package org.apache.ignite.internal.processors.security.sandbox;

import java.io.IOException;
import java.lang.invoke.SerializedLambda;
import java.lang.reflect.Proxy;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.AccessControlException;
import java.util.concurrent.Callable;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCompute;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.util.typedef.internal.U;
import org.apache.ignite.lang.IgniteCallable;
import org.apache.ignite.lang.IgniteRunnable;
import org.apache.ignite.plugin.security.SecurityPermissionSetBuilder;
import org.apache.ignite.resources.IgniteInstanceResource;
import org.apache.ignite.spi.deployment.local.LocalDeploymentSpi;
import org.apache.ignite.testframework.GridTestUtils;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/internal/processors/security/sandbox/DoPrivilegedOnRemoteNodeTest.class */
public class DoPrivilegedOnRemoteNodeTest extends AbstractSandboxTest {
    private static final String CALLABLE_DO_PRIVELEGED_SRC = "import java.security.AccessController;\nimport java.security.PrivilegedAction;\nimport org.apache.ignite.lang.IgniteCallable;\n\npublic class TestDoPrivilegedIgniteCallable implements IgniteCallable<String> {\n    public String call() throws Exception {\n        return AccessController.doPrivileged(\n            (PrivilegedAction<String>)() -> System.getProperty(\"user.home\")\n        );\n    }\n}";
    private static final String CALLABLE_SECURITY_UTILS_SRC = "import org.apache.ignite.internal.processors.security.SecurityUtils;\nimport org.apache.ignite.lang.IgniteCallable;\n\npublic class TestSecurityUtilsCallable implements IgniteCallable<String> {\n    @Override public String call() throws Exception {\n        return SecurityUtils.doPrivileged(() ->{\n            return System.getProperty(\"user.home\");\n        });\n    }\n}";
    private static final String CALLABLE_BINARYLIZABLE_SRC = "import org.apache.ignite.binary.BinaryObjectException;\nimport org.apache.ignite.binary.BinaryReader;\nimport org.apache.ignite.binary.BinaryWriter;\nimport org.apache.ignite.binary.Binarylizable;\nimport org.apache.ignite.lang.IgniteCallable;\n\npublic class TestBinarylizable implements IgniteCallable<String>, Binarylizable {\n    @Override public String call() throws Exception {\n        return null;\n    }\n\n    @Override public void writeBinary(BinaryWriter writer) throws BinaryObjectException {\n        //No-op\n    }\n\n    @Override public void readBinary(BinaryReader reader) throws BinaryObjectException {\n        System.getProperty(\"user.home\");\n    }\n}";
    private static final String CLNT_NODE = "clnt";
    private Path srcTmpDir;

    /* loaded from: input_file:org/apache/ignite/internal/processors/security/sandbox/DoPrivilegedOnRemoteNodeTest$TestRunnable.class */
    static abstract class TestRunnable implements IgniteRunnable {

        @IgniteInstanceResource
        protected Ignite ignite;

        TestRunnable() {
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public IgniteConfiguration getConfiguration(String str) throws Exception {
        return super.getConfiguration(str).setDeploymentSpi(new LocalDeploymentSpi());
    }

    @Before
    public void prepare() throws IOException {
        this.srcTmpDir = Files.createTempDirectory(getClass().getSimpleName(), new FileAttribute[0]);
    }

    @After
    public void cleanup() {
        U.delete(this.srcTmpDir);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.internal.processors.security.sandbox.AbstractSandboxTest
    public void prepareCluster() throws Exception {
        startGrid("srv", SecurityPermissionSetBuilder.ALLOW_ALL, false);
        startGrid(CLNT_NODE, SecurityPermissionSetBuilder.ALLOW_ALL, true);
    }

    @Test
    public void testBinarylizable() {
        GridTestUtils.assertThrowsWithCause((Callable<?>) () -> {
            return clientCompute().broadcast(callable(this.srcTmpDir, "TestBinarylizable", CALLABLE_BINARYLIZABLE_SRC));
        }, (Class<? extends Throwable>) AccessControlException.class);
    }

    @Test
    public void testDoPrivilegedIgniteCallable() throws Exception {
        checkCallable(clientCompute(), callable(this.srcTmpDir, "TestDoPrivilegedIgniteCallable", CALLABLE_DO_PRIVELEGED_SRC));
    }

    @Test
    public void testSecurityUtilsCallable() throws Exception {
        checkCallable(clientCompute(), callable(this.srcTmpDir, "TestSecurityUtilsCallable", CALLABLE_SECURITY_UTILS_SRC));
    }

    @Test
    public void testIgniteProxy() {
        runForbiddenOperation(() -> {
            clientCompute().broadcast(new TestRunnable() { // from class: org.apache.ignite.internal.processors.security.sandbox.DoPrivilegedOnRemoteNodeTest.1
                public void run() {
                    DoPrivilegedOnRemoteNodeTest.assertTrue(Proxy.isProxyClass(this.ignite.getClass()));
                    this.ignite.compute().broadcast(() -> {
                        return System.getProperty("user.home");
                    });
                }

                private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
                    String implMethodName = serializedLambda.getImplMethodName();
                    boolean z = -1;
                    switch (implMethodName.hashCode()) {
                        case -1879937502:
                            if (implMethodName.equals("lambda$run$515fd116$1")) {
                                z = false;
                                break;
                            }
                            break;
                    }
                    switch (z) {
                        case false:
                            if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/lang/IgniteCallable") && serializedLambda.getFunctionalInterfaceMethodName().equals("call") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/sandbox/DoPrivilegedOnRemoteNodeTest$1") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                                return () -> {
                                    return System.getProperty("user.home");
                                };
                            }
                            break;
                    }
                    throw new IllegalArgumentException("Invalid lambda deserialization");
                }
            });
        }, AccessControlException.class);
    }

    private IgniteCompute clientCompute() {
        IgniteEx grid = grid(CLNT_NODE);
        return grid.compute(grid.cluster().forRemotes());
    }

    private void checkCallable(IgniteCompute igniteCompute, IgniteCallable<String> igniteCallable) throws Exception {
        assertEquals(System.getProperty("user.home"), (String) igniteCallable.call());
        GridTestUtils.assertThrowsWithCause((Callable<?>) () -> {
            return igniteCompute.broadcast(igniteCallable);
        }, (Class<? extends Throwable>) AccessControlException.class);
    }
}
