package com.cloudera.cmf.service.hdfs;

import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.model.Enums;
import com.cloudera.cmf.service.HadoopSSLParams;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.ServiceHandlerRegistry;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.cmf.service.ValidationContext;
import com.cloudera.cmf.service.config.BooleanParamSpec;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.config.PortNumberParamSpec;
import com.cloudera.cmf.service.config.StringEnumParamSpec;
import com.cloudera.cmf.service.hdfs.DataNodeRoleHandler;
import com.cloudera.cmf.service.hdfs.HdfsParams;
import com.cloudera.cmf.version.CdhReleases;
import com.cloudera.cmf.version.Release;
import com.cloudera.enterprise.I18nKey;
import com.cloudera.enterprise.I18nKeyTestHelper;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.server.cmf.MockBaseTest;
import com.cloudera.server.cmf.MockTestCluster;
import com.google.common.collect.ImmutableSet;
import java.util.Set;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:com/cloudera/cmf/service/hdfs/DataNodePortsAndSecurityValidatorTest.class */
public class DataNodePortsAndSecurityValidatorTest extends MockBaseTest {
    ValidationContext validationContext;
    DbService service;
    DbRole role;
    private static final Set<MessageWithArgs> EMPTY_SET = ImmutableSet.of();
    private static final Set<MessageWithArgs> CONFIG_ERROR = ImmutableSet.of(MessageWithArgs.of(DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.CONFIG_INVALID, new String[0]));
    private static final Set<MessageWithArgs> CONFIG_WARNING = ImmutableSet.of(MessageWithArgs.of(DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.CONFIG_VALID_BUT_NOT_RECOMMENDED, new String[0]));
    private static final MessageWithArgs TX_PORT_ERROR = MessageWithArgs.of(DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.TX_PORT_NOT_PRIVILEGED, new String[0]);
    private static final MessageWithArgs HTTP_PORT_ERROR = MessageWithArgs.of(DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.HTTP_PORT_NOT_PRIVILEGED, new String[0]);
    private static final MessageWithArgs HTTPS_PORT_ERROR = MessageWithArgs.of(DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.HTTPS_PORT_PRIVILEGED, new String[0]);
    private static final DataNodeRoleHandler.DataNodePortsAndSecurityValidator validator = new DataNodeRoleHandler.DataNodePortsAndSecurityValidator();

    public void setupTest(Release release) {
        MockTestCluster build = MockTestCluster.builder(this).cdhVersion(release).services("HDFS").roles("hdfs1", "host1", MockTestCluster.DN_RT).build();
        this.service = build.getService("hdfs1");
        this.role = build.getRole("hdfs1", "host1", MockTestCluster.DN_RT);
        this.validationContext = (ValidationContext) Mockito.mock(ValidationContext.class);
        Mockito.when(this.validationContext.getLevel()).thenReturn(Enums.ConfigScope.ROLE);
        Mockito.when(this.validationContext.getService()).thenReturn(this.service);
        Mockito.when(this.validationContext.getRole()).thenReturn(this.role);
    }

    @Test
    public void testNonSecure52Plus() {
        setupTest(CdhReleases.LATEST_CDH_RELEASE);
        mockConfigs("simple", null, false, 20001L, 20002L);
        Assert.assertEquals(0L, validator.validate((ServiceHandlerRegistry) null, this.validationContext).size());
    }

    @Test
    public void testNonSecure51() {
        setupTest(CdhReleases.OLDEST_SUPPORTED_CDH_RELEASE);
        mockConfigs("simple", null, false, 20001L, 20002L);
        Assert.assertEquals(0L, validator.validate((ServiceHandlerRegistry) null, this.validationContext).size());
    }

    @Test
    public void testSecure52Plus() {
        setupTest(CdhReleases.LATEST_CDH_RELEASE);
        mockConfigs("kerberos", null, false, 20001L, 20002L);
        verifyValidation(EMPTY_SET, CONFIG_ERROR);
        mockConfigs("kerberos", null, true, 1011L, 20002L);
        verifyValidation(CONFIG_WARNING, EMPTY_SET);
        mockConfigs("kerberos", null, false, 1011L, 1012L);
        verifyValidation(EMPTY_SET, EMPTY_SET);
        mockConfigs("kerberos", HdfsParams.DfsDataTransferProtection.AUTHENTICATION, true, 20001L, 20002L);
        verifyValidation(EMPTY_SET, EMPTY_SET);
        mockConfigs("kerberos", HdfsParams.DfsDataTransferProtection.AUTHENTICATION, false, 20001L, 20002L);
        verifyValidation(EMPTY_SET, CONFIG_ERROR);
        mockConfigs("kerberos", HdfsParams.DfsDataTransferProtection.AUTHENTICATION, true, 20001L, 1012L);
        verifyValidation(EMPTY_SET, CONFIG_ERROR);
        mockConfigs("kerberos", HdfsParams.DfsDataTransferProtection.AUTHENTICATION, true, 1011L, 20002L);
        verifyValidation(EMPTY_SET, CONFIG_ERROR);
        mockConfigs("kerberos", HdfsParams.DfsDataTransferProtection.AUTHENTICATION, false, 1011L, 1012L);
        verifyValidation(EMPTY_SET, CONFIG_ERROR);
    }

    @Test
    public void testI18nKeys() {
        for (I18nKey i18nKey : DataNodeRoleHandler.DataNodePortsAndSecurityValidator.I18nKeys.values()) {
            I18nKeyTestHelper.t(i18nKey);
        }
    }

    private void mockConfigs(String str, HdfsParams.DfsDataTransferProtection dfsDataTransferProtection, Boolean bool, Long l, Long l2) {
        createConfigIfSupported(this.service, (ParamSpec<StringEnumParamSpec>) SecurityParams.SECURE_AUTHENTICATION, (StringEnumParamSpec) str);
        createConfigIfSupported(this.service, (ParamSpec<BooleanParamSpec>) HadoopSSLParams.CORE_HADOOP_SSL_ENABLED, (BooleanParamSpec) bool);
        if (dfsDataTransferProtection != null) {
            createConfigIfSupported(this.service, (ParamSpec<ParamSpec>) HdfsParams.DFS_DATA_TRANSFER_PROTECTION, (ParamSpec) dfsDataTransferProtection);
        }
        createConfigIfSupported(this.role, (ParamSpec<PortNumberParamSpec>) HdfsParams.DATANODE_TRANSCEIVER_PORT, (PortNumberParamSpec) l);
        createConfigIfSupported(this.role, (ParamSpec<PortNumberParamSpec>) (bool.booleanValue() ? HdfsParams.DATANODE_HTTPS_PORT : HdfsParams.DATANODE_WEB_PORT), (PortNumberParamSpec) l2);
    }

    private <T> void createConfigIfSupported(DbService dbService, ParamSpec<T> paramSpec, T t) {
        if (paramSpec.supportsVersion(dbService.getServiceVersion())) {
            createConfig(dbService, (ParamSpec<ParamSpec<T>>) paramSpec, (ParamSpec<T>) t);
        }
    }

    private <T> void createConfigIfSupported(DbRole dbRole, ParamSpec<T> paramSpec, T t) {
        if (paramSpec.supportsVersion(dbRole.getService().getServiceVersion())) {
            createConfig(dbRole, (ParamSpec<ParamSpec<T>>) paramSpec, (ParamSpec<T>) t);
        }
    }

    private void verifyValidation(Set<MessageWithArgs> set, Set<MessageWithArgs> set2) {
        TestUtils.verifyValidations(this.validationContext, validator, shr, EMPTY_SET, set, set2);
    }
}
