package org.gridgain.plugin.security;

import java.util.HashMap;
import java.util.Map;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.IgniteException;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.util.typedef.G;
import org.apache.ignite.internal.util.typedef.X;
import org.apache.ignite.plugin.PluginConfiguration;
import org.apache.ignite.plugin.security.SecurityCredentials;
import org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider;
import org.apache.ignite.spi.IgniteSpiException;
import org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi;
import org.apache.ignite.spi.discovery.tcp.ipfinder.TcpDiscoveryIpFinder;
import org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder;
import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
import org.gridgain.grid.authentication.passcode.GridDifferentCredentialSelfTest;
import org.gridgain.grid.configuration.GridGainConfiguration;
import org.gridgain.grid.security.Authenticator;
import org.gridgain.grid.security.passcode.AuthenticationAclBasicProvider;
import org.gridgain.grid.security.passcode.PasscodeAuthenticator;
import org.junit.Test;

/* loaded from: input_file:org/gridgain/plugin/security/PasscodeSecurityPermissionsCheckSelfTest.class */
public class PasscodeSecurityPermissionsCheckSelfTest extends GridCommonAbstractTest {
    private static final Map<SecurityCredentials, String> dfltPermsMap = new HashMap();
    private static final TcpDiscoveryIpFinder IP_FINDER = new TcpDiscoveryVmIpFinder(true);

    @Test
    public void testSamePermissionsAuthorization() throws Exception {
        String testIgniteInstanceName = getTestIgniteInstanceName(1);
        Ignite startGrid = startGrid(testIgniteInstanceName, getConfiguration(testIgniteInstanceName, dfltPermsMap));
        Throwable th = null;
        try {
            String testIgniteInstanceName2 = getTestIgniteInstanceName(2);
            Ignite startGrid2 = startGrid(testIgniteInstanceName2, getConfiguration(testIgniteInstanceName2, dfltPermsMap));
            Throwable th2 = null;
            try {
                try {
                    assertEquals(2, startGrid.cluster().nodes().size());
                    assertEquals(2, startGrid2.cluster().nodes().size());
                    if (startGrid2 != null) {
                        if (0 != 0) {
                            try {
                                startGrid2.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            startGrid2.close();
                        }
                    }
                    if (startGrid != null) {
                        if (0 == 0) {
                            startGrid.close();
                            return;
                        }
                        try {
                            startGrid.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (startGrid2 != null) {
                    if (th2 != null) {
                        try {
                            startGrid2.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        startGrid2.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (startGrid != null) {
                if (0 != 0) {
                    try {
                        startGrid.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    startGrid.close();
                }
            }
            throw th8;
        }
    }

    @Test
    public void testDifferentPermissionsAuthorization() throws Exception {
        Ignite start = G.start(getConfiguration(getTestIgniteInstanceName(1), dfltPermsMap));
        Throwable th = null;
        try {
            HashMap hashMap = new HashMap();
            hashMap.put(new SecurityCredentials("gridgain", "gridgain"), "{defaultAllow:false,{system:[ADMIN_VIEW, ADMIN_QUERY, ADMIN_CACHE]}}");
            try {
                Ignite start2 = G.start(getConfiguration(getTestIgniteInstanceName(2), hashMap));
                Throwable th2 = null;
                try {
                    try {
                        fail("No security exception was thrown during authorization of remote node with different permissions");
                        if (start2 != null) {
                            if (0 != 0) {
                                try {
                                    start2.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                start2.close();
                            }
                        }
                    } catch (Throwable th4) {
                        th2 = th4;
                        throw th4;
                    }
                } catch (Throwable th5) {
                    if (start2 != null) {
                        if (th2 != null) {
                            try {
                                start2.close();
                            } catch (Throwable th6) {
                                th2.addSuppressed(th6);
                            }
                        } else {
                            start2.close();
                        }
                    }
                    throw th5;
                }
            } catch (IgniteException e) {
                assertTrue(X.cause(e, IgniteSpiException.class).getMessage().startsWith(GridDifferentCredentialSelfTest.ERR_MSG));
            }
            if (start != null) {
                if (0 == 0) {
                    start.close();
                    return;
                }
                try {
                    start.close();
                } catch (Throwable th7) {
                    th.addSuppressed(th7);
                }
            }
        } catch (Throwable th8) {
            if (start != null) {
                if (0 != 0) {
                    try {
                        start.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    start.close();
                }
            }
            throw th8;
        }
    }

    private IgniteConfiguration getConfiguration(String str, Map<SecurityCredentials, String> map) throws Exception {
        IgniteConfiguration igniteConfiguration = new IgniteConfiguration();
        TcpDiscoverySpi tcpDiscoverySpi = new TcpDiscoverySpi();
        tcpDiscoverySpi.setIpFinder(IP_FINDER);
        igniteConfiguration.setDiscoverySpi(tcpDiscoverySpi);
        igniteConfiguration.setIgniteInstanceName(str);
        SecurityCredentialsBasicProvider securityCredentialsBasicProvider = new SecurityCredentialsBasicProvider(new SecurityCredentials("gridgain", "gridgain"));
        Authenticator authenticator = authenticator(map);
        PluginConfiguration gridGainConfiguration = new GridGainConfiguration();
        gridGainConfiguration.setAuthenticator(authenticator);
        gridGainConfiguration.setSecurityCredentialsProvider(securityCredentialsBasicProvider);
        igniteConfiguration.setPluginConfigurations(new PluginConfiguration[]{gridGainConfiguration});
        return igniteConfiguration;
    }

    protected Authenticator authenticator(Map<SecurityCredentials, String> map) throws IgniteCheckedException {
        PasscodeAuthenticator passcodeAuthenticator = new PasscodeAuthenticator();
        passcodeAuthenticator.setAclProvider(new AuthenticationAclBasicProvider(map));
        return passcodeAuthenticator;
    }

    static {
        dfltPermsMap.put(new SecurityCredentials("gridgain", "gridgain"), "{defaultAllow:false,{cache:'*',permissions:[CACHE_PUT, CACHE_REMOVE, CACHE_READ]},{system:[ADMIN_VIEW, ADMIN_QUERY, ADMIN_CACHE, JOIN_AS_SERVER, CACHE_CREATE]}}");
    }
}
