package org.gridgain.control.agent.action.controller;

import java.net.InetSocketAddress;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.function.Predicate;
import org.apache.ignite.IgniteCache;
import org.apache.ignite.internal.GridKernalContext;
import org.apache.ignite.internal.processors.query.GridRunningQueryInfo;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.plugin.security.SecurityCredentials;
import org.gridgain.control.agent.dto.action.AuthenticateCredentials;
import org.gridgain.control.agent.dto.action.JobResponse;
import org.gridgain.control.agent.dto.action.Request;
import org.gridgain.control.agent.dto.action.Status;
import org.gridgain.control.agent.dto.action.TaskResponse;
import org.gridgain.control.agent.dto.action.query.CancelQueryArgument;
import org.gridgain.control.agent.dto.action.query.QueryArgument;
import org.gridgain.control.agent.dto.action.query.QueryHistoryArgument;
import org.gridgain.control.agent.dto.action.query.RunningQueriesArgument;
import org.gridgain.control.agent.dto.action.query.ScanQueryArgument;
import org.gridgain.control.agent.test.TestSqlTestFunctions;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/gridgain/control/agent/action/controller/QueryActionsControllerWithGridGainSecurityTest.class */
public class QueryActionsControllerWithGridGainSecurityTest extends AbstractActionControllerWithGridGainSecurityTest {
    private static final String KILL_QUERY_ACCOUNT = "killQuery";

    @Override // org.gridgain.control.agent.action.controller.AbstractActionControllerWithGridGainSecurityTest
    protected Map<SecurityCredentials, String> prepareCustomCredentials() {
        HashMap hashMap = new HashMap(1);
        hashMap.put(new SecurityCredentials(KILL_QUERY_ACCOUNT, "123456"), "{     defaultAllow: false,    {        system:[KILL_QUERY]    }}");
        return hashMap;
    }

    @Test
    public void shouldSendNotEnoughPermissionsOnExecutingSecuredAction() {
        GridKernalContext context = this.cluster.ignite().context();
        UUID authenticate = authenticate(new AuthenticateCredentials().setCredentials(new SecurityCredentials("no_access", "123456")).setAddress(InetSocketAddress.createUnresolved("localhost", 8090)));
        Request sessionId = new Request().setId(UUID.randomUUID()).setAction("QueryActions.executeSqlQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setArgument(new QueryArgument().setQueryId("qry").setQueryText("create table people (id int primary key, name varchar);").setPageSize(10)).setSessionId(authenticate);
        executeAction(sessionId, list -> {
            JobResponse jobResponse = (JobResponse) F.first(list);
            Assert.assertEquals(Status.FAILED, taskResult(sessionId.getId()).getStatus());
            Assert.assertEquals(-32002L, jobResponse.getError().getCode());
            Assert.assertTrue(jobResponse.getError().getMessage().startsWith("Authorization failed [perm=CACHE_CREATE"));
            return true;
        });
        this.cluster.ignite().createCache("test_cache").put("key_1", "value_1");
        Request sessionId2 = new Request().setAction("QueryActions.executeScanQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new ScanQueryArgument().setCacheName("test_cache").setQueryId("qry").setPageSize(1)).setSessionId(authenticate);
        executeAction(sessionId2, list2 -> {
            JobResponse jobResponse = (JobResponse) F.first(list2);
            Assert.assertEquals(Status.FAILED, taskResult(sessionId2.getId()).getStatus());
            Assert.assertEquals(-32002L, jobResponse.getError().getCode());
            Assert.assertTrue(jobResponse.getError().getMessage().startsWith("Authorization failed [perm=CACHE_READ"));
            return true;
        });
        UUID authenticate2 = authenticate(new AuthenticateCredentials().setCredentials(new SecurityCredentials("admin", "123456")).setAddress(InetSocketAddress.createUnresolved("localhost", 8090)));
        IgniteCache createCacheWithSqlTestFunctions = createCacheWithSqlTestFunctions(0);
        createCacheWithSqlTestFunctions.put(1, "value_2");
        createCacheWithSqlTestFunctions.put(2, "value_2");
        createCacheWithSqlTestFunctions.put(3, "value_3");
        TestSqlTestFunctions.sleepMs = 5000L;
        Request sessionId3 = new Request().setAction("QueryActions.executeSqlQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new QueryArgument().setQueryId(UUID.randomUUID().toString()).setQueryText("SELECT count(*), sleep() AS SLEEP FROM \"TestCache\".STRING").setPageSize(1).setDefaultSchema("TestCache")).setSessionId(authenticate2);
        executeAction(sessionId3, list3 -> {
            TaskResponse taskResult = taskResult(sessionId3.getId());
            return Boolean.valueOf(taskResult != null && taskResult.getStatus() == Status.RUNNING);
        });
        Request sessionId4 = new Request().setAction("QueryActions.kill").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new CancelQueryArgument().setQueryId(((GridRunningQueryInfo) F.first(context.query().runningQueries(-1L))).globalQueryId())).setSessionId(authenticate);
        executeAction(sessionId4, list4 -> {
            JobResponse jobResponse = (JobResponse) F.first(list4);
            Assert.assertEquals(Status.FAILED, taskResult(sessionId4.getId()).getStatus());
            Assert.assertEquals(-32002L, jobResponse.getError().getCode());
            Assert.assertTrue(jobResponse.getError().getMessage().startsWith("Authorization failed [perm=KILL_QUERY"));
            return true;
        });
        Request sessionId5 = new Request().setAction("QueryActions.runningQueries").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new RunningQueriesArgument().setDuration(-1L)).setSessionId(authenticate);
        executeAction(sessionId5, list5 -> {
            JobResponse jobResponse = (JobResponse) F.first(list5);
            Assert.assertEquals(Status.FAILED, taskResult(sessionId5.getId()).getStatus());
            Assert.assertEquals(-32002L, jobResponse.getError().getCode());
            Assert.assertTrue(jobResponse.getError().getMessage().startsWith("Authorization failed [perm=GET_QUERY_VIEWS"));
            return true;
        });
        Request sessionId6 = new Request().setAction("QueryActions.history").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new QueryHistoryArgument()).setSessionId(authenticate);
        executeAction(sessionId6, list6 -> {
            JobResponse jobResponse = (JobResponse) F.first(list6);
            Assert.assertEquals(Status.FAILED, taskResult(sessionId6.getId()).getStatus());
            Assert.assertEquals(-32002L, jobResponse.getError().getCode());
            Assert.assertTrue(jobResponse.getError().getMessage().startsWith("Authorization failed [perm=GET_QUERY_VIEWS"));
            return true;
        });
    }

    @Test
    public void shouldExecuteSecuredAction() {
        GridKernalContext context = this.cluster.ignite().context();
        UUID authenticate = authenticate(new AuthenticateCredentials().setCredentials(new SecurityCredentials("admin", "123456")).setAddress(InetSocketAddress.createUnresolved("localhost", 8090)));
        this.cluster.ignite().createCache("test_cache").put("key_1", "value_1");
        executeAction(new Request().setAction("QueryActions.executeScanQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new ScanQueryArgument().setCacheName("test_cache").setQueryId("qry").setPageSize(1)).setSessionId(authenticate), list -> {
            JobResponse jobResponse = (JobResponse) F.first(list);
            return Boolean.valueOf(jobResponse != null && jobResponse.getStatus() == Status.COMPLETED);
        });
        IgniteCache createCacheWithSqlTestFunctions = createCacheWithSqlTestFunctions(0);
        createCacheWithSqlTestFunctions.put(1, "value_2");
        createCacheWithSqlTestFunctions.put(2, "value_2");
        createCacheWithSqlTestFunctions.put(3, "value_3");
        TestSqlTestFunctions.sleepMs = 5000L;
        Request sessionId = new Request().setAction("QueryActions.executeSqlQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new QueryArgument().setQueryId(UUID.randomUUID().toString()).setQueryText("SELECT count(*), sleep() AS SLEEP FROM \"TestCache\".STRING").setPageSize(1).setDefaultSchema("TestCache")).setSessionId(authenticate);
        executeAction(sessionId, list2 -> {
            TaskResponse taskResult = taskResult(sessionId.getId());
            return Boolean.valueOf(taskResult != null && taskResult.getStatus() == Status.RUNNING);
        });
        executeAction(new Request().setAction("QueryActions.kill").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new CancelQueryArgument().setQueryId(((GridRunningQueryInfo) F.first(context.query().runningQueries(-1L))).globalQueryId())).setSessionId(authenticate), list3 -> {
            JobResponse jobResponse = (JobResponse) F.first(list3);
            return Boolean.valueOf(jobResponse != null && jobResponse.getStatus() == Status.COMPLETED);
        });
        executeAction(new Request().setAction("QueryActions.runningQueries").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new RunningQueriesArgument().setDuration(-1L)).setSessionId(authenticate), list4 -> {
            JobResponse jobResponse = (JobResponse) F.first(list4);
            return Boolean.valueOf(jobResponse != null && jobResponse.getStatus() == Status.COMPLETED);
        });
        executeAction(new Request().setAction("QueryActions.history").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new QueryHistoryArgument()).setSessionId(authenticate), list5 -> {
            JobResponse jobResponse = (JobResponse) F.first(list5);
            return Boolean.valueOf(jobResponse != null && jobResponse.getStatus() == Status.COMPLETED);
        });
    }

    @Test
    public void shouldPerformClearWithKillQueryAccount() {
        checkSecureCancelQuery(KILL_QUERY_ACCOUNT, "123456", jobResponse -> {
            return Status.COMPLETED == jobResponse.getStatus();
        });
    }

    @Test
    public void shouldFailClearWithNoAccessAccount() {
        checkSecureCancelQuery("no_access", "123456", jobResponse -> {
            return Status.FAILED == jobResponse.getStatus() && -32002 == jobResponse.getError().getCode();
        });
    }

    private <K, V> IgniteCache<K, V> createCacheWithSqlTestFunctions(int i) {
        return this.cluster.ignite().getOrCreateCache(cacheConfiguration("TestCache").setQueryDetailMetricsSize(i).setIndexedTypes(new Class[]{Integer.class, String.class}).setSqlFunctionClasses(new Class[]{TestSqlTestFunctions.class}));
    }

    private void checkSecureCancelQuery(String str, String str2, Predicate<JobResponse> predicate) {
        UUID authenticate = authenticate(new AuthenticateCredentials().setCredentials(new SecurityCredentials("admin", "123456")));
        UUID authenticate2 = authenticate(new AuthenticateCredentials().setCredentials(new SecurityCredentials(str, str2)));
        GridKernalContext context = this.cluster.ignite().context();
        IgniteCache createCacheWithSqlTestFunctions = createCacheWithSqlTestFunctions(0);
        createCacheWithSqlTestFunctions.put(1, "value_2");
        createCacheWithSqlTestFunctions.put(2, "value_2");
        createCacheWithSqlTestFunctions.put(3, "value_3");
        TestSqlTestFunctions.sleepMs = 5000L;
        Request sessionId = new Request().setAction("QueryActions.executeSqlQuery").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new QueryArgument().setQueryId(UUID.randomUUID().toString()).setQueryText("SELECT count(*), sleep() AS SLEEP FROM \"TestCache\".STRING").setPageSize(1).setDefaultSchema("TestCache")).setSessionId(authenticate);
        executeAction(sessionId, list -> {
            TaskResponse taskResult = taskResult(sessionId.getId());
            return Boolean.valueOf(taskResult != null && taskResult.getStatus() == Status.RUNNING);
        });
        executeAction(new Request().setAction("QueryActions.cancel").setNodeIds(Collections.singleton(this.cluster.localNode().id())).setId(UUID.randomUUID()).setArgument(new CancelQueryArgument().setQueryId(((GridRunningQueryInfo) F.first(context.query().runningQueries(-1L))).globalQueryId())).setSessionId(authenticate2), list2 -> {
            JobResponse jobResponse = (JobResponse) F.first(list2);
            return Boolean.valueOf(jobResponse != null && predicate.test(jobResponse));
        });
    }
}
