package com.cloudera.cmf.service.mgmt;

import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.AbstractServiceTest;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.cmf.service.Validation;
import com.cloudera.cmf.service.ValidationContext;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.mgmt.MgmtServiceHandler;
import com.cloudera.cmf.service.mgmt.NavMetaServerParams;
import com.cloudera.server.cmf.MockTestCluster;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/mgmt/NavMetaServerExternalAuthValidatorTest.class */
public class NavMetaServerExternalAuthValidatorTest extends AbstractServiceTest {
    private static final String MGMT_SERVICE_NAME = "mgmt1";

    @After
    public void tearDown() {
        cleanDatabase();
    }

    @Before
    public void setUp() {
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{TestUtils.createServiceString(MGMT_SERVICE_NAME, MockTestCluster.MGMT_ST), TestUtils.createHostString("host1", "host1", "127.0.0.1"), TestUtils.createRoleString("navms", MGMT_SERVICE_NAME, "host1", MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name())}));
    }

    @Test
    public void testDefaultConfig() {
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, Collections.emptyList());
    }

    @Test
    public void testCmOnly() {
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, Collections.emptyList());
    }

    @Test
    public void testLdapValidConfigs() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type LDAP mgmt1 navms", "createconfig nav_ldap_url ldap://test.ldap.server mgmt1 navms", "createconfig nav_ldap_bind_dn ldap_user mgmt1 navms", "createconfig nav_ldap_bind_pw password mgmt1 navms", "createconfig nav_ldap_dn_pattern ou=people mgmt1 navms", "createconfig nav_ldap_groups_search_filter (&(objectClass=groupOfNames)(cn=*{0}*)) mgmt1 navms"));
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, ImmutableList.of(Validation.ValidationState.CHECK));
    }

    @Test
    public void testLdapMissingConfigs() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type LDAP mgmt1 navms"));
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, Collections.nCopies(4, Validation.ValidationState.ERROR));
    }

    @Test
    public void testAdValidConfigs() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type ACTIVE_DIRECTORY mgmt1 navms", "createconfig nav_ldap_url ldap://test.ad.server mgmt1 navms", "createconfig nav_ldap_bind_dn ad_user mgmt1 navms", "createconfig nav_ldap_bind_pw password mgmt1 navms", "createconfig nav_nt_domain CLOUDERA mgmt1 navms"));
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, ImmutableList.of(Validation.ValidationState.CHECK));
    }

    @Test
    public void testAdMissingConfigs() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type ACTIVE_DIRECTORY mgmt1 navms"));
        validateState(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name(), NavMetaServerParams.AUTH_BACKEND_ORDER, Collections.nCopies(4, Validation.ValidationState.ERROR));
    }

    private void validateState(String str, ParamSpec<NavMetaServerParams.AuthBackendOrder> paramSpec, Collection<Validation.ValidationState> collection) {
        CmfEntityManager cmfEntityManager = new CmfEntityManager(emf);
        try {
            cmfEntityManager.beginForRollbackAndReadonly();
            DbRole singleRoleWithType = cmfEntityManager.findServiceByName(MGMT_SERVICE_NAME).getSingleRoleWithType(str);
            Collection validate = new NavMetaServerExternalAuthValidator(paramSpec).validate(shr, ValidationContext.of(singleRoleWithType));
            ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(validate.size());
            Iterator it = validate.iterator();
            while (it.hasNext()) {
                newArrayListWithCapacity.add(((Validation) it.next()).getState());
            }
            Assert.assertEquals(Lists.newArrayList(collection), newArrayListWithCapacity);
            cmfEntityManager.close();
        } catch (Throwable th) {
            cmfEntityManager.close();
            throw th;
        }
    }
}
