package com.zimbra.qa.unittest;

import com.google.common.collect.Maps;
import com.zimbra.client.ZMailbox;
import com.zimbra.common.httpclient.HttpClientUtil;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.soap.SoapHttpTransport;
import com.zimbra.common.soap.SoapProtocol;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.AuthTokenException;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.Server;
import com.zimbra.cs.account.accesscontrol.Rights;
import com.zimbra.cs.account.soap.SoapProvisioning;
import com.zimbra.cs.ldap.LdapConstants;
import com.zimbra.cs.service.AuthProvider;
import com.zimbra.cs.zimlet.ZimletUtil;
import com.zimbra.soap.JaxbUtil;
import com.zimbra.soap.admin.message.AuthRequest;
import com.zimbra.soap.admin.message.AuthResponse;
import com.zimbra.soap.type.TargetType;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.HashMap;
import junit.framework.Assert;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:com/zimbra/qa/unittest/TestServiceServlet.class */
public class TestServiceServlet {
    private static Account delegatedAdminWithRights;
    private static Account delegatedAdminWithoutRights;
    private static Provisioning prov;
    private static Server localServer;
    private static String baseURL;
    private static final String NAME_PREFIX = TestUserServlet.class.getSimpleName();
    private static final String USER_NAME = NAME_PREFIX + "user1";
    private static String DELEGATED_ADMIN_WITH_RIGHTS = "TestServiceServletDelegatedAdmin1";
    private static String DELEGATED_ADMIN_WITHOUT_RIGHTS = "TestServiceServletDelegatedAdmin2";

    @BeforeClass
    public static void before() throws Exception {
        cleanup();
        TestUtil.createAccount(USER_NAME);
        baseURL = TestUtil.getBaseUrl() + "/fromservice/";
        prov = Provisioning.getInstance();
        localServer = prov.getLocalServer();
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("zimbraIsDelegatedAdminAccount", LdapConstants.LDAP_TRUE);
        newHashMap.put("zimbraAdminConsoleUIComponents", "accountListView");
        newHashMap.put("zimbraAdminConsoleUIComponents", "downloadsView");
        newHashMap.put("zimbraAdminConsoleUIComponents", "DLListView");
        delegatedAdminWithoutRights = TestUtil.createAccount(TestUtil.addDomainIfNecessary(DELEGATED_ADMIN_WITHOUT_RIGHTS), newHashMap);
        HashMap newHashMap2 = Maps.newHashMap();
        newHashMap2.put("zimbraIsDelegatedAdminAccount", LdapConstants.LDAP_TRUE);
        newHashMap2.put("zimbraAdminConsoleUIComponents", "accountListView");
        newHashMap2.put("zimbraAdminConsoleUIComponents", "downloadsView");
        newHashMap2.put("zimbraAdminConsoleUIComponents", "DLListView");
        delegatedAdminWithRights = TestUtil.createAccount(TestUtil.addDomainIfNecessary(DELEGATED_ADMIN_WITH_RIGHTS), newHashMap2);
        SoapProvisioning newSoapProvisioning = TestUtil.newSoapProvisioning();
        TestUtil.grantRightToAdmin(newSoapProvisioning, TargetType.fromString(com.zimbra.cs.account.accesscontrol.TargetType.server.toString()), localServer.getName(), delegatedAdminWithRights.getName(), Rights.Admin.R_deployZimlet.getName());
        TestUtil.grantRightToAdmin(newSoapProvisioning, TargetType.fromString(com.zimbra.cs.account.accesscontrol.TargetType.server.toString()), localServer.getName(), delegatedAdminWithRights.getName(), Rights.Admin.R_flushCache.getName());
        GetMethod getMethod = new GetMethod(String.format("%sflushacl", baseURL));
        addAuthTokenHeader(getMethod, AuthProvider.getAdminAuthToken().getEncoded());
        int executeMethod = HttpClientUtil.executeMethod(new HttpClient(), getMethod);
        if (200 != executeMethod) {
            Assert.fail(String.format("Failed to flush all cache in /zimbra web app. Response code: %d", Integer.valueOf(executeMethod)));
        }
    }

    private static void cleanup() throws Exception {
        if (TestUtil.accountExists(USER_NAME)) {
            TestUtil.deleteAccount(USER_NAME);
        }
        if (TestUtil.accountExists(DELEGATED_ADMIN_WITH_RIGHTS)) {
            TestUtil.deleteAccount(DELEGATED_ADMIN_WITH_RIGHTS);
        }
        if (TestUtil.accountExists(DELEGATED_ADMIN_WITHOUT_RIGHTS)) {
            TestUtil.deleteAccount(DELEGATED_ADMIN_WITHOUT_RIGHTS);
        }
    }

    @AfterClass
    public static void tearDown() throws Exception {
        cleanup();
    }

    private static void addAuthTokenHeader(HttpMethod httpMethod, String str) {
        httpMethod.addRequestHeader("authtoken", str);
    }

    private String getAdminAuthToken(String str) throws ServiceException, IOException {
        SoapHttpTransport soapHttpTransport = new SoapHttpTransport(TestUtil.getAdminSoapUrl());
        AuthRequest authRequest = new AuthRequest(str, "test123");
        authRequest.setCsrfSupported(false);
        return ((AuthResponse) JaxbUtil.elementToJaxb(soapHttpTransport.invoke(JaxbUtil.jaxbToElement(authRequest, SoapProtocol.SoapJS.getFactory())))).getAuthToken();
    }

    private void verifyAdminGET(String str) throws ServiceException, AuthTokenException, HttpException, IOException {
        HttpClient httpClient = new HttpClient();
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        Assert.assertEquals("Should be getting error code without an auth token", 401, HttpClientUtil.executeMethod(httpClient, new GetMethod(str)));
        GetMethod getMethod = new GetMethod(str);
        addAuthTokenHeader(getMethod, zMailbox.getAuthToken().getValue());
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, getMethod));
        GetMethod getMethod2 = new GetMethod(str);
        addAuthTokenHeader(getMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        Assert.assertEquals("Should be getting code 200 with super admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod2));
        GetMethod getMethod3 = new GetMethod(str);
        addAuthTokenHeader(getMethod3, getAdminAuthToken(delegatedAdminWithRights.getName()));
        Assert.assertEquals("Should be getting code 200 with permitted delegated admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod3));
        GetMethod getMethod4 = new GetMethod(str);
        addAuthTokenHeader(getMethod4, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        Assert.assertEquals("Should be getting code 401 with unpermitted delegated admin's auth token", 401, HttpClientUtil.executeMethod(httpClient, getMethod4));
    }

    private void verifyNonAdminGET(String str) throws ServiceException, AuthTokenException, HttpException, IOException {
        HttpClient httpClient = new HttpClient();
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        Assert.assertEquals("Should be getting error code without an auth token", 401, HttpClientUtil.executeMethod(httpClient, new GetMethod(str)));
        GetMethod getMethod = new GetMethod(str);
        addAuthTokenHeader(getMethod, zMailbox.getAuthToken().getValue());
        Assert.assertEquals("Should be getting code 200 with user's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod));
        GetMethod getMethod2 = new GetMethod(str);
        addAuthTokenHeader(getMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        Assert.assertEquals("Should be getting code 200 with super admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod2));
        GetMethod getMethod3 = new GetMethod(str);
        addAuthTokenHeader(getMethod3, getAdminAuthToken(delegatedAdminWithRights.getName()));
        Assert.assertEquals("Should be getting code 200 with permitted delegated admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod3));
        GetMethod getMethod4 = new GetMethod(str);
        addAuthTokenHeader(getMethod4, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        Assert.assertEquals("Should be getting code 200 with unpermitted delegated admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, getMethod4));
    }

    private void deployAdminVersionCheck() throws AuthTokenException, ServiceException, HttpException, IOException {
        HttpClient httpClient = new HttpClient();
        PostMethod postMethod = new PostMethod(baseURL + "deployzimlet");
        addAuthTokenHeader(postMethod, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        File file = new File("/opt/zimbra/zimlets/com_zimbra_adminversioncheck.zip");
        if (file.exists()) {
            postMethod.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Super admin should be able to deploy com_zimbra_adminversioncheck admin extension", 200, HttpClientUtil.executeMethod(httpClient, postMethod));
    }

    @Test
    public void testFlushZimlets() throws Exception {
        verifyAdminGET(baseURL + "flushzimlets");
    }

    @Test
    public void testFlushSkins() throws Exception {
        verifyAdminGET(baseURL + "flushskins");
    }

    @Test
    public void testFlushStrings() throws Exception {
        verifyAdminGET(baseURL + "flushuistrings");
    }

    @Test
    public void testLoadSkins() throws Exception {
        verifyNonAdminGET(baseURL + "loadskins");
    }

    @Test
    public void testLoadLocales() throws Exception {
        verifyNonAdminGET(baseURL + "loadlocales");
    }

    @Test
    public void testDeployZimlet() throws Exception {
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "deployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        File file = new File("/opt/zimbra/zimlets/com_zimbra_phone.zip");
        if (file.exists()) {
            postMethod.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        if (file.exists()) {
            postMethod2.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 200 with super admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, postMethod2));
        PostMethod postMethod3 = new PostMethod(str);
        addAuthTokenHeader(postMethod3, getAdminAuthToken(delegatedAdminWithRights.getName()));
        postMethod3.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        if (file.exists()) {
            postMethod3.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 200 with permitted delegated admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, postMethod3));
        PostMethod postMethod4 = new PostMethod(str);
        addAuthTokenHeader(postMethod4, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        postMethod4.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        if (file.exists()) {
            postMethod4.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 401 with unpermitted delegated admin's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod4));
    }

    @Test
    public void testDeployBadZimletName() throws Exception {
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "deployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
        File file = new File("/opt/zimbra/zimlets/com_zimbra_phone.zip");
        if (file.exists()) {
            postMethod.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
        if (file.exists()) {
            postMethod2.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 400 with super admin's auth token w/o upload", 400, HttpClientUtil.executeMethod(httpClient, postMethod2));
    }

    @Test
    public void testUnDeployZimlet() throws Exception {
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "undeployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_archive");
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        Assert.assertEquals("Should be getting code 200 with super admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, postMethod2));
        PostMethod postMethod3 = new PostMethod(str);
        addAuthTokenHeader(postMethod3, getAdminAuthToken(delegatedAdminWithRights.getName()));
        postMethod3.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        Assert.assertEquals("Should be getting code 200 with permitted delegated admin's auth token", 200, HttpClientUtil.executeMethod(httpClient, postMethod3));
        PostMethod postMethod4 = new PostMethod(str);
        addAuthTokenHeader(postMethod4, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        postMethod4.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        Assert.assertEquals("Should be getting code 401 with unpermitted delegated admin's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod4));
    }

    @Test
    public void testUnDeployBadZimletname() throws Exception {
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "undeployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
        Assert.assertEquals("Should be getting code 400 with super admin's auth token", 400, HttpClientUtil.executeMethod(httpClient, postMethod2));
    }

    @Test
    public void testDeployAdminExtension() throws Exception {
        deployAdminVersionCheck();
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "deployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_phone");
        File file = new File("/opt/zimbra/zimlets/com_zimbra_adminversioncheck.zip");
        if (file.exists()) {
            postMethod.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, getAdminAuthToken(delegatedAdminWithRights.getName()));
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        if (file.exists()) {
            postMethod2.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 401 with permitted delegated admin's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod2));
        PostMethod postMethod3 = new PostMethod(str);
        addAuthTokenHeader(postMethod3, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        postMethod3.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        if (file.exists()) {
            postMethod3.setRequestBody(new FileInputStream(file));
        }
        Assert.assertEquals("Should be getting code 401 with unpermitted delegated admin's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod3));
    }

    @Test
    public void testUnDeployAdminExtension() throws Exception {
        deployAdminVersionCheck();
        ZMailbox zMailbox = TestUtil.getZMailbox(USER_NAME);
        HttpClient httpClient = new HttpClient();
        String str = baseURL + "undeployzimlet";
        PostMethod postMethod = new PostMethod(str);
        addAuthTokenHeader(postMethod, zMailbox.getAuthToken().getValue());
        postMethod.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        Assert.assertEquals("Should be getting error code with user's auth token", 401, HttpClientUtil.executeMethod(httpClient, postMethod));
        PostMethod postMethod2 = new PostMethod(str);
        addAuthTokenHeader(postMethod2, getAdminAuthToken(delegatedAdminWithRights.getName()));
        postMethod2.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions even with deployZimlet right", 401, HttpClientUtil.executeMethod(httpClient, postMethod2));
        PostMethod postMethod3 = new PostMethod(str);
        addAuthTokenHeader(postMethod3, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
        postMethod3.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions with or without deployZimlet right", 401, HttpClientUtil.executeMethod(httpClient, postMethod3));
        PostMethod postMethod4 = new PostMethod(str);
        addAuthTokenHeader(postMethod4, AuthProvider.getAdminAuthToken().getEncoded());
        postMethod4.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
        Assert.assertEquals("Super admin should be able to undeploy com_zimbra_adminversioncheck admin extension", 200, HttpClientUtil.executeMethod(httpClient, postMethod4));
    }
}
