package com.cloudera.cmf.security;

import com.cloudera.cmf.cluster.ConfigureForKerberosCmdArgs;
import com.cloudera.cmf.command.flow.CmdStep;
import com.cloudera.cmf.command.flow.CmdWork;
import com.cloudera.cmf.command.flow.work.CreateRoleCmdWork;
import com.cloudera.cmf.command.flow.work.SetConfigCmdWork;
import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbHost;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.security.ConfigureForKerberosCommand;
import com.cloudera.cmf.service.DependencyUtils;
import com.cloudera.cmf.service.HadoopSSLParams;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.hbase.HbaseParams;
import com.cloudera.cmf.service.hdfs.HdfsParams;
import com.cloudera.cmf.service.hdfs.HdfsServiceHandler;
import com.cloudera.cmf.service.hue.HueServiceHandler;
import com.cloudera.cmf.service.solr.SolrParams;
import com.cloudera.cmf.service.upgrade.KeystoreIndexer70Test;
import com.cloudera.cmf.service.zookeeper.ZooKeeperParams;
import com.cloudera.cmf.version.CdhReleases;
import com.cloudera.enterprise.I18nKey;
import com.cloudera.enterprise.I18nKeyTestHelper;
import com.cloudera.server.cmf.MockBaseTest;
import com.cloudera.server.cmf.MockTestCluster;
import com.google.common.collect.ImmutableMap;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:com/cloudera/cmf/security/ConfigureForKerberosCommandTest.class */
public class ConfigureForKerberosCommandTest extends MockBaseTest {
    private DbCluster cluster;
    private static final long HDFS = 1;
    private static final long HBASE = 2;
    private static final long SOLR = 3;
    private static final long ZK = 4;
    private static final long HUE = 5;
    private static final long DN_RCG = 101;
    private static final String HUE_HOST = "hue_host";
    private static final String HUE_HOST2 = "hue_host2";

    private void setupCluster(boolean z, boolean z2) {
        deleteAllClusters();
        this.cluster = createCluster(Long.valueOf(HDFS), "cluster", CdhReleases.CDH5_6_0);
        DbService createService = createService(Long.valueOf(HDFS), "hdfs1", "HDFS", this.cluster);
        createService(Long.valueOf(HBASE), KeystoreIndexer70Test.HBASE, MockTestCluster.HBASE_ST, this.cluster);
        createService(Long.valueOf(SOLR), "solr1", MockTestCluster.SOLR_ST, this.cluster);
        createService(Long.valueOf(ZK), "zk1", MockTestCluster.ZK_ST, this.cluster);
        createGroup(Long.valueOf(DN_RCG), HdfsServiceHandler.RoleNames.DATANODE.name(), createService, true);
        DbService createService2 = createService(Long.valueOf(HUE), "hue1", MockTestCluster.HUE_ST, this.cluster);
        createRole(Long.valueOf(HDFS), HueServiceHandler.RoleNames.HUE_SERVER.name(), createHost(Long.valueOf(HDFS), HUE_HOST, HUE_HOST, this.cluster), createService2);
        DbHost createHost = createHost(Long.valueOf(HBASE), HUE_HOST2, HUE_HOST2, this.cluster);
        createRole(Long.valueOf(HBASE), HueServiceHandler.RoleNames.HUE_SERVER.name(), createHost, createService2);
        if (z) {
            createRole(Long.valueOf(SOLR), HueServiceHandler.RoleNames.KT_RENEWER.name(), createHost, createService2);
        }
        if (z2) {
            Mockito.when(createService.getServiceConfigsMap()).thenReturn(ImmutableMap.of(HadoopSSLParams.CORE_HADOOP_SSL_ENABLED.getTemplateName(), "true"));
            Assert.assertEquals(Boolean.valueOf(DependencyUtils.isDfsSslEnabled(createService, shr)), true);
        }
    }

    @Test
    public void testConstructWork() {
        checkConstructedWork(false, false, true);
    }

    @Test
    public void testConstructWorkWithKtRenwer() {
        checkConstructedWork(true, false, true);
    }

    @Test
    public void testConstructWorkSslEnabledPrivilegedPorts() {
        checkConstructedWork(false, true, true);
    }

    @Test
    public void testConstructWorkSslEnabledNonPrivilegedPorts() {
        checkConstructedWork(false, true, false);
    }

    private void checkConstructedWork(boolean z, boolean z2, boolean z3) {
        int i;
        setupCluster(z, z2);
        ConfigureForKerberosCommand configureForKerberosCommand = new ConfigureForKerberosCommand(sdp);
        ConfigureForKerberosCmdArgs configureForKerberosCmdArgs = new ConfigureForKerberosCmdArgs();
        configureForKerberosCmdArgs.setDatanodeTransceiverPort(z3 ? 1004L : 21004L);
        configureForKerberosCmdArgs.setDatanodeWebPort(z3 ? 1006L : 21006L);
        List works = ((CmdStep) configureForKerberosCommand.constructWork(this.cluster, configureForKerberosCmdArgs).getSteps().get(0)).getWork().getWorks();
        int i2 = 14;
        if (z) {
            i2 = 14 - 1;
        }
        if (z2 && !z3) {
            i2 += 3;
        }
        Assert.assertEquals(i2, works.size());
        int i3 = 0 + 1;
        checkSetConfigWork((CmdWork) works.get(0), Long.valueOf(HDFS), null, SecurityParams.SECURE_AUTHENTICATION, "kerberos");
        int i4 = i3 + 1;
        checkSetConfigWork((CmdWork) works.get(i3), Long.valueOf(HDFS), null, SecurityParams.SECURE_AUTHORIZATION, "true");
        int i5 = i4 + 1;
        checkSetConfigWork((CmdWork) works.get(i4), Long.valueOf(HDFS), null, SecurityParams.DFS_ENCRYPT_DATA_TRANSFER_ALGORITHM, "AES/CTR/NoPadding");
        int i6 = i5 + 1;
        checkSetConfigWork((CmdWork) works.get(i5), Long.valueOf(HBASE), null, HbaseParams.HBASE_SECURE_AUTHENTICATION, "kerberos");
        int i7 = i6 + 1;
        checkSetConfigWork((CmdWork) works.get(i6), Long.valueOf(HBASE), null, HbaseParams.HBASE_SECURE_AUTHORIZATION, "true");
        int i8 = i7 + 1;
        checkSetConfigWork((CmdWork) works.get(i7), Long.valueOf(HBASE), null, HbaseParams.HBASE_THRIFTSERVER_SECURE_AUTHENTICATION, "auth-conf");
        int i9 = i8 + 1;
        checkSetConfigWork((CmdWork) works.get(i8), Long.valueOf(SOLR), null, SolrParams.SOLR_SECURE_AUTHENTICATION, "kerberos");
        int i10 = i9 + 1;
        checkSetConfigWork((CmdWork) works.get(i9), Long.valueOf(ZK), null, ZooKeeperParams.ZOOKEEPER_ENABLE_SECURITY, "true");
        int i11 = i10 + 1;
        checkSetConfigWork((CmdWork) works.get(i10), null, Long.valueOf(DN_RCG), HdfsParams.DATANODE_TRANSCEIVER_PORT, z3 ? "1004" : "21004");
        if (z3) {
            i = i11 + 1;
            checkSetConfigWork((CmdWork) works.get(i11), null, Long.valueOf(DN_RCG), HdfsParams.DATANODE_WEB_PORT, "1006");
        } else {
            i = i11 + 1;
            checkSetConfigWork((CmdWork) works.get(i11), null, Long.valueOf(DN_RCG), HdfsParams.DATANODE_HTTPS_PORT, "21006");
        }
        int i12 = i;
        int i13 = i + 1;
        checkSetConfigWork((CmdWork) works.get(i12), null, Long.valueOf(DN_RCG), HdfsParams.DFS_DATANODE_DATA_DIR_PERM, "700");
        if (z2 && !z3) {
            int i14 = i13 + 1;
            checkSetConfigWork((CmdWork) works.get(i13), Long.valueOf(HDFS), null, HdfsParams.DFS_DATA_TRANSFER_PROTECTION, "privacy");
            int i15 = i14 + 1;
            checkSetConfigWork((CmdWork) works.get(i14), Long.valueOf(HDFS), null, SecurityParams.DFS_ENCRYPT_DATA_TRANSFER_ENABLE, "true");
            i13 = i15 + 1;
            checkSetConfigWork((CmdWork) works.get(i15), Long.valueOf(HDFS), null, SecurityParams.RPC_PROTECTION, "privacy");
        }
        int i16 = i13;
        int i17 = i13 + 1;
        checkSetConfigWork((CmdWork) works.get(i16), Long.valueOf(HDFS), null, SecurityParams.SECURE_WEB_UI, "true");
        int i18 = i17 + 1;
        CreateRoleCmdWork createRoleCmdWork = (CreateRoleCmdWork) works.get(i17);
        Assert.assertEquals(HUE_HOST, createRoleCmdWork.getHostId());
        Assert.assertEquals(HueServiceHandler.RoleNames.KT_RENEWER.name(), createRoleCmdWork.getRoleType());
        if (!z) {
            i18++;
            CreateRoleCmdWork createRoleCmdWork2 = (CreateRoleCmdWork) works.get(i18);
            Assert.assertEquals(HUE_HOST2, createRoleCmdWork2.getHostId());
            Assert.assertEquals(HueServiceHandler.RoleNames.KT_RENEWER.name(), createRoleCmdWork2.getRoleType());
        }
        Assert.assertEquals(i18, works.size());
    }

    @Test
    public void testAvailability() {
        setupCluster(false, false);
        Assert.assertNull(new ConfigureForKerberosCommand(sdp).checkAvailabilityImpl(this.cluster));
    }

    @Test
    public void testI18nKeys() {
        for (I18nKey i18nKey : ConfigureForKerberosCommand.I18nKeys.values()) {
            I18nKeyTestHelper.t(i18nKey);
        }
    }

    private void checkSetConfigWork(CmdWork cmdWork, Long l, Long l2, ParamSpec<?> paramSpec, String str) {
        SetConfigCmdWork setConfigCmdWork = (SetConfigCmdWork) cmdWork;
        Assert.assertEquals(l, setConfigCmdWork.getServiceId());
        Assert.assertEquals(l2, setConfigCmdWork.getRcgId());
        Assert.assertEquals(paramSpec.getTemplateName(), setConfigCmdWork.getTemplateName());
        Assert.assertEquals(str, setConfigCmdWork.getValue());
    }
}
