package org.apache.kylin.rest.controller;

import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collections;
import java.util.Locale;
import org.apache.commons.codec.binary.Base64;
import org.apache.kylin.common.KylinConfig;
import org.apache.kylin.common.util.JsonUtil;
import org.apache.kylin.metadata.user.ManagedUser;
import org.apache.kylin.metadata.user.NKylinUserManager;
import org.apache.kylin.metadata.usergroup.NUserGroupManager;
import org.apache.kylin.rest.request.PasswordChangeRequest;
import org.apache.kylin.rest.request.UserRequest;
import org.apache.kylin.server.AbstractMVCIntegrationTestCase;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.http.MediaType;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.test.web.servlet.result.MockMvcResultMatchers;

/* loaded from: input_file:org/apache/kylin/rest/controller/NUserControllerTest.class */
public class NUserControllerTest extends AbstractMVCIntegrationTestCase {
    static BCryptPasswordEncoder pwdEncoder = new BCryptPasswordEncoder();
    UserRequest request;
    String username = "test_user";
    String password = "1234567890Q!";

    @Override // org.apache.kylin.server.AbstractMVCIntegrationTestCase
    public void setUp() throws Exception {
        super.setUp();
        try {
            NUserGroupManager nUserGroupManager = NUserGroupManager.getInstance(getTestConfig());
            nUserGroupManager.add("ALL_USERS");
            nUserGroupManager.add("ROLE_ADMIN");
            this.request = new UserRequest();
            this.request.setUsername(this.username);
            this.request.setPassword(Base64.encodeBase64String(this.password.getBytes(StandardCharsets.UTF_8)));
            this.request.setDisabled(false);
            this.request.setAuthorities(Collections.singletonList("ALL_USERS"));
            this.mockMvc.perform(MockMvcRequestBuilders.post("/api/user", new Object[0]).contentType(MediaType.APPLICATION_JSON).content(JsonUtil.writeValueAsString(this.request)).accept(new MediaType[]{MediaType.parseMediaType("application/vnd.apache.kylin-v4+json")})).andExpect(MockMvcResultMatchers.status().isOk());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Test
    public void testSaveUser() throws Exception {
        this.request.setUsername(this.username.toUpperCase(Locale.ROOT));
        Assert.assertTrue(this.mockMvc.perform(MockMvcRequestBuilders.post("/api/user", new Object[0]).contentType(MediaType.APPLICATION_JSON).content(JsonUtil.writeValueAsString(this.request)).accept(new MediaType[]{MediaType.parseMediaType("application/vnd.apache.kylin-v4+json")})).andExpect(MockMvcResultMatchers.status().isInternalServerError()).andExpect(MockMvcResultMatchers.jsonPath("$.code", new Object[0]).value("999")).andReturn().getResponse().getContentAsString().contains("Username:[test_user] already exists"));
    }

    @Test
    public void testCreateUserWithBase64EncodePwd() {
        ManagedUser managedUser = NKylinUserManager.getInstance(KylinConfig.getInstanceFromEnv()).get(this.username);
        Assert.assertNotEquals((Object) null, managedUser);
        Assert.assertTrue(pwdEncoder.matches(this.password, managedUser.getPassword()));
    }

    @Test
    public void testUpdateUserPasswordWithBase64EncodePwd() throws Exception {
        PasswordChangeRequest passwordChangeRequest = new PasswordChangeRequest();
        passwordChangeRequest.setUsername(this.username);
        passwordChangeRequest.setPassword(Base64.encodeBase64String(this.password.getBytes("utf-8")));
        passwordChangeRequest.setNewPassword(Base64.encodeBase64String("kylin@2020".getBytes("utf-8")));
        this.mockMvc.perform(MockMvcRequestBuilders.put("/api/user/password", new Object[0]).contentType(MediaType.APPLICATION_JSON).content(JsonUtil.writeValueAsString(passwordChangeRequest)).accept(new MediaType[]{MediaType.parseMediaType("application/vnd.apache.kylin-v4+json")})).andExpect(MockMvcResultMatchers.status().isOk());
        ManagedUser managedUser = NKylinUserManager.getInstance(KylinConfig.getInstanceFromEnv()).get(this.username);
        Assert.assertNotEquals((Object) null, managedUser);
        Assert.assertTrue(pwdEncoder.matches("kylin@2020", managedUser.getPassword()));
    }

    @Test
    public void testUpdateUserWithBase64EncodePwd() throws Exception {
        UserRequest userRequest = new UserRequest();
        userRequest.setUsername(this.username);
        userRequest.setPassword(Base64.encodeBase64String("kylin@2022".getBytes("utf-8")));
        userRequest.setDisabled(false);
        userRequest.setAuthorities(Arrays.asList("ALL_USERS", "ROLE_ADMIN"));
        this.mockMvc.perform(MockMvcRequestBuilders.put("/api/user", new Object[0]).contentType(MediaType.APPLICATION_JSON).content(JsonUtil.writeValueAsString(userRequest)).accept(new MediaType[]{MediaType.parseMediaType("application/vnd.apache.kylin-v4+json")})).andExpect(MockMvcResultMatchers.status().isOk());
        ManagedUser managedUser = NKylinUserManager.getInstance(KylinConfig.getInstanceFromEnv()).get(this.username);
        Assert.assertNotEquals((Object) null, managedUser);
        Assert.assertTrue(pwdEncoder.matches("kylin@2022", managedUser.getPassword()));
        Assert.assertEquals(2L, managedUser.getAuthorities().size());
        Assert.assertTrue(managedUser.getAuthorities().contains(new SimpleGrantedAuthority("ALL_USERS")));
        Assert.assertTrue(managedUser.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ADMIN")));
    }

    @Test
    public void testSaveUserReturnValueHasNotSensitiveElements() throws Exception {
        UserRequest userRequest = new UserRequest();
        userRequest.setUsername("test_user_2");
        userRequest.setPassword("1234567890Q!");
        userRequest.setDisabled(false);
        userRequest.setAuthorities(Collections.singletonList("ALL_USERS"));
        this.mockMvc.perform(MockMvcRequestBuilders.post("/api/user", new Object[0]).contentType(MediaType.APPLICATION_JSON).content(JsonUtil.writeValueAsString(userRequest)).accept(new MediaType[]{MediaType.parseMediaType("application/vnd.apache.kylin-v4+json")})).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.jsonPath("$.password", new Object[0]).doesNotExist()).andExpect(MockMvcResultMatchers.jsonPath("$.default_password", new Object[0]).doesNotExist());
    }
}
