package org.apache.sentry.provider.db.generic.service.thrift;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.core.model.search.Collection;
import org.apache.sentry.core.model.search.Field;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.class */
public class TestSentryGenericServiceIntegration extends SentryGenericServiceIntegrationBase {
    @Test
    public void testCreateDropShowRole() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.1
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                HashSet newHashSet = Sets.newHashSet(new String[]{"admin_group"});
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", newHashSet);
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "admin_r", "SOLR", Sets.newHashSet(newHashSet));
                Set<TSentryRole> listUserRoles = TestSentryGenericServiceIntegration.this.client.listUserRoles("admin_user", "SOLR");
                Assert.assertEquals("Incorrect number of roles", 1L, listUserRoles.size());
                for (TSentryRole tSentryRole : listUserRoles) {
                    Assert.assertTrue(tSentryRole.getRoleName(), tSentryRole.getRoleName().equalsIgnoreCase("admin_r"));
                }
                TestSentryGenericServiceIntegration.this.client.dropRole("admin_user", "admin_r", "SOLR");
            }
        });
    }

    @Test
    public void testAddDeleteRoleToGroup() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.2
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"g1"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "admin_r", "SOLR", Sets.newHashSet(new String[]{"g1"}));
                Set<TSentryRole> listUserRoles = TestSentryGenericServiceIntegration.this.client.listUserRoles("admin_user", "SOLR");
                Assert.assertEquals("Incorrect number of roles", 1L, listUserRoles.size());
                for (TSentryRole tSentryRole : listUserRoles) {
                    Assert.assertTrue(tSentryRole.getRoleName(), tSentryRole.getRoleName().equalsIgnoreCase("admin_r"));
                    Assert.assertTrue(tSentryRole.getGroups().size() == 1);
                    Iterator it = tSentryRole.getGroups().iterator();
                    while (it.hasNext()) {
                        Assert.assertEquals("g1", (String) it.next());
                    }
                }
                TestSentryGenericServiceIntegration.this.client.deleteRoleToGroups("admin_user", "admin_r", "SOLR", Sets.newHashSet(new String[]{"g1"}));
                Assert.assertEquals("Incorrect number of roles", 0L, TestSentryGenericServiceIntegration.this.client.listUserRoles("admin_user", "SOLR").size());
                TestSentryGenericServiceIntegration.this.client.dropRole("admin_user", "admin_r", "SOLR");
            }
        });
    }

    @Test
    public void testGranRevokePrivilege() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.3
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r2", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r2", "SOLR");
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "update");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r2", "SOLR", tSentryPrivilege2);
                TestSentryGenericServiceIntegration.this.client.revokePrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege);
                TestSentryGenericServiceIntegration.this.client.revokePrivilege("admin_user", "admin_r2", "SOLR", tSentryPrivilege2);
            }
        });
    }

    @Test
    public void testMultipleRolesSamePrivilege() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.4
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r2", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r2", "SOLR");
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege);
                Assert.assertTrue("Privilege not assigned to role1 !!", TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1").size() == 1);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r2", "SOLR", tSentryPrivilege);
                Assert.assertTrue("Privilege not assigned to role2 !!", TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r2", "SOLR", "service1").size() == 1);
            }
        });
    }

    @Test
    public void testShowRoleGrant() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.5
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"group1"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "admin_r1", "SOLR", Sets.newHashSet(new String[]{"group1"}));
                Set<TSentryRole> listRolesByGroupName = TestSentryGenericServiceIntegration.this.client.listRolesByGroupName("admin_user", "group1", "SOLR");
                Assert.assertTrue(listRolesByGroupName.size() == 1);
                for (TSentryRole tSentryRole : listRolesByGroupName) {
                    Assert.assertTrue(tSentryRole.getRoleName(), tSentryRole.getRoleName().equalsIgnoreCase("admin_r1"));
                    Assert.assertTrue(tSentryRole.getGroups().size() == 1);
                    Iterator it = tSentryRole.getGroups().iterator();
                    while (it.hasNext()) {
                        Assert.assertEquals("group1", (String) it.next());
                    }
                }
                TestSentryGenericServiceIntegration.this.client.dropRole("admin_user", "admin_r1", "SOLR");
            }
        });
    }

    @Test
    public void testShowGrant() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.6
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.dropRoleIfExists("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "update");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege2);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege);
                Assert.assertTrue(TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1").size() == 2);
                TestSentryGenericServiceIntegration.this.client.revokePrivilege("admin_user", "admin_r1", "SOLR", tSentryPrivilege2);
                Assert.assertTrue(TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1").size() == 1);
            }
        });
    }

    @Test
    public void testSameGrantTwice() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.7
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query"));
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1").size());
            }
        });
    }

    @Test
    public void testGrantRevokeWithGrantOption() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.8
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                HashSet newHashSet = Sets.newHashSet(new String[]{"admin_group"});
                HashSet newHashSet2 = Sets.newHashSet(new String[]{"group1"});
                HashSet newHashSet3 = Sets.newHashSet(new String[]{"group2"});
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", newHashSet);
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("user1", newHashSet2);
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("user2", newHashSet3);
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "grant_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "no_grant_r", "SOLR");
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "test_role", "SOLR");
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"))), "query");
                tSentryPrivilege.setGrantOption(TSentryGrantOption.TRUE);
                TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"))), "query");
                tSentryPrivilege2.setGrantOption(TSentryGrantOption.FALSE);
                TSentryPrivilege tSentryPrivilege3 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                tSentryPrivilege3.setGrantOption(TSentryGrantOption.FALSE);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "grant_r", "SOLR", tSentryPrivilege);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "no_grant_r", "SOLR", tSentryPrivilege2);
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "grant_r", "SOLR", newHashSet2);
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "no_grant_r", "SOLR", newHashSet3);
                try {
                    TestSentryGenericServiceIntegration.this.client.grantPrivilege("user1", "test_role", "SOLR", tSentryPrivilege3);
                } catch (SentryUserException e) {
                    Assert.fail("grantOptionUser failed grant privilege to user");
                }
                try {
                    TestSentryGenericServiceIntegration.this.client.grantPrivilege("user2", "test_role", "SOLR", tSentryPrivilege3);
                    Assert.fail("noGrantOptionUser can't grant privilege to user");
                } catch (SentryUserException e2) {
                }
                try {
                    TestSentryGenericServiceIntegration.this.client.revokePrivilege("user1", "test_role", "SOLR", tSentryPrivilege3);
                } catch (SentryUserException e3) {
                    Assert.fail("grantOptionUser failed revoke privilege to user");
                }
                try {
                    TestSentryGenericServiceIntegration.this.client.revokePrivilege("user2", "test_role", "SOLR", tSentryPrivilege3);
                    Assert.fail("noGrantOptionUser can't revoke privilege to user");
                } catch (SentryUserException e4) {
                }
            }
        });
    }

    @Test
    public void testGetPrivilegeByHierarchy() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.9
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                HashSet newHashSet = Sets.newHashSet(new String[]{"admin_group"});
                HashSet newHashSet2 = Sets.newHashSet(new String[]{"group1"});
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", newHashSet);
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("user1", newHashSet2);
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "role1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "role1", "SOLR", newHashSet2);
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))), "update");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "role1", "SOLR", tSentryPrivilege);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "role1", "SOLR", tSentryPrivilege2);
                Assert.assertEquals(2L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("user1", "role1", "SOLR", "service1").size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("user1", "role1", "SOLR", "service1", Arrays.asList(new Collection("c1"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("user1", "role1", "SOLR", "service1", Arrays.asList(new Collection("c2"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("user1", "role1", "SOLR", "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("user1", "role1", "SOLR", "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
                ActiveRoleSet activeRoleSet = ActiveRoleSet.ALL;
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesForProvider("SOLR", "service1", activeRoleSet, newHashSet2, Arrays.asList(new Collection("c1"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesForProvider("SOLR", "service1", activeRoleSet, newHashSet2, Arrays.asList(new Collection("c2"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesForProvider("SOLR", "service1", activeRoleSet, newHashSet2, Arrays.asList(new Collection("c1"), new Field("f1"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesForProvider("SOLR", "service1", activeRoleSet, newHashSet2, Arrays.asList(new Collection("c2"), new Field("f2"))).size());
            }
        });
    }

    @Test
    public void testGetPrivilegeByAuthorizable() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.10
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                HashSet newHashSet = Sets.newHashSet(new String[]{"admin_group"});
                HashSet newHashSet2 = Sets.newHashSet(new String[]{"group1"});
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", newHashSet);
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("user1", newHashSet2);
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "role1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "role1", "SOLR", newHashSet);
                TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query");
                TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f2"))), "update");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "role1", "SOLR", tSentryPrivilege);
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "role1", "SOLR", tSentryPrivilege2);
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "admin_user", Sets.newHashSet(new String[]{new String("Collection=c1->Field=f1")}), (Set) null, (ActiveRoleSet) null).size());
                Assert.assertEquals(0L, ((TSentryPrivilegeMap) TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "admin_user", Sets.newHashSet(new String[]{new String("Collection=c1->Field=f1")}), newHashSet2, (ActiveRoleSet) null).get(new String("Collection=c1->Field=f1"))).getPrivilegeMap().size());
                ActiveRoleSet activeRoleSet = ActiveRoleSet.ALL;
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "admin_user", Sets.newHashSet(new String[]{new String("Collection=c1->Field=f1")}), (Set) null, activeRoleSet).size());
                Assert.assertEquals(1L, ((TSentryPrivilegeMap) TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "admin_user", Sets.newHashSet(new String[]{new String("Collection=c1->Field=f1")}), (Set) null, activeRoleSet).get(new String("Collection=c1->Field=f1"))).getPrivilegeMap().size());
                Assert.assertEquals(0L, ((TSentryPrivilegeMap) TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "user1", Sets.newHashSet(new String[]{new String("Collection=c1->Field=f1")}), (Set) null, activeRoleSet).get(new String("Collection=c1->Field=f1"))).getPrivilegeMap().size());
                TestSentryGenericServiceIntegration.this.client.addRoleToGroups("admin_user", "role1", "SOLR", newHashSet2);
                TSentryPrivilegeMap tSentryPrivilegeMap = (TSentryPrivilegeMap) TestSentryGenericServiceIntegration.this.client.listPrivilegsbyAuthorizable("SOLR", "service1", "user1", Sets.newHashSet(new String[]{new String("Collection=c1")}), (Set) null, activeRoleSet).get(new String("Collection=c1"));
                Assert.assertEquals(1L, tSentryPrivilegeMap.getPrivilegeMap().size());
                Assert.assertEquals(2L, ((Set) tSentryPrivilegeMap.getPrivilegeMap().get("role1")).size());
            }
        });
    }

    @Test
    public void testDropAndRenamePrivilege() throws Exception {
        runTestAsSubject(new SentryServiceIntegrationBase.TestOperation() { // from class: org.apache.sentry.provider.db.generic.service.thrift.TestSentryGenericServiceIntegration.11
            @Override // org.apache.sentry.service.thrift.SentryServiceIntegrationBase.TestOperation
            public void runTestAsSubject() throws Exception {
                TestSentryGenericServiceIntegration.this.setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
                TestSentryGenericServiceIntegration.this.writePolicyFile();
                TestSentryGenericServiceIntegration.this.client.createRole("admin_user", "admin_r1", "SOLR");
                TestSentryGenericServiceIntegration.this.client.grantPrivilege("admin_user", "admin_r1", "SOLR", new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), "query"));
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
                Assert.assertEquals(0L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
                TestSentryGenericServiceIntegration.this.client.renamePrivilege("admin_user", "SOLR", "service1", Arrays.asList(new Collection("c1"), new Field("f1")), Arrays.asList(new Collection("c2"), new Field("f2")));
                Assert.assertEquals(0L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
                Assert.assertEquals(1L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
                TestSentryGenericServiceIntegration.this.client.dropPrivilege("admin_user", "SOLR", new TSentryPrivilege("SOLR", "service1", TestSentryGenericServiceIntegration.this.fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))), "query"));
                Assert.assertEquals(0L, TestSentryGenericServiceIntegration.this.client.listPrivilegesByRoleName("admin_user", "admin_r1", "SOLR", "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<TAuthorizable> fromAuthorizable(List<? extends Authorizable> list) {
        ArrayList newArrayList = Lists.newArrayList();
        for (Authorizable authorizable : list) {
            newArrayList.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
        }
        return newArrayList;
    }
}
