.getReqEmail().equals(this.eperson.getEmail())) {
                    Assert.assertEquals(this.eperson.getFullName(), requestItem.getReqName());
                    Assert.assertEquals(this.item.getID(), requestItem.getItem().getID());
                    Assert.assertEquals("Please send me a copy of this.", requestItem.getReqMessage());
                    Assert.assertEquals(true, Boolean.valueOf(requestItem.isAllfiles()));
                    Assert.assertNotNull(requestItem.getToken());
                    str = requestItem.getToken();
                }
            }
            RequestItemBuilder.deleteRequestItem(str);
        } catch (Throwable th) {
            Iterator findByItem2 = this.requestItemService.findByItem(this.context, this.item);
            String str2 = null;
            while (findByItem2.hasNext()) {
                RequestItem requestItem2 = (RequestItem) findByItem2.next();
                if (requestItem2.getReqEmail().equals(this.eperson.getEmail())) {
                    Assert.assertEquals(this.eperson.getFullName(), requestItem2.getReqName());
                    Assert.assertEquals(this.item.getID(), requestItem2.getItem().getID());
                    Assert.assertEquals("Please send me a copy of this.", requestItem2.getReqMessage());
                    Assert.assertEquals(true, Boolean.valueOf(requestItem2.isAllfiles()));
                    Assert.assertNotNull(requestItem2.getToken());
                    str2 = requestItem2.getToken();
                }
            }
            RequestItemBuilder.deleteRequestItem(str2);
            throw th;
        }
    }

    @Test
    public void testCreateAndReturnNotAuthenticated() throws SQLException, AuthorizeException, IOException, Exception {
        System.out.println("createAndReturn (not authenticated)");
        RequestItemRest requestItemRest = new RequestItemRest();
        requestItemRest.setAllfiles(false);
        requestItemRest.setBitstreamId(this.bitstream.getID().toString());
        requestItemRest.setItemId(this.item.getID().toString());
        requestItemRest.setRequestEmail("jsmith@example.com");
        requestItemRest.setRequestMessage("Please send me a copy of this.");
        requestItemRest.setRequestName("John Smith");
        try {
            getClient().perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(new ObjectMapper().writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isCreated()).andExpect(MockMvcResultMatchers.jsonPath("$", new Object[0]).doesNotExist());
            Iterator findByItem = this.requestItemService.findByItem(this.context, this.item);
            String str = null;
            while (findByItem.hasNext()) {
                RequestItem requestItem = (RequestItem) findByItem.next();
                if (requestItem.getReqEmail().equals("jsmith@example.com")) {
                    Assert.assertEquals(this.item.getID(), requestItem.getItem().getID());
                    Assert.assertEquals("Please send me a copy of this.", requestItem.getReqMessage());
                    Assert.assertEquals("John Smith", requestItem.getReqName());
                    Assert.assertEquals(this.bitstream.getID(), requestItem.getBitstream().getID());
                    Assert.assertEquals(false, Boolean.valueOf(requestItem.isAllfiles()));
                    Assert.assertNotNull(requestItem.getToken());
                    str = requestItem.getToken();
                }
            }
            RequestItemBuilder.deleteRequestItem(str);
        } catch (Throwable th) {
            Iterator findByItem2 = this.requestItemService.findByItem(this.context, this.item);
            String str2 = null;
            while (findByItem2.hasNext()) {
                RequestItem requestItem2 = (RequestItem) findByItem2.next();
                if (requestItem2.getReqEmail().equals("jsmith@example.com")) {
                    Assert.assertEquals(this.item.getID(), requestItem2.getItem().getID());
                    Assert.assertEquals("Please send me a copy of this.", requestItem2.getReqMessage());
                    Assert.assertEquals("John Smith", requestItem2.getReqName());
                    Assert.assertEquals(this.bitstream.getID(), requestItem2.getBitstream().getID());
                    Assert.assertEquals(false, Boolean.valueOf(requestItem2.isAllfiles()));
                    Assert.assertNotNull(requestItem2.getToken());
                    str2 = requestItem2.getToken();
                }
            }
            RequestItemBuilder.deleteRequestItem(str2);
            throw th;
        }
    }

    @Test
    public void testCreateAndReturnBadRequest() throws SQLException, AuthorizeException, IOException, Exception {
        System.out.println("createAndReturn (bad requests)");
        RequestItemRest requestItemRest = new RequestItemRest();
        requestItemRest.setBitstreamId(this.bitstream.getID().toString());
        requestItemRest.setItemId(this.item.getID().toString());
        requestItemRest.setRequestEmail(this.eperson.getEmail());
        requestItemRest.setRequestMessage("Please send me a copy of this.");
        requestItemRest.setRequestName(this.eperson.getFullName());
        requestItemRest.setAllfiles(false);
        ObjectMapper objectMapper = new ObjectMapper();
        String authToken = getAuthToken(this.eperson.getEmail(), this.password);
        requestItemRest.setBitstreamId((String) null);
        getClient(authToken).perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
        requestItemRest.setBitstreamId(UUID.randomUUID().toString());
        getClient(authToken).perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
        requestItemRest.setBitstreamId(this.bitstream.getID().toString());
        requestItemRest.setItemId((String) null);
        getClient(authToken).perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
        requestItemRest.setItemId(UUID.randomUUID().toString());
        getClient(authToken).perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
        requestItemRest.setItemId(this.item.getID().toString());
        requestItemRest.setRequestEmail((String) null);
        getClient().perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
        requestItemRest.setRequestEmail("<script>window.location='http://evil.example.com/';</script>");
        getClient().perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(objectMapper.writeValueAsBytes(requestItemRest)).contentType(this.contentType)).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
    }

    @Test
    public void testCreateWithInvalidCSRF() throws Exception {
        System.out.println("testCreateWithInvalidCSRF");
        String replace = getAuthToken(this.eperson.getEmail(), this.password).replace("Bearer ", "");
        Cookie[] cookieArr = {new Cookie("Authorization-cookie", replace)};
        RequestItemRest requestItemRest = new RequestItemRest();
        requestItemRest.setBitstreamId(this.bitstream.getID().toString());
        requestItemRest.setItemId(this.item.getID().toString());
        requestItemRest.setRequestEmail("jsmith@example.com");
        requestItemRest.setRequestMessage("Please send me a copy of this.");
        requestItemRest.setRequestName("John Smith");
        requestItemRest.setAllfiles(false);
        getClient().perform(MockMvcRequestBuilders.post(URI_ROOT, new Object[0]).content(new ObjectMapper().writeValueAsBytes(requestItemRest)).contentType(this.contentType).with(SecurityMockMvcRequestPostProcessors.csrf().useInvalidToken().asHeader()).secure(true).cookie(cookieArr)).andExpect(MockMvcResultMatchers.status().isForbidden()).andExpect(MockMvcResultMatchers.status().reason(Matchers.containsString("Invalid CSRF token"))).andExpect(MockMvcResultMatchers.cookie().exists("DSPACE-XSRF-COOKIE")).andExpect(MockMvcResultMatchers.header().exists("DSPACE-XSRF-TOKEN"));
        getClient(replace).perform(MockMvcRequestBuilders.post("/api/authn/logout", new Object[0])).andExpect(MockMvcResultMatchers.status().isNoContent());
    }

    @Test
    public void testDelete() throws Exception {
        System.out.println("delete");
        getClient().perform(MockMvcRequestBuilders.delete("http://localhost/api/tools/itemrequests/" + RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build().getToken(), new Object[0])).andExpect(MockMvcResultMatchers.status().isMethodNotAllowed());
    }

    @Test
    public void testUntrustedOrigin() throws Exception {
        System.out.println("testUntrustedOrigin");
        String authToken = getAuthToken(this.eperson.getEmail(), this.password);
        getClient(authToken).perform(MockMvcRequestBuilders.get("/api/authn/status", new Object[0])).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.jsonPath("$.okay", Matchers.is(true))).andExpect(MockMvcResultMatchers.jsonPath("$.authenticated", Matchers.is(true))).andExpect(MockMvcResultMatchers.jsonPath("$.type", Matchers.is("status")));
        getClient(authToken).perform(MockMvcRequestBuilders.get(URI_ROOT, new Object[0]).header("Origin", new Object[]{"https://example.org"})).andExpect(MockMvcResultMatchers.status().isForbidden());
        getClient(authToken).perform(MockMvcRequestBuilders.post("/api/authn/logout", new Object[0])).andExpect(MockMvcResultMatchers.status().isNoContent());
    }

    @Test
    public void testPut() throws Exception {
        System.out.println("put");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build();
        String writeValueAsString = new ObjectMapper().writer().writeValueAsString(Map.of("acceptRequest", "true", "subject", "subject", "responseMessage", "Request accepted", "suggestOpenAccess", "true"));
        String authToken = getAuthToken(this.eperson.getEmail(), this.password);
        AtomicReference atomicReference = new AtomicReference();
        getClient(authToken).perform(MockMvcRequestBuilders.put("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0]).contentType(this.contentType).content(writeValueAsString)).andExpect(MockMvcResultMatchers.status().isOk()).andDo(mvcResult -> {
            atomicReference.set((String) JsonPath.read(mvcResult.getResponse().getContentAsString(), "token", new Predicate[0]));
        });
        RequestItem findByToken = this.requestItemService.findByToken(this.context, (String) atomicReference.get());
        Assert.assertTrue("acceptRequest should be true", findByToken.isAccept_request());
        MatcherAssert.assertThat("decision_date must be within a minute of now", findByToken.getDecision_date(), DateMatchers.within(1L, ChronoUnit.MINUTES, new Date()));
    }

    @Test
    public void testPutUnauthenticated() throws Exception {
        System.out.println("put unauthenticated request");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build();
        getClient().perform(MockMvcRequestBuilders.put("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0]).contentType(this.contentType).content(new ObjectMapper().writer().writeValueAsString(Map.of("acceptRequest", "true", "subject", "put unauthenticated", "responseMessage", "Request accepted", "suggestOpenAccess", "false")))).andExpect(MockMvcResultMatchers.status().isOk());
    }

    @Test
    public void testPutBadRequest() throws Exception {
        System.out.println("put bad requests");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).build();
        getClient(getAuthToken(this.eperson.getEmail(), this.password)).perform(MockMvcRequestBuilders.put("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0]).contentType(this.contentType).content(new ObjectMapper().writer().writeValueAsString(Map.of("subject", "subject", "responseMessage", "Request accepted")))).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
    }

    @Test
    public void testPutCompletedRequest() throws Exception {
        System.out.println("put completed request");
        RequestItem build = RequestItemBuilder.createRequestItem(this.context, this.item, this.bitstream).withAcceptRequest(false).withDecisionDate(new Date()).build();
        getClient(getAuthToken(this.eperson.getEmail(), this.password)).perform(MockMvcRequestBuilders.put("http://localhost/api/tools/itemrequests/" + build.getToken(), new Object[0]).contentType(this.contentType).content(new ObjectMapper().writer().writeValueAsString(Map.of("acceptRequest", "true", "subject", "subject", "responseMessage", "Request accepted")))).andExpect(MockMvcResultMatchers.status().isUnprocessableEntity());
    }

    @Test
    public void testGetDomainClass() {
        System.out.println("getDomainClass");
        Assert.assertEquals("Wrong domain class", RequestItemRest.class, new RequestItemRepository().getDomainClass());
    }
}
