package com.mapr.fs.hbase.test;

import com.mapr.fs.utils.ssh.RunCommand;
import com.mapr.fs.utils.ssh.TestCluster;
import com.mapr.tests.BaseTest;
import com.mapr.tests.annotations.ClusterTest;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.Iterator;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Append;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Get;
import org.apache.hadoop.hbase.client.Increment;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.util.Bytes;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Category({ClusterTest.class})
/* loaded from: input_file:com/mapr/fs/hbase/test/TestBinarySecurityPolicyEnforcement.class */
public class TestBinarySecurityPolicyEnforcement extends BaseTest {
    private static String VOLUME_TAGGED_OK;
    private static String VOLUME_TAGGED_NOACCESS;
    private static String VOLUME_TAGGED_OK_PATH;
    private static String VOLUME_TAGGED_NOACCESS_PATH;
    private static String SECURITY_POLICY_ENFORCE_OK;
    private static String SECURITY_POLICY_ENFORCE_NOTALLOWED;
    private static final String ROW1 = "rowKey1";
    private static final String ROW2 = "rowKey2";
    private static final byte[] COLUMN_FAMILY_NAME = Bytes.toBytes("address");
    private static final byte[] COLUMN1_NAME = Bytes.toBytes("city");
    private static final byte[] COLUMN2_NAME = Bytes.toBytes("number");
    private static final Logger _logger = LoggerFactory.getLogger(TestBinarySecurityPolicyEnforcement.class);
    private static boolean policyServiceMasterStatusSet = false;

    @BeforeClass
    public static void prep() throws Exception {
        SECURITY_POLICY_ENFORCE_OK = "spenforceok";
        SECURITY_POLICY_ENFORCE_NOTALLOWED = "spenforcenotallowed";
        VOLUME_TAGGED_OK = "voltaggedok";
        VOLUME_TAGGED_NOACCESS = "voltaggednoaccess";
        VOLUME_TAGGED_OK_PATH = "/" + VOLUME_TAGGED_OK;
        VOLUME_TAGGED_NOACCESS_PATH = "/" + VOLUME_TAGGED_NOACCESS;
        _logger.info("Setting CLDB to global PBS master");
        _logger.info("Checking if security policy " + SECURITY_POLICY_ENFORCE_OK + " exists");
        if (TestCluster.runCommand("maprcli security policy info -columns policyname -name " + SECURITY_POLICY_ENFORCE_OK).getExitCode() != 0) {
            _logger.info("Security policy " + SECURITY_POLICY_ENFORCE_OK + " does not exist, creating");
            TestCluster.runCommand("maprcli security policy create -name " + SECURITY_POLICY_ENFORCE_OK + " -allowtagging true -accesscontrol Armed -readaces 'u:root' -writeaces 'u:root'");
        } else {
            _logger.info("Security policy " + SECURITY_POLICY_ENFORCE_OK + " exists, setting allowtagging=true, accesscontrol=Armed, readaces|writeaces=u:root");
            TestCluster.runCommand("maprcli security policy modify -name " + SECURITY_POLICY_ENFORCE_OK + " -wiresecurityenabled true -allowtagging true -accesscontrol Armed  -readaces 'u:root' -writeaces 'u:root'");
        }
        _logger.info("Checking if security policy " + SECURITY_POLICY_ENFORCE_NOTALLOWED + " exists");
        if (TestCluster.runCommand("maprcli security policy info -columns policyname -name " + SECURITY_POLICY_ENFORCE_NOTALLOWED).getExitCode() != 0) {
            _logger.info("Security policy " + SECURITY_POLICY_ENFORCE_NOTALLOWED + " does not exist, creating");
            TestCluster.runCommand("maprcli security policy create -name " + SECURITY_POLICY_ENFORCE_NOTALLOWED + " -allowtagging true -accesscontrol Armed -readaces '!u:root' -writeaces '!u:root'");
        } else {
            _logger.info("Security policy " + SECURITY_POLICY_ENFORCE_NOTALLOWED + " already exists, setting allowtagging=true, accesscontrol=Armed, readaces|writeaces=!u=root");
            TestCluster.runCommand("maprcli security policy modify -name " + SECURITY_POLICY_ENFORCE_NOTALLOWED + " -allowtagging true -accesscontrol Armed -readaces '!u:root'  -writeaces '!u:root'");
        }
        Thread.sleep(45000L);
        createTaggedVolume(VOLUME_TAGGED_OK, VOLUME_TAGGED_OK_PATH, SECURITY_POLICY_ENFORCE_OK);
        createTaggedVolume(VOLUME_TAGGED_NOACCESS, VOLUME_TAGGED_NOACCESS_PATH, SECURITY_POLICY_ENFORCE_NOTALLOWED);
        Thread.sleep(45000L);
    }

    @AfterClass
    public static void cleanup() throws Exception {
        removeVolume(VOLUME_TAGGED_OK);
        removeVolume(VOLUME_TAGGED_NOACCESS);
    }

    @Test
    public void testVolBinaryOK() throws Exception {
        int i;
        int i2;
        int i3;
        int i4;
        byte[] bytes = Bytes.toBytes("address");
        String str = VOLUME_TAGGED_OK_PATH + "/" + "testtable1";
        Connection createConnection = ConnectionFactory.createConnection(HBaseConfiguration.create());
        Admin admin = createConnection.getAdmin();
        HTableDescriptor hTableDescriptor = new HTableDescriptor(TableName.valueOf(Bytes.toBytes(str)));
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        admin.createTable(hTableDescriptor);
        Table table = createConnection.getTable(TableName.valueOf(Bytes.toBytes(str)));
        _logger.info("Created table " + table.getName() + " with CF " + "address");
        _logger.info("Adding data to table " + str + " using PUT");
        Put put = new Put(Bytes.toBytes(ROW1));
        put.addColumn(bytes, COLUMN1_NAME, Bytes.toBytes("Sunnyvale"));
        put.addColumn(bytes, COLUMN2_NAME, Bytes.toBytes(1L));
        table.put(put);
        _logger.info("Verifying data exists in table " + str + ", column " + COLUMN1_NAME + " using checkAndPut");
        try {
            boolean checkAndPut = table.checkAndPut(Bytes.toBytes(ROW1), bytes, COLUMN1_NAME, (byte[]) null, put);
            if (checkAndPut) {
                _logger.info("ERROR: CheckAndPut for rowKey1 succeeded, should have failed");
            } else {
                _logger.info("SUCCESS: CheckAndPut for rowKey1 failed, data already exists, as expected");
            }
            Assert.assertEquals(Boolean.valueOf(checkAndPut), false);
            i = 0;
        } catch (Exception e) {
            i = 1;
        }
        Assert.assertEquals(0L, i);
        _logger.info("Verifying data does not exist in table " + str + ", column " + COLUMN2_NAME + " using checkAndPut");
        Put put2 = new Put(Bytes.toBytes(ROW2));
        put2.addColumn(bytes, COLUMN1_NAME, Bytes.toBytes("San Jose"));
        put2.addColumn(bytes, COLUMN2_NAME, Bytes.toBytes(2L));
        try {
            boolean checkAndPut2 = table.checkAndPut(Bytes.toBytes(ROW2), bytes, COLUMN1_NAME, (byte[]) null, put2);
            if (checkAndPut2) {
                _logger.info("SUCCESS: OK: CheckAndPut for rowKey2 succeeded");
            } else {
                _logger.info("ERROR: CheckAndPut for rowKey2 failed, data already exists");
            }
            Assert.assertEquals(Boolean.valueOf(checkAndPut2), true);
            i2 = 0;
        } catch (Exception e2) {
            i2 = 1;
        }
        Assert.assertEquals(0L, i2);
        try {
            _logger.info("Performing a GET on table " + str);
            Result result = table.get(new Get(Bytes.toBytes(ROW1)));
            String bytes2 = Bytes.toString(result.getValue(bytes, COLUMN1_NAME));
            long j = Bytes.toLong(result.getValue(bytes, COLUMN2_NAME));
            _logger.info("Get a single row by row key before increment");
            _logger.info("rowKey1:City:" + bytes2 + ", Num:" + j);
            Assert.assertEquals(bytes2, "Sunnyvale");
            Assert.assertEquals(j, 1L);
            i3 = 0;
        } catch (Exception e3) {
            i3 = 1;
        }
        Assert.assertEquals(0L, i3);
        _logger.info("Scan for all cities and house numbers:");
        try {
            for (Result result2 : table.getScanner(new Scan())) {
                String bytes3 = Bytes.toString(result2.getRow());
                byte[] value = result2.getValue(bytes, COLUMN1_NAME);
                byte[] value2 = result2.getValue(bytes, COLUMN2_NAME);
                _logger.info("Key:" + bytes3 + ", City:" + Bytes.toString(value) + ", Num:" + Bytes.toLong(value2));
                if (bytes3.equals(ROW1)) {
                    Assert.assertEquals(Bytes.toString(value), "Sunnyvale");
                    Assert.assertEquals(Bytes.toLong(value2), 1L);
                } else if (bytes3.equals(ROW2)) {
                    Assert.assertEquals(Bytes.toString(value), "San Jose");
                    Assert.assertEquals(Bytes.toLong(value2), 2L);
                } else {
                    Assert.assertFalse(true);
                }
            }
            i4 = 0;
        } catch (Exception e4) {
            i4 = 1;
        }
        Assert.assertEquals(0L, i4);
        Increment increment = new Increment(Bytes.toBytes(ROW1));
        increment.addColumn(bytes, COLUMN2_NAME, 1L);
        table.increment(increment);
        Result result3 = table.get(new Get(Bytes.toBytes(ROW1)));
        String bytes4 = Bytes.toString(result3.getValue(bytes, COLUMN1_NAME));
        long j2 = Bytes.toLong(result3.getValue(bytes, COLUMN2_NAME));
        _logger.info("Get a single row by row key after increment");
        _logger.info("rowKey1:City:" + bytes4 + ", Num:" + j2);
        Assert.assertEquals(bytes4, "Sunnyvale");
        Assert.assertEquals(j2, 2L);
        Append append = new Append(Bytes.toBytes(ROW1));
        append.add(bytes, COLUMN1_NAME, Bytes.toBytes(" City"));
        append.add(bytes, COLUMN2_NAME, Bytes.toBytes(j2));
        Result append2 = table.append(append);
        String bytes5 = Bytes.toString(append2.getValue(bytes, COLUMN1_NAME));
        long j3 = Bytes.toLong(append2.getValue(bytes, COLUMN2_NAME));
        _logger.info("Get a single row by row key after appending to rowKey1");
        _logger.info("rowKey1:City:" + bytes5 + ", Num:" + j3);
        Assert.assertEquals(bytes5, "Sunnyvale City");
        Assert.assertEquals(j3, 2L);
        _logger.info("Deleting table " + str);
        admin.disableTable(table.getName());
        admin.deleteTable(table.getName());
        table.close();
        createConnection.close();
    }

    @Test
    public void testPutVolBinaryDenied() throws Exception {
        int i;
        int i2;
        int i3;
        int i4;
        int i5;
        byte[] bytes = Bytes.toBytes("address");
        String str = VOLUME_TAGGED_NOACCESS_PATH + "/" + "testtable2";
        Connection createConnection = ConnectionFactory.createConnection(HBaseConfiguration.create());
        Admin admin = createConnection.getAdmin();
        HTableDescriptor hTableDescriptor = new HTableDescriptor(TableName.valueOf(Bytes.toBytes(str)));
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        admin.createTable(hTableDescriptor);
        Table table = createConnection.getTable(TableName.valueOf(Bytes.toBytes(str)));
        _logger.info("Created table " + table.getName() + " with CF " + "address");
        _logger.info("Adding data to table " + str + " using PUT");
        Put put = new Put(Bytes.toBytes(ROW1));
        put.addColumn(bytes, COLUMN1_NAME, Bytes.toBytes("Sunnyvale"));
        put.addColumn(bytes, COLUMN2_NAME, Bytes.toBytes(1L));
        try {
            table.put(put);
            i = 1;
            _logger.info("PUT unexpectedly succeeds when it should fail");
        } catch (InterruptedIOException e) {
            i = 0;
            _logger.info("PUT fails as expected with InterruptedIOException: " + e.getMessage());
        }
        Assert.assertEquals(i, 0L);
        try {
            _logger.info("Performing a GET on table " + str);
            table.get(new Get(Bytes.toBytes(ROW1)));
            i2 = 1;
        } catch (IOException e2) {
            i2 = 0;
        }
        Assert.assertEquals(0L, i2);
        _logger.info("Scan for all cities and house numbers:");
        try {
            Iterator it = table.getScanner(new Scan()).iterator();
            while (it.hasNext()) {
                _logger.info("SCAN on denied table obtained key " + Bytes.toString(((Result) it.next()).getRow()));
            }
            i3 = 1;
        } catch (Exception e3) {
            i3 = 0;
        }
        Assert.assertEquals(0L, i3);
        Increment increment = new Increment(Bytes.toBytes(ROW1));
        increment.addColumn(bytes, COLUMN2_NAME, 1L);
        try {
            table.increment(increment);
            i4 = 1;
        } catch (Exception e4) {
            i4 = 0;
        }
        Assert.assertEquals(0L, i4);
        Append append = new Append(Bytes.toBytes(ROW1));
        append.add(bytes, COLUMN1_NAME, Bytes.toBytes(" City"));
        append.add(bytes, COLUMN2_NAME, Bytes.toBytes(1L));
        try {
            table.append(append);
            i5 = 1;
        } catch (Exception e5) {
            i5 = 0;
        }
        Assert.assertEquals(0L, i5);
        _logger.info("Deleting table " + str);
        admin.disableTable(table.getName());
        admin.deleteTable(table.getName());
        table.close();
        createConnection.close();
    }

    private static void createTaggedVolume(String str, String str2, String str3) throws Exception {
        _logger.info("Checking if volume " + str + " exists");
        if (TestCluster.runCommand("maprcli volume info -name " + str).getExitCode() == 0) {
            _logger.info("Volume " + str + " exists, deleting first");
            TestCluster.runCommand("maprcli volume remove -name " + str);
        }
        Assert.assertEquals(0L, TestCluster.runCommand("maprcli volume create -name " + str + " -path " + str2 + " -securitypolicy " + str3).getExitCode());
    }

    private static void createUntaggedVolume(String str, String str2) throws Exception {
        _logger.info("Checking if volume " + str + " exists");
        if (TestCluster.runCommand("maprcli volume info -name " + str).getExitCode() == 0) {
            _logger.info("Volume " + str + " exists, deleting first");
            TestCluster.runCommand("maprcli volume remove -name " + str);
        }
        Assert.assertEquals(0L, TestCluster.runCommand("maprcli volume create -name " + str + " -path " + str2).getExitCode());
    }

    private static void removeVolume(String str) throws Exception {
        TestCluster.runCommand("maprcli volume remove -name " + str);
    }

    private static void deleteTable(String str) throws Exception {
        _logger.info("Running command " + ("maprcli table delete -path " + str));
        Assert.assertEquals(0L, TestCluster.runCommand(r0).getExitCode());
    }

    public static void updatePolicyServiceMasterStatus() throws Exception {
        RunCommand runCommand = TestCluster.runCommand("maprcli config save -values {\"cldb.pbs.global.master\":\"1\"}");
        if (runCommand.getExitCode() != 0) {
            _logger.error(runCommand.getStdOut());
            Assert.fail("Unable to Set the current cluster as Global Master: " + runCommand.getStdOut());
        }
        policyServiceMasterStatusSet = true;
    }
}
