package org.gridgain.grid.security.rolebased;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.CopyOnWriteArraySet;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Consumer;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.cluster.ClusterState;
import org.apache.ignite.configuration.CacheConfiguration;
import org.apache.ignite.configuration.ConnectorConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.internal.util.typedef.X;
import org.apache.ignite.plugin.PluginConfiguration;
import org.apache.ignite.plugin.security.SecurityCredentials;
import org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.core.Filter;
import org.apache.logging.log4j.core.Layout;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.LoggerContext;
import org.apache.logging.log4j.core.appender.AbstractAppender;
import org.apache.logging.log4j.core.config.Configuration;
import org.gridgain.control.agent.AbstractSelfTest;
import org.gridgain.control.agent.test.TestUtils;
import org.gridgain.database.utility.SnapshotUtility;
import org.gridgain.database.utility.commands.Command;
import org.gridgain.database.utility.commands.Commands;
import org.gridgain.grid.configuration.GridGainConfiguration;
import org.gridgain.grid.configuration.SnapshotConfiguration;
import org.gridgain.grid.persistentstore.SnapshotFuture;
import org.gridgain.grid.persistentstore.SnapshotOperationInfo;
import org.jetbrains.annotations.Nullable;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/gridgain/grid/security/rolebased/SnapshotUtilityRoledBasedAuthenticationTest.class */
public class SnapshotUtilityRoledBasedAuthenticationTest extends AbstractSelfTest {
    private static final String USERNAME = "user";
    private static final String PASSWORD = "user";
    private static final String USERNAME2 = "user2";
    private static final String PASSWORD2 = "user2";
    private static final String USERNAME3 = "user3";
    private static final String PASSWORD3 = "user3";
    private static final String ADMIN_USERNAME = "admin";
    private static final String ADMIN_PASSWORD = "admin";
    private static final String STATIC_USER = "default";
    private static final String STATIC_ROLE = "default";
    private static final String STATIC_PASSWORD = "default";
    private static final String USER_ROLE = "users";
    private static final String USER2_ROLE = "users2";
    private static final String USER3_ROLE = "users3";
    private static final String ADMIN_ROLE = "admins";

    /* loaded from: input_file:org/gridgain/grid/security/rolebased/SnapshotUtilityRoledBasedAuthenticationTest$ListeningTestAppender.class */
    public static class ListeningTestAppender extends AbstractAppender {
        public static final String NAME = "LISTENING_TEST_APPENDER";
        private final Collection<Consumer<String>> lsnrs;

        private ListeningTestAppender() {
            super(NAME, (Filter) null, (Layout) null);
            this.lsnrs = new CopyOnWriteArraySet();
        }

        public void registerListener(Consumer<String> consumer) {
            this.lsnrs.add(consumer);
        }

        public void unregisterListener(Consumer<String> consumer) {
            this.lsnrs.remove(consumer);
        }

        public void clearListeners() {
            this.lsnrs.clear();
        }

        public void append(LogEvent logEvent) {
            applyListeners(logEvent.getMessage() != null ? logEvent.getMessage().getFormattedMessage() : null);
            Throwable thrown = logEvent.getThrown();
            if (thrown != null) {
                applyListeners(X.getFullStackTrace(thrown));
            }
        }

        private void applyListeners(String str) {
            if (str == null) {
                return;
            }
            Iterator<Consumer<String>> it = this.lsnrs.iterator();
            while (it.hasNext()) {
                it.next().accept(str);
            }
        }

        public static ListeningTestAppender create() {
            LoggerContext context = LogManager.getContext(false);
            Configuration configuration = context.getConfiguration();
            ListeningTestAppender listeningTestAppender = new ListeningTestAppender();
            listeningTestAppender.start();
            configuration.addAppender(listeningTestAppender);
            configuration.getRootLogger().addAppender(listeningTestAppender, Level.TRACE, (Filter) null);
            context.updateLoggers(configuration);
            return listeningTestAppender;
        }

        public static void close() {
            LogManager.getContext(false).getConfiguration().removeAppender(NAME);
        }
    }

    @Before
    public void setup() throws IgniteCheckedException {
        cleanPersistenceDir();
        deleteDirectory("snapshot");
        stopAllGrids();
        IgniteEx startGrid = startGrid();
        startGrid.cluster().state(ClusterState.ACTIVE);
        createRolesAndUsers(startGrid);
    }

    @After
    public void teardown() {
        ListeningTestAppender.close();
        stopAllGrids();
    }

    public void createRolesAndUsers(IgniteEx igniteEx) {
        TestUtils.createRole(igniteEx, ADMIN_ROLE, "{defaultAllow:true}");
        TestUtils.createRole(igniteEx, USER_ROLE, "{defaultAllow:false,{system:[ADMIN_CACHE, ADMIN_OPS, ADMIN_VIEW]},{task:'*',permissions:[TASK_EXECUTE]},{cache:'*',permissions:[CACHE_READ, CACHE_PUT, CACHE_REMOVE]}}");
        TestUtils.createRole(igniteEx, USER2_ROLE, "{defaultAllow:false,{system:[ADMIN_OPS]}}");
        TestUtils.createRole(igniteEx, USER3_ROLE, "{defaultAllow:false,{system:[]}}");
        TestUtils.createUser(igniteEx, "admin", "admin", ADMIN_ROLE);
        TestUtils.createUser(igniteEx, "user", "user", USER_ROLE);
        TestUtils.createUser(igniteEx, "user2", "user2", USER2_ROLE);
        TestUtils.createUser(igniteEx, "user3", "user3", USER3_ROLE);
    }

    @Test
    public void testWithoutAuthentication() {
        System.setIn(new InputStream() { // from class: org.gridgain.grid.security.rolebased.SnapshotUtilityRoledBasedAuthenticationTest.1
            private int i = 0;

            @Override // java.io.InputStream
            public int read() {
                int charAt = this.i < "user".length() + 2 ? SnapshotUtilityRoledBasedAuthenticationTest.charAt("user", this.i) : this.i < "user".length() + 5 ? SnapshotUtilityRoledBasedAuthenticationTest.charAt("1", (this.i - "user".length()) - 2) : this.i < "user".length() + 8 ? SnapshotUtilityRoledBasedAuthenticationTest.charAt("2", (this.i - "user".length()) - 5) : SnapshotUtilityRoledBasedAuthenticationTest.charAt("3", (this.i - "user".length()) - 8);
                this.i++;
                return charAt;
            }
        });
        Command command = Commands.LIST.command();
        Assert.assertEquals(command.errorCode(220), command.execute(new String[]{"list"}));
        Assert.assertEquals(0L, command.execute(new String[]{"list", "-USER=user", "-PASSWORD=user"}));
        Assert.assertEquals(command.errorCode(220), command.execute(new String[]{"list", "-USER=user", "-PASSWORD=wrong"}));
    }

    @Test
    public void testReadPasswordOfConsole() {
        System.setIn(new InputStream() { // from class: org.gridgain.grid.security.rolebased.SnapshotUtilityRoledBasedAuthenticationTest.2
            private int i = 0;

            @Override // java.io.InputStream
            public int read() {
                int charAt = SnapshotUtilityRoledBasedAuthenticationTest.charAt("user", this.i);
                this.i++;
                return charAt;
            }
        });
        Command command = Commands.LIST.command();
        Assert.assertEquals(command.errorCode(220), command.execute(new String[]{"list", "-USER=user"}));
    }

    @Test
    public void testReadUserAndPasswordOfConsole() {
        System.setIn(new InputStream() { // from class: org.gridgain.grid.security.rolebased.SnapshotUtilityRoledBasedAuthenticationTest.3
            private int i = 0;

            @Override // java.io.InputStream
            public int read() {
                int charAt = this.i < "user".length() + 2 ? SnapshotUtilityRoledBasedAuthenticationTest.charAt("user", this.i) : SnapshotUtilityRoledBasedAuthenticationTest.charAt("user", (this.i - "user".length()) - 2);
                this.i++;
                return charAt;
            }
        });
        Command command = Commands.LIST.command();
        Assert.assertEquals(command.errorCode(220), command.execute(new String[]{"list"}));
    }

    @Test
    public void testCheckCmdWithAdminOpsOnly() {
        execCheckCmdForCheckAdminOps(0, "user2", "user2");
    }

    @Test
    public void testCheckCmdWithoutAdminOps() {
        execCheckCmdForCheckAdminOps(5, "user3", "user3");
    }

    @Test
    public void testExecutePitrEnabledTaskWithoutPermissionIssues() {
        AtomicInteger atomicInteger = new AtomicInteger();
        ListeningTestAppender.create().registerListener(str -> {
            if (str.contains("Result of checking snapshot schedule for PITR:")) {
                atomicInteger.incrementAndGet();
            }
        });
        Assert.assertEquals(0L, exec("user", "user", Commands.SNAPSHOT, "-type=full"));
        Assert.assertEquals(1L, atomicInteger.get());
    }

    @Test
    public void testInfoCmdWithoutAdminView() {
        Assert.assertEquals(5L, exec("user3", "user3", Commands.LIST, new String[0]));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.gridgain.control.agent.AbstractSelfTest
    public IgniteConfiguration getConfiguration(String str) {
        return super.getConfiguration(str).setCacheConfiguration(new CacheConfiguration[]{TestUtils.nebulaUserCacheConfiguration(), TestUtils.nebulaRoleCacheConfiguration()}).setPluginConfigurations(new PluginConfiguration[]{new GridGainConfiguration().setAuthenticator(new RoleBasedAuthenticator().setStaticRoles(F.asMap("default", "{defaultAllow:true}")).setStaticUsers(F.asMap("default", new UserCredential("default", "default")))).setSecurityCredentialsProvider(new SecurityCredentialsBasicProvider(new SecurityCredentials("default", "default"))).setSnapshotConfiguration(new SnapshotConfiguration())});
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static int charAt(String str, int i) {
        return i < str.length() ? str.charAt(i) : i == str.length() ? '\n' : (char) 65535;
    }

    private void execCheckCmdForCheckAdminOps(int i, String str, String str2) {
        IgniteEx startGrids = startGrids(1);
        SnapshotFuture<Void> createFullSnapshot = TestUtils.createFullSnapshot(startGrids.cluster().ignite(), null, null);
        createFullSnapshot.get(20L, TimeUnit.SECONDS);
        SnapshotFuture<Void> createSnapshot = TestUtils.createSnapshot(startGrids.cluster().ignite(), null, null);
        createSnapshot.get(20L, TimeUnit.SECONDS);
        List asList = Arrays.asList(createFullSnapshot.snapshotOperation(), createSnapshot.snapshotOperation());
        ConnectorConfiguration connectorConfiguration = startGrids.configuration().getConnectorConfiguration();
        Iterator it = asList.iterator();
        while (it.hasNext()) {
            Assert.assertEquals(i, exec(str, str2, Commands.CHECK, port(connectorConfiguration), id((SnapshotOperationInfo) it.next())));
        }
    }

    protected String id(SnapshotOperationInfo snapshotOperationInfo) {
        Objects.requireNonNull(snapshotOperationInfo);
        return "-id=" + snapshotOperationInfo.snapshotId();
    }

    private String port(ConnectorConfiguration connectorConfiguration) {
        Assert.assertNotNull(connectorConfiguration);
        return "-PORT=" + connectorConfiguration.getPort();
    }

    protected int exec(String str, String str2, Commands commands, @Nullable String... strArr) {
        Assert.assertNotNull(commands);
        ArrayList arrayList = new ArrayList(Collections.singletonList(commands.name()));
        if (Objects.nonNull(strArr)) {
            arrayList.addAll(Arrays.asList(strArr));
        }
        arrayList.add("-USER=" + str);
        arrayList.add("-PASSWORD=" + str2);
        return new SnapshotUtility().execute((String[]) arrayList.toArray(new String[0]));
    }
}
