package parity.coop;

import com.bazaarvoice.jolt.ArrayOrderObliviousDiffy;
import com.bazaarvoice.jolt.Diffy;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import io.confluent.security.rbac.AccessPolicy;
import io.confluent.security.rbac.Role;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.kafka.common.utils.Utils;
import org.testng.Assert;
import org.testng.annotations.Test;
import utils.MdsTestUtil;
import utils.RolesTestUtils;
import utils.V2RolesUtil;

@Test
/* loaded from: input_file:parity/coop/V2CloudRolesTest.class */
public class V2CloudRolesTest extends ParityTestBase {
    private static final Diffy diffy = new ArrayOrderObliviousDiffy();
    private final String suBasicAuthHeaderValue = MdsTestUtil.basicAuthHeader("mds", "mds");

    @Test
    public void testRole() throws Exception {
        Role role = (Role) this.suClient.getRole(V2RolesUtil.ROLE_ENV_ADMIN).execute().body();
        Assert.assertNotNull(role.accessPolicies());
        Assert.assertEquals(role.accessPolicies().size(), 2);
        Assert.assertEquals((Set) role.accessPolicies().values().stream().map((v0) -> {
            return v0.bindingScope();
        }).collect(Collectors.toSet()), Utils.mkSet(new String[]{"environment", "organization"}));
    }

    private Map<String, Object> roleJsonFromRolesEndpoint(String str, int i) {
        return RolesTestUtils.roleJsonFromRolesEndpoint(str, "v2alpha1", this.actualMdsPort, this.suBasicAuthHeaderValue, i);
    }

    private JsonNode rolesJsonFromRolesEndpoint(String str, int i) throws JsonProcessingException {
        return RolesTestUtils.rolesJsonFromRolesEndpoint("v2alpha1", this.actualMdsPort, this.suBasicAuthHeaderValue, str, i);
    }

    @Test
    public void testUnknownRole() {
        Assert.assertNull(roleJsonFromRolesEndpoint("NoSuchRole", 404));
    }

    private ObjectNode roleJsonFromFile(String str) throws IOException {
        ObjectNode roleJsonNode = RolesTestUtils.roleJsonNode("cloud_rbac_roles.json", str);
        Assert.assertNotNull(roleJsonNode);
        return roleJsonNode;
    }

    @Test
    public void testRoleJson() throws Exception {
        Diffy.Result diff = diffy.diff(roleJsonFromFile(V2RolesUtil.ROLE_ENV_ADMIN), roleJsonFromRolesEndpoint(V2RolesUtil.ROLE_ENV_ADMIN, 200));
        Assert.assertTrue(diff.isEmpty(), diff.toString());
    }

    @Test
    public void testRolesJson() throws Exception {
        JsonNode rolesJsonNode = RolesTestUtils.rolesJsonNode("cloud_rbac_roles.json");
        Iterator it = rolesJsonNode.iterator();
        while (it.hasNext()) {
            if (!"public".equals(((JsonNode) it.next()).get("namespace").asText())) {
                it.remove();
            }
        }
        Diffy.Result diff = diffy.diff(rolesJsonNode, rolesJsonFromRolesEndpoint(null, 200));
        Assert.assertTrue(diff.isEmpty(), diff.toString());
    }

    @Test
    public void testConfluentRolesJson() throws Exception {
        JsonNode rolesJsonNode = RolesTestUtils.rolesJsonNode("cloud_rbac_roles.json");
        Iterator it = rolesJsonNode.iterator();
        while (it.hasNext()) {
            if (!"confluent".equals(((JsonNode) it.next()).get("namespace").asText())) {
                it.remove();
            }
        }
        Diffy.Result diff = diffy.diff(rolesJsonNode, rolesJsonFromRolesEndpoint("confluent", 200));
        Assert.assertTrue(diff.isEmpty(), diff.toString());
    }

    @Test
    public void testRoles() throws Exception {
        List<Role> list = (List) this.suClient.getRoles().execute().body();
        Assert.assertTrue(list.size() >= 3);
        Set mkSet = Utils.mkSet(new String[]{"cluster", "cloud-cluster", "environment", "organization", "root"});
        for (Role role : list) {
            Assert.assertTrue(role.accessPolicies().size() >= 1);
            Iterator it = role.accessPolicies().values().iterator();
            while (it.hasNext()) {
                Assert.assertTrue(mkSet.contains(((AccessPolicy) it.next()).bindingScope()));
            }
            Assert.assertTrue(role.isInNamespace("public"));
        }
    }

    @Test
    public void testConfluentRoles() throws Exception {
        List<Role> list = (List) this.suClient.getRoles("confluent").execute().body();
        Assert.assertEquals(list.size(), 1);
        Set mkSet = Utils.mkSet(new String[]{"cluster", "cloud-cluster", "environment", "organization", "root"});
        for (Role role : list) {
            Assert.assertTrue(role.accessPolicies().size() >= 1);
            Iterator it = role.accessPolicies().values().iterator();
            while (it.hasNext()) {
                Assert.assertTrue(mkSet.contains(((AccessPolicy) it.next()).bindingScope()));
            }
            Assert.assertTrue(role.isInNamespace("confluent"));
        }
    }

    @Test
    public void testRoleNames() throws Exception {
        Assert.assertEquals(Utils.mkSet(new String[]{V2RolesUtil.ROLE_ORG_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN}), new HashSet((List) this.suClient.getRoleNames().execute().body()));
    }

    @Test
    public void testConfluentRoleNames() throws Exception {
        Assert.assertEquals(Utils.mkSet(new String[]{V2RolesUtil.ROLE_CCLOUD_BINDING_ADMIN}), new HashSet((List) this.suClient.getRoleNames("confluent").execute().body()));
    }
}
