package org.geoserver.web.security.ldap;

import org.apache.wicket.Component;
import org.apache.wicket.markup.html.panel.FeedbackPanel;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.model.Model;
import org.geoserver.data.test.SystemTestData;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.ldap.LDAPRoleServiceConfig;
import org.geoserver.security.ldap.LDAPTestUtils;
import org.geoserver.security.web.AbstractSecurityWicketTestSupport;
import org.geoserver.web.ComponentBuilder;
import org.geoserver.web.FormTestPage;
import org.junit.After;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;

/* loaded from: input_file:org/geoserver/web/security/ldap/LDAPRoleServicePanelTest.class */
public class LDAPRoleServicePanelTest extends AbstractSecurityWicketTestSupport {
    private static final String GROUPS_BASE = "ou=Groups";
    private static final String GROUP_SEARCH_FILTER = "member=cn={0}";
    private static final String AUTH_USER = "admin";
    private static final String AUTH_PASSWORD = "secret";
    LDAPRoleServicePanel current;
    LDAPRoleServiceConfig config;
    private static final String ldapServerUrl = "ldap://127.0.0.1:10389";
    private static final String basePath = "dc=example,dc=com";
    String relBase = "panel:";
    String base = "form:" + this.relBase;
    FeedbackPanel feedbackPanel = null;

    @After
    public void tearDown() throws Exception {
        LDAPTestUtils.shutdownEmbeddedServer();
    }

    protected void setupPanel(boolean z, boolean z2) {
        this.config = new LDAPRoleServiceConfig();
        this.config.setName("test");
        if (z2) {
            this.config.setServerURL("ldap://127.0.0.1:10389/dc=example,dc=com");
            this.config.setGroupSearchBase(GROUPS_BASE);
        }
        this.config.setBindBeforeGroupSearch(Boolean.valueOf(z));
        this.config.setGroupSearchFilter(GROUP_SEARCH_FILTER);
        this.config.setUser(AUTH_USER);
        this.config.setPassword(AUTH_PASSWORD);
        setupPanel(this.config);
    }

    protected void onSetUp(SystemTestData systemTestData) throws Exception {
        super.onSetUp(systemTestData);
        SecurityManagerConfig securityConfig = getSecurityManager().getSecurityConfig();
        securityConfig.setEncryptingUrlParams(false);
        getSecurityManager().saveSecurityConfig(securityConfig);
    }

    protected void setupPanel(LDAPRoleServiceConfig lDAPRoleServiceConfig) {
        this.config = lDAPRoleServiceConfig;
        tester.startPage(new FormTestPage(new ComponentBuilder() { // from class: org.geoserver.web.security.ldap.LDAPRoleServicePanelTest.1
            private static final long serialVersionUID = 1;

            public Component buildComponent(String str) {
                LDAPRoleServicePanelTest lDAPRoleServicePanelTest = LDAPRoleServicePanelTest.this;
                LDAPRoleServicePanel lDAPRoleServicePanel = new LDAPRoleServicePanel(str, new Model(LDAPRoleServicePanelTest.this.config));
                lDAPRoleServicePanelTest.current = lDAPRoleServicePanel;
                return lDAPRoleServicePanel;
            }
        }, new CompoundPropertyModel(this.config)) { // from class: org.geoserver.web.security.ldap.LDAPRoleServicePanelTest.2
            private static final long serialVersionUID = -4090244876841730821L;

            protected void onInitialize() {
                LDAPRoleServicePanelTest.this.feedbackPanel = new FeedbackPanel("feedback");
                LDAPRoleServicePanelTest.this.feedbackPanel.setOutputMarkupId(true);
                add(new Component[]{LDAPRoleServicePanelTest.this.feedbackPanel});
                super.onInitialize();
            }
        });
    }

    @Test
    public void testDataLoadedFromConfigurationWithoutAuthentication() throws Exception {
        Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath));
        setupPanel(false, true);
        checkBaseConfig();
        Assert.assertNull(tester.getComponentFromLastRenderedPage("form:panel:authenticationPanelContainer:authenticationPanel:user"));
        Assert.assertNull(tester.getComponentFromLastRenderedPage("form:panel:authenticationPanelContainer:authenticationPanel:password"));
    }

    @Test
    public void testRequiredFields() throws Exception {
        Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath));
        setupPanel(false, false);
        tester.newFormTester("form").submit();
        tester.assertErrorMessages(new String[]{"Field 'Server URL' is required.", "Field 'Group search base' is required."});
    }

    @Test
    public void testDataLoadedFromConfigurationWithAuthentication() throws Exception {
        Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath));
        setupPanel(true, true);
        checkBaseConfig();
        tester.assertModelValue("form:panel:authenticationPanelContainer:authenticationPanel:user", AUTH_USER);
        tester.assertModelValue("form:panel:authenticationPanelContainer:authenticationPanel:password", AUTH_PASSWORD);
    }

    @Test
    public void testAuthenticationDisabled() throws Exception {
        Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath));
        setupPanel(false, true);
        tester.assertInvisible("form:panel:authenticationPanelContainer:authenticationPanel");
        tester.newFormTester("form").setValue("panel:bindBeforeGroupSearch", "on");
        tester.executeAjaxEvent("form:panel:bindBeforeGroupSearch", "click");
        tester.assertVisible("form:panel:authenticationPanelContainer:authenticationPanel");
    }

    public void testAuthenticationEnabled() throws Exception {
        Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath));
        setupPanel(true, true);
        tester.assertVisible("form:panel:authenticationPanelContainer:authenticationPanel");
        tester.newFormTester("form").setValue("panel:bindBeforeGroupSearch", "");
        tester.executeAjaxEvent("form:panel:bindBeforeGroupSearch", "click");
        tester.assertInvisible("form:panel:authenticationPanelContainer:authenticationPanel");
    }

    private void checkBaseConfig() {
        tester.assertModelValue("form:panel:serverURL", "ldap://127.0.0.1:10389/dc=example,dc=com");
        tester.assertModelValue("form:panel:groupSearchBase", GROUPS_BASE);
        tester.assertModelValue("form:panel:groupSearchFilter", GROUP_SEARCH_FILTER);
        tester.assertModelValue("form:panel:allGroupsSearchFilter", this.config.getAllGroupsSearchFilter());
    }
}
