package org.apache.accumulo.test.proxy;

import java.nio.ByteBuffer;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeMap;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.apache.accumulo.core.util.ByteBufferUtil;
import org.apache.accumulo.core.util.HostAndPort;
import org.apache.accumulo.harness.conf.StandaloneAccumuloClusterConfiguration;
import org.apache.accumulo.proxy.Proxy;
import org.apache.accumulo.proxy.thrift.NamespacePermission;
import org.apache.accumulo.proxy.thrift.SystemPermission;
import org.apache.accumulo.proxy.thrift.TablePermission;
import org.apache.accumulo.proxy.thrift.TimeType;
import org.apache.thrift.TException;
import org.apache.thrift.protocol.TCompactProtocol;
import org.apache.thrift.server.TServer;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/accumulo/test/proxy/TestProxySecurityOperations.class */
public class TestProxySecurityOperations {
    protected static TServer proxy;
    protected static TestProxyClient tpc;
    protected static ByteBuffer userpass;
    protected static final int port = 10196;
    protected static final String testtable = "testtable";
    protected static final String testuser = "VonJines";
    protected static final String testnamespace = "testns";
    protected static final ByteBuffer testpw = ByteBuffer.wrap("fiveones".getBytes());

    @BeforeClass
    public static void setup() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("useMockInstance", "true");
        properties.put("tokenClass", PasswordToken.class.getName());
        proxy = Proxy.createProxyServer(HostAndPort.fromParts(StandaloneAccumuloClusterConfiguration.ACCUMULO_STANDALONE_ZOOKEEPERS_DEFAULT, port), new TCompactProtocol.Factory(), properties).server;
        while (!proxy.isServing()) {
            Thread.sleep(500L);
        }
        tpc = new TestProxyClient(StandaloneAccumuloClusterConfiguration.ACCUMULO_STANDALONE_ZOOKEEPERS_DEFAULT, port);
        userpass = tpc.proxy().login("root", Collections.singletonMap("password", ""));
    }

    @AfterClass
    public static void tearDown() throws InterruptedException {
        proxy.stop();
    }

    @Before
    public void makeTestTableAndUser() throws Exception {
        tpc.proxy().createTable(userpass, testtable, true, TimeType.MILLIS);
        tpc.proxy().createLocalUser(userpass, testuser, testpw);
        tpc.proxy().createNamespace(userpass, testnamespace);
    }

    @After
    public void deleteTestTable() throws Exception {
        tpc.proxy().deleteTable(userpass, testtable);
        tpc.proxy().dropLocalUser(userpass, testuser);
        tpc.proxy().deleteNamespace(userpass, testnamespace);
    }

    @Test
    public void create() throws TException {
        tpc.proxy().createLocalUser(userpass, "VonJines2", testpw);
        Assert.assertTrue(tpc.proxy().listLocalUsers(userpass).contains("VonJines2"));
        tpc.proxy().dropLocalUser(userpass, "VonJines2");
        Assert.assertTrue(!tpc.proxy().listLocalUsers(userpass).contains("VonJines2"));
    }

    @Test
    public void authenticate() throws TException {
        Assert.assertTrue(tpc.proxy().authenticateUser(userpass, testuser, bb2pp(testpw)));
        Assert.assertFalse(tpc.proxy().authenticateUser(userpass, "EvilUser", bb2pp(testpw)));
        tpc.proxy().changeLocalUserPassword(userpass, testuser, ByteBuffer.wrap("newpass".getBytes()));
        Assert.assertFalse(tpc.proxy().authenticateUser(userpass, testuser, bb2pp(testpw)));
        Assert.assertTrue(tpc.proxy().authenticateUser(userpass, testuser, bb2pp(ByteBuffer.wrap("newpass".getBytes()))));
    }

    @Test
    public void tablePermissions() throws TException {
        tpc.proxy().grantTablePermission(userpass, testuser, testtable, TablePermission.ALTER_TABLE);
        Assert.assertTrue(tpc.proxy().hasTablePermission(userpass, testuser, testtable, TablePermission.ALTER_TABLE));
        tpc.proxy().revokeTablePermission(userpass, testuser, testtable, TablePermission.ALTER_TABLE);
        Assert.assertFalse(tpc.proxy().hasTablePermission(userpass, testuser, testtable, TablePermission.ALTER_TABLE));
    }

    @Test
    public void systemPermissions() throws TException {
        tpc.proxy().grantSystemPermission(userpass, testuser, SystemPermission.ALTER_USER);
        Assert.assertTrue(tpc.proxy().hasSystemPermission(userpass, testuser, SystemPermission.ALTER_USER));
        tpc.proxy().revokeSystemPermission(userpass, testuser, SystemPermission.ALTER_USER);
        Assert.assertFalse(tpc.proxy().hasSystemPermission(userpass, testuser, SystemPermission.ALTER_USER));
    }

    @Test
    public void auths() throws TException {
        HashSet hashSet = new HashSet();
        hashSet.add(ByteBuffer.wrap("BBR".getBytes()));
        hashSet.add(ByteBuffer.wrap("Barney".getBytes()));
        tpc.proxy().changeUserAuthorizations(userpass, testuser, hashSet);
        List userAuthorizations = tpc.proxy().getUserAuthorizations(userpass, testuser);
        Assert.assertEquals(userAuthorizations.size(), hashSet.size());
        Iterator it = userAuthorizations.iterator();
        while (it.hasNext()) {
            Assert.assertTrue(hashSet.contains((ByteBuffer) it.next()));
        }
    }

    @Test
    public void namespacePermissions() throws TException {
        tpc.proxy().grantNamespacePermission(userpass, testuser, testnamespace, NamespacePermission.ALTER_NAMESPACE);
        Assert.assertTrue(tpc.proxy().hasNamespacePermission(userpass, testuser, testnamespace, NamespacePermission.ALTER_NAMESPACE));
        tpc.proxy().revokeNamespacePermission(userpass, testuser, testnamespace, NamespacePermission.ALTER_NAMESPACE);
        Assert.assertFalse(tpc.proxy().hasNamespacePermission(userpass, testuser, testnamespace, NamespacePermission.ALTER_NAMESPACE));
    }

    private Map<String, String> bb2pp(ByteBuffer byteBuffer) {
        TreeMap treeMap = new TreeMap();
        treeMap.put("password", ByteBufferUtil.toString(byteBuffer));
        return treeMap;
    }
}
