package com.cloudera.cmf.service;

import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.service.config.BooleanParamSpec;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.config.PasswordParamSpec;
import com.cloudera.cmf.service.config.ServiceConnectorParamSpec;
import com.cloudera.cmf.service.config.StringEnumParamSpec;
import com.cloudera.cmf.service.config.StringParamSpec;
import com.cloudera.cmf.service.hbase.HbaseParams;
import com.cloudera.cmf.service.mapreduce.MapReduceParams;
import com.cloudera.cmf.service.yarn.YarnParams;
import com.cloudera.cmf.version.CdhReleases;
import com.cloudera.cmf.version.Release;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.server.cmf.Authentication;
import com.cloudera.server.cmf.MockBaseTest;
import com.cloudera.server.cmf.MockTestCluster;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/HadoopSSLValidatorTest.class */
public class HadoopSSLValidatorTest extends MockBaseTest {
    private static final String HDFS_SERVICE_TYPE = "HDFS";
    private static final String MR1_SERVICE_TYPE = "MAPREDUCE";
    private static final String YARN_SERVICE_TYPE = "YARN";
    private static final String HBASE_SERVICE_TYPE = "HBASE";
    private static final HadoopSSLValidator VALIDATOR = new HadoopSSLValidator();
    private static final HadoopSSLValidator HBASE_VALIDATOR = new HadoopSSLValidator(HbaseParams.HBASE_SECURE_WEB_UI);
    private static final Set<MessageWithArgs> EMPTY_MESSAGE_SET = ImmutableSet.of();
    private static final Set<StringParamSpec> EMPTY_PARAM_SET = ImmutableSet.of();
    private static final Set<StringParamSpec> CORE_PARAMS_SET = ImmutableSet.copyOf(HadoopSSLValidator.CORE_REQUIRED_SSL_SERVICE_PARAMS);
    private static final Set<StringParamSpec> HDFS_PARAMS_SET = CORE_PARAMS_SET;
    private static final Set<StringParamSpec> HBASE_PARAMS_SET = ImmutableSet.copyOf(HadoopSSLValidator.HBASE_REQUIRED_SSL_SERVICE_PARAMS);
    private static final Set<StringParamSpec> ALL_PARAMS_SET = ImmutableSet.builder().addAll(CORE_PARAMS_SET).addAll(HBASE_PARAMS_SET).build();
    private static final Map<String, BooleanParamSpec> ENABLED_PARAM_MAP = ImmutableMap.of("HDFS", HadoopSSLParams.CORE_HADOOP_SSL_ENABLED, "MAPREDUCE", HadoopSSLParams.CORE_HADOOP_SSL_ENABLED, "YARN", HadoopSSLParams.CORE_HADOOP_SSL_ENABLED, "HBASE", HadoopSSLParams.HBASE_HADOOP_SSL_ENABLED);

    @Test
    public void testSSLConfiguredKerberizedSecureWebUIEnabled() {
        testUniformSetup(true, true, true, true);
        testUniformSetup(true, false, true, true);
    }

    @Test
    public void testSSLConfiguredKerberizedSecureWebUIDisabled() {
        testUniformSetup(true, true, true, false);
        testUniformSetupCDH7(true, true, true, false);
        testUniformSetup(true, false, true, false);
        testUniformSetupCDH7(true, false, true, false);
    }

    @Test
    public void testSSLConfiguredNonKerberizedSecureWebUIEnabled() {
        testUniformSetup(true, true, false, true);
        testUniformSetup(true, false, false, true);
    }

    @Test
    public void testSSLNotConfiguredKerberizedSecureWebEnabled() {
        testUniformSetup(false, false, true, true);
        testUniformSetup(false, true, true, true);
    }

    @Test
    public void testSSLNotConfiguredNonKerberizedSecureWebUIDisabled() {
        testUniformSetup(false, false, false, false);
        testUniformSetupCDH7(false, false, false, false);
        testUniformSetup(false, true, false, false);
        testUniformSetupCDH7(false, true, false, false);
    }

    @Test
    public void testHbaseHdfsIndependence() {
        DbCluster dbCluster = setupCluster(true, true, true);
        createConfig(findService(dbCluster, "MAPREDUCE"), (ParamSpec<PasswordParamSpec>) HadoopSSLParams.CORE_SSL_SERVER_KEYSTORE_KEYPASSWORD, (PasswordParamSpec) "   ");
        createConfig(findService(dbCluster, "HBASE"), (ParamSpec<PasswordParamSpec>) HadoopSSLParams.HBASE_SSL_SERVER_KEYSTORE_KEYPASSWORD, (PasswordParamSpec) "   ");
        setSSLEnabled(dbCluster, "HDFS", true);
        testValidation(dbCluster, "MAPREDUCE", false, false, ImmutableSet.of(HadoopSSLParams.CORE_SSL_SERVER_KEYSTORE_KEYPASSWORD));
        testValidation(dbCluster, "HBASE", false, false, EMPTY_PARAM_SET);
        setSSLEnabled(dbCluster, "HDFS", false);
        setSSLEnabled(dbCluster, "HBASE", true);
        testValidation(dbCluster, "MAPREDUCE", false, false, EMPTY_PARAM_SET);
        testValidation(dbCluster, "HBASE", false, false, ImmutableSet.of(HadoopSSLParams.HBASE_SSL_SERVER_KEYSTORE_KEYPASSWORD));
    }

    @Test
    public void testSecureWebUIEnabledByService() {
        DbCluster dbCluster = setupCluster(true, true, false);
        setSSLEnabled(dbCluster, "HDFS", true);
        setSSLEnabled(dbCluster, "HBASE", true);
        testValidation(dbCluster, "HDFS", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "MAPREDUCE", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "YARN", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "HBASE", false, false, EMPTY_PARAM_SET);
        createConfig(findService(dbCluster, "YARN"), (ParamSpec<BooleanParamSpec>) SecurityParams.SECURE_WEB_UI, (BooleanParamSpec) true);
        testValidation(dbCluster, "HDFS", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "MAPREDUCE", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "YARN", false, false, EMPTY_PARAM_SET);
        testValidation(dbCluster, "HBASE", false, false, EMPTY_PARAM_SET);
        createConfig(findService(dbCluster, "HBASE"), (ParamSpec<BooleanParamSpec>) HbaseParams.HBASE_SECURE_WEB_UI, (BooleanParamSpec) true);
        testValidation(dbCluster, "HDFS", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "MAPREDUCE", false, true, EMPTY_PARAM_SET);
        testValidation(dbCluster, "YARN", false, false, EMPTY_PARAM_SET);
        testValidation(dbCluster, "HBASE", false, false, EMPTY_PARAM_SET);
    }

    @Test
    public void testSecureWebUIEnabledByServiceCDH7() {
        DbCluster dbCluster = setupVersionedCluster(true, true, false, CdhReleases.CDH7_1_1);
        setSSLEnabled(dbCluster, "HDFS", true);
        setSSLEnabled(dbCluster, "HBASE", true);
        testValidation(dbCluster, "HBASE", false, true, EMPTY_PARAM_SET);
        createConfig(findService(dbCluster, "HBASE"), (ParamSpec<BooleanParamSpec>) HbaseParams.HBASE_SECURE_WEB_UI, (BooleanParamSpec) true);
        testValidation(dbCluster, "HBASE", false, false, EMPTY_PARAM_SET);
    }

    @Test
    public void testUnsupportedServiceValidation() {
        DbCluster createCluster = createCluster((Long) 1L, "cluster", CdhReleases.CDH5_0_0);
        createService(2L, "hive1", MockTestCluster.HIVE_ST, createCluster);
        testValidation(createCluster, MockTestCluster.HIVE_ST, false, false, EMPTY_PARAM_SET);
    }

    private void testUniformSetup(boolean z, boolean z2, boolean z3, boolean z4) {
        DbCluster dbCluster = setupCluster(z, z3, z4);
        setSSLEnabled(dbCluster, "HDFS", z2);
        setSSLEnabled(dbCluster, "HBASE", z2);
        boolean z5 = z2 && !z3;
        boolean z6 = z2 && !z4;
        boolean z7 = !z && z2;
        testValidation(dbCluster, "HDFS", z5, z6, z7 ? CORE_PARAMS_SET : EMPTY_PARAM_SET);
        testValidation(dbCluster, "MAPREDUCE", false, z6, z7 ? CORE_PARAMS_SET : EMPTY_PARAM_SET);
        testValidation(dbCluster, "YARN", false, z6, z7 ? CORE_PARAMS_SET : EMPTY_PARAM_SET);
        testValidation(dbCluster, "HBASE", z5, false, z7 ? HBASE_PARAMS_SET : EMPTY_PARAM_SET);
    }

    private void testUniformSetupCDH7(boolean z, boolean z2, boolean z3, boolean z4) {
        DbCluster dbCluster = setupVersionedCluster(z, z3, z4, CdhReleases.CDH7_1_1);
        setSSLEnabled(dbCluster, "HBASE", z2);
        testValidation(dbCluster, "HBASE", z2 && !z3, z2 && !z4, !z && z2 ? HBASE_PARAMS_SET : EMPTY_PARAM_SET);
    }

    private DbCluster setupCluster(boolean z, boolean z2, boolean z3) {
        return setupVersionedCluster(z, z2, z3, CdhReleases.CDH5_0_0);
    }

    private DbCluster setupVersionedCluster(boolean z, boolean z2, boolean z3, Release release) {
        DbCluster createCluster = createCluster((Long) 1L, "cluster", release);
        DbService createService = createService(2L, "hdfs1", "HDFS", createCluster);
        DbService createService2 = createService(4L, "yarn1", "YARN", createCluster);
        DbService createService3 = createService(5L, "hbase", "HBASE", createCluster);
        if (release.equals(CdhReleases.CDH5_0_0)) {
            DbService createService4 = createService(3L, "mapreduce1", "MAPREDUCE", createCluster);
            createConfig(createService4, (ParamSpec<ServiceConnectorParamSpec>) MapReduceParams.DFS_CONNECTOR, (ServiceConnectorParamSpec) createService);
            if (z) {
                createSSLConfigs(createService4, CORE_PARAMS_SET);
            }
            if (z3) {
                createConfig(createService4, (ParamSpec<BooleanParamSpec>) SecurityParams.SECURE_WEB_UI, (BooleanParamSpec) true);
            }
        }
        createConfig(createService2, (ParamSpec<ServiceConnectorParamSpec>) YarnParams.DFS_CONNECTOR, (ServiceConnectorParamSpec) createService);
        createConfig(createService3, (ParamSpec<ServiceConnectorParamSpec>) HbaseParams.DFS_CONNECTOR, (ServiceConnectorParamSpec) createService);
        if (z) {
            createSSLConfigs(createService, HDFS_PARAMS_SET);
            createSSLConfigs(createService2, CORE_PARAMS_SET);
            createSSLConfigs(createService3, HBASE_PARAMS_SET);
        }
        if (z2) {
            createConfig(createService, (ParamSpec<StringEnumParamSpec>) SecurityParams.SECURE_AUTHENTICATION, (StringEnumParamSpec) Authentication.AUTHENTICATION_TYPES.kerberos.name());
        }
        if (z3) {
            createConfig(createService, (ParamSpec<BooleanParamSpec>) SecurityParams.SECURE_WEB_UI, (BooleanParamSpec) true);
            createConfig(createService2, (ParamSpec<BooleanParamSpec>) SecurityParams.SECURE_WEB_UI, (BooleanParamSpec) true);
            createConfig(createService3, (ParamSpec<BooleanParamSpec>) SecurityParams.SECURE_WEB_UI, (BooleanParamSpec) true);
        }
        return createCluster;
    }

    private void createSSLConfigs(DbService dbService, Set<StringParamSpec> set) {
        for (StringParamSpec stringParamSpec : set) {
            createConfig(dbService, (ParamSpec<StringParamSpec>) stringParamSpec, (StringParamSpec) String.format("/%s/%s", dbService.getServiceType(), stringParamSpec.getTemplateName()));
        }
    }

    private void setSSLEnabled(DbCluster dbCluster, String str, boolean z) {
        BooleanParamSpec booleanParamSpec = ENABLED_PARAM_MAP.get(str);
        Assert.assertNotNull(booleanParamSpec);
        createConfig(findService(dbCluster, str), (ParamSpec<BooleanParamSpec>) booleanParamSpec, (BooleanParamSpec) Boolean.valueOf(z));
    }

    private void testValidation(DbCluster dbCluster, String str, boolean z, boolean z2, Set<? extends StringParamSpec> set) {
        ValidationContext of = ValidationContext.of(findService(dbCluster, str));
        HashSet newHashSet = Sets.newHashSet();
        for (StringParamSpec stringParamSpec : set) {
            newHashSet.add(ALL_PARAMS_SET.contains(stringParamSpec) ? HadoopSSLValidator.makeConfigRequiredErrorMessage(stringParamSpec) : HadoopSSLValidator.makeTruststoreConfigMissingErrorMessage(stringParamSpec));
        }
        HashSet newHashSet2 = Sets.newHashSet();
        if (z) {
            newHashSet2.add(HadoopSSLValidator.makeKerberosWarningMessage());
        }
        if (z2) {
            newHashSet2.add(HadoopSSLValidator.makeSecureWebUIWarningMessage());
        }
        TestUtils.verifyValidations(of, str.equals("HBASE") ? HBASE_VALIDATOR : VALIDATOR, shr, EMPTY_MESSAGE_SET, newHashSet2, newHashSet);
    }

    private DbService findService(DbCluster dbCluster, String str) {
        List findServicesInClusterByType = this.em.findServicesInClusterByType(dbCluster, str);
        Assert.assertEquals(findServicesInClusterByType.size(), 1L);
        return (DbService) findServicesInClusterByType.get(0);
    }
}
