package org.apache.sentry.provider.db.service.persistent;

import com.google.common.io.Files;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.metastore.api.Database;
import org.apache.hadoop.hive.metastore.api.NotificationEvent;
import org.apache.hadoop.hive.metastore.api.StorageDescriptor;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.messaging.EventMessage;
import org.apache.hadoop.security.alias.CredentialProvider;
import org.apache.hadoop.security.alias.CredentialProviderFactory;
import org.apache.sentry.api.service.thrift.TSentryPrivilege;
import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
import org.apache.sentry.binding.metastore.messaging.json.SentryJSONMessageFactory;
import org.apache.sentry.hdfs.Updateable;
import org.apache.sentry.provider.file.PolicyFile;
import org.apache.sentry.service.common.ServiceConstants;
import org.apache.sentry.service.thrift.HiveSimpleConnectionFactory;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/sentry/provider/db/service/persistent/TestHMSFollowerSentryStoreIntegration.class */
public class TestHMSFollowerSentryStoreIntegration {
    private static File dataDir;
    private static SentryStore sentryStore;
    private static PolicyFile policyFile;
    private static File policyFilePath;
    SentryJSONMessageFactory messageFactory = new SentryJSONMessageFactory();
    private static String[] adminGroups = {"adminGroup1"};
    private static Configuration conf = null;
    private static char[] passwd = {'1', '2', '3'};
    private static String dbName1 = "db1";
    private static String tableName1 = "table1";
    private static String serverName1 = "server1";
    static final String hiveInstance = serverName1;

    @BeforeClass
    public static void setup() throws Exception {
        conf = new Configuration(true);
        conf.set("hadoop.security.credential.provider.path", "user:///");
        CredentialProvider credentialProvider = (CredentialProvider) CredentialProviderFactory.getProviders(conf).get(0);
        if (credentialProvider.getCredentialEntry("sentry.store.jdbc.password") == null) {
            credentialProvider.createCredentialEntry("sentry.store.jdbc.password", passwd);
            credentialProvider.flush();
        }
        dataDir = new File(Files.createTempDir(), "sentry_policy_db");
        conf.set("sentry.verify.schema.version", "false");
        conf.set("sentry.store.jdbc.url", "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true");
        conf.set("sentry.store.jdbc.password", "dummy");
        conf.setStrings("sentry.service.admin.group", adminGroups);
        conf.set("sentry.store.group.mapping", "org.apache.sentry.provider.file.LocalGroupMappingService");
        policyFilePath = new File(dataDir, "local_policy_file.ini");
        conf.set("sentry.store.group.mapping.resource", policyFilePath.getPath());
        conf.setInt("sentry.store.transaction.retry", 10);
    }

    @Before
    public void before() throws Exception {
        sentryStore = new SentryStore(conf);
        sentryStore.setPersistUpdateDeltas(true);
        policyFile = new PolicyFile();
        addGroupsToUser("g1", adminGroups);
        writePolicyFile();
    }

    @After
    public void after() {
        if (sentryStore != null) {
            sentryStore.clearAllTables();
            sentryStore.stop();
        }
    }

    @AfterClass
    public static void teardown() {
        if (dataDir != null) {
            FileUtils.deleteQuietly(dataDir);
        }
    }

    protected static void addGroupsToUser(String str, String... strArr) {
        policyFile.addGroupsToUser(str, strArr);
    }

    protected static void writePolicyFile() throws Exception {
        policyFile.write(policyFilePath);
    }

    @Test
    public void testDropTableDropRelatedPermission() throws Exception {
        Configuration configuration = new Configuration();
        configuration.set(HiveAuthzConf.AuthzConfVars.AUTHZ_SERVER_NAME.getVar(), "server1");
        HMSFollower hMSFollower = new HMSFollower(configuration, sentryStore, (LeaderStatusMonitor) null, new HiveSimpleConnectionFactory(conf, new HiveConf()), (String) null);
        sentryStore.createSentryRole("list-privs-r1");
        TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
        tSentryPrivilege.setPrivilegeScope("TABLE");
        tSentryPrivilege.setServerName("server1");
        tSentryPrivilege.setDbName(dbName1);
        tSentryPrivilege.setTableName(tableName1);
        tSentryPrivilege.setCreateTime(System.currentTimeMillis());
        TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege2.setAction("SELECT");
        TSentryPrivilege tSentryPrivilege3 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege3.setAction("INSERT");
        TSentryPrivilege tSentryPrivilege4 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege4.setAction("*");
        TSentryPrivilege tSentryPrivilege5 = new TSentryPrivilege();
        tSentryPrivilege5.setPrivilegeScope("SERVER");
        tSentryPrivilege5.setServerName(serverName1);
        tSentryPrivilege5.setCreateTime(System.currentTimeMillis());
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege2, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege3, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege5, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege4, (Updateable.Update) null);
        StorageDescriptor storageDescriptor = new StorageDescriptor();
        storageDescriptor.setLocation("hdfs:///db1.db/table1");
        NotificationEvent notificationEvent = new NotificationEvent(1L, 0, EventMessage.EventType.DROP_TABLE.toString(), this.messageFactory.buildDropTableMessage(new Table(tableName1, dbName1, (String) null, 0, 0, 0, storageDescriptor, (List) null, (Map) null, (String) null, (String) null, (String) null)).toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add(notificationEvent);
        hMSFollower.processNotifications(arrayList);
        Assert.assertEquals(1L, sentryStore.getAllTSentryPrivilegesByRoleName("list-privs-r1").size());
    }

    @Test
    public void testDropDatabaseDropRelatedPermission() throws Exception {
        Configuration configuration = new Configuration();
        configuration.set(HiveAuthzConf.AuthzConfVars.AUTHZ_SERVER_NAME.getVar(), "server1");
        HMSFollower hMSFollower = new HMSFollower(configuration, sentryStore, (LeaderStatusMonitor) null, new HiveSimpleConnectionFactory(conf, new HiveConf()), (String) null);
        sentryStore.createSentryRole("list-privs-r1");
        TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
        tSentryPrivilege.setPrivilegeScope("DATABASE");
        tSentryPrivilege.setServerName("server1");
        tSentryPrivilege.setDbName(dbName1);
        tSentryPrivilege.setTableName(tableName1);
        tSentryPrivilege.setCreateTime(System.currentTimeMillis());
        TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege2.setAction("SELECT");
        TSentryPrivilege tSentryPrivilege3 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege3.setAction("INSERT");
        TSentryPrivilege tSentryPrivilege4 = new TSentryPrivilege(tSentryPrivilege);
        tSentryPrivilege4.setAction("*");
        TSentryPrivilege tSentryPrivilege5 = new TSentryPrivilege();
        tSentryPrivilege5.setPrivilegeScope("SERVER");
        tSentryPrivilege5.setServerName(serverName1);
        tSentryPrivilege5.setCreateTime(System.currentTimeMillis());
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege2, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege3, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege5, (Updateable.Update) null);
        sentryStore.alterSentryGrantPrivilege("g1", ServiceConstants.SentryPrincipalType.ROLE, "list-privs-r1", tSentryPrivilege4, (Updateable.Update) null);
        NotificationEvent notificationEvent = new NotificationEvent(1L, 0, EventMessage.EventType.DROP_DATABASE.toString(), this.messageFactory.buildDropDatabaseMessage(new Database(dbName1, (String) null, "hdfs:///" + dbName1, (Map) null)).toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add(notificationEvent);
        hMSFollower.processNotifications(arrayList);
        Assert.assertEquals(1L, sentryStore.getAllTSentryPrivilegesByRoleName("list-privs-r1").size());
    }
}
