package com.cloudera.api.dao.impl;

import com.cloudera.api.DataView;
import com.cloudera.api.dao.AuthRoleManagerDao;
import com.cloudera.api.dao.ClouderaMasterServerDao;
import com.cloudera.api.dao.UserManagerDao;
import com.cloudera.api.model.ApiAuthRoleRef;
import com.cloudera.api.model.ApiConfig;
import com.cloudera.api.model.ApiConfigList;
import com.cloudera.api.model.ApiUser;
import com.cloudera.api.model.ApiUser2;
import com.cloudera.api.model.ApiUser2List;
import com.cloudera.api.model.ApiUserList;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.cmf.user.UserRole;
import com.cloudera.server.cmf.BaseTest;
import com.cloudera.server.cmf.components.CmServerState;
import com.google.common.base.Function;
import com.google.common.collect.Collections2;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.security.core.session.SessionRegistry;

/* loaded from: input_file:com/cloudera/api/dao/impl/UserManagerDaoTest.class */
public class UserManagerDaoTest extends BaseTest {
    private static final Function<String, UserRole> STRING_TO_USERROLE;
    private static UserManagerDao userManagerDao;
    private static AuthRoleManagerDao authRoleManagerDao;
    private static Set<String> USERNAMES;
    private static boolean PW_USER;
    private static boolean EXTERNAL_USER;
    static final /* synthetic */ boolean $assertionsDisabled;

    private static String internalName(String str) {
        return "__cloudera_internal_user__" + str;
    }

    @BeforeClass
    public static void userManagerDaoSetup() {
        ScmDAOFactory.getSingleton().initialize(sdp);
        userManagerDao = (UserManagerDao) new UserManagerDaoImpl(ScmDAOFactory.getSingleton(), currentUserMgr, (SessionRegistry) null, (CmServerState) null).createProxy(sdp);
        authRoleManagerDao = (AuthRoleManagerDao) new AuthRoleManagerDaoImpl(ScmDAOFactory.getSingleton(), currentUserMgr).createProxy(sdp);
        authRoleManagerDao.createBuiltInAuthRoles();
        ScmDAOFactory.getSingleton().newCmsManager().updateConfig(new ApiConfigList(Arrays.asList(new ApiConfig(ScmParams.AUTHOR_BACKEND.getTemplateName(), ScmParams.AuthorizationBackendOrder.EXTERNAL_ONLY.name()), new ApiConfig(ScmParams.AUTH_BACKEND_ORDER.getTemplateName(), ScmParams.AuthBackendOrder.EXTERNAL_ONLY_WITHOUT_DB_ADMINS.name()))), true, "unit-test");
        ArrayList newArrayList = Lists.newArrayList(new String[]{"moe", "larry", "curly"});
        newArrayList.add(internalName("laurel"));
        newArrayList.add(internalName("hardy"));
        ArrayList newArrayList2 = Lists.newArrayList();
        Iterator it = newArrayList.iterator();
        while (it.hasNext()) {
            addUser(newArrayList2, (String) it.next(), ImmutableSet.of(UserRole.ROLE_ADMIN.name()), PW_USER);
        }
        addUser(newArrayList2, "nonadmin", ImmutableSet.of(UserRole.ROLE_USER.name()), PW_USER);
        addUser(newArrayList2, "readonly", ImmutableSet.of(UserRole.ROLE_USER.name()), PW_USER);
        addUser(newArrayList2, "emptyrole", ImmutableSet.of(), PW_USER);
        addUser(newArrayList2, "externalHarry", ImmutableSet.of(UserRole.ROLE_USER.name()), EXTERNAL_USER);
        userManagerDao.createUsers(new ApiUserList(newArrayList2));
    }

    private static void addUser(List<ApiUser> list, String str, Set<String> set, boolean z) {
        if (z) {
            ApiUser apiUser = new ApiUser();
            apiUser.setName(str);
            apiUser.setPassword("secret");
            apiUser.setRoles(set);
            apiUser.setPwLogin(Boolean.valueOf(z));
            list.add(apiUser);
            return;
        }
        CmfEntityManager cmfEntityManager = new CmfEntityManager(emf);
        try {
            cmfEntityManager.begin();
            om.assignUserRoles(cmfEntityManager, om.addUser(cmfEntityManager, str, "-", false), Sets.newHashSet(Collections2.transform(set, STRING_TO_USERROLE)));
            cmfEntityManager.commit();
            cmfEntityManager.close();
        } catch (Throwable th) {
            cmfEntityManager.close();
            throw th;
        }
    }

    private static void addUser2(List<ApiUser2> list, String str, Set<ApiAuthRoleRef> set, String str2, boolean z) {
        ApiUser2 apiUser2 = new ApiUser2();
        apiUser2.setName(str);
        apiUser2.setAuthRoles(set);
        apiUser2.setPassword(str2);
        apiUser2.setPwLogin(Boolean.valueOf(z));
        list.add(apiUser2);
    }

    private void addUser2ExpectFailure(List<ApiUser2> list, String str, Set<ApiAuthRoleRef> set, String str2, boolean z) {
        addUser2(list, str, set, str2, z);
        try {
            userManagerDao.createUsers2(new ApiUser2List(list));
            if ($assertionsDisabled) {
            } else {
                throw new AssertionError();
            }
        } catch (IllegalArgumentException | SecurityException e) {
        }
    }

    private Set<String> extractNames(ApiUserList apiUserList) {
        HashSet newHashSet = Sets.newHashSet();
        Iterator it = apiUserList.getUsers().iterator();
        while (it.hasNext()) {
            newHashSet.add(((ApiUser) it.next()).getName());
        }
        return newHashSet;
    }

    private void setCurrentUser(String str, UserRole userRole) {
        currentUserMgr.setUsername(str);
        currentUserMgr.setUserRole(userRole);
    }

    private void updateUser(String str, String str2, Set<String> set) {
        ApiUser user = userManagerDao.getUser(str);
        ApiUser apiUser = new ApiUser();
        apiUser.setName(str);
        apiUser.setPassword(str2 != null ? str2 : user.getPassword());
        apiUser.setRoles(set != null ? set : user.getRoles());
        userManagerDao.updateUser(str, apiUser);
    }

    private void updateUserExpectFailure(String str, String str2, Set<String> set) {
        try {
            updateUser(str, str2, set);
            if ($assertionsDisabled) {
            } else {
                throw new AssertionError();
            }
        } catch (IllegalArgumentException | SecurityException e) {
        }
    }

    @Test
    public void testListUsers() throws IOException {
        setCurrentUser("readonly", UserRole.ROLE_USER);
        Assert.assertEquals("Read unexpected users", ImmutableSet.of("readonly"), extractNames(userManagerDao.listUsers((DataView) null)));
        setCurrentUser("moe", UserRole.ROLE_ADMIN);
        ApiUserList listUsers = userManagerDao.listUsers((DataView) null);
        Assert.assertEquals("Failed to read created users", USERNAMES, extractNames(listUsers));
        for (ApiUser apiUser : listUsers.getUsers()) {
            Assert.assertNotNull(apiUser.getName());
            Assert.assertNotNull(apiUser.getRoles());
            Assert.assertFalse(apiUser.getRoles().isEmpty());
        }
    }

    @Test
    public void testUpdateUser() {
        setCurrentUser("nonadmin", UserRole.ROLE_USER);
        updateUser("nonadmin", "newpassword", null);
        updateUserExpectFailure("nonadmin", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        updateUserExpectFailure("moe", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        updateUserExpectFailure("emptyrole", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        setCurrentUser("moe", UserRole.ROLE_USER_ADMIN);
        updateUser("nonadmin", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        updateUserExpectFailure("larry", null, ImmutableSet.of(UserRole.ROLE_USER.name()));
        updateUserExpectFailure("nonadmin", null, ImmutableSet.of(UserRole.ROLE_ADMIN.name()));
        updateUserExpectFailure("externalHarry", null, ImmutableSet.of(UserRole.ROLE_ADMIN.name()));
        setCurrentUser("moe", UserRole.ROLE_ADMIN);
        updateUser("larry", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        updateUser("emptyrole", null, ImmutableSet.of(UserRole.ROLE_OPERATOR.name()));
        updateUserExpectFailure("externalHarry", null, ImmutableSet.of(UserRole.ROLE_ADMIN.name()));
    }

    @Test
    public void testValidateUserPassword() {
        ClouderaMasterServerDao newCmsManager = ScmDAOFactory.getSingleton().newCmsManager();
        ArrayList newArrayList = Lists.newArrayList();
        ArrayList newArrayList2 = Lists.newArrayList();
        ArrayList newArrayList3 = Lists.newArrayList();
        addUser2(newArrayList, "adam", ImmutableSet.of(), "a", true);
        userManagerDao.createUsers2(new ApiUser2List(newArrayList));
        updateUser("adam", "u", null);
        newCmsManager.updateConfig(new ApiConfigList(Arrays.asList(new ApiConfig(ScmParams.PASSWORD_MIN_LENGTH.getTemplateName(), "6"))), true, "unit-test");
        addUser2(newArrayList2, "clarkkent", ImmutableSet.of(), "superman", true);
        userManagerDao.createUsers2(new ApiUser2List(newArrayList2));
        updateUser("clarkkent", "password", null);
        newCmsManager.updateConfig(new ApiConfigList(Arrays.asList(new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_LETTERS.getTemplateName(), "2"), new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_DIGITS.getTemplateName(), "2"), new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_SPECIAL_CHARS.getTemplateName(), "2"))), true, "unit-test");
        addUser2ExpectFailure(newArrayList, "peter", ImmutableSet.of(), "spide", true);
        updateUserExpectFailure("adam", "venom", null);
        addUser2ExpectFailure(newArrayList, "bruce", ImmutableSet.of(), "batman1!!", true);
        updateUserExpectFailure("adam", "pass1!!", null);
        addUser2ExpectFailure(newArrayList, "diana", ImmutableSet.of(), "f123!!", true);
        updateUserExpectFailure("adam", "p123!!", null);
        addUser2ExpectFailure(newArrayList, "tony", ImmutableSet.of(), "stark12!", true);
        updateUserExpectFailure("adam", "pass12!", null);
        addUser2ExpectFailure(newArrayList, "tom", ImmutableSet.of(), "v12!!", true);
        updateUserExpectFailure("adam", "p12!!", null);
        addUser2(newArrayList3, "cmuser", ImmutableSet.of(), "PA12!@", true);
        userManagerDao.createUsers2(new ApiUser2List(newArrayList3));
        updateUser("cmuser", "pa12!@", null);
        newCmsManager.updateConfig(new ApiConfigList(Arrays.asList(new ApiConfig(ScmParams.PASSWORD_MIN_LENGTH.getTemplateName(), "0"), new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_LETTERS.getTemplateName(), "0"), new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_DIGITS.getTemplateName(), "0"), new ApiConfig(ScmParams.PASSWORD_MIN_NO_OF_SPECIAL_CHARS.getTemplateName(), "0"))), true, "unit-test");
    }

    @Test
    public void testDeleteUser() {
        setCurrentUser("nonadmin", UserRole.ROLE_USER);
        ArrayList newArrayList = Lists.newArrayList();
        addUser(newArrayList, "deleteme", ImmutableSet.of(UserRole.ROLE_USER.name()), PW_USER);
        userManagerDao.createUsers(new ApiUserList(newArrayList));
        try {
            userManagerDao.deleteUser("deleteme");
        } catch (SecurityException e) {
        }
        if (!$assertionsDisabled) {
            throw new AssertionError();
        }
        setCurrentUser("moe", UserRole.ROLE_ADMIN);
        userManagerDao.deleteUser("deleteme");
    }

    @Test
    public void testDefaultUser() {
        setCurrentUser("admin", UserRole.ROLE_ADMIN);
        ArrayList newArrayList = Lists.newArrayList();
        addUser(newArrayList, "default", ImmutableSet.of(), PW_USER);
        userManagerDao.createUsers(new ApiUserList(newArrayList));
        ApiUser user = userManagerDao.getUser("default");
        junit.framework.Assert.assertTrue(user.getName().equals("default"));
        junit.framework.Assert.assertTrue(user.getRoles().isEmpty());
        userManagerDao.deleteUser("default");
    }

    @Test
    public void testDefaultInternalUser() {
        setCurrentUser("admin", UserRole.ROLE_ADMIN);
        String concat = "__cloudera_internal_user__".concat("_12345");
        ArrayList newArrayList = Lists.newArrayList();
        addUser(newArrayList, concat, ImmutableSet.of(), PW_USER);
        userManagerDao.createUsers(new ApiUserList(newArrayList));
        ApiUser user = userManagerDao.getUser(concat);
        junit.framework.Assert.assertTrue(user.getName().equals(concat));
        junit.framework.Assert.assertTrue(user.getRoles().size() == 1);
        junit.framework.Assert.assertTrue(user.getRoles().contains(UserRole.ROLE_USER.name()));
        userManagerDao.deleteUser(concat);
    }

    @Test
    public void testListSessions() {
        setCurrentUser("admin", UserRole.ROLE_ADMIN);
        userManagerDao.getSessions();
        setCurrentUser("useradmin", UserRole.ROLE_USER_ADMIN);
        userManagerDao.getSessions();
        setCurrentUser("guest", UserRole.ROLE_USER);
        try {
            userManagerDao.getSessions();
            junit.framework.Assert.assertTrue(false);
        } catch (SecurityException e) {
        }
        setCurrentUser("bdradmin", UserRole.ROLE_BDR_ADMIN);
        try {
            userManagerDao.getSessions();
            junit.framework.Assert.assertTrue(false);
        } catch (SecurityException e2) {
        }
    }

    @Test
    public void testKillSessions() {
        setCurrentUser("admin", UserRole.ROLE_ADMIN);
        userManagerDao.expireSessions("moe");
        setCurrentUser("useradmin", UserRole.ROLE_USER_ADMIN);
        userManagerDao.expireSessions("larry");
        setCurrentUser("guest", UserRole.ROLE_USER);
        try {
            userManagerDao.expireSessions("guest");
            junit.framework.Assert.assertTrue(false);
        } catch (SecurityException e) {
        }
        setCurrentUser("bdradmin", UserRole.ROLE_BDR_ADMIN);
        try {
            userManagerDao.expireSessions("bdrAdmin");
            junit.framework.Assert.assertTrue(false);
        } catch (SecurityException e2) {
        }
    }

    static {
        $assertionsDisabled = !UserManagerDaoTest.class.desiredAssertionStatus();
        STRING_TO_USERROLE = new Function<String, UserRole>() { // from class: com.cloudera.api.dao.impl.UserManagerDaoTest.1
            public UserRole apply(String str) {
                return UserRole.valueOf(str);
            }
        };
        USERNAMES = ImmutableSet.of("moe", "nonadmin", "curly", "readonly", "emptyrole", "larry", new String[]{"externalHarry"});
        PW_USER = true;
        EXTERNAL_USER = false;
    }
}
