package org.gridgain.grid.util;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCluster;
import org.apache.ignite.cluster.ClusterState;
import org.apache.ignite.configuration.ConnectorConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.commandline.CommandHandler;
import org.apache.ignite.plugin.PluginConfiguration;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.SystemPropertiesList;
import org.apache.ignite.testframework.junits.WithSystemProperty;
import org.apache.ignite.util.GridCommandHandlerTest;
import org.gridgain.grid.configuration.GridGainConfiguration;
import org.gridgain.grid.security.certificate.CertificateAuthenticator;
import org.gridgain.grid.security.certificate.IssuerRegexPredicate;
import org.junit.Test;

/* loaded from: input_file:org/gridgain/grid/util/GridCommandHandlerCertificateAuthenticatorTest.class */
public class GridCommandHandlerCertificateAuthenticatorTest extends GridCommandHandlerTest {
    private static final String DEFAULT_DS_GROUP_NAME = "default-ds-group";
    private boolean addCredentialsToArgs = true;
    private String taskPermissions = "TASK_EXECUTE";
    private String systemPermissions = "ADMIN_OPS,ADMIN_VIEW,JOIN_AS_SERVER,CACHE_PUT,CACHE_CREATE";
    static final /* synthetic */ boolean $assertionsDisabled;

    protected IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        CertificateAuthenticator certificateAuthenticator = new CertificateAuthenticator();
        certificateAuthenticator.setPermissionsJson(Collections.singletonMap(new IssuerRegexPredicate(".*\\bEMAILADDRESS=twoca@ignite\\.apache\\.org\\b.*"), "{defaultAllow:false,{cache:'default',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'default0',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'ignite-sys-atomic-cache@default-volatile-ds-group',permissions:[CACHE_READ,CACHE_PUT]},{cache:'ignite-sys-atomic-cache@default-ds-group',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{task:'*',permissions:[" + this.taskPermissions + "]}, {system:[" + this.systemPermissions + "]}}"));
        PluginConfiguration gridGainConfiguration = new GridGainConfiguration();
        gridGainConfiguration.setAuthenticator(certificateAuthenticator);
        configuration.setPluginConfigurations(new PluginConfiguration[]{gridGainConfiguration});
        configuration.setConnectorConfiguration(new ConnectorConfiguration().setSslEnabled(true).setSslClientAuth(true).setSslFactory(GridTestUtils.sslTrustedFactory("node02", "trusttwo")));
        return configuration;
    }

    protected void addExtraArguments(List<String> list) {
        super.addExtraArguments(list);
        if (this.addCredentialsToArgs) {
            list.addAll(Arrays.asList("--keystore", GridTestUtils.keyStorePath("node03"), "--keystore-password", GridTestUtils.keyStorePassword(), "--truststore", GridTestUtils.keyStorePath("trustboth"), "--truststore-password", GridTestUtils.keyStorePassword()));
        }
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithoutAuthentication() throws Exception {
        this.addCredentialsToArgs = false;
        try {
            startGrids(1);
            CommandHandler commandHandler = new CommandHandler();
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--activate"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--deactivate"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--state"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--baseline"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--wal", "print"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--wal", "delete"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--tx"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--cache", "idle_verify", "--dump"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--cache", "idle_verify"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--cache", "list", ".*"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--rolling-upgrade", "start"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--rolling-upgrade", "finish"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--rolling-upgrade", "force"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--rolling-upgrade", "status"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--change-tag", "new_tag_value"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--diagnostic", "pageLocks", "dump"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--baseline"}));
            assertEquals(2, execute(commandHandler, new String[]{"--connection-timeout", "1000", "--dr", "state"}));
        } finally {
            this.addCredentialsToArgs = true;
        }
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWrongCredentials() throws Exception {
        this.addCredentialsToArgs = false;
        try {
            startGrids(1);
            CommandHandler commandHandler = new CommandHandler();
            List<String> asList = Arrays.asList("--keystore", GridTestUtils.keyStorePath("node01"), "--keystore-password", GridTestUtils.keyStorePassword(), "--truststore", GridTestUtils.keyStorePath("trusttwo"), "--truststore-password", GridTestUtils.keyStorePassword());
            assertEquals(2, execute(asList, commandHandler, "--activate"));
            assertEquals(2, execute(asList, commandHandler, "--deactivate"));
            assertEquals(2, execute(asList, commandHandler, "--state"));
            assertEquals(2, execute(asList, commandHandler, "--baseline"));
            assertEquals(2, execute(asList, commandHandler, "--wal", "print"));
            assertEquals(2, execute(asList, commandHandler, "--wal", "delete"));
            assertEquals(2, execute(asList, commandHandler, "--tx"));
            assertEquals(2, execute(asList, commandHandler, "--cache", "idle_verify", "--dump"));
            assertEquals(2, execute(asList, commandHandler, "--cache", "idle_verify"));
            assertEquals(2, execute(asList, commandHandler, "--cache", "list", ".*"));
            assertEquals(2, execute(asList, commandHandler, "--rolling-upgrade", "start"));
            assertEquals(2, execute(asList, commandHandler, "--rolling-upgrade", "finish"));
            assertEquals(2, execute(asList, commandHandler, "--rolling-upgrade", "force"));
            assertEquals(2, execute(asList, commandHandler, "--rolling-upgrade", "status"));
            assertEquals(2, execute(asList, commandHandler, "--change-tag", "new_tag_value"));
            this.addCredentialsToArgs = true;
        } catch (Throwable th) {
            this.addCredentialsToArgs = true;
            throw th;
        }
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithAdminOpsOnly() throws Exception {
        this.taskPermissions = "";
        this.systemPermissions = "ADMIN_OPS,JOIN_AS_SERVER";
        executeCommands(startGrids(2), 0);
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithAdminOpsOnlyNonCrd() throws Exception {
        this.taskPermissions = "";
        this.systemPermissions = "ADMIN_OPS,JOIN_AS_SERVER";
        startGrids(2);
        executeCommands(grid(0), grid(1), 0);
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithoutAdminOps() throws Exception {
        this.systemPermissions = this.systemPermissions.replace("ADMIN_OPS,", "");
        executeCommands(startGrid(), 4);
    }

    private void executeCommands(Ignite ignite, int i) {
        executeCommands(ignite, ignite, i);
    }

    private void executeCommands(Ignite ignite, Ignite ignite2, int i) {
        if (!$assertionsDisabled && !Objects.nonNull(ignite)) {
            throw new AssertionError();
        }
        IgniteCluster cluster = ignite.cluster();
        if (!ClusterState.active(cluster.state())) {
            cluster.state(ClusterState.ACTIVE);
        }
        String obj = ignite2.cluster().localNode().attributes().get("org.apache.ignite.rest.tcp.port").toString();
        CommandHandler commandHandler = new CommandHandler();
        String uuid = ignite.cluster().localNode().id().toString();
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "find_garbage", uuid, "--delete"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "distribution", uuid}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "reset_lost_partitions", "default"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "contention", "1", uuid}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--dr", "state"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--diagnostic", "pageLocks", "dump"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--change-tag", "new_tag_value"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--rolling-upgrade", "status"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--rolling-upgrade", "start"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--rolling-upgrade", "finish"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--rolling-upgrade", "force"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "validate_indexes"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "list", ".*"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "idle_verify"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--cache", "idle_verify", "--dump"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--tx"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--wal", "delete"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--wal", "print"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--baseline"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--deactivate"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--activate"}));
        assertEquals(i, execute(commandHandler, new String[]{"--port", obj, "--state"}));
    }

    private int execute(List<String> list, CommandHandler commandHandler, String... strArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(strArr));
        arrayList.addAll(list);
        return execute(commandHandler, (String[]) arrayList.toArray(new String[0]));
    }

    static {
        $assertionsDisabled = !GridCommandHandlerCertificateAuthenticatorTest.class.desiredAssertionStatus();
    }
}
