package com.cloudera.cmf.service.config;

import com.cloudera.cmf.model.DbConfigContainer;
import com.cloudera.cmf.model.DbHost;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbRoleConfigGroup;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.RoleHandler;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.cmf.service.hue.HueParams;
import com.cloudera.cmf.service.mgmt.MgmtParams;
import com.cloudera.server.cmf.AbstractBaseTest;
import com.cloudera.server.cmf.BaseTest;
import com.google.common.collect.Lists;
import java.util.List;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/config/MgmtProxyUserEvaluatorTest.class */
public class MgmtProxyUserEvaluatorTest extends BaseTest {
    private final MgmtProxyUserEvaluator eval = new MgmtProxyUserEvaluator();

    @BeforeClass
    public static void setUpServices() {
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{"createhost host1 host1 1.1.1.1 /default", "createcluster cluster1 5", "createservice hdfs1 HDFS cluster1", "createrole nn1 hdfs1 host1 NAMENODE", "createservice yarn1 YARN cluster1", "createconfig hdfs_service hdfs1 yarn1", "createservice oozie1 OOZIE cluster1", "createconfig mapreduce_yarn_service yarn1 oozie1", "createservice hue1 HUE cluster1", "createconfig oozie_service oozie1 hue1", "createservice mgmt1 MGMT", "createrole smon1 mgmt1 host1 SERVICEMONITOR", "createrole tp1 mgmt1 host1 TELEMETRYPUBLISHER"}));
    }

    @Test
    public void testUnsecureWithDiffPrincs() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.config.MgmtProxyUserEvaluatorTest.1
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, HueParams.HUE_KERBEROS_PRINC, "huefoo", cmfEntityManager.findServiceByName("hue1"), (DbRole) null, (DbRoleConfigGroup) null, (DbConfigContainer) null, (DbHost) null);
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                RoleHandler roleHandler = MgmtProxyUserEvaluatorTest.shr.getRoleHandler(findRoleByName);
                try {
                    Assert.assertTrue(MgmtProxyUserEvaluatorTest.this.eval.evaluateConfig(ConfigEvaluationContext.of(MgmtProxyUserEvaluatorTest.sdp, findRoleByName.getService(), findRoleByName, roleHandler, roleHandler.prepareConfiguration(findRoleByName))).isEmpty());
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        });
    }

    @Test
    public void testSecureWithSamePrincs() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.config.MgmtProxyUserEvaluatorTest.2
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, SecurityParams.SECURE_AUTHENTICATION, "kerberos", cmfEntityManager.findServiceByName("hdfs1"), (DbRole) null, (DbRoleConfigGroup) null, (DbConfigContainer) null, (DbHost) null);
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                RoleHandler roleHandler = MgmtProxyUserEvaluatorTest.shr.getRoleHandler(findRoleByName);
                try {
                    Assert.assertTrue(MgmtProxyUserEvaluatorTest.this.eval.evaluateConfig(ConfigEvaluationContext.of(MgmtProxyUserEvaluatorTest.sdp, findRoleByName.getService(), findRoleByName, roleHandler, roleHandler.prepareConfiguration(findRoleByName))).isEmpty());
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        });
    }

    @Test
    public void testSecureWithDiffPrincs() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.config.MgmtProxyUserEvaluatorTest.3
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, SecurityParams.SECURE_AUTHENTICATION, "kerberos", cmfEntityManager.findServiceByName("hdfs1"), (DbRole) null, (DbRoleConfigGroup) null, (DbConfigContainer) null, (DbHost) null);
                DbService findServiceByName = cmfEntityManager.findServiceByName("mgmt1");
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, MgmtParams.FIREHOSE_SERVICE_MONITOR_KERBEROS_PRINC, "smon", findServiceByName, (DbRole) null, findServiceByName.getBaseRoleConfigGroup("SERVICEMONITOR"), (DbConfigContainer) null, (DbHost) null);
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                RoleHandler roleHandler = MgmtProxyUserEvaluatorTest.shr.getRoleHandler(findRoleByName);
                try {
                    List evaluateConfig = MgmtProxyUserEvaluatorTest.this.eval.evaluateConfig(ConfigEvaluationContext.of(MgmtProxyUserEvaluatorTest.sdp, findRoleByName.getService(), findRoleByName, roleHandler, roleHandler.prepareConfiguration(findRoleByName)));
                    Assert.assertEquals(2L, evaluateConfig.size());
                    Assert.assertEquals("hadoop.proxyuser.smon.hosts", ((EvaluatedConfig) evaluateConfig.get(0)).getName());
                    Assert.assertEquals("hadoop.proxyuser.smon.groups", ((EvaluatedConfig) evaluateConfig.get(1)).getName());
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        });
    }

    @Test
    public void testSecureWithDiffPrincsTP() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.config.MgmtProxyUserEvaluatorTest.4
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, SecurityParams.SECURE_AUTHENTICATION, "kerberos", cmfEntityManager.findServiceByName("hdfs1"), (DbRole) null, (DbRoleConfigGroup) null, (DbConfigContainer) null, (DbHost) null);
                DbService findServiceByName = cmfEntityManager.findServiceByName("mgmt1");
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, MgmtParams.TELEMETRYPUBLISHER_KERBEROS_PRINC, "tp", findServiceByName, (DbRole) null, findServiceByName.getBaseRoleConfigGroup("TELEMETRYPUBLISHER"), (DbConfigContainer) null, (DbHost) null);
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                RoleHandler roleHandler = MgmtProxyUserEvaluatorTest.shr.getRoleHandler(findRoleByName);
                try {
                    List evaluateConfig = MgmtProxyUserEvaluatorTest.this.eval.evaluateConfig(ConfigEvaluationContext.of(MgmtProxyUserEvaluatorTest.sdp, findRoleByName.getService(), findRoleByName, roleHandler, roleHandler.prepareConfiguration(findRoleByName)));
                    Assert.assertEquals(2L, evaluateConfig.size());
                    Assert.assertEquals("hadoop.proxyuser.tp.hosts", ((EvaluatedConfig) evaluateConfig.get(0)).getName());
                    Assert.assertEquals("hadoop.proxyuser.tp.groups", ((EvaluatedConfig) evaluateConfig.get(1)).getName());
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        });
    }

    @Test
    public void testSecureWithDiffPrincsAll() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.config.MgmtProxyUserEvaluatorTest.5
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, SecurityParams.SECURE_AUTHENTICATION, "kerberos", cmfEntityManager.findServiceByName("hdfs1"), (DbRole) null, (DbRoleConfigGroup) null, (DbConfigContainer) null, (DbHost) null);
                DbService findServiceByName = cmfEntityManager.findServiceByName("mgmt1");
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, MgmtParams.FIREHOSE_SERVICE_MONITOR_KERBEROS_PRINC, "smon", findServiceByName, (DbRole) null, findServiceByName.getBaseRoleConfigGroup("SERVICEMONITOR"), (DbConfigContainer) null, (DbHost) null);
                MgmtProxyUserEvaluatorTest.om.setConfig(cmfEntityManager, MgmtParams.TELEMETRYPUBLISHER_KERBEROS_PRINC, "tp", findServiceByName, (DbRole) null, findServiceByName.getBaseRoleConfigGroup("TELEMETRYPUBLISHER"), (DbConfigContainer) null, (DbHost) null);
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                RoleHandler roleHandler = MgmtProxyUserEvaluatorTest.shr.getRoleHandler(findRoleByName);
                try {
                    List evaluateConfig = MgmtProxyUserEvaluatorTest.this.eval.evaluateConfig(ConfigEvaluationContext.of(MgmtProxyUserEvaluatorTest.sdp, findRoleByName.getService(), findRoleByName, roleHandler, roleHandler.prepareConfiguration(findRoleByName)));
                    Assert.assertEquals(4L, evaluateConfig.size());
                    Assert.assertEquals("hadoop.proxyuser.smon.hosts", ((EvaluatedConfig) evaluateConfig.get(0)).getName());
                    Assert.assertEquals("hadoop.proxyuser.smon.groups", ((EvaluatedConfig) evaluateConfig.get(1)).getName());
                    Assert.assertEquals("hadoop.proxyuser.tp.hosts", ((EvaluatedConfig) evaluateConfig.get(2)).getName());
                    Assert.assertEquals("hadoop.proxyuser.tp.groups", ((EvaluatedConfig) evaluateConfig.get(3)).getName());
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        });
    }
}
