package org.apache.hadoop.hbase.security.access;

import com.google.common.collect.Lists;
import java.util.ArrayList;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Coprocessor;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HRegionInfo;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.NamespaceDescriptor;
import org.apache.hadoop.hbase.ServerName;
import org.apache.hadoop.hbase.TableNotFoundException;
import org.apache.hadoop.hbase.client.Append;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Delete;
import org.apache.hadoop.hbase.client.Durability;
import org.apache.hadoop.hbase.client.Get;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.hbase.client.Increment;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.coprocessor.MasterCoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.ObserverContext;
import org.apache.hadoop.hbase.coprocessor.RegionCoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.RegionServerCoprocessorEnvironment;
import org.apache.hadoop.hbase.filter.BinaryComparator;
import org.apache.hadoop.hbase.filter.CompareFilter;
import org.apache.hadoop.hbase.master.MasterCoprocessorHost;
import org.apache.hadoop.hbase.protobuf.generated.HBaseProtos;
import org.apache.hadoop.hbase.regionserver.MiniBatchOperationInProgress;
import org.apache.hadoop.hbase.regionserver.Region;
import org.apache.hadoop.hbase.regionserver.RegionScanner;
import org.apache.hadoop.hbase.regionserver.wal.WALEdit;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.security.access.Permission;
import org.apache.hadoop.hbase.security.access.SecureTestUtil;
import org.apache.hadoop.hbase.testclassification.LargeTests;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.hbase.util.TestTableName;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.web.resources.OwnerParam;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.mockito.Mockito;

@Category({LargeTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestWithDisabledAuthorization.class */
public class TestWithDisabledAuthorization extends SecureTestUtil {
    private static final Log LOG = LogFactory.getLog(TestWithDisabledAuthorization.class);
    private static final HBaseTestingUtility TEST_UTIL;
    private static final byte[] TEST_FAMILY;
    private static final byte[] TEST_FAMILY2;
    private static final byte[] TEST_ROW;
    private static final byte[] TEST_Q1;
    private static final byte[] TEST_Q2;
    private static final byte[] TEST_Q3;
    private static final byte[] TEST_Q4;
    private static final byte[] ZERO;
    private static MasterCoprocessorEnvironment CP_ENV;
    private static AccessController ACCESS_CONTROLLER;
    private static RegionServerCoprocessorEnvironment RSCP_ENV;
    private RegionCoprocessorEnvironment RCP_ENV;

    @Rule
    public TestTableName TEST_TABLE = new TestTableName();
    private static User SUPERUSER;
    private static User USER_ADMIN;
    private static User USER_RW;
    private static User USER_RO;
    private static User USER_OWNER;
    private static User USER_CREATE;
    private static User USER_NONE;
    private static User USER_QUAL;

    @BeforeClass
    public static void setupBeforeClass() throws Exception {
        Configuration configuration = TEST_UTIL.getConfiguration();
        enableSecurity(configuration);
        configuration.setBoolean(AccessControlConstants.CF_ATTRIBUTE_EARLY_OUT, false);
        configuration.setBoolean(AccessControlConstants.EXEC_PERMISSION_CHECKS_KEY, true);
        verifyConfiguration(configuration);
        configuration.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, false);
        TEST_UTIL.startMiniCluster();
        MasterCoprocessorHost masterCoprocessorHost = TEST_UTIL.getMiniHBaseCluster().getMaster().getMasterCoprocessorHost();
        masterCoprocessorHost.load(AccessController.class, 0, configuration);
        ACCESS_CONTROLLER = (AccessController) masterCoprocessorHost.findCoprocessor(AccessController.class.getName());
        CP_ENV = masterCoprocessorHost.createEnvironment(AccessController.class, (Coprocessor) ACCESS_CONTROLLER, 0, 1, configuration);
        RSCP_ENV = TEST_UTIL.getMiniHBaseCluster().getRegionServer(0).getRegionServerCoprocessorHost().createEnvironment(AccessController.class, (Coprocessor) ACCESS_CONTROLLER, 0, 1, configuration);
        TEST_UTIL.waitUntilAllRegionsAssigned(AccessControlLists.ACL_TABLE_NAME);
        SUPERUSER = User.createUserForTesting(configuration, "admin", new String[]{DFSConfigKeys.DFS_PERMISSIONS_SUPERUSERGROUP_DEFAULT});
        USER_ADMIN = User.createUserForTesting(configuration, "admin2", new String[0]);
        USER_OWNER = User.createUserForTesting(configuration, OwnerParam.NAME, new String[0]);
        USER_CREATE = User.createUserForTesting(configuration, "tbl_create", new String[0]);
        USER_RW = User.createUserForTesting(configuration, "rwuser", new String[0]);
        USER_RO = User.createUserForTesting(configuration, "rouser", new String[0]);
        USER_QUAL = User.createUserForTesting(configuration, "rwpartial", new String[0]);
        USER_NONE = User.createUserForTesting(configuration, "nouser", new String[0]);
    }

    @AfterClass
    public static void tearDownAfterClass() throws Exception {
        TEST_UTIL.shutdownMiniCluster();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v5, types: [byte[], byte[][]] */
    @Before
    public void setUp() throws Exception {
        HBaseAdmin hBaseAdmin = TEST_UTIL.getHBaseAdmin();
        HTableDescriptor hTableDescriptor = new HTableDescriptor(this.TEST_TABLE.getTableName());
        HColumnDescriptor hColumnDescriptor = new HColumnDescriptor(TEST_FAMILY);
        hColumnDescriptor.setMaxVersions(100);
        hTableDescriptor.addFamily(hColumnDescriptor);
        hTableDescriptor.setOwner(USER_OWNER);
        hBaseAdmin.createTable(hTableDescriptor, new byte[]{Bytes.toBytes("s")});
        TEST_UTIL.waitUntilAllRegionsAssigned(this.TEST_TABLE.getTableName());
        this.RCP_ENV = TEST_UTIL.getHBaseCluster().getRegions(this.TEST_TABLE.getTableName()).get(0).getCoprocessorHost().createEnvironment(AccessController.class, (Coprocessor) ACCESS_CONTROLLER, 0, 1, TEST_UTIL.getConfiguration());
        grantGlobal(TEST_UTIL, USER_ADMIN.getShortName(), Permission.Action.ADMIN, Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_RW.getShortName(), this.TEST_TABLE.getTableName(), TEST_FAMILY, null, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_CREATE.getShortName(), this.TEST_TABLE.getTableName(), null, null, Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_RO.getShortName(), this.TEST_TABLE.getTableName(), TEST_FAMILY, null, Permission.Action.READ);
        grantOnTable(TEST_UTIL, USER_QUAL.getShortName(), this.TEST_TABLE.getTableName(), TEST_FAMILY, TEST_Q1, Permission.Action.READ, Permission.Action.WRITE);
        Assert.assertEquals(5L, AccessControlLists.getTablePermissions(TEST_UTIL.getConfiguration(), this.TEST_TABLE.getTableName()).size());
    }

    @After
    public void tearDown() throws Exception {
        try {
            deleteTable(TEST_UTIL, this.TEST_TABLE.getTableName());
        } catch (TableNotFoundException e) {
            LOG.info("Test deleted table " + this.TEST_TABLE.getTableName());
        }
        Assert.assertEquals(0L, AccessControlLists.getTablePermissions(TEST_UTIL.getConfiguration(), this.TEST_TABLE.getTableName()).size());
        Assert.assertEquals(0L, AccessControlLists.getNamespacePermissions(TEST_UTIL.getConfiguration(), this.TEST_TABLE.getTableName().getNamespaceAsString()).size());
    }

    @Test
    public void testCheckPermissions() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.1
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkGlobalPerms(TestWithDisabledAuthorization.TEST_UTIL, Permission.Action.ADMIN);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction, USER_OWNER, USER_CREATE, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.2
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkGlobalPerms(TestWithDisabledAuthorization.TEST_UTIL, Permission.Action.READ);
                return null;
            }
        };
        verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction2, USER_OWNER, USER_CREATE, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.3
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkGlobalPerms(TestWithDisabledAuthorization.TEST_UTIL, Permission.Action.READ, Permission.Action.WRITE);
                return null;
            }
        };
        verifyAllowed(accessTestAction3, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction3, USER_OWNER, USER_CREATE, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.4
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), (byte[]) null, (byte[]) null, Permission.Action.ADMIN);
                return null;
            }
        };
        verifyAllowed(accessTestAction4, SUPERUSER, USER_ADMIN, USER_OWNER);
        verifyDenied(accessTestAction4, USER_CREATE, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction5 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.5
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), (byte[]) null, (byte[]) null, Permission.Action.CREATE);
                return null;
            }
        };
        verifyAllowed(accessTestAction5, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
        verifyDenied(accessTestAction5, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction6 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.6
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), (byte[]) null, (byte[]) null, Permission.Action.READ);
                return null;
            }
        };
        verifyAllowed(accessTestAction6, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
        verifyDenied(accessTestAction6, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction7 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.7
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), (byte[]) null, (byte[]) null, Permission.Action.READ, Permission.Action.WRITE);
                return null;
            }
        };
        verifyAllowed(accessTestAction7, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
        verifyDenied(accessTestAction7, USER_RW, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction8 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.8
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, (byte[]) null, Permission.Action.READ);
                return null;
            }
        };
        verifyAllowed(accessTestAction8, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_RO);
        verifyDenied(accessTestAction8, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction9 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.9
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, (byte[]) null, Permission.Action.READ, Permission.Action.WRITE);
                return null;
            }
        };
        verifyAllowed(accessTestAction9, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
        verifyDenied(accessTestAction9, USER_RO, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction10 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.10
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, Permission.Action.READ);
                return null;
            }
        };
        verifyAllowed(accessTestAction10, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_RO, USER_QUAL);
        verifyDenied(accessTestAction10, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction11 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.11
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, Permission.Action.READ, Permission.Action.WRITE);
                return null;
            }
        };
        verifyAllowed(accessTestAction11, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_QUAL);
        verifyDenied(accessTestAction11, USER_RO, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction12 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.12
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), new TablePermission(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, Permission.Action.READ), new TablePermission(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q2, Permission.Action.READ));
                return null;
            }
        };
        verifyAllowed(accessTestAction12, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_RO);
        verifyDenied(accessTestAction12, USER_QUAL, USER_NONE);
        SecureTestUtil.AccessTestAction accessTestAction13 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.13
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), new TablePermission(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, Permission.Action.READ, Permission.Action.WRITE), new TablePermission(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q2, Permission.Action.READ, Permission.Action.WRITE));
                return null;
            }
        };
        verifyAllowed(accessTestAction13, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
        verifyDenied(accessTestAction13, USER_RO, USER_QUAL, USER_NONE);
    }

    @Test
    public void testPassiveGrantRevoke() throws Exception {
        User createUserForTesting = User.createUserForTesting(TEST_UTIL.getConfiguration(), "tbluser", new String[0]);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.14
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkTablePerms(TestWithDisabledAuthorization.TEST_UTIL, TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY, (byte[]) null, Permission.Action.READ);
                return null;
            }
        };
        verifyDenied(createUserForTesting, accessTestAction);
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.15
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.TEST_UTIL.getConfiguration());
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                    Throwable th2 = null;
                    try {
                        try {
                            table.get(new Get(TestWithDisabledAuthorization.TEST_ROW).addFamily(TestWithDisabledAuthorization.TEST_FAMILY));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        verifyAllowed(createUserForTesting, accessTestAction2);
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), this.TEST_TABLE.getTableName(), TEST_FAMILY, null, Permission.Action.READ);
        verifyAllowed(createUserForTesting, accessTestAction);
        verifyAllowed(createUserForTesting, accessTestAction2);
        revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), this.TEST_TABLE.getTableName(), TEST_FAMILY, null, Permission.Action.READ);
        verifyDenied(createUserForTesting, accessTestAction);
        verifyAllowed(createUserForTesting, accessTestAction2);
    }

    @Test
    public void testPassiveMasterOperations() throws Exception {
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.16
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                HTableDescriptor hTableDescriptor = new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                hTableDescriptor.addFamily(new HColumnDescriptor(TestWithDisabledAuthorization.TEST_FAMILY));
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preCreateTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), hTableDescriptor, null);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.17
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                HTableDescriptor hTableDescriptor = new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                hTableDescriptor.addFamily(new HColumnDescriptor(TestWithDisabledAuthorization.TEST_FAMILY));
                hTableDescriptor.addFamily(new HColumnDescriptor(TestWithDisabledAuthorization.TEST_FAMILY2));
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preModifyTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), hTableDescriptor);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.18
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDeleteTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.19
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preTruncateTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.20
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preAddColumn(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), new HColumnDescriptor(TestWithDisabledAuthorization.TEST_FAMILY2));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.21
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preModifyColumn(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), new HColumnDescriptor(TestWithDisabledAuthorization.TEST_FAMILY2));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.22
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDeleteColumn(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName(), TestWithDisabledAuthorization.TEST_FAMILY2);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.23
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preEnableTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.24
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDisableTable(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.25
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preMove(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), new HRegionInfo(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()), ServerName.valueOf("1.1.1.1", 1, 0L), ServerName.valueOf("2.2.2.2", 2, 0L));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.26
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preAssign(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), new HRegionInfo(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.27
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preUnassign(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), new HRegionInfo(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()), true);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.28
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preBalance(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.29
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preBalanceSwitch(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), true);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.30
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preSnapshot(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), HBaseProtos.SnapshotDescription.newBuilder().setName("foo").build(), new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.31
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preCloneSnapshot(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), HBaseProtos.SnapshotDescription.newBuilder().setName("foo").build(), new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.32
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), HBaseProtos.SnapshotDescription.newBuilder().setName("foo").build(), new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName()));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.33
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), HBaseProtos.SnapshotDescription.newBuilder().setName("foo").build());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.34
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                ArrayList newArrayList = Lists.newArrayList();
                newArrayList.add(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preGetTableDescriptors(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), newArrayList, Lists.newArrayList(), ".+");
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.35
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preGetTableNames(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), Lists.newArrayList(), ".+");
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.36
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preCreateNamespace(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), NamespaceDescriptor.create("test").build());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.37
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDeleteNamespace(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), "test");
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.38
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preModifyNamespace(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), NamespaceDescriptor.create("test").build());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.39
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preGetNamespaceDescriptor(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), "test");
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.40
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preListNamespaceDescriptors(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.CP_ENV, null), Lists.newArrayList());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
    }

    @Test
    public void testPassiveRegionServerOperations() throws Exception {
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.41
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preStopRegionServer(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.RSCP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.42
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                HTableDescriptor hTableDescriptor = new HTableDescriptor(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                Region region = (Region) Mockito.mock(Region.class);
                Mockito.when(region.getTableDesc()).thenReturn(hTableDescriptor);
                Region region2 = (Region) Mockito.mock(Region.class);
                Mockito.when(region2.getTableDesc()).thenReturn(hTableDescriptor);
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preMerge(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.RSCP_ENV, null), region, region2);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.43
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preRollWALWriterRequest(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.RSCP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
    }

    @Test
    public void testPassiveRegionOperations() throws Exception {
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.44
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preOpen(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.45
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preFlush(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.46
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preSplit(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.47
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preGetClosestRowBefore(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), TestWithDisabledAuthorization.TEST_ROW, TestWithDisabledAuthorization.TEST_FAMILY, new Result());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.48
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preGetOp(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Get(TestWithDisabledAuthorization.TEST_ROW), Lists.newArrayList());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.49
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preExists(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Get(TestWithDisabledAuthorization.TEST_ROW), true);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.50
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.prePut(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Put(TestWithDisabledAuthorization.TEST_ROW), new WALEdit(), Durability.USE_DEFAULT);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.51
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preDelete(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Delete(TestWithDisabledAuthorization.TEST_ROW), new WALEdit(), Durability.USE_DEFAULT);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.52
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preBatchMutate(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new MiniBatchOperationInProgress<>(null, null, null, 0, 0));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.53
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preCheckAndPut(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), TestWithDisabledAuthorization.TEST_ROW, TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, CompareFilter.CompareOp.EQUAL, new BinaryComparator("foo".getBytes()), new Put(TestWithDisabledAuthorization.TEST_ROW), true);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.54
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preCheckAndDelete(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), TestWithDisabledAuthorization.TEST_ROW, TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, CompareFilter.CompareOp.EQUAL, new BinaryComparator("foo".getBytes()), new Delete(TestWithDisabledAuthorization.TEST_ROW), true);
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.55
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preAppend(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Append(TestWithDisabledAuthorization.TEST_ROW));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.56
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preIncrement(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Increment(TestWithDisabledAuthorization.TEST_ROW));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.57
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preScannerOpen(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), new Scan(), (RegionScanner) Mockito.mock(RegionScanner.class));
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.58
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestWithDisabledAuthorization.ACCESS_CONTROLLER.preBulkLoadHFile(ObserverContext.createAndPrepare(TestWithDisabledAuthorization.this.RCP_ENV, null), Lists.newArrayList());
                return null;
            }
        }, SUPERUSER, USER_ADMIN, USER_RW, USER_RO, USER_OWNER, USER_CREATE, USER_QUAL, USER_NONE);
    }

    @Test
    public void testPassiveCellPermissions() throws Exception {
        final Configuration configuration = TEST_UTIL.getConfiguration();
        verifyAllowed(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.59
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(configuration);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                    Throwable th2 = null;
                    try {
                        try {
                            Put add = new Put(TestWithDisabledAuthorization.TEST_ROW).add(TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q1, TestWithDisabledAuthorization.ZERO);
                            add.setACL(TestWithDisabledAuthorization.USER_NONE.getShortName(), new Permission(Permission.Action.READ));
                            table.put(add);
                            Put add2 = new Put(TestWithDisabledAuthorization.TEST_ROW).add(TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q2, TestWithDisabledAuthorization.ZERO);
                            add2.setACL(TestWithDisabledAuthorization.USER_NONE.getShortName(), new Permission(Permission.Action.READ, Permission.Action.WRITE));
                            table.put(add2);
                            table.put(new Put(TestWithDisabledAuthorization.TEST_ROW).add(TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q3, TestWithDisabledAuthorization.ZERO).add(TestWithDisabledAuthorization.TEST_FAMILY, TestWithDisabledAuthorization.TEST_Q4, TestWithDisabledAuthorization.ZERO));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        }, USER_OWNER);
        final ArrayList newArrayList = Lists.newArrayList();
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestWithDisabledAuthorization.60
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                Result next;
                Scan scan = new Scan();
                scan.setStartRow(TestWithDisabledAuthorization.TEST_ROW);
                scan.setStopRow(Bytes.add(TestWithDisabledAuthorization.TEST_ROW, new byte[]{0}));
                scan.addFamily(TestWithDisabledAuthorization.TEST_FAMILY);
                Connection createConnection = ConnectionFactory.createConnection(configuration);
                Table table = createConnection.getTable(TestWithDisabledAuthorization.this.TEST_TABLE.getTableName());
                try {
                    ResultScanner scanner = table.getScanner(scan);
                    do {
                        next = scanner.next();
                        if (next != null) {
                            newArrayList.addAll(next.listCells());
                        }
                    } while (next != null);
                    return newArrayList;
                } finally {
                    table.close();
                    createConnection.close();
                }
            }
        };
        newArrayList.clear();
        verifyAllowed(accessTestAction, USER_OWNER);
        Assert.assertEquals(4L, newArrayList.size());
        newArrayList.clear();
        verifyAllowed(accessTestAction, USER_NONE);
        Assert.assertEquals(4L, newArrayList.size());
    }

    static {
        Logger.getLogger(AccessController.class).setLevel(Level.TRACE);
        Logger.getLogger(AccessControlFilter.class).setLevel(Level.TRACE);
        Logger.getLogger(TableAuthManager.class).setLevel(Level.TRACE);
        TEST_UTIL = new HBaseTestingUtility();
        TEST_FAMILY = Bytes.toBytes("f1");
        TEST_FAMILY2 = Bytes.toBytes("f2");
        TEST_ROW = Bytes.toBytes("testrow");
        TEST_Q1 = Bytes.toBytes("q1");
        TEST_Q2 = Bytes.toBytes("q2");
        TEST_Q3 = Bytes.toBytes("q3");
        TEST_Q4 = Bytes.toBytes("q4");
        ZERO = Bytes.toBytes(0L);
    }
}
