package com.cloudera.cmf.service.objectstore.s3;

import com.cloudera.cmf.model.DbExternalAccount;
import com.cloudera.cmf.model.DbExternalAccountType;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.service.ObjectStoreUtils;
import com.cloudera.cmf.service.config.EnumParamSpec;
import com.cloudera.cmf.service.config.ExternalAccountParamSpec;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.objectstore.KeyDistributionPolicy;
import com.cloudera.cmf.service.objectstore.ObjectStoreConnector;
import com.cloudera.cmf.service.objectstore.ObjectStoreMetadata;
import com.cloudera.cmf.version.Release;
import com.cloudera.server.cmf.MockBaseTest;
import com.cloudera.server.cmf.MockTestCluster;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/objectstore/s3/S3ObjectStoreConnectorTest.class */
public class S3ObjectStoreConnectorTest extends MockBaseTest {
    private MockTestCluster makeCluster(Release release) {
        return MockTestCluster.builder(this).cdhVersion(release).services("HDFS", MockTestCluster.S3_ST).build();
    }

    @Test
    public void testConnectorPresent() {
        Assert.assertNotNull(ObjectStoreUtils.getActiveConnector(shr, makeCluster(S3ServiceHandler.SINCE).getCluster()));
    }

    @Test
    public void testGetAccount() {
        MockTestCluster makeCluster = makeCluster(S3ServiceHandler.SINCE);
        ObjectStoreConnector activeConnector = ObjectStoreUtils.getActiveConnector(shr, makeCluster.getCluster());
        Assert.assertNull(activeConnector.getAccount());
        DbExternalAccount createExternalAccount = createExternalAccount(1L, "s3_account", DbExternalAccountType.AWS_ACCESS_KEY_AUTH);
        createConfig(makeCluster.getService("aws_s31"), (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount.getName());
        Assert.assertSame(createExternalAccount, activeConnector.getAccount());
    }

    @Test
    public void testKeyDistributionPolicyNotSupported() {
        Assert.assertFalse(ObjectStoreMetadata.CONNECTOR_MODE_SUPPORTED.contains(S3ServiceHandler.SINCE));
        MockTestCluster makeCluster = makeCluster(S3ServiceHandler.SINCE);
        ObjectStoreConnector activeConnector = ObjectStoreUtils.getActiveConnector(shr, makeCluster.getCluster());
        Assert.assertNull(activeConnector.getKeyDistributionPolicy());
        createConfig(makeCluster.getService("aws_s31"), (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount(1L, "s3_account", DbExternalAccountType.AWS_ACCESS_KEY_AUTH).getName());
        Assert.assertNull(activeConnector.getKeyDistributionPolicy());
    }

    @Test
    public void testKeyDistributionPolicySupported() {
        Release release = (Release) ObjectStoreMetadata.CONNECTOR_MODE_SUPPORTED.lowerEndpoint();
        MockTestCluster makeCluster = makeCluster(release);
        ObjectStoreConnector activeConnector = ObjectStoreUtils.getActiveConnector(shr, makeCluster.getCluster());
        Assert.assertNull(activeConnector.getKeyDistributionPolicy());
        DbExternalAccount createExternalAccount = createExternalAccount(1L, "s3_account", DbExternalAccountType.AWS_ACCESS_KEY_AUTH);
        DbService service = makeCluster.getService("aws_s31");
        createConfig(service, (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount.getName());
        Assert.assertEquals(KeyDistributionPolicy.SECURE, activeConnector.getKeyDistributionPolicy());
        Assert.assertEquals(KeyDistributionPolicy.SECURE, S3Params.KEY_DISTRIBUTION.getDefaultValue(release));
        createConfig(service, (ParamSpec<EnumParamSpec>) S3Params.KEY_DISTRIBUTION, (EnumParamSpec) KeyDistributionPolicy.UNSECURE);
        Assert.assertEquals(KeyDistributionPolicy.UNSECURE, activeConnector.getKeyDistributionPolicy());
    }

    @Test
    public void testSentryRequiredBeforeModeSupported() {
        Assert.assertFalse(ObjectStoreMetadata.CONNECTOR_MODE_SUPPORTED.contains(S3ServiceHandler.SINCE));
        MockTestCluster makeCluster = makeCluster(S3ServiceHandler.SINCE);
        ObjectStoreConnector activeConnector = ObjectStoreUtils.getActiveConnector(shr, makeCluster.getCluster());
        Assert.assertFalse(activeConnector.isSecurityServiceRequired());
        DbExternalAccount createExternalAccount = createExternalAccount(1L, "s3_account", DbExternalAccountType.AWS_ACCESS_KEY_AUTH);
        DbService service = makeCluster.getService("aws_s31");
        createConfig(service, (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount.getName());
        Assert.assertTrue(activeConnector.isSecurityServiceRequired());
        createConfig(service, (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount(2L, "iam_account", DbExternalAccountType.AWS_IAM_ROLES_AUTH).getName());
        Assert.assertFalse(activeConnector.isSecurityServiceRequired());
    }

    @Test
    public void testSentryRequiredRespectingMode() {
        MockTestCluster makeCluster = makeCluster((Release) ObjectStoreMetadata.CONNECTOR_MODE_SUPPORTED.lowerEndpoint());
        ObjectStoreConnector activeConnector = ObjectStoreUtils.getActiveConnector(shr, makeCluster.getCluster());
        Assert.assertFalse(activeConnector.isSecurityServiceRequired());
        DbExternalAccount createExternalAccount = createExternalAccount(1L, "s3_account", DbExternalAccountType.AWS_ACCESS_KEY_AUTH);
        DbService service = makeCluster.getService("aws_s31");
        createConfig(service, (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount.getName());
        createConfig(service, (ParamSpec<EnumParamSpec>) S3Params.KEY_DISTRIBUTION, (EnumParamSpec) KeyDistributionPolicy.UNSECURE);
        Assert.assertFalse(activeConnector.isSecurityServiceRequired());
        createConfig(service, (ParamSpec<EnumParamSpec>) S3Params.KEY_DISTRIBUTION, (EnumParamSpec) KeyDistributionPolicy.SECURE);
        Assert.assertTrue(activeConnector.isSecurityServiceRequired());
        createConfig(service, (ParamSpec<ExternalAccountParamSpec>) S3Params.ACCOUNT, (ExternalAccountParamSpec) createExternalAccount(2L, "iam_account", DbExternalAccountType.AWS_IAM_ROLES_AUTH).getName());
        Assert.assertFalse(activeConnector.isSecurityServiceRequired());
    }
}
