package parity.coop;

import com.google.common.collect.ImmutableSet;
import io.confluent.rbacapi.entities.ManagedRoleBinding;
import io.confluent.rbacapi.entities.MdsScope;
import io.confluent.rbacapi.entities.ScopeRoleBindingMapping;
import io.confluent.rbacapi.retrofit.v2.V2RbacRestApi;
import io.confluent.rbacapi.retrofit.v2.V2RbacRetrofitFactory;
import io.confluent.security.authorizer.Scope;
import io.confluent.security.rbac.RoleBinding;
import io.confluent.testing.TestIndependenceUtil;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.kafka.common.security.auth.KafkaPrincipal;
import org.apache.kafka.common.utils.SecurityUtils;
import org.apache.kafka.common.utils.Utils;
import org.jetbrains.annotations.NotNull;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import retrofit2.Response;
import utils.MdsTestUtil;
import utils.RoleCrudUtil;
import utils.V2RolesUtil;

@Test
/* loaded from: input_file:parity/coop/V2CloudLookupTest.class */
public class V2CloudLookupTest extends ParityTestBase {
    public static final String ORG_ID = TestIndependenceUtil.uniquify("ddf5d3f5-89f2-4c6c-8d53-f881794d532f");
    public static final String ORG_2_ID = TestIndependenceUtil.uniquify("22222222-89f2-4c6c-8d53-f881794d5322");
    private final MdsScope ORG_SCOPE = MdsScope.of(new Scope.Builder(new String[]{"organization=" + ORG_ID}).build());
    private final MdsScope ORG_2_SCOPE = MdsScope.of(new Scope.Builder(new String[]{"organization=" + ORG_2_ID}).build());
    private final MdsScope ENV_1_SCOPE = childScope(this.ORG_SCOPE, "environment=env-1");
    private final MdsScope ENV_2_SCOPE = childScope(this.ORG_SCOPE, "environment=env-2");
    private final MdsScope ENV_1_CLUSTER_1_SCOPE = childScope(this.ENV_1_SCOPE, "cloud-cluster=lkc-1");
    private final MdsScope ENV_1_CLUSTER_2_SCOPE = childScope(this.ENV_1_SCOPE, "cloud-cluster=lkc-2");
    private final MdsScope ENV_2_CLUSTER_1_SCOPE = childScope(this.ENV_2_SCOPE, "cloud-cluster=lkc-2");
    private final MdsScope ORG_2_ENV_1_SCOPE = childScope(this.ORG_2_SCOPE, "environment=env-1");
    private final MdsScope ORG_2_ENV_1_CLUSTER_1_SCOPE = childScope(this.ORG_2_ENV_1_SCOPE, "cloud-cluster=lkc-1");
    private final String U_ORG_ADMIN = TestIndependenceUtil.uniquify("u-orgadm");
    private final String U_ENV_1_ADMIN = TestIndependenceUtil.uniquify("env1-admin");
    private final String U_ENV_2_ADMIN = TestIndependenceUtil.uniquify("env2-admin");
    private final String U_ENV_1_CLUSTER_1_ADMIN = TestIndependenceUtil.uniquify("env1-cluster1-admin");
    private final String U_ENV_2_CLUSTER_1_ADMIN = TestIndependenceUtil.uniquify("env2-cluster1-admin");
    private final String U_MULTI_ADMIN = TestIndependenceUtil.uniquify("multi-admin");
    private final String U_REDUNDANT_ADMIN = TestIndependenceUtil.uniquify("redundant-admin");
    private final String U_ORG_2_ADMIN = TestIndependenceUtil.uniquify("u-org2adm");
    private final String U_ORG_2_ENV_1_ADMIN = TestIndependenceUtil.uniquify("org2-env1-admin");
    private final String U_ORG_2_ENV_1_CLUSTER_1_ADMIN = TestIndependenceUtil.uniquify("org2-env1-cluster1-admin");
    private final Map<String, V2RbacRestApi> retrofitClients = new HashMap();
    private final List<String> users = Arrays.asList(this.U_ORG_ADMIN, this.U_ENV_1_ADMIN, this.U_ENV_2_ADMIN, this.U_ENV_1_CLUSTER_1_ADMIN, this.U_MULTI_ADMIN, this.U_REDUNDANT_ADMIN, this.U_ORG_2_ADMIN, this.U_ORG_2_ENV_1_ADMIN, this.U_ORG_2_ENV_1_CLUSTER_1_ADMIN);

    @BeforeClass
    public void setUpUsers() throws Exception {
        this.ldapCrud.createUsers(this.users);
        for (String str : this.users) {
            this.retrofitClients.put(str, V2RbacRetrofitFactory.build(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST, this.actualMdsPort, str));
        }
        Assert.assertTrue(this.suClient.addClusterRoleForPrincipal(RoleCrudUtil.kafkaPrincipalString(this.U_ORG_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ENV_1_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ENV_2_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_2_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ENV_1_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ENV_1_CLUSTER_1_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ENV_2_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ENV_2_CLUSTER_1_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_2_CLUSTER_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_MULTI_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_MULTI_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_REDUNDANT_ADMIN, V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_REDUNDANT_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_ADMIN).addClusterRoleForPrincipal("User:" + this.U_REDUNDANT_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.suClient.addClusterRoleForPrincipal(RoleCrudUtil.kafkaPrincipalString(this.U_ORG_2_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_2_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_2_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ORG_2_ENV_1_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ORG_2_ENV_1_SCOPE).execute().isSuccessful());
        Assert.assertTrue(this.retrofitClients.get(this.U_ORG_2_ENV_1_ADMIN).addClusterRoleForPrincipal("User:" + this.U_ORG_2_ENV_1_CLUSTER_1_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ORG_2_ENV_1_CLUSTER_1_SCOPE).execute().isSuccessful());
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] managedNonResourceRoleBindingsAtScope() {
        List emptyList = Collections.emptyList();
        List asList = Arrays.asList(new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_ORG_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet()));
        List asList2 = Arrays.asList(new RoleBinding(new KafkaPrincipal("User", this.U_ENV_1_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_MULTI_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()));
        List singletonList = Collections.singletonList(new RoleBinding(new KafkaPrincipal("User", this.U_ENV_2_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_2_SCOPE.scope(), Collections.emptySet()));
        List asList3 = Arrays.asList(new RoleBinding(new KafkaPrincipal("User", this.U_ENV_1_CLUSTER_1_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_MULTI_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet()));
        return new Object[]{new Object[]{this.U_ORG_ADMIN, this.ORG_SCOPE, 200, asList, true}, new Object[]{this.U_REDUNDANT_ADMIN, this.ORG_SCOPE, 200, asList, true}, new Object[]{this.U_ENV_1_ADMIN, this.ORG_SCOPE, 200, emptyList, false}, new Object[]{this.U_ENV_2_ADMIN, this.ORG_SCOPE, 200, emptyList, false}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, this.ORG_SCOPE, 200, emptyList, false}, new Object[]{this.U_MULTI_ADMIN, this.ORG_SCOPE, 200, emptyList, false}, new Object[]{this.U_ORG_ADMIN, this.ENV_1_SCOPE, 200, asList2, true}, new Object[]{this.U_ENV_1_ADMIN, this.ENV_1_SCOPE, 200, asList2, true}, new Object[]{this.U_MULTI_ADMIN, this.ENV_1_SCOPE, 200, asList2, true}, new Object[]{this.U_REDUNDANT_ADMIN, this.ENV_1_SCOPE, 200, asList2, true}, new Object[]{this.U_ENV_2_ADMIN, this.ENV_1_SCOPE, 200, emptyList, false}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, this.ENV_1_SCOPE, 200, emptyList, false}, new Object[]{this.U_ORG_ADMIN, this.ENV_2_SCOPE, 200, singletonList, true}, new Object[]{this.U_ENV_2_ADMIN, this.ENV_2_SCOPE, 200, singletonList, true}, new Object[]{this.U_ENV_1_ADMIN, this.ENV_2_SCOPE, 200, emptyList, false}, new Object[]{this.U_MULTI_ADMIN, this.ENV_2_SCOPE, 200, emptyList, false}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, this.ENV_2_SCOPE, 200, emptyList, false}, new Object[]{this.U_ORG_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, asList3, true}, new Object[]{this.U_ENV_1_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, asList3, true}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, asList3, true}, new Object[]{this.U_MULTI_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, asList3, true}, new Object[]{this.U_REDUNDANT_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, asList3, true}, new Object[]{this.U_ENV_2_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, emptyList, false}, new Object[]{this.U_ORG_ADMIN, this.ENV_1_CLUSTER_2_SCOPE, 200, emptyList, true}, new Object[]{this.U_ENV_1_ADMIN, this.ENV_1_CLUSTER_2_SCOPE, 200, emptyList, true}, new Object[]{this.U_MULTI_ADMIN, this.ENV_1_CLUSTER_2_SCOPE, 200, emptyList, true}, new Object[]{this.U_ENV_2_ADMIN, this.ENV_1_CLUSTER_2_SCOPE, 200, emptyList, false}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, this.ENV_1_CLUSTER_2_SCOPE, 200, emptyList, false}};
    }

    @Test(dataProvider = "managedNonResourceRoleBindingsAtScope")
    public void test_managedNonResourceRoleBindingsAtScope(String str, MdsScope mdsScope, Integer num, List<RoleBinding> list, Boolean bool) throws Exception {
        Response execute = this.retrofitClients.get(str).managedNonResourceRoleBindingsAtScope(mdsScope).execute();
        Assert.assertEquals(num.intValue(), execute.code());
        if (execute.isSuccessful()) {
            List list2 = (List) execute.body();
            Assert.assertEquals(list2.size(), list.size());
            for (int i = 0; i < list2.size(); i++) {
                Assert.assertEquals(((ManagedRoleBinding) list2.get(i)).alterAccess, bool.booleanValue());
                Assert.assertEquals(((ManagedRoleBinding) list2.get(i)).roleBinding, list.get(i));
            }
        }
    }

    @Test(dataProvider = "crossOrgPrincipals")
    public void test_selfLookup_crossOrgLookupManagedRoleBindings(String str, String str2, MdsScope mdsScope) throws Exception {
        Response execute = this.retrofitClients.get(str).managedNonResourceRoleBindingsAtScope(mdsScope).execute();
        Assert.assertEquals(execute.code(), 200);
        Assert.assertEquals((Collection) execute.body(), Collections.EMPTY_LIST);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] lookupRoleBindings() {
        return new Object[]{new Object[]{this.U_ORG_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_ORG_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_REDUNDANT_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_ENV_1_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_ENV_1_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_ENV_2_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_ENV_2_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_2_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_ENV_1_CLUSTER_1_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_ENV_1_CLUSTER_1_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_MULTI_ADMIN, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_MULTI_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_MULTI_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}};
    }

    @Test(dataProvider = "lookupRoleBindings")
    public void test_lookupRolebindings(String str, Set<RoleBinding> set) throws Exception {
        Response execute = this.retrofitClients.get(str).rolebindingsForKnownClusters("User:" + str, null).execute();
        Assert.assertEquals(execute.code(), 200);
        HashSet hashSet = new HashSet();
        for (ScopeRoleBindingMapping scopeRoleBindingMapping : (List) execute.body()) {
            Scope scope = scopeRoleBindingMapping.scope().scope();
            for (String str2 : scopeRoleBindingMapping.rolebindings().keySet()) {
                for (String str3 : ((Map) scopeRoleBindingMapping.rolebindings().get(str2)).keySet()) {
                    hashSet.add(new RoleBinding(SecurityUtils.parseKafkaPrincipal(str2), str3, scope, (Collection) ((Map) scopeRoleBindingMapping.rolebindings().get(str2)).get(str3)));
                }
            }
        }
        Assert.assertEquals(hashSet, set);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] roleBindingsAtScope() {
        return new Object[]{new Object[]{this.U_ORG_ADMIN, this.U_ORG_ADMIN, this.ORG_SCOPE, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_ORG_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_ORG_ADMIN, this.U_ORG_ADMIN, this.ENV_1_SCOPE, Collections.emptySet()}, new Object[]{this.U_REDUNDANT_ADMIN, this.U_REDUNDANT_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_REDUNDANT_ADMIN, this.U_REDUNDANT_ADMIN, this.ENV_1_SCOPE, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_REDUNDANT_ADMIN, this.U_REDUNDANT_ADMIN, this.ORG_SCOPE, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}, new Object[]{this.U_ORG_ADMIN, this.U_REDUNDANT_ADMIN, this.ORG_SCOPE, Utils.mkSet(new RoleBinding[]{new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE.scope(), Collections.emptySet()), new RoleBinding(new KafkaPrincipal("User", this.U_REDUNDANT_ADMIN), V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE.scope(), Collections.emptySet())})}};
    }

    @Test(dataProvider = "roleBindingsAtScope")
    public void test_lookupRolebindingsAtScope(String str, String str2, MdsScope mdsScope, Set<RoleBinding> set) throws Exception {
        Response execute = this.retrofitClients.get(str).rolebindingsForPrincipalInScope("User:" + str2, mdsScope).execute();
        Assert.assertEquals(execute.code(), 200);
        Assert.assertEquals(convertToRolebindings((List) execute.body()), set);
    }

    @Test(dataProvider = "crossOrgPrincipals")
    public void test_crossOrgLookupRolebindings(String str, String str2, MdsScope mdsScope) throws Exception {
        V2RbacRestApi v2RbacRestApi = this.retrofitClients.get(str);
        Iterator it = Arrays.asList(this.U_ORG_ADMIN, this.U_ENV_1_ADMIN, this.U_ENV_2_ADMIN, this.U_ENV_1_CLUSTER_1_ADMIN, this.U_MULTI_ADMIN, this.U_REDUNDANT_ADMIN).iterator();
        while (it.hasNext()) {
            Assert.assertEquals(v2RbacRestApi.rolebindingsForPrincipalInScope("User:" + ((String) it.next()), mdsScope).execute().code(), 403);
        }
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] org1PrincipalsWithValidRole() {
        return new Object[]{new Object[]{V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE, ImmutableSet.of("User:" + this.U_ORG_ADMIN, "User:" + this.U_REDUNDANT_ADMIN)}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE, ImmutableSet.of("User:" + this.U_ENV_1_ADMIN, "User:" + this.U_MULTI_ADMIN, "User:" + this.U_REDUNDANT_ADMIN)}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_2_SCOPE, ImmutableSet.of("User:" + this.U_ENV_2_ADMIN)}, new Object[]{V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, ImmutableSet.of("User:" + this.U_ENV_1_CLUSTER_1_ADMIN, "User:" + this.U_MULTI_ADMIN, "User:" + this.U_REDUNDANT_ADMIN)}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ORG_SCOPE, Collections.EMPTY_SET}, new Object[]{V2RolesUtil.ROLE_ORG_ADMIN, this.ENV_2_SCOPE, Collections.EMPTY_SET}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, Collections.EMPTY_SET}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, childScope(this.ORG_SCOPE, "environment=EmptyEnv"), Collections.EMPTY_SET}};
    }

    @Test(dataProvider = "org1PrincipalsWithValidRole")
    public void test_org1AdminLookupPrincipals(String str, MdsScope mdsScope, Set<String> set) throws Exception {
        Response execute = this.retrofitClients.get(this.U_ORG_ADMIN).getPrincipalsWithRole(str, mdsScope).execute();
        Assert.assertEquals(execute.code(), 200);
        Assert.assertEquals(new HashSet((Collection) execute.body()), set, "Actual response:" + execute.body());
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] org1_envPrincipalsWithValidRole() {
        return new Object[]{new Object[]{V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE, 403, null}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ORG_SCOPE, 403, null}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE, 200, ImmutableSet.of("User:" + this.U_ENV_1_ADMIN, "User:" + this.U_MULTI_ADMIN, "User:" + this.U_REDUNDANT_ADMIN)}, new Object[]{V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE, 200, ImmutableSet.of("User:" + this.U_ENV_1_CLUSTER_1_ADMIN, "User:" + this.U_MULTI_ADMIN, "User:" + this.U_REDUNDANT_ADMIN)}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_2_SCOPE, 403, null}, new Object[]{V2RolesUtil.ROLE_ORG_ADMIN, this.ENV_2_SCOPE, 403, null}, new Object[]{V2RolesUtil.ROLE_ENV_ADMIN, childScope(this.ORG_SCOPE, "environment=EmptyEnv"), 403, null}, new Object[]{V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_2_CLUSTER_1_SCOPE, 403, null}};
    }

    @Test(dataProvider = "org1_envPrincipalsWithValidRole")
    public void test_envAdminLookupPrincipals(String str, MdsScope mdsScope, int i, Set<String> set) throws Exception {
        Response execute = this.retrofitClients.get(this.U_ENV_1_ADMIN).getPrincipalsWithRole(str, mdsScope).execute();
        Assert.assertEquals(execute.code(), i);
        if (execute.isSuccessful()) {
            Assert.assertEquals(new HashSet((Collection) execute.body()), set, "Actual response:" + execute.body());
        }
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(parallel = true)
    public Object[][] crossOrgPrincipals() {
        return new Object[]{new Object[]{this.U_ORG_2_ADMIN, V2RolesUtil.ROLE_ORG_ADMIN, this.ORG_SCOPE}, new Object[]{this.U_ORG_2_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE}, new Object[]{this.U_ORG_2_ENV_1_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, this.ENV_1_SCOPE}, new Object[]{this.U_ORG_2_ADMIN, V2RolesUtil.ROLE_CCLUSTER_ADMIN, this.ENV_1_CLUSTER_1_SCOPE}, new Object[]{this.U_ORG_2_ADMIN, V2RolesUtil.ROLE_ENV_ADMIN, childScope(this.ORG_SCOPE, "environment=EmptyEnv")}};
    }

    @Test(dataProvider = "crossOrgPrincipals")
    public void test_crossOrgLookupPrincipals(String str, String str2, MdsScope mdsScope) throws Exception {
        Assert.assertEquals(this.retrofitClients.get(str).getPrincipalsWithRole(str2, mdsScope).execute().code(), 403);
    }

    @Test
    public void test_lookupPrincipalWithInvalidScope() throws Exception {
        Assert.assertEquals(this.retrofitClients.get(this.U_ORG_ADMIN).getPrincipalsWithRole(V2RolesUtil.ROLE_ENV_ADMIN, MdsScope.of((Scope) null)).execute().code(), 403);
    }

    @Test
    public void test_lookupPrincipalWithInvalidRole() throws Exception {
        Response execute = this.retrofitClients.get(this.U_ORG_ADMIN).getPrincipalsWithRole("EnvironemntAdmin", this.ORG_SCOPE).execute();
        Assert.assertEquals(execute.code(), 400);
        Assert.assertTrue(execute.errorBody().string().contains("Invalid role name :"));
    }

    @NotNull
    private Set<RoleBinding> convertToRolebindings(List<ScopeRoleBindingMapping> list) {
        HashSet hashSet = new HashSet();
        for (ScopeRoleBindingMapping scopeRoleBindingMapping : list) {
            MdsScope scope = scopeRoleBindingMapping.scope();
            for (String str : scopeRoleBindingMapping.rolebindings().keySet()) {
                Map map = (Map) scopeRoleBindingMapping.rolebindings().get(str);
                for (String str2 : map.keySet()) {
                    hashSet.add(new RoleBinding(SecurityUtils.parseKafkaPrincipal(str), str2, scope.scope(), (Collection) map.get(str2)));
                }
            }
        }
        return hashSet;
    }
}
