package org.apache.hadoop.ozone.om;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.ozone.MiniOzoneCluster;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.ObjectStore;
import org.apache.hadoop.ozone.client.OzoneVolume;
import org.apache.hadoop.ozone.client.protocol.ClientProtocol;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.security.UserGroupInformation;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.Timeout;

/* loaded from: input_file:org/apache/hadoop/ozone/om/TestOzoneManagerListVolumes.class */
public class TestOzoneManagerListVolumes {

    @Rule
    public Timeout timeout = new Timeout(120000);
    private UserGroupInformation adminUser = UserGroupInformation.createUserForTesting("om", new String[]{"ozone"});
    private UserGroupInformation user1 = UserGroupInformation.createUserForTesting("user1", new String[]{"test"});
    private UserGroupInformation user2 = UserGroupInformation.createUserForTesting("user2", new String[]{"test"});

    @Before
    public void init() throws Exception {
        UserGroupInformation.setLoginUser(this.adminUser);
    }

    private MiniOzoneCluster startCluster(boolean z, boolean z2) throws Exception {
        OzoneConfiguration ozoneConfiguration = new OzoneConfiguration();
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        String uuid3 = UUID.randomUUID().toString();
        ozoneConfiguration.setInt("ozone.open.key.expire.threshold", 2);
        ozoneConfiguration.setInt("ozone.scm.ratis.pipeline.limit", 10);
        ozoneConfiguration.set("ozone.acl.authorizer.class", "org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer");
        ozoneConfiguration.setBoolean("ozone.acl.enabled", z);
        ozoneConfiguration.setBoolean("ozone.om.volume.listall.allowed", z2);
        MiniOzoneCluster build = MiniOzoneCluster.newBuilder(ozoneConfiguration).setClusterId(uuid).setScmId(uuid2).setOmId(uuid3).build();
        build.waitForClusterToBeReady();
        ObjectStore objectStore = build.getClient().getObjectStore();
        createVolumeWithOwnerAndAcl(objectStore, "volume1", "user1", "user:user1:a");
        createVolumeWithOwnerAndAcl(objectStore, "volume2", "user2", "user:user2:a");
        createVolumeWithOwnerAndAcl(objectStore, "volume3", "user1", "user:user2:a");
        createVolumeWithOwnerAndAcl(objectStore, "volume4", "user2", "user:user1:a");
        createVolumeWithOwnerAndAcl(objectStore, "volume5", "user1", "world::a");
        return build;
    }

    private void stopCluster(MiniOzoneCluster miniOzoneCluster) {
        if (miniOzoneCluster != null) {
            miniOzoneCluster.shutdown();
        }
    }

    private void createVolumeWithOwnerAndAcl(ObjectStore objectStore, String str, String str2, String str3) throws IOException {
        ClientProtocol clientProxy = objectStore.getClientProxy();
        objectStore.createVolume(str);
        clientProxy.setVolumeOwner(str, str2);
        setVolumeAcl(objectStore, str, str3);
    }

    private void setVolumeAcl(ObjectStore objectStore, String str, String str2) throws IOException {
        Assert.assertTrue(objectStore.setAcl(OzoneObjInfo.Builder.newBuilder().setVolumeName(str).setResType(OzoneObj.ResourceType.VOLUME).setStoreType(OzoneObj.StoreType.OZONE).build(), OzoneAcl.parseAcls(str2)));
    }

    private void checkUser(MiniOzoneCluster miniOzoneCluster, UserGroupInformation userGroupInformation, List<String> list, boolean z) throws IOException {
        ObjectStore objectStore = miniOzoneCluster.getClient().getObjectStore();
        Iterator listVolumesByUser = objectStore.listVolumesByUser(userGroupInformation.getUserName(), "", "");
        HashSet hashSet = new HashSet();
        while (listVolumesByUser.hasNext()) {
            hashSet.add(((OzoneVolume) listVolumesByUser.next()).getName());
        }
        Assert.assertEquals(new HashSet(list), hashSet);
        if (z) {
            Iterator listVolumes = objectStore.listVolumes("volume");
            int i = 0;
            while (listVolumes.hasNext()) {
                listVolumes.next();
                i++;
            }
            Assert.assertEquals(5L, i);
            return;
        }
        try {
            objectStore.listVolumes("volume");
            Assert.fail("listAllVolumes should fail for " + userGroupInformation.getUserName());
        } catch (RuntimeException e) {
            if (!(e.getCause() instanceof OMException)) {
                throw e;
            }
            if (e.getCause().getResult() != OMException.ResultCodes.PERMISSION_DENIED) {
                throw e;
            }
        }
    }

    @Test
    public void testListVolumeWithOtherUsersListAllAllowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(true, true);
        UserGroupInformation.setLoginUser(this.user1);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume3", "volume5"), true);
        checkUser(startCluster, this.adminUser, Arrays.asList("volume1", "volume2", "volume3", "volume4", "volume5", "s3v"), true);
        UserGroupInformation.setLoginUser(this.user2);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume4", "volume5"), true);
        checkUser(startCluster, this.adminUser, Arrays.asList("volume1", "volume2", "volume3", "volume4", "volume5", "s3v"), true);
        stopCluster(startCluster);
    }

    @Test
    public void testListVolumeWithOtherUsersListAllDisallowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(true, false);
        UserGroupInformation.setLoginUser(this.user1);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume3", "volume5"), false);
        checkUser(startCluster, this.adminUser, Arrays.asList("volume1", "volume2", "volume3", "volume4", "volume5", "s3v"), false);
        UserGroupInformation.setLoginUser(this.adminUser);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume4", "volume5"), true);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume3", "volume5"), true);
        stopCluster(startCluster);
    }

    @Test
    public void testAclEnabledListAllAllowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(true, true);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume4", "volume5"), true);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume3", "volume5"), true);
        checkUser(startCluster, this.adminUser, Arrays.asList("volume1", "volume2", "volume3", "volume4", "volume5", "s3v"), true);
        stopCluster(startCluster);
    }

    @Test
    public void testAclEnabledListAllDisallowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(true, false);
        UserGroupInformation.setLoginUser(this.user1);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume4", "volume5"), false);
        UserGroupInformation.setLoginUser(this.user2);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume3", "volume5"), false);
        UserGroupInformation.setLoginUser(this.adminUser);
        checkUser(startCluster, this.adminUser, Arrays.asList("volume1", "volume2", "volume3", "volume4", "volume5", "s3v"), true);
        stopCluster(startCluster);
    }

    @Test
    public void testAclDisabledListAllAllowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(false, true);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume3", "volume5"), true);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume4"), true);
        stopCluster(startCluster);
    }

    @Test
    public void testAclDisabledListAllDisallowed() throws Exception {
        MiniOzoneCluster startCluster = startCluster(false, false);
        UserGroupInformation.setLoginUser(this.user1);
        checkUser(startCluster, this.user1, Arrays.asList("volume1", "volume3", "volume5"), true);
        UserGroupInformation.setLoginUser(this.user2);
        checkUser(startCluster, this.user2, Arrays.asList("volume2", "volume4"), true);
        stopCluster(startCluster);
    }
}
