package org.apache.ignite.internal.processors.security.sandbox;

import java.io.FilePermission;
import java.io.SerializablePermission;
import java.lang.invoke.SerializedLambda;
import java.lang.management.ManagementPermission;
import java.lang.reflect.ReflectPermission;
import java.net.SocketPermission;
import java.security.AccessControlException;
import java.security.BasicPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.SecurityPermission;
import java.util.PropertyPermission;
import javax.management.MBeanPermission;
import javax.management.MBeanServerPermission;
import javax.management.MBeanTrustPermission;
import javax.net.ssl.SSLPermission;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.plugin.security.SecurityPermissionSetBuilder;
import org.apache.ignite.testframework.GridTestUtils;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/internal/processors/security/sandbox/SecuritySubjectPermissionsTest.class */
public class SecuritySubjectPermissionsTest extends AbstractSandboxTest {

    /* loaded from: input_file:org/apache/ignite/internal/processors/security/sandbox/SecuritySubjectPermissionsTest$TestPermission.class */
    public static class TestPermission extends BasicPermission {
        public TestPermission(String str) {
            super(str);
        }
    }

    @Test
    public void test() throws Exception {
        IgniteEx startGrid = startGrid("srv", SecurityPermissionSetBuilder.ALLOW_ALL, false);
        Permissions permissions = new Permissions();
        permissions.add(new TestPermission("common"));
        permissions.add(new TestPermission("only_subject"));
        IgniteEx startGrid2 = startGrid("clnt", SecurityPermissionSetBuilder.ALLOW_ALL, permissions, true);
        startGrid.cluster().active(true);
        startGrid2.compute().broadcast(() -> {
            securityManager().checkPermission(new TestPermission("common"));
        });
        GridTestUtils.assertThrowsWithCause(() -> {
            startGrid2.compute().broadcast(() -> {
                securityManager().checkPermission(new TestPermission("only_subject"));
                fail();
            });
        }, (Class<? extends Throwable>) AccessControlException.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.internal.processors.security.sandbox.AbstractSandboxTest, org.apache.ignite.testframework.junits.GridAbstractTest
    public void beforeTestsStarted() throws Exception {
        if (System.getSecurityManager() == null) {
            Policy.setPolicy(new Policy() { // from class: org.apache.ignite.internal.processors.security.sandbox.SecuritySubjectPermissionsTest.1
                @Override // java.security.Policy
                public PermissionCollection getPermissions(CodeSource codeSource) {
                    Permissions permissions = new Permissions();
                    permissions.add(new RuntimePermission("*"));
                    permissions.add(new MBeanServerPermission("*"));
                    permissions.add(new MBeanPermission("*", "*"));
                    permissions.add(new MBeanTrustPermission("*"));
                    permissions.add(new ReflectPermission("*"));
                    permissions.add(new SSLPermission("*"));
                    permissions.add(new ManagementPermission("monitor"));
                    permissions.add(new ManagementPermission("control"));
                    permissions.add(new SerializablePermission("*"));
                    permissions.add(new SecurityPermission("*"));
                    permissions.add(new SocketPermission("*", "connect,accept,listen,resolve"));
                    permissions.add(new FilePermission("<<ALL FILES>>", "read,write,delete,execute,readlink"));
                    permissions.add(new PropertyPermission("*", "read,write"));
                    permissions.add(new TestPermission("common"));
                    return permissions;
                }
            });
            System.setSecurityManager(new SecurityManager());
            setupSM = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.internal.processors.security.sandbox.AbstractSandboxTest, org.apache.ignite.internal.processors.security.AbstractSecurityTest, org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTestsStopped() throws Exception {
        super.afterTestsStopped();
        if (setupSM) {
            System.setSecurityManager(null);
            Policy.setPolicy(null);
        }
    }

    private SecurityManager securityManager() {
        SecurityManager securityManager = System.getSecurityManager();
        assertNotNull(securityManager);
        return securityManager;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -64824795:
                if (implMethodName.equals("lambda$null$a89029cf$1")) {
                    z = false;
                    break;
                }
                break;
            case 1069723790:
                if (implMethodName.equals("lambda$test$81c80a4a$1")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/lang/IgniteRunnable") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/sandbox/SecuritySubjectPermissionsTest") && serializedLambda.getImplMethodSignature().equals("()V")) {
                    SecuritySubjectPermissionsTest securitySubjectPermissionsTest = (SecuritySubjectPermissionsTest) serializedLambda.getCapturedArg(0);
                    return () -> {
                        securityManager().checkPermission(new TestPermission("only_subject"));
                        fail();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/lang/IgniteRunnable") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/sandbox/SecuritySubjectPermissionsTest") && serializedLambda.getImplMethodSignature().equals("()V")) {
                    SecuritySubjectPermissionsTest securitySubjectPermissionsTest2 = (SecuritySubjectPermissionsTest) serializedLambda.getCapturedArg(0);
                    return () -> {
                        securityManager().checkPermission(new TestPermission("common"));
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
