package org.apache.ambari.server.security.authorization;

import com.google.inject.Guice;
import com.google.inject.Inject;
import com.google.inject.Injector;
import com.google.inject.Module;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import junit.framework.Assert;
import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.H2DatabaseCleaner;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.ldap.domain.AmbariLdapConfiguration;
import org.apache.ambari.server.ldap.service.AmbariLdapConfigurationProvider;
import org.apache.ambari.server.orm.GuiceJpaInitializer;
import org.apache.ambari.server.orm.InMemoryDefaultTestModule;
import org.apache.ambari.server.orm.dao.GroupDAO;
import org.apache.ambari.server.orm.dao.PermissionDAO;
import org.apache.ambari.server.orm.dao.PrincipalDAO;
import org.apache.ambari.server.orm.dao.PrincipalTypeDAO;
import org.apache.ambari.server.orm.dao.ResourceDAO;
import org.apache.ambari.server.orm.dao.ResourceTypeDAO;
import org.apache.ambari.server.orm.dao.UserDAO;
import org.apache.ambari.server.orm.entities.MemberEntity;
import org.apache.ambari.server.orm.entities.PermissionEntity;
import org.apache.ambari.server.orm.entities.PrincipalEntity;
import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
import org.apache.ambari.server.orm.entities.ResourceEntity;
import org.apache.ambari.server.orm.entities.ResourceTypeEntity;
import org.apache.ambari.server.orm.entities.UserAuthenticationEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.apache.ambari.server.security.authentication.AmbariUserDetailsImpl;
import org.apache.ambari.server.security.ldap.LdapBatchDto;
import org.apache.ambari.server.security.ldap.LdapGroupDto;
import org.apache.ambari.server.security.ldap.LdapUserDto;
import org.apache.ambari.server.security.ldap.LdapUserGroupMemberDto;
import org.easymock.EasyMock;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:org/apache/ambari/server/security/authorization/TestUsers.class */
public class TestUsers {
    private Injector injector;

    @Inject
    protected Users users;

    @Inject
    protected UserDAO userDAO;

    @Inject
    protected GroupDAO groupDAO;

    @Inject
    protected PermissionDAO permissionDAO;

    @Inject
    protected ResourceDAO resourceDAO;

    @Inject
    protected ResourceTypeDAO resourceTypeDAO;

    @Inject
    protected PrincipalTypeDAO principalTypeDAO;

    @Inject
    protected PrincipalDAO principalDAO;

    @Inject
    protected PasswordEncoder passwordEncoder;

    @Inject
    protected Configuration configuration;

    @Before
    public void setup() throws AmbariException {
        this.injector = Guice.createInjector(new Module[]{new InMemoryDefaultTestModule()});
        this.injector.getInstance(GuiceJpaInitializer.class);
        this.injector.injectMembers(this);
        ResourceTypeEntity resourceTypeEntity = new ResourceTypeEntity();
        resourceTypeEntity.setId(Integer.valueOf(ResourceType.AMBARI.getId()));
        resourceTypeEntity.setName(ResourceType.AMBARI.name());
        this.resourceTypeDAO.create(resourceTypeEntity);
        ResourceEntity resourceEntity = new ResourceEntity();
        resourceEntity.setId(1L);
        resourceEntity.setResourceType(resourceTypeEntity);
        this.resourceDAO.create(resourceEntity);
        PrincipalTypeEntity principalTypeEntity = new PrincipalTypeEntity();
        principalTypeEntity.setName("ROLE");
        PrincipalTypeEntity merge = this.principalTypeDAO.merge(principalTypeEntity);
        PrincipalEntity principalEntity = new PrincipalEntity();
        principalEntity.setPrincipalType(merge);
        PrincipalEntity merge2 = this.principalDAO.merge(principalEntity);
        PermissionEntity permissionEntity = new PermissionEntity();
        permissionEntity.setId(1);
        permissionEntity.setPermissionName("AMBARI.ADMINISTRATOR");
        permissionEntity.setPrincipal(merge2);
        permissionEntity.setResourceType(resourceTypeEntity);
        this.permissionDAO.create(permissionEntity);
    }

    @After
    public void tearDown() throws AmbariException, SQLException {
        H2DatabaseCleaner.clearDatabaseAndStopPersistenceService(this.injector);
    }

    @Test
    public void testIsUserCanBeRemoved() throws Exception {
        this.users.grantAdminPrivilege(this.users.createUser("admin", "admin", "admin"));
        this.users.grantAdminPrivilege(this.users.createUser("admin222", "admin222", "admin22"));
        Assert.assertTrue(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin")));
        Assert.assertTrue(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin222")));
        this.users.removeUser(this.users.getUser("admin222"));
        Assert.assertFalse(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin")));
        this.users.createUser("user", "user", "user");
        Assert.assertFalse(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin")));
        this.users.grantAdminPrivilege(this.users.createUser("admin333", "admin333", "admin333"));
        Assert.assertTrue(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin")));
        Assert.assertTrue(this.users.isUserCanBeRemoved(this.userDAO.findUserByName("admin333")));
    }

    @Test
    public void testModifyPassword_UserByAdmin() throws Exception {
        UserEntity createUser = this.users.createUser("admin", "admin", "admin");
        this.users.grantAdminPrivilege(createUser);
        this.users.addLocalAuthentication(createUser, "admin");
        setAuthenticatedUser(createUser);
        this.users.addLocalAuthentication(this.users.createUser("user", "user", "user"), "user");
        UserEntity findUserByName = this.userDAO.findUserByName("user");
        org.junit.Assert.assertNotNull(findUserByName);
        UserAuthenticationEntity authenticationEntity = getAuthenticationEntity(findUserByName, UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity);
        org.junit.Assert.assertNotSame("user", authenticationEntity.getAuthenticationKey());
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user", authenticationEntity.getAuthenticationKey()));
        org.junit.Assert.assertNotNull(this.userDAO.findUserByName("admin"));
        this.users.modifyAuthentication(authenticationEntity, "admin", "user_new_password", false);
        UserEntity findUserByName2 = this.userDAO.findUserByName("user");
        org.junit.Assert.assertNotNull(findUserByName2);
        UserAuthenticationEntity authenticationEntity2 = getAuthenticationEntity(findUserByName2, UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity2);
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user_new_password", authenticationEntity2.getAuthenticationKey()));
    }

    @Test
    public void testModifyPassword_EmptyPassword() throws Exception {
        this.users.addLocalAuthentication(this.users.createUser("user", "user", "user"), "user");
        UserEntity findUserByName = this.userDAO.findUserByName("user");
        org.junit.Assert.assertNotNull(findUserByName);
        UserAuthenticationEntity authenticationEntity = getAuthenticationEntity(findUserByName, UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity);
        org.junit.Assert.assertNotSame("user", authenticationEntity.getAuthenticationKey());
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user", authenticationEntity.getAuthenticationKey()));
        try {
            this.users.modifyAuthentication(authenticationEntity, "user", (String) null, true);
            org.junit.Assert.fail("Null password should not be allowed");
        } catch (IllegalArgumentException e) {
            org.junit.Assert.assertEquals("The password does not meet the password policy requirements", e.getLocalizedMessage());
        }
        try {
            this.users.modifyAuthentication(authenticationEntity, "user", "", false);
            org.junit.Assert.fail("Empty password should not be allowed");
        } catch (IllegalArgumentException e2) {
            org.junit.Assert.assertEquals("The password does not meet the password policy requirements", e2.getLocalizedMessage());
        }
        this.configuration.setProperty(Configuration.PASSWORD_POLICY_REGEXP, "^(?=.*[A-Za-z])(?=.*\\d)[A-Za-z\\d]{8,}$");
        this.configuration.setProperty(Configuration.PASSWORD_POLICY_DESCRIPTION, "test description");
        try {
            this.users.modifyAuthentication(authenticationEntity, "user", "abc123", false);
            org.junit.Assert.fail("Should not pass validation");
        } catch (IllegalArgumentException e3) {
            org.junit.Assert.assertEquals("The password does not meet the Ambari user password policy : test description", e3.getLocalizedMessage());
        }
        this.users.modifyAuthentication(authenticationEntity, "user", "abcd1234", false);
    }

    @Test
    public void testRevokeAdminPrivilege() throws Exception {
        this.users.grantAdminPrivilege(this.users.createUser("old_admin", "old_admin", "old_admin"));
        this.users.revokeAdminPrivilege(Integer.valueOf(this.users.getUser("old_admin").getUserId()));
        Assert.assertFalse(this.users.getUser("old_admin").isAdmin());
    }

    @Test
    public void testGrantAdminPrivilege() throws Exception {
        this.users.createUser("user", "user", "user");
        this.users.grantAdminPrivilege(Integer.valueOf(this.users.getUser("user").getUserId()));
        Assert.assertTrue(this.users.getUser("user").isAdmin());
    }

    @Test
    public void testCreateGetRemoveUser() throws Exception {
        this.users.createUser("user1", "user1", (String) null);
        this.users.createUser("user", "user", (String) null, false);
        UserEntity createUser = this.users.createUser("user_ldap", "user_ldap", (String) null);
        this.users.grantAdminPrivilege(createUser);
        this.users.addLdapAuthentication(createUser, "some dn");
        User user = this.users.getUser("user");
        User user2 = this.users.getUser("user1");
        User user3 = this.users.getUser("user_ldap");
        Assert.assertEquals("user1", user2.getUserName());
        Assert.assertEquals(true, user2.isActive());
        Assert.assertEquals(false, user2.isLdapUser());
        Assert.assertEquals(false, user2.isAdmin());
        Assert.assertEquals("user", user.getUserName());
        Assert.assertEquals(false, user.isActive());
        Assert.assertEquals(false, user.isLdapUser());
        Assert.assertEquals(false, user.isAdmin());
        Assert.assertEquals("user_ldap", user3.getUserName());
        Assert.assertEquals(true, user3.isActive());
        Assert.assertEquals(true, user3.isLdapUser());
        Assert.assertEquals(true, user3.isAdmin());
        org.junit.Assert.assertEquals("user", this.users.getUser("user").getUserName());
        org.junit.Assert.assertEquals("user_ldap", this.users.getUser("user_ldap").getUserName());
        Assert.assertNull(this.users.getUser("non_existing"));
        try {
            this.users.createUser("user1", "user1", (String) null);
            org.junit.Assert.fail("It shouldn't be possible to create duplicate user");
        } catch (AmbariException e) {
        }
        try {
            this.users.createUser("USER1", "user1", (String) null);
            org.junit.Assert.fail("It shouldn't be possible to create duplicate user");
        } catch (AmbariException e2) {
        }
        Assert.assertEquals(3, this.users.getAllUsers().size());
        org.junit.Assert.assertEquals("user", this.users.getUser("USER").getUserName());
        org.junit.Assert.assertEquals("user_ldap", this.users.getUser("USER_LDAP").getUserName());
        Assert.assertNull(this.users.getUser("non_existing"));
        org.junit.Assert.assertNotNull(this.users.getUser(Integer.valueOf(user.getUserId())));
        org.junit.Assert.assertEquals(user.getUserId(), r0.getUserId());
        org.junit.Assert.assertNull(this.users.getUser(-1));
        Assert.assertNotNull(this.users.getUser("user"));
        Assert.assertEquals(3, this.users.getAllUsers().size());
        this.users.removeUser(this.users.getUser("user1"));
        Assert.assertNull(this.users.getUser("user1"));
        Assert.assertEquals(2, this.users.getAllUsers().size());
    }

    @Test
    public void testSetUserActive() throws Exception {
        this.users.createUser("user", "user", (String) null);
        this.users.setUserActive("user", false);
        Assert.assertEquals(false, this.users.getUser("user").isActive());
        this.users.setUserActive("user", true);
        Assert.assertEquals(true, this.users.getUser("user").isActive());
        try {
            this.users.setUserActive("fake user", true);
            org.junit.Assert.fail("It shouldn't be possible to call setUserActive() on non-existing user");
        } catch (Exception e) {
        }
    }

    @Test
    public void testSetUserLdap() throws Exception {
        this.users.createUser("user", "user", (String) null);
        this.users.addLdapAuthentication(this.users.getUserEntity("user"), "some dn");
        this.users.addLdapAuthentication(this.users.createUser("user_ldap", "user_ldap", (String) null), "some dn");
        Assert.assertEquals(true, this.users.getUser("user").isLdapUser());
        Assert.assertEquals(true, this.users.getUser("user_ldap").isLdapUser());
        try {
            this.users.addLdapAuthentication(this.users.getUserEntity("fake user"), "some other dn");
            org.junit.Assert.fail("It shouldn't be possible to call setUserLdap() on non-existing user");
        } catch (AmbariException e) {
        }
    }

    @Test
    public void testSetGroupLdap() throws Exception {
        this.users.createGroup("group", GroupType.LOCAL);
        this.users.setGroupLdap("group");
        Assert.assertNotNull(this.users.getGroup("group"));
        Assert.assertTrue(this.users.getGroup("group").isLdapGroup());
        try {
            this.users.setGroupLdap("fake group");
            org.junit.Assert.fail("It shouldn't be possible to call setGroupLdap() on non-existing group");
        } catch (AmbariException e) {
        }
    }

    @Test
    public void testCreateGetRemoveGroup() throws Exception {
        this.users.createGroup("engineering1", GroupType.LOCAL);
        this.users.createGroup("engineering2", GroupType.LOCAL);
        Group group = this.users.getGroup("engineering1");
        org.junit.Assert.assertNotNull(group);
        org.junit.Assert.assertEquals(false, Boolean.valueOf(group.isLdapGroup()));
        org.junit.Assert.assertEquals("engineering1", group.getGroupName());
        org.junit.Assert.assertNotNull(this.groupDAO.findGroupByName("engineering1"));
        org.junit.Assert.assertEquals(2L, this.users.getAllGroups().size());
        org.junit.Assert.assertEquals(2L, this.groupDAO.findAll().size());
        this.users.removeGroup(group);
        org.junit.Assert.assertNull(this.users.getGroup(group.getGroupName()));
        org.junit.Assert.assertEquals(1L, this.users.getAllGroups().size());
    }

    @Test
    public void testMembers() throws Exception {
        this.users.createGroup("engineering", GroupType.LOCAL);
        this.users.createGroup("engineering2", GroupType.LOCAL);
        this.users.createUser("user1", "user1", (String) null);
        this.users.createUser("user2", "user2", (String) null);
        this.users.createUser("user3", "user3", (String) null);
        this.users.addMemberToGroup("engineering", "user1");
        this.users.addMemberToGroup("engineering", "user2");
        org.junit.Assert.assertEquals(2L, this.users.getAllMembers("engineering").size());
        org.junit.Assert.assertEquals(0L, this.users.getAllMembers("engineering2").size());
        try {
            this.users.getAllMembers("non existing");
            org.junit.Assert.fail("It shouldn't be possible to call getAllMembers() on non-existing group");
        } catch (Exception e) {
        }
        org.junit.Assert.assertEquals(this.users.getGroupMembers("unexisting"), (Object) null);
        this.users.removeMemberFromGroup("engineering", "user1");
        org.junit.Assert.assertEquals(1L, this.groupDAO.findGroupByName("engineering").getMemberEntities().size());
        org.junit.Assert.assertEquals("user2", ((MemberEntity) this.groupDAO.findGroupByName("engineering").getMemberEntities().iterator().next()).getUser().getUserName());
    }

    @Test
    public void testModifyPassword_UserByHimselfPasswordOk() throws Exception {
        this.users.addLocalAuthentication(this.users.createUser("user", "user", (String) null), "user");
        UserAuthenticationEntity authenticationEntity = getAuthenticationEntity(this.userDAO.findUserByName("user"), UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity);
        org.junit.Assert.assertNotSame("user", authenticationEntity.getAuthenticationKey());
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user", authenticationEntity.getAuthenticationKey()));
        this.users.modifyAuthentication(authenticationEntity, "user", "user_new_password", true);
        UserAuthenticationEntity authenticationEntity2 = getAuthenticationEntity(this.userDAO.findUserByName("user"), UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity2);
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user_new_password", authenticationEntity2.getAuthenticationKey()));
    }

    @Test
    public void testModifyPassword_UserByHimselfPasswordNotOk() throws Exception {
        this.users.addLocalAuthentication(this.users.createUser("user", "user", (String) null), "user");
        UserAuthenticationEntity authenticationEntity = getAuthenticationEntity(this.userDAO.findUserByName("user"), UserAuthenticationType.LOCAL);
        org.junit.Assert.assertNotNull(authenticationEntity);
        org.junit.Assert.assertNotSame("user", authenticationEntity.getAuthenticationKey());
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("user", authenticationEntity.getAuthenticationKey()));
        try {
            this.users.modifyAuthentication(authenticationEntity, "admin", "user_new_password", true);
            org.junit.Assert.fail("Exception should be thrown here as password is incorrect");
        } catch (AmbariException e) {
        }
    }

    @Test
    public void testAddAndRemoveAuthentication() throws Exception {
        this.users.createUser("user", "user", "user");
        UserEntity findUserByName = this.userDAO.findUserByName("user");
        org.junit.Assert.assertNotNull(findUserByName);
        org.junit.Assert.assertEquals("user", findUserByName.getUserName());
        UserEntity findUserByName2 = this.userDAO.findUserByName("user");
        org.junit.Assert.assertNotNull(findUserByName2);
        org.junit.Assert.assertEquals("user", findUserByName2.getUserName());
        org.junit.Assert.assertEquals(0L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        this.users.addAuthentication(findUserByName, UserAuthenticationType.LOCAL, "local_key");
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.LOCAL).size());
        org.junit.Assert.assertTrue(this.passwordEncoder.matches("local_key", ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.LOCAL).iterator().next()).getAuthenticationKey()));
        org.junit.Assert.assertEquals(0L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).size());
        this.users.addAuthentication(findUserByName, UserAuthenticationType.PAM, "pam_key");
        org.junit.Assert.assertEquals(2L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.PAM).size());
        org.junit.Assert.assertEquals("pam_key", ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.PAM).iterator().next()).getAuthenticationKey());
        org.junit.Assert.assertEquals(0L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).size());
        this.users.addAuthentication(findUserByName, UserAuthenticationType.JWT, "jwt_key");
        org.junit.Assert.assertEquals(3L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.JWT).size());
        org.junit.Assert.assertEquals("jwt_key", ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.JWT).iterator().next()).getAuthenticationKey());
        org.junit.Assert.assertEquals(0L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).size());
        this.users.addAuthentication(findUserByName, UserAuthenticationType.LDAP, "ldap_key");
        org.junit.Assert.assertEquals(4L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.LDAP).size());
        org.junit.Assert.assertEquals("ldap_key", ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.LDAP).iterator().next()).getAuthenticationKey());
        org.junit.Assert.assertEquals(0L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).size());
        this.users.addAuthentication(findUserByName, UserAuthenticationType.KERBEROS, "kerberos_key");
        org.junit.Assert.assertEquals(5L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals("kerberos_key", ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).iterator().next()).getAuthenticationKey());
        org.junit.Assert.assertEquals(1L, this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).size());
        org.junit.Assert.assertEquals(5L, findUserByName.getAuthenticationEntities().size());
        org.junit.Assert.assertEquals(0L, findUserByName2.getAuthenticationEntities().size());
        UserEntity findUserByName3 = this.userDAO.findUserByName("user");
        org.junit.Assert.assertEquals(5L, findUserByName3.getAuthenticationEntities().size());
        Long userAuthenticationId = ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.KERBEROS).iterator().next()).getUserAuthenticationId();
        Long userAuthenticationId2 = ((UserAuthenticationEntity) this.users.getUserAuthenticationEntities("user", UserAuthenticationType.PAM).iterator().next()).getUserAuthenticationId();
        this.users.removeAuthentication("user", userAuthenticationId);
        org.junit.Assert.assertEquals(4L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        this.users.removeAuthentication(findUserByName, userAuthenticationId);
        org.junit.Assert.assertEquals(4L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        this.users.removeAuthentication(findUserByName, userAuthenticationId2);
        org.junit.Assert.assertEquals(3L, this.users.getUserAuthenticationEntities("user", (UserAuthenticationType) null).size());
        org.junit.Assert.assertEquals(3L, findUserByName3.getAuthenticationEntities().size());
    }

    @Test
    public void testProcessLdapSync() {
        AmbariLdapConfiguration ambariLdapConfiguration = (AmbariLdapConfiguration) EasyMock.createMock(AmbariLdapConfiguration.class);
        EasyMock.expect(ambariLdapConfiguration.groupMappingRules()).andReturn("admins").anyTimes();
        AmbariLdapConfigurationProvider ambariLdapConfigurationProvider = (AmbariLdapConfigurationProvider) this.injector.getInstance(AmbariLdapConfigurationProvider.class);
        EasyMock.expect(ambariLdapConfigurationProvider.get()).andReturn(ambariLdapConfiguration).anyTimes();
        EasyMock.replay(new Object[]{ambariLdapConfigurationProvider, ambariLdapConfiguration});
        LdapBatchDto ldapBatchDto = new LdapBatchDto();
        LdapUserDto ldapUserDto = new LdapUserDto();
        ldapUserDto.setDn("dn=user1");
        ldapUserDto.setUid("user1");
        ldapUserDto.setUserName("User1");
        ldapBatchDto.getUsersToBeCreated().add(ldapUserDto);
        LdapUserDto ldapUserDto2 = new LdapUserDto();
        ldapUserDto2.setDn("dn=user2");
        ldapUserDto2.setUid("user2");
        ldapUserDto2.setUserName("User2");
        ldapBatchDto.getUsersToBeCreated().add(ldapUserDto2);
        LdapGroupDto ldapGroupDto = new LdapGroupDto();
        ldapGroupDto.setGroupName("admins");
        ldapGroupDto.setMemberAttributes(Collections.singleton("dn=User1"));
        ldapBatchDto.getGroupsToBeCreated().add(ldapGroupDto);
        LdapGroupDto ldapGroupDto2 = new LdapGroupDto();
        ldapGroupDto2.setGroupName("non-admins");
        ldapGroupDto2.setMemberAttributes(Collections.singleton("dn=User2"));
        ldapBatchDto.getGroupsToBeCreated().add(ldapGroupDto2);
        ldapBatchDto.getMembershipToAdd().add(new LdapUserGroupMemberDto("admins", "user1"));
        ldapBatchDto.getMembershipToAdd().add(new LdapUserGroupMemberDto("non-admins", "user2"));
        this.users.processLdapSync(ldapBatchDto);
        org.junit.Assert.assertNotNull(this.users.getUser("user1"));
        org.junit.Assert.assertNotNull(this.users.getUser("user2"));
        Collection userAuthorities = this.users.getUserAuthorities("user1");
        org.junit.Assert.assertNotNull(userAuthorities);
        org.junit.Assert.assertEquals(1L, userAuthorities.size());
        org.junit.Assert.assertEquals("AMBARI.ADMINISTRATOR", ((AmbariGrantedAuthority) userAuthorities.iterator().next()).getPrivilegeEntity().getPermission().getPermissionName());
        org.junit.Assert.assertNotNull(this.users.getUserAuthorities("user2"));
        org.junit.Assert.assertEquals(0L, r0.size());
    }

    private UserAuthenticationEntity getAuthenticationEntity(UserEntity userEntity, UserAuthenticationType userAuthenticationType) {
        org.junit.Assert.assertNotNull(userEntity);
        List<UserAuthenticationEntity> authenticationEntities = userEntity.getAuthenticationEntities();
        org.junit.Assert.assertNotNull(authenticationEntities);
        for (UserAuthenticationEntity userAuthenticationEntity : authenticationEntities) {
            if (userAuthenticationEntity.getAuthenticationType() == userAuthenticationType) {
                return userAuthenticationEntity;
            }
        }
        return null;
    }

    private void setAuthenticatedUser(UserEntity userEntity) {
        AmbariUserDetailsImpl ambariUserDetailsImpl = new AmbariUserDetailsImpl(new User(userEntity), "", Collections.emptySet());
        Authentication authentication = (Authentication) EasyMock.mock(Authentication.class);
        EasyMock.expect(authentication.getPrincipal()).andReturn(ambariUserDetailsImpl).anyTimes();
        SecurityContext securityContext = (SecurityContext) EasyMock.mock(SecurityContext.class);
        EasyMock.expect(securityContext.getAuthentication()).andReturn(authentication).anyTimes();
        EasyMock.replay(new Object[]{authentication, securityContext});
        SecurityContextHolder.setContext(securityContext);
    }
}
