package org.apache.ambari.server.controller.internal;

import com.google.inject.AbstractModule;
import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Module;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import javax.persistence.EntityManager;
import org.apache.ambari.server.api.services.AmbariMetaInfo;
import org.apache.ambari.server.controller.predicate.AndPredicate;
import org.apache.ambari.server.controller.spi.Predicate;
import org.apache.ambari.server.controller.spi.Resource;
import org.apache.ambari.server.controller.spi.ResourceProvider;
import org.apache.ambari.server.controller.utilities.PredicateBuilder;
import org.apache.ambari.server.controller.utilities.PropertyHelper;
import org.apache.ambari.server.orm.DBAccessor;
import org.apache.ambari.server.orm.entities.UserAuthenticationEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.apache.ambari.server.security.TestAuthenticationFactory;
import org.apache.ambari.server.security.authentication.AmbariUserDetails;
import org.apache.ambari.server.security.authorization.AuthorizationException;
import org.apache.ambari.server.security.authorization.AuthorizationHelper;
import org.apache.ambari.server.security.authorization.UserAuthenticationType;
import org.apache.ambari.server.security.authorization.Users;
import org.apache.ambari.server.stack.StackManagerFactory;
import org.apache.ambari.server.state.Clusters;
import org.apache.ambari.server.state.stack.OsFamily;
import org.apache.ambari.server.testutils.PartialNiceMockBinder;
import org.apache.velocity.exception.ResourceNotFoundException;
import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/apache/ambari/server/controller/internal/UserAuthenticationSourceResourceProviderTest.class */
public class UserAuthenticationSourceResourceProviderTest extends EasyMockSupport {
    private static final long CREATE_TIME = Calendar.getInstance().getTime().getTime();
    private static final long UPDATE_TIME = Calendar.getInstance().getTime().getTime();

    @Before
    public void resetMocks() {
        resetAll();
    }

    @After
    public void clearAuthentication() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    @Test
    public void testCreateResources_Administrator() throws Exception {
        createResourcesTest(TestAuthenticationFactory.createAdministrator("admin"));
    }

    @Test(expected = AuthorizationException.class)
    public void testCreateResources_NonAdministrator() throws Exception {
        createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
    }

    @Test
    public void testGetResources_Administrator() throws Exception {
        getResourcesTest(TestAuthenticationFactory.createAdministrator("admin"));
    }

    @Test
    public void testGetResources_NonAdministrator() throws Exception {
        getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
    }

    @Test
    public void testGetResource_Administrator_Self() throws Exception {
        getResourceTest(TestAuthenticationFactory.createAdministrator("admin"), "admin");
    }

    @Test
    public void testGetResource_Administrator_Other() throws Exception {
        getResourceTest(TestAuthenticationFactory.createAdministrator("admin"), "User1");
    }

    @Test
    public void testGetResource_NonAdministrator_Self() throws Exception {
        getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
    }

    @Test(expected = AuthorizationException.class)
    public void testGetResource_NonAdministrator_Other() throws Exception {
        getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User100");
    }

    @Test
    public void testUpdateResources_SetPassword_Administrator_Self() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createAdministrator("admin"), "User100", null);
    }

    @Test
    public void testUpdateResources_SetPassword_Administrator_Other() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createAdministrator("admin"), "User100", null);
    }

    @Test
    public void testUpdateResources_SetPassword_NonAdministrator_Self() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1", null);
    }

    @Test(expected = AuthorizationException.class)
    public void testUpdateResources_SetPassword_NonAdministrator_Other() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User100", null);
    }

    @Test
    public void testUpdateResources_SetPassword_VerifyLocal_Success() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createAdministrator(), "User100", "local");
    }

    @Test(expected = ResourceNotFoundException.class)
    public void testUpdateResources_SetPassword_VerifyLocal_Fail() throws Exception {
        updateResources_SetAuthenticationKey(TestAuthenticationFactory.createAdministrator(), "User100", "KERBEROS");
    }

    @Test
    public void testDeleteResource_Administrator_Self() throws Exception {
        deleteResourcesTest(TestAuthenticationFactory.createAdministrator("admin"), "admin");
    }

    @Test
    public void testDeleteResource_Administrator_Other() throws Exception {
        deleteResourcesTest(TestAuthenticationFactory.createAdministrator("admin"), "User100");
    }

    @Test(expected = AuthorizationException.class)
    public void testDeleteResource_NonAdministrator_Self() throws Exception {
        deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
    }

    @Test(expected = AuthorizationException.class)
    public void testDeleteResource_NonAdministrator_Other() throws Exception {
        deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User100");
    }

    private Injector createInjector() throws Exception {
        return Guice.createInjector(new Module[]{new AbstractModule() { // from class: org.apache.ambari.server.controller.internal.UserAuthenticationSourceResourceProviderTest.1
            protected void configure() {
                PartialNiceMockBinder.newBuilder(UserAuthenticationSourceResourceProviderTest.this).addAmbariMetaInfoBinding().addLdapBindings().build().configure(binder());
                bind(EntityManager.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createNiceMock(EntityManager.class));
                bind(DBAccessor.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createNiceMock(DBAccessor.class));
                bind(OsFamily.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createNiceMock(OsFamily.class));
                bind(AmbariMetaInfo.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createMock(AmbariMetaInfo.class));
                bind(Clusters.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createNiceMock(Clusters.class));
                bind(StackManagerFactory.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createNiceMock(StackManagerFactory.class));
                bind(Users.class).toInstance(UserAuthenticationSourceResourceProviderTest.this.createMock(Users.class));
            }
        }});
    }

    private void createResourcesTest(Authentication authentication) throws Exception {
        Injector createInjector = createInjector();
        UserEntity userEntity = (UserEntity) createNiceMock(UserEntity.class);
        UserEntity userEntity2 = (UserEntity) createNiceMock(UserEntity.class);
        Users users = (Users) createInjector.getInstance(Users.class);
        EasyMock.expect(users.getUserEntity("User100")).andReturn(userEntity).once();
        EasyMock.expect(users.getUserEntity("User200")).andReturn(userEntity2).once();
        users.addAuthentication(userEntity, UserAuthenticationType.LOCAL, "my_password_100_1234");
        EasyMock.expectLastCall().once();
        users.addAuthentication(userEntity2, UserAuthenticationType.LOCAL, "my_password_200_1234");
        EasyMock.expectLastCall().once();
        replayAll();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        ((AmbariMetaInfo) createInjector.getInstance(AmbariMetaInfo.class)).init();
        ResourceProvider resourceProvider = getResourceProvider(createInjector);
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("AuthenticationSourceInfo/user_name", "User100");
        linkedHashMap.put("AuthenticationSourceInfo/authentication_type", "local");
        linkedHashMap.put("AuthenticationSourceInfo/key", "my_password_100_1234");
        linkedHashSet.add(linkedHashMap);
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        linkedHashMap2.put("AuthenticationSourceInfo/user_name", "User200");
        linkedHashMap2.put("AuthenticationSourceInfo/authentication_type", "local");
        linkedHashMap2.put("AuthenticationSourceInfo/key", "my_password_200_1234");
        linkedHashSet.add(linkedHashMap2);
        resourceProvider.createResources(PropertyHelper.getCreateRequest(linkedHashSet, (Map) null));
        verifyAll();
    }

    private void getResourcesTest(Authentication authentication) throws Exception {
        Injector createInjector = createInjector();
        Users users = (Users) createInjector.getInstance(Users.class);
        HashMap hashMap = new HashMap();
        hashMap.put("User1", createMockUserAuthenticationEntity("User1"));
        if ("admin".equals(authentication.getName())) {
            hashMap.put("User10", createMockUserAuthenticationEntity("User10"));
            hashMap.put("User100", createMockUserAuthenticationEntity("User100"));
            hashMap.put("admin", createMockUserAuthenticationEntity("admin"));
            EasyMock.expect(users.getUserAuthenticationEntities((String) null, (UserAuthenticationType) null)).andReturn(hashMap.values()).once();
        } else {
            EasyMock.expect(users.getUserAuthenticationEntities("user1", (UserAuthenticationType) null)).andReturn(hashMap.values()).once();
        }
        replayAll();
        ((AmbariMetaInfo) createInjector.getInstance(AmbariMetaInfo.class)).init();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        ResourceProvider resourceProvider = getResourceProvider(createInjector);
        HashSet hashSet = new HashSet();
        hashSet.add("AuthenticationSourceInfo/user_name");
        hashSet.add("AuthenticationSourceInfo/authentication_type");
        hashSet.add("AuthenticationSourceInfo/key");
        hashSet.add("AuthenticationSourceInfo/created");
        hashSet.add("AuthenticationSourceInfo/updated");
        Set<Resource> resources = resourceProvider.getResources(PropertyHelper.getReadRequest(hashSet), (Predicate) null);
        Assert.assertEquals(hashMap.size(), resources.size());
        for (Resource resource : resources) {
            Assert.assertTrue(hashMap.containsKey((String) resource.getPropertyValue("AuthenticationSourceInfo/user_name")));
            Assert.assertNull(resource.getPropertyValue("AuthenticationSourceInfo/key"));
        }
        verifyAll();
    }

    private void getResourceTest(Authentication authentication, String str) throws Exception {
        Injector createInjector = createInjector();
        ArrayList arrayList = new ArrayList();
        arrayList.add(createMockUserAuthenticationEntity(str));
        EasyMock.expect(((Users) createInjector.getInstance(Users.class)).getUserAuthenticationEntities(str, (UserAuthenticationType) null)).andReturn(arrayList).once();
        replayAll();
        ((AmbariMetaInfo) createInjector.getInstance(AmbariMetaInfo.class)).init();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        ResourceProvider resourceProvider = getResourceProvider(createInjector);
        HashSet hashSet = new HashSet();
        hashSet.add("AuthenticationSourceInfo/user_name");
        hashSet.add("AuthenticationSourceInfo/key");
        Set<Resource> resources = resourceProvider.getResources(PropertyHelper.getReadRequest(hashSet), createPredicate(str, null));
        Assert.assertEquals(1L, resources.size());
        for (Resource resource : resources) {
            Assert.assertEquals(str, (String) resource.getPropertyValue("AuthenticationSourceInfo/user_name"));
            Assert.assertNull(resource.getPropertyValue("AuthenticationSourceInfo/key"));
        }
        verifyAll();
    }

    private void updateResources_SetAuthenticationKey(Authentication authentication, String str, String str2) throws Exception {
        Injector createInjector = createInjector();
        UserAuthenticationEntity createMockUserAuthenticationEntity = createMockUserAuthenticationEntity(str);
        boolean equalsIgnoreCase = authentication.getName().equalsIgnoreCase(str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(createMockUserAuthenticationEntity);
        UserEntity userEntity = (UserEntity) createMock(UserEntity.class);
        EasyMock.expect(userEntity.getAuthenticationEntities()).andReturn(arrayList).once();
        if (equalsIgnoreCase) {
            EasyMock.expect(userEntity.getUserId()).andReturn(((AmbariUserDetails) authentication.getPrincipal()).getUserId()).once();
        } else {
            EasyMock.expect(userEntity.getUserId()).andReturn(Integer.valueOf(AuthorizationHelper.getAuthenticatedId() + 100)).once();
        }
        Users users = (Users) createInjector.getInstance(Users.class);
        EasyMock.expect(users.getUserEntity(str)).andReturn(userEntity).once();
        users.modifyAuthentication(createMockUserAuthenticationEntity, "old_password", "new_password", equalsIgnoreCase);
        EasyMock.expectLastCall().once();
        replayAll();
        ((AmbariMetaInfo) createInjector.getInstance(AmbariMetaInfo.class)).init();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        ResourceProvider resourceProvider = getResourceProvider(createInjector);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("AuthenticationSourceInfo/old_key", "old_password");
        linkedHashMap.put("AuthenticationSourceInfo/key", "new_password");
        if (str2 != null) {
            linkedHashMap.put("AuthenticationSourceInfo/authentication_type", str2);
        }
        resourceProvider.updateResources(PropertyHelper.getUpdateRequest(linkedHashMap, (Map) null), createPredicate(str, createMockUserAuthenticationEntity.getUserAuthenticationId()));
        verifyAll();
    }

    private void deleteResourcesTest(Authentication authentication, String str) throws Exception {
        Injector createInjector = createInjector();
        ((Users) createInjector.getInstance(Users.class)).removeAuthentication(str, 1L);
        EasyMock.expectLastCall().atLeastOnce();
        replayAll();
        ((AmbariMetaInfo) createInjector.getInstance(AmbariMetaInfo.class)).init();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        getResourceProvider(createInjector).deleteResources(new RequestImpl((Set) null, (Set) null, (Map) null, (Map) null), createPredicate(str, 1L));
        verifyAll();
    }

    private Predicate createPredicate(String str, Long l) {
        Predicate predicate = new PredicateBuilder().property("AuthenticationSourceInfo/user_name").equals(str).toPredicate();
        return l == null ? predicate : new AndPredicate(new Predicate[]{predicate, new PredicateBuilder().property("AuthenticationSourceInfo/source_id").equals(l.toString()).toPredicate()});
    }

    private UserAuthenticationEntity createMockUserAuthenticationEntity(String str) {
        UserAuthenticationEntity userAuthenticationEntity = (UserAuthenticationEntity) createMock(UserAuthenticationEntity.class);
        UserEntity userEntity = (UserEntity) createMock(UserEntity.class);
        EasyMock.expect(userAuthenticationEntity.getAuthenticationType()).andReturn(UserAuthenticationType.LOCAL).anyTimes();
        EasyMock.expect(userAuthenticationEntity.getAuthenticationKey()).andReturn("this is a secret").anyTimes();
        EasyMock.expect(Long.valueOf(userAuthenticationEntity.getCreateTime())).andReturn(Long.valueOf(CREATE_TIME)).anyTimes();
        EasyMock.expect(Long.valueOf(userAuthenticationEntity.getUpdateTime())).andReturn(Long.valueOf(UPDATE_TIME)).anyTimes();
        EasyMock.expect(userAuthenticationEntity.getUserAuthenticationId()).andReturn(100L).anyTimes();
        EasyMock.expect(userAuthenticationEntity.getUser()).andReturn(userEntity).anyTimes();
        EasyMock.expect(userEntity.getUserName()).andReturn(str).anyTimes();
        return userAuthenticationEntity;
    }

    private ResourceProvider getResourceProvider(Injector injector) {
        UserAuthenticationSourceResourceProvider userAuthenticationSourceResourceProvider = new UserAuthenticationSourceResourceProvider();
        injector.injectMembers(userAuthenticationSourceResourceProvider);
        return userAuthenticationSourceResourceProvider;
    }
}
