package org.springframework.security.config.method;

import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.context.ApplicationListener;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.config.TestBusinessBean;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.class */
public class InterceptMethodsBeanDefinitionDecoratorTests {
    private ClassPathXmlApplicationContext appContext;
    private TestBusinessBean target;

    @Before
    public void loadContext() {
        System.setProperty("admin.role", "ROLE_ADMIN");
        this.appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/method-security.xml");
        this.target = (TestBusinessBean) this.appContext.getBean("target");
    }

    @After
    public void closeAppContext() {
        if (this.appContext != null) {
            this.appContext.close();
        }
        SecurityContextHolder.clearContext();
    }

    @Test
    public void targetDoesntLoseApplicationListenerInterface() {
        Assert.assertEquals(1L, this.appContext.getBeansOfType(ApplicationListener.class).size());
        Assert.assertEquals(1L, this.appContext.getBeanNamesForType(ApplicationListener.class).length);
        this.appContext.publishEvent(new AuthenticationSuccessEvent(new TestingAuthenticationToken("user", "")));
        Assert.assertTrue(this.target instanceof ApplicationListener);
    }

    @Test
    public void targetShouldAllowUnprotectedMethodInvocationWithNoContext() {
        this.target.unprotected();
    }

    @Test(expected = AuthenticationCredentialsNotFoundException.class)
    public void targetShouldPreventProtectedMethodInvocationWithNoContext() {
        this.target.doSomething();
    }

    @Test
    public void targetShouldAllowProtectedMethodInvocationWithCorrectRole() {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList(new String[]{"ROLE_USER"})));
        this.target.doSomething();
    }

    @Test(expected = AccessDeniedException.class)
    public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList(new String[]{"ROLE_SOMEOTHERROLE"})));
        this.target.doSomething();
        Assert.fail("Expected AccessDeniedException");
    }
}
