package org.apache.drill.exec.store.phoenix.secured;

import ch.qos.logback.classic.Level;
import com.google.common.collect.Lists;
import com.sun.security.auth.module.Krb5LoginModule;
import java.io.File;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.TimeZone;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.drill.common.exceptions.UserRemoteException;
import org.apache.drill.common.logical.security.CredentialsProvider;
import org.apache.drill.exec.rpc.security.ServerAuthenticationHandler;
import org.apache.drill.exec.rpc.security.kerberos.KerberosFactory;
import org.apache.drill.exec.store.StoragePluginRegistry;
import org.apache.drill.exec.store.phoenix.PhoenixBaseTest;
import org.apache.drill.exec.store.phoenix.PhoenixDataSource;
import org.apache.drill.exec.store.phoenix.PhoenixStoragePluginConfig;
import org.apache.drill.exec.util.ImpersonationUtil;
import org.apache.drill.test.ClusterFixture;
import org.apache.drill.test.ClusterTest;
import org.apache.drill.test.LogFixture;
import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/drill/exec/store/phoenix/secured/SecuredPhoenixBaseTest.class */
public abstract class SecuredPhoenixBaseTest extends ClusterTest {
    protected static LogFixture logFixture;
    private static final Logger logger = LoggerFactory.getLogger(PhoenixDataSource.class);
    private static final Level CURRENT_LOG_LEVEL = Level.INFO;
    private static final AtomicInteger initCount = new AtomicInteger(0);

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/apache/drill/exec/store/phoenix/secured/SecuredPhoenixBaseTest$TestWrapper.class */
    public interface TestWrapper {
        void apply() throws Exception;
    }

    @BeforeClass
    public static void setUpBeforeClass() throws Exception {
        TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
        SecuredPhoenixTestSuite.initPhoenix();
        startSecuredDrillCluster();
        initializeDatabase();
    }

    private static void startSecuredDrillCluster() throws Exception {
        logFixture = LogFixture.builder().toConsole().logger(PhoenixEnvironment.class, CURRENT_LOG_LEVEL).logger(SecuredPhoenixBaseTest.class, CURRENT_LOG_LEVEL).logger(KerberosFactory.class, CURRENT_LOG_LEVEL).logger(Krb5LoginModule.class, CURRENT_LOG_LEVEL).logger(ServerAuthenticationHandler.class, CURRENT_LOG_LEVEL).build();
        Map.Entry<String, File> user = ImpersonationPhoenixIT.environment.getUser(1);
        Map.Entry<String, File> user2 = ImpersonationPhoenixIT.environment.getUser(2);
        Map.Entry<String, File> user3 = ImpersonationPhoenixIT.environment.getUser(3);
        dirTestWatcher.start(SecuredPhoenixTestSuite.class);
        startCluster(ClusterFixture.builder(dirTestWatcher).configProperty("drill.exec.security.user.auth.enabled", true).configProperty("drill.exec.security.user.auth.impl", "drillTestAuthenticator").configNonStringProperty("drill.exec.security.auth.mechanisms", Lists.newArrayList(new String[]{"kerberos"})).configProperty("drill.exec.impersonation.enabled", true).configProperty("drill.exec.security.bit.auth.enabled", true).configProperty("drill.exec.security.bit.auth.mechanism", "kerberos").configProperty("drill.exec.security.auth.principal", HBaseKerberosUtils.getPrincipalForTesting()).configProperty("drill.exec.security.auth.keytab", ImpersonationPhoenixIT.environment.getServiceKeytab().getAbsolutePath()).configClientProperty("principal", HBaseKerberosUtils.getPrincipalForTesting()).configClientProperty("user", user.getKey()).configClientProperty("keytab", user.getValue().getAbsolutePath()));
        Properties properties = new Properties();
        properties.setProperty("principal", HBaseKerberosUtils.getPrincipalForTesting());
        properties.setProperty("user", user2.getKey());
        properties.setProperty("keytab", user2.getValue().getAbsolutePath());
        cluster.addClientFixture(properties);
        Properties properties2 = new Properties();
        properties2.setProperty("principal", HBaseKerberosUtils.getPrincipalForTesting());
        properties2.setProperty("user", user3.getKey());
        properties2.setProperty("keytab", user3.getValue().getAbsolutePath());
        cluster.addClientFixture(properties2);
        StoragePluginRegistry storage = cluster.drillbit().getContext().getStorage();
        logger.debug("Phoenix URL: {}", ImpersonationPhoenixIT.environment.getPhoenixUrl());
        PhoenixStoragePluginConfig phoenixStoragePluginConfig = new PhoenixStoragePluginConfig((String) null, 0, (String) null, (String) null, (String) null, ImpersonationPhoenixIT.getUrlTemplate(), (CredentialsProvider) null, Collections.emptyMap());
        phoenixStoragePluginConfig.setEnabled(true);
        storage.put("phoenix123", phoenixStoragePluginConfig);
    }

    private static void initializeDatabase() throws Exception {
        dirTestWatcher.copyResourceToRoot(Paths.get("", new String[0]));
        if (initCount.incrementAndGet() == 1) {
            Map.Entry<String, File> user = ImpersonationPhoenixIT.environment.getUser(1);
            Map.Entry<String, File> user2 = ImpersonationPhoenixIT.environment.getUser(2);
            ImpersonationUtil.getProcessUserUGI().doAs(() -> {
                PhoenixBaseTest.createSchema(ImpersonationPhoenixIT.environment.getPhoenixUrl());
                PhoenixBaseTest.createTables(ImpersonationPhoenixIT.environment.getPhoenixUrl());
                PhoenixBaseTest.createSampleData(ImpersonationPhoenixIT.environment.getPhoenixUrl());
                ImpersonationPhoenixIT.grantUsersToPhoenixSystemTables(Arrays.asList((String) user.getKey(), (String) user2.getKey()));
                ImpersonationPhoenixIT.grantUsersToGlobalPhoenixUserTables(Arrays.asList((String) user.getKey()));
                return null;
            });
        }
    }

    public void runForThreeClients(TestWrapper testWrapper) throws Exception {
        runForThreeClients(testWrapper, UserRemoteException.class, RuntimeException.class);
    }

    public void runForThreeClients(TestWrapper testWrapper, Class cls, Class cls2) throws Exception {
        try {
            client = cluster.client(0);
            testWrapper.apply();
            client = cluster.client(1);
            Objects.requireNonNull(testWrapper);
            Assert.assertThrows(cls, testWrapper::apply);
            client = cluster.client(2);
            Objects.requireNonNull(testWrapper);
            Assert.assertThrows(cls2, testWrapper::apply);
            client = cluster.client(0);
        } catch (Throwable th) {
            client = cluster.client(0);
            throw th;
        }
    }

    @AfterClass
    public static void tearDownCluster() throws Exception {
        if (SecuredPhoenixTestSuite.isRunningSuite() || ImpersonationPhoenixIT.environment == null) {
            return;
        }
        ImpersonationPhoenixIT.stopEnvironment();
    }
}
