package org.apache.hadoop.hbase.security.access;

import com.google.protobuf.RpcCallback;
import com.google.protobuf.RpcController;
import com.google.protobuf.Service;
import com.google.protobuf.ServiceException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.hbase.AuthUtil;
import org.apache.hadoop.hbase.CellScanner;
import org.apache.hadoop.hbase.Coprocessor;
import org.apache.hadoop.hbase.CoprocessorEnvironment;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.HRegionInfo;
import org.apache.hadoop.hbase.HRegionLocation;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.KeyValue;
import org.apache.hadoop.hbase.MiniHBaseCluster;
import org.apache.hadoop.hbase.NamespaceDescriptor;
import org.apache.hadoop.hbase.ProcedureInfo;
import org.apache.hadoop.hbase.ServerName;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.TableNotFoundException;
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Append;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Delete;
import org.apache.hadoop.hbase.client.Get;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.hbase.client.HTable;
import org.apache.hadoop.hbase.client.Increment;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.RegionLocator;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.coprocessor.CoprocessorService;
import org.apache.hadoop.hbase.coprocessor.MasterCoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.ObserverContext;
import org.apache.hadoop.hbase.coprocessor.RegionCoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.RegionServerCoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos;
import org.apache.hadoop.hbase.exceptions.HBaseException;
import org.apache.hadoop.hbase.io.hfile.CacheConfig;
import org.apache.hadoop.hbase.io.hfile.HFile;
import org.apache.hadoop.hbase.io.hfile.HFileContextBuilder;
import org.apache.hadoop.hbase.ipc.protobuf.generated.TestProcedureProtos;
import org.apache.hadoop.hbase.mapreduce.LoadIncrementalHFiles;
import org.apache.hadoop.hbase.master.MasterCoprocessorHost;
import org.apache.hadoop.hbase.master.procedure.MasterProcedureEnv;
import org.apache.hadoop.hbase.master.procedure.TableProcedureInterface;
import org.apache.hadoop.hbase.procedure2.Procedure;
import org.apache.hadoop.hbase.procedure2.ProcedureExecutor;
import org.apache.hadoop.hbase.protobuf.ProtobufUtil;
import org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos;
import org.apache.hadoop.hbase.protobuf.generated.HBaseProtos;
import org.apache.hadoop.hbase.protobuf.generated.ProcedureProtos;
import org.apache.hadoop.hbase.protobuf.generated.QuotaProtos;
import org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos;
import org.apache.hadoop.hbase.regionserver.HRegion;
import org.apache.hadoop.hbase.regionserver.HRegionServer;
import org.apache.hadoop.hbase.regionserver.InternalScanner;
import org.apache.hadoop.hbase.regionserver.Region;
import org.apache.hadoop.hbase.regionserver.ScanType;
import org.apache.hadoop.hbase.regionserver.Store;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.security.access.Permission;
import org.apache.hadoop.hbase.security.access.SecureTestUtil;
import org.apache.hadoop.hbase.testclassification.LargeTests;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.hbase.util.JVMClusterUtil;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({LargeTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestAccessController.class */
public class TestAccessController extends SecureTestUtil {
    private static final Log LOG = LogFactory.getLog(TestAccessController.class);
    private static TableName TEST_TABLE;
    private static final HBaseTestingUtility TEST_UTIL;
    private static Configuration conf;
    private static Connection systemUserConnection;
    private static User SUPERUSER;
    private static User USER_ADMIN;
    private static User USER_RW;
    private static User USER_RO;
    private static User USER_OWNER;
    private static User USER_CREATE;
    private static User USER_NONE;
    private static User USER_ADMIN_CF;
    private static final String GROUP_ADMIN = "group_admin";
    private static final String GROUP_CREATE = "group_create";
    private static final String GROUP_READ = "group_read";
    private static final String GROUP_WRITE = "group_write";
    private static User USER_GROUP_ADMIN;
    private static User USER_GROUP_CREATE;
    private static User USER_GROUP_READ;
    private static User USER_GROUP_WRITE;
    private static TableName TEST_TABLE2;
    private static byte[] TEST_FAMILY;
    private static byte[] TEST_QUALIFIER;
    private static byte[] TEST_ROW;
    private static MasterCoprocessorEnvironment CP_ENV;
    private static AccessController ACCESS_CONTROLLER;
    private static RegionServerCoprocessorEnvironment RSCP_ENV;
    private static RegionCoprocessorEnvironment RCP_ENV;

    /* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestAccessController$BulkLoadHelper.class */
    public class BulkLoadHelper {
        private final Path loadPath;
        private final FileSystem fs = TestAccessController.TEST_UTIL.getTestFileSystem();
        private final Configuration conf = TestAccessController.TEST_UTIL.getConfiguration();

        public BulkLoadHelper(Path path) throws IOException {
            this.loadPath = path.makeQualified(this.fs);
        }

        private void createHFile(Path path, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, int i) throws IOException {
            HFile.Writer writer = null;
            long currentTimeMillis = System.currentTimeMillis();
            try {
                writer = HFile.getWriterFactory(this.conf, new CacheConfig(this.conf)).withPath(this.fs, path).withFileContext(new HFileContextBuilder().build()).create();
                for (byte[] bArr5 : Bytes.iterateOnSplits(bArr3, bArr4, true, i - 2)) {
                    writer.append(new KeyValue(bArr5, bArr, bArr2, currentTimeMillis, bArr5));
                }
                if (writer != null) {
                    writer.close();
                }
            } catch (Throwable th) {
                if (writer != null) {
                    writer.close();
                }
                throw th;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void bulkLoadHFile(TableName tableName, byte[] bArr, byte[] bArr2, byte[][][] bArr3, int i) throws Exception {
            Path path = new Path(this.loadPath, Bytes.toString(bArr));
            this.fs.mkdirs(path);
            int i2 = 0;
            for (byte[][] bArr4 : bArr3) {
                int i3 = i2;
                i2++;
                createHFile(new Path(path, "hfile_" + i3), bArr, bArr2, bArr4[0], bArr4[1], i);
            }
            setPermission(this.loadPath, FsPermission.valueOf("-rwxrwxrwx"));
            Connection createConnection = ConnectionFactory.createConnection(this.conf);
            Throwable th = null;
            try {
                HTable table = createConnection.getTable(tableName);
                Throwable th2 = null;
                try {
                    try {
                        TestAccessController.TEST_UTIL.waitUntilAllRegionsAssigned(tableName);
                        new LoadIncrementalHFiles(this.conf).doBulkLoad(this.loadPath, table);
                        if (table != null) {
                            if (0 != 0) {
                                try {
                                    table.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                table.close();
                            }
                        }
                        if (createConnection != null) {
                            if (0 == 0) {
                                createConnection.close();
                                return;
                            }
                            try {
                                createConnection.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        }
                    } catch (Throwable th5) {
                        th2 = th5;
                        throw th5;
                    }
                } catch (Throwable th6) {
                    if (table != null) {
                        if (th2 != null) {
                            try {
                                table.close();
                            } catch (Throwable th7) {
                                th2.addSuppressed(th7);
                            }
                        } else {
                            table.close();
                        }
                    }
                    throw th6;
                }
            } catch (Throwable th8) {
                if (createConnection != null) {
                    if (0 != 0) {
                        try {
                            createConnection.close();
                        } catch (Throwable th9) {
                            th.addSuppressed(th9);
                        }
                    } else {
                        createConnection.close();
                    }
                }
                throw th8;
            }
        }

        public void setPermission(Path path, FsPermission fsPermission) throws IOException {
            if (!this.fs.getFileStatus(path).isDirectory()) {
                this.fs.setPermission(path, fsPermission);
                return;
            }
            for (FileStatus fileStatus : this.fs.listStatus(path)) {
                this.fs.setPermission(fileStatus.getPath(), fsPermission);
                setPermission(fileStatus.getPath(), fsPermission);
            }
        }
    }

    /* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestAccessController$PingCoprocessor.class */
    public static class PingCoprocessor extends PingProtos.PingService implements Coprocessor, CoprocessorService {
        public void start(CoprocessorEnvironment coprocessorEnvironment) throws IOException {
        }

        public void stop(CoprocessorEnvironment coprocessorEnvironment) throws IOException {
        }

        public Service getService() {
            return this;
        }

        @Override // org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos.PingService
        public void ping(RpcController rpcController, PingProtos.PingRequest pingRequest, RpcCallback<PingProtos.PingResponse> rpcCallback) {
            rpcCallback.run(PingProtos.PingResponse.newBuilder().setPong("Pong!").m957build());
        }

        @Override // org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos.PingService
        public void count(RpcController rpcController, PingProtos.CountRequest countRequest, RpcCallback<PingProtos.CountResponse> rpcCallback) {
            rpcCallback.run(PingProtos.CountResponse.newBuilder().m709build());
        }

        @Override // org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos.PingService
        public void increment(RpcController rpcController, PingProtos.IncrementCountRequest incrementCountRequest, RpcCallback<PingProtos.IncrementCountResponse> rpcCallback) {
            rpcCallback.run(PingProtos.IncrementCountResponse.newBuilder().m833build());
        }

        @Override // org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos.PingService
        public void hello(RpcController rpcController, PingProtos.HelloRequest helloRequest, RpcCallback<PingProtos.HelloResponse> rpcCallback) {
            rpcCallback.run(PingProtos.HelloResponse.newBuilder().setResponse("Hello!").m771build());
        }

        @Override // org.apache.hadoop.hbase.coprocessor.protobuf.generated.PingProtos.PingService
        public void noop(RpcController rpcController, PingProtos.NoopRequest noopRequest, RpcCallback<PingProtos.NoopResponse> rpcCallback) {
            rpcCallback.run(PingProtos.NoopResponse.newBuilder().m895build());
        }
    }

    /* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestAccessController$TestTableDDLProcedure.class */
    public static class TestTableDDLProcedure extends Procedure<MasterProcedureEnv> implements TableProcedureInterface {
        private TableName tableName;

        public TestTableDDLProcedure() {
        }

        public TestTableDDLProcedure(MasterProcedureEnv masterProcedureEnv, TableName tableName) throws IOException {
            this.tableName = tableName;
            setTimeout(180000);
            setOwner(masterProcedureEnv.getRequestUser().getUGI().getShortUserName());
        }

        public TableName getTableName() {
            return this.tableName;
        }

        public TableProcedureInterface.TableOperationType getTableOperationType() {
            return null;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public boolean abort(MasterProcedureEnv masterProcedureEnv) {
            return true;
        }

        protected void serializeStateData(OutputStream outputStream) throws IOException {
            TestProcedureProtos.TestTableDDLStateData.newBuilder().setTableName(this.tableName.getNameAsString()).m1141build().writeDelimitedTo(outputStream);
        }

        protected void deserializeStateData(InputStream inputStream) throws IOException {
            this.tableName = TableName.valueOf(TestProcedureProtos.TestTableDDLStateData.parseDelimitedFrom(inputStream).getTableName());
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public Procedure[] execute(MasterProcedureEnv masterProcedureEnv) {
            setState(ProcedureProtos.ProcedureState.WAITING_TIMEOUT);
            return null;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public void rollback(MasterProcedureEnv masterProcedureEnv) {
        }
    }

    @BeforeClass
    public static void setupBeforeClass() throws Exception {
        conf = TEST_UTIL.getConfiguration();
        enableSecurity(conf);
        conf.set("hbase.coprocessor.region.classes", AccessController.class.getName());
        verifyConfiguration(conf);
        conf.setBoolean("hbase.security.exec.permission.checks", true);
        TEST_UTIL.startMiniCluster();
        MasterCoprocessorHost masterCoprocessorHost = TEST_UTIL.getMiniHBaseCluster().getMaster().getMasterCoprocessorHost();
        masterCoprocessorHost.load(AccessController.class, 0, conf);
        ACCESS_CONTROLLER = masterCoprocessorHost.findCoprocessor(AccessController.class.getName());
        CP_ENV = masterCoprocessorHost.createEnvironment(AccessController.class, ACCESS_CONTROLLER, 0, 1, conf);
        RSCP_ENV = TEST_UTIL.getMiniHBaseCluster().getRegionServer(0).getRegionServerCoprocessorHost().createEnvironment(AccessController.class, ACCESS_CONTROLLER, 0, 1, conf);
        TEST_UTIL.waitUntilAllRegionsAssigned(AccessControlLists.ACL_TABLE_NAME);
        SUPERUSER = User.createUserForTesting(conf, "admin", new String[]{"supergroup"});
        USER_ADMIN = User.createUserForTesting(conf, "admin2", new String[0]);
        USER_RW = User.createUserForTesting(conf, "rwuser", new String[0]);
        USER_RO = User.createUserForTesting(conf, "rouser", new String[0]);
        USER_OWNER = User.createUserForTesting(conf, "owner", new String[0]);
        USER_CREATE = User.createUserForTesting(conf, "tbl_create", new String[0]);
        USER_NONE = User.createUserForTesting(conf, "nouser", new String[0]);
        USER_ADMIN_CF = User.createUserForTesting(conf, "col_family_admin", new String[0]);
        USER_GROUP_ADMIN = User.createUserForTesting(conf, "user_group_admin", new String[]{GROUP_ADMIN});
        USER_GROUP_CREATE = User.createUserForTesting(conf, "user_group_create", new String[]{GROUP_CREATE});
        USER_GROUP_READ = User.createUserForTesting(conf, "user_group_read", new String[]{GROUP_READ});
        USER_GROUP_WRITE = User.createUserForTesting(conf, "user_group_write", new String[]{GROUP_WRITE});
        systemUserConnection = TEST_UTIL.getConnection();
        setUpTableAndUserPermissions();
    }

    @AfterClass
    public static void tearDownAfterClass() throws Exception {
        cleanUp();
        TEST_UTIL.shutdownMiniCluster();
    }

    /* JADX WARN: Type inference failed for: r2v3, types: [byte[], byte[][]] */
    private static void setUpTableAndUserPermissions() throws Exception {
        HTableDescriptor hTableDescriptor = new HTableDescriptor(TEST_TABLE);
        HColumnDescriptor hColumnDescriptor = new HColumnDescriptor(TEST_FAMILY);
        hColumnDescriptor.setMaxVersions(100);
        hTableDescriptor.addFamily(hColumnDescriptor);
        hTableDescriptor.setOwner(USER_OWNER);
        createTable(TEST_UTIL, hTableDescriptor, (byte[][]) new byte[]{Bytes.toBytes("s")});
        RCP_ENV = TEST_UTIL.getHBaseCluster().getRegions(TEST_TABLE).get(0).getCoprocessorHost().createEnvironment(AccessController.class, ACCESS_CONTROLLER, 0, 1, conf);
        grantGlobal(TEST_UTIL, USER_ADMIN.getShortName(), Permission.Action.ADMIN, Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_RW.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_CREATE.getShortName(), TEST_TABLE, null, null, Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);
        grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
        grantOnTable(TEST_UTIL, USER_ADMIN_CF.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.ADMIN, Permission.Action.CREATE);
        grantGlobal(TEST_UTIL, AuthUtil.toGroupEntry(GROUP_ADMIN), Permission.Action.ADMIN);
        grantGlobal(TEST_UTIL, AuthUtil.toGroupEntry(GROUP_CREATE), Permission.Action.CREATE);
        grantGlobal(TEST_UTIL, AuthUtil.toGroupEntry(GROUP_READ), Permission.Action.READ);
        grantGlobal(TEST_UTIL, AuthUtil.toGroupEntry(GROUP_WRITE), Permission.Action.WRITE);
        Assert.assertEquals(5L, AccessControlLists.getTablePermissions(conf, TEST_TABLE).size());
        try {
            Assert.assertEquals(5L, AccessControlClient.getUserPermissions(systemUserConnection, TEST_TABLE.toString()).size());
        } catch (Throwable th) {
            LOG.error("error during call of AccessControlClient.getUserPermissions. ", th);
        }
    }

    private static void cleanUp() throws Exception {
        try {
            deleteTable(TEST_UTIL, TEST_TABLE);
        } catch (TableNotFoundException e) {
            LOG.info("Test deleted table " + TEST_TABLE);
        }
        Assert.assertEquals(0L, AccessControlLists.getTablePermissions(conf, TEST_TABLE).size());
        Assert.assertEquals(0L, AccessControlLists.getNamespacePermissions(conf, TEST_TABLE.getNamespaceAsString()).size());
    }

    @Test
    public void testTableCreate() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                HTableDescriptor hTableDescriptor = new HTableDescriptor(TableName.valueOf("testnewtable"));
                hTableDescriptor.addFamily(new HColumnDescriptor(TestAccessController.TEST_FAMILY));
                TestAccessController.ACCESS_CONTROLLER.preCreateTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), hTableDescriptor, (HRegionInfo[]) null);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_CREATE);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_ADMIN, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testTableModify() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                HTableDescriptor hTableDescriptor = new HTableDescriptor(TestAccessController.TEST_TABLE);
                hTableDescriptor.addFamily(new HColumnDescriptor(TestAccessController.TEST_FAMILY));
                hTableDescriptor.addFamily(new HColumnDescriptor("fam_" + User.getCurrent().getShortName()));
                TestAccessController.ACCESS_CONTROLLER.preModifyTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE, hTableDescriptor);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testTableDelete() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.3
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDeleteTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testTableTruncate() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.4
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preTruncateTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testAddColumn() throws Exception {
        final HColumnDescriptor hColumnDescriptor = new HColumnDescriptor("fam_new");
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.5
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preAddColumn(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE, hColumnDescriptor);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testModifyColumn() throws Exception {
        final HColumnDescriptor hColumnDescriptor = new HColumnDescriptor(TEST_FAMILY);
        hColumnDescriptor.setMaxVersions(10);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.6
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preModifyColumn(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE, hColumnDescriptor);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_ADMIN_CF, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testDeleteColumn() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.7
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDeleteColumn(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_ADMIN_CF, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testTableDisable() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.8
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDisableTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.9
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDisableTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), AccessControlLists.ACL_TABLE_NAME);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
        verifyDenied(accessTestAction2, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_GROUP_CREATE, USER_GROUP_ADMIN, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testTableEnable() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.10
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preEnableTable(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testAbortProcedure() throws Exception {
        TableName valueOf = TableName.valueOf("testAbortProcedure");
        final ProcedureExecutor masterProcedureExecutor = TEST_UTIL.getHBaseCluster().getMaster().getMasterProcedureExecutor();
        TestTableDDLProcedure testTableDDLProcedure = new TestTableDDLProcedure((MasterProcedureEnv) masterProcedureExecutor.getEnvironment(), valueOf);
        testTableDDLProcedure.setOwner(USER_OWNER.getShortName());
        final long submitProcedure = masterProcedureExecutor.submitProcedure(testTableDDLProcedure);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.11
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preAbortProcedure(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), masterProcedureExecutor, submitProcedure);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyAllowed(accessTestAction, USER_OWNER);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testListProcedures() throws Exception {
        TableName valueOf = TableName.valueOf("testAbortProcedure");
        ProcedureExecutor masterProcedureExecutor = TEST_UTIL.getHBaseCluster().getMaster().getMasterProcedureExecutor();
        TestTableDDLProcedure testTableDDLProcedure = new TestTableDDLProcedure((MasterProcedureEnv) masterProcedureExecutor.getEnvironment(), valueOf);
        testTableDDLProcedure.setOwner(USER_OWNER.getShortName());
        masterProcedureExecutor.submitProcedure(testTableDDLProcedure);
        final List listProcedures = masterProcedureExecutor.listProcedures();
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.12
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                ArrayList arrayList = new ArrayList(listProcedures.size());
                Iterator it = listProcedures.iterator();
                while (it.hasNext()) {
                    arrayList.add(((ProcedureInfo) it.next()).clone());
                }
                TestAccessController.ACCESS_CONTROLLER.postListProcedures(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), arrayList);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyAllowed(accessTestAction, USER_OWNER);
        verifyIfNull(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test(timeout = 180000)
    public void testMove() throws Exception {
        RegionLocator regionLocator = systemUserConnection.getRegionLocator(TEST_TABLE);
        Throwable th = null;
        try {
            try {
                List allRegionLocations = regionLocator.getAllRegionLocations();
                if (regionLocator != null) {
                    if (0 != 0) {
                        try {
                            regionLocator.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        regionLocator.close();
                    }
                }
                HRegionLocation hRegionLocation = (HRegionLocation) allRegionLocations.get(0);
                final HRegionInfo regionInfo = hRegionLocation.getRegionInfo();
                final ServerName serverName = hRegionLocation.getServerName();
                SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.13
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        TestAccessController.ACCESS_CONTROLLER.preMove(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), regionInfo, serverName, serverName);
                        return null;
                    }
                };
                verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
                verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            } finally {
            }
        } catch (Throwable th3) {
            if (regionLocator != null) {
                if (th != null) {
                    try {
                        regionLocator.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    regionLocator.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAssign() throws Exception {
        RegionLocator regionLocator = systemUserConnection.getRegionLocator(TEST_TABLE);
        Throwable th = null;
        try {
            try {
                List allRegionLocations = regionLocator.getAllRegionLocations();
                if (regionLocator != null) {
                    if (0 != 0) {
                        try {
                            regionLocator.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        regionLocator.close();
                    }
                }
                final HRegionInfo regionInfo = ((HRegionLocation) allRegionLocations.get(0)).getRegionInfo();
                SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.14
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        TestAccessController.ACCESS_CONTROLLER.preAssign(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), regionInfo);
                        return null;
                    }
                };
                verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
                verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            } finally {
            }
        } catch (Throwable th3) {
            if (regionLocator != null) {
                if (th != null) {
                    try {
                        regionLocator.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    regionLocator.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testUnassign() throws Exception {
        RegionLocator regionLocator = systemUserConnection.getRegionLocator(TEST_TABLE);
        Throwable th = null;
        try {
            try {
                List allRegionLocations = regionLocator.getAllRegionLocations();
                if (regionLocator != null) {
                    if (0 != 0) {
                        try {
                            regionLocator.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        regionLocator.close();
                    }
                }
                final HRegionInfo regionInfo = ((HRegionLocation) allRegionLocations.get(0)).getRegionInfo();
                SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.15
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        TestAccessController.ACCESS_CONTROLLER.preUnassign(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), regionInfo, false);
                        return null;
                    }
                };
                verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
                verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            } finally {
            }
        } catch (Throwable th3) {
            if (regionLocator != null) {
                if (th != null) {
                    try {
                        regionLocator.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    regionLocator.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testRegionOffline() throws Exception {
        RegionLocator regionLocator = systemUserConnection.getRegionLocator(TEST_TABLE);
        Throwable th = null;
        try {
            try {
                List allRegionLocations = regionLocator.getAllRegionLocations();
                if (regionLocator != null) {
                    if (0 != 0) {
                        try {
                            regionLocator.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        regionLocator.close();
                    }
                }
                final HRegionInfo regionInfo = ((HRegionLocation) allRegionLocations.get(0)).getRegionInfo();
                SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.16
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        TestAccessController.ACCESS_CONTROLLER.preRegionOffline(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), regionInfo);
                        return null;
                    }
                };
                verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
                verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            } finally {
            }
        } catch (Throwable th3) {
            if (regionLocator != null) {
                if (th != null) {
                    try {
                        regionLocator.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    regionLocator.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testBalance() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.17
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preBalance(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testBalanceSwitch() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.18
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preBalanceSwitch(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), true);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testShutdown() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.19
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preShutdown(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testStopMaster() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.20
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preStopMaster(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    private void verifyWrite(SecureTestUtil.AccessTestAction accessTestAction) throws Exception {
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_GROUP_WRITE);
        verifyDenied(accessTestAction, USER_NONE, USER_RO, USER_GROUP_ADMIN, USER_GROUP_READ, USER_GROUP_CREATE);
    }

    @Test
    public void testSplit() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.21
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSplit(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testSplitWithSplitRow() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.22
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSplit(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null), TestAccessController.TEST_ROW);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testMergeRegions() throws Exception {
        TableName valueOf = TableName.valueOf("testMergeRegions");
        createTestTable(valueOf);
        try {
            final List<HRegion> findRegionsForTable = TEST_UTIL.getHBaseCluster().findRegionsForTable(valueOf);
            Assert.assertTrue("not enough regions: " + findRegionsForTable.size(), findRegionsForTable.size() >= 2);
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.23
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    TestAccessController.ACCESS_CONTROLLER.preMerge(ObserverContext.createAndPrepare(TestAccessController.RSCP_ENV, (ObserverContext) null), (Region) findRegionsForTable.get(0), (Region) findRegionsForTable.get(1));
                    return null;
                }
            };
            verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
            verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            TEST_UTIL.deleteTable(valueOf);
        } catch (Throwable th) {
            TEST_UTIL.deleteTable(valueOf);
            throw th;
        }
    }

    @Test
    public void testFlush() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.24
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preFlush(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testCompact() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.25
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preCompact(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null), (Store) null, (InternalScanner) null, ScanType.COMPACT_RETAIN_DELETES);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_GROUP_CREATE, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    private void verifyRead(SecureTestUtil.AccessTestAction accessTestAction) throws Exception {
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_RO, USER_GROUP_READ);
        verifyDenied(accessTestAction, USER_NONE, USER_GROUP_CREATE, USER_GROUP_ADMIN, USER_GROUP_WRITE);
    }

    private void verifyReadWrite(SecureTestUtil.AccessTestAction accessTestAction) throws Exception {
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
        verifyDenied(accessTestAction, USER_NONE, USER_RO, USER_GROUP_ADMIN, USER_GROUP_CREATE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testRead() throws Exception {
        verifyRead(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.26
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Get get = new Get(TestAccessController.TEST_ROW);
                get.addFamily(TestAccessController.TEST_FAMILY);
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.get(get);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
        verifyRead(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.27
            /* JADX WARN: Finally extract failed */
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Scan scan = new Scan();
                scan.addFamily(TestAccessController.TEST_FAMILY);
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        ResultScanner scanner = table.getScanner(scan);
                        try {
                            for (Result next = scanner.next(); next != null; next = scanner.next()) {
                            }
                            scanner.close();
                        } catch (IOException e) {
                            scanner.close();
                        } catch (Throwable th3) {
                            scanner.close();
                            throw th3;
                        }
                        if (table != null) {
                            if (0 != 0) {
                                try {
                                    table.close();
                                } catch (Throwable th4) {
                                    th2.addSuppressed(th4);
                                }
                            } else {
                                table.close();
                            }
                        }
                        if (createConnection == null) {
                            return null;
                        }
                        if (0 == 0) {
                            createConnection.close();
                            return null;
                        }
                        try {
                            createConnection.close();
                            return null;
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                            return null;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (0 != 0) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
    }

    @Test
    public void testWrite() throws Exception {
        verifyWrite(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.28
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Put put = new Put(TestAccessController.TEST_ROW);
                put.add(TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, Bytes.toBytes(1));
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.put(put);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
        verifyWrite(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.29
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Delete delete = new Delete(TestAccessController.TEST_ROW);
                delete.deleteFamily(TestAccessController.TEST_FAMILY);
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.delete(delete);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
        verifyWrite(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.30
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Increment increment = new Increment(TestAccessController.TEST_ROW);
                increment.addColumn(TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, 1L);
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.increment(increment);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
    }

    @Test
    public void testReadWrite() throws Exception {
        verifyReadWrite(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.31
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Delete delete = new Delete(TestAccessController.TEST_ROW);
                delete.deleteFamily(TestAccessController.TEST_FAMILY);
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.checkAndDelete(TestAccessController.TEST_ROW, TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, Bytes.toBytes("test_value"), delete);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
        verifyReadWrite(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.32
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Put put = new Put(TestAccessController.TEST_ROW);
                put.add(TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, Bytes.toBytes(1));
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.checkAndPut(TestAccessController.TEST_ROW, TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, Bytes.toBytes("test_value"), put);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        });
    }

    @Test
    public void testBulkLoad() throws Exception {
        try {
            FileSystem testFileSystem = TEST_UTIL.getTestFileSystem();
            final Path dataTestDirOnTestFS = TEST_UTIL.getDataTestDirOnTestFS("testBulkLoad");
            testFileSystem.mkdirs(dataTestDirOnTestFS);
            testFileSystem.setPermission(dataTestDirOnTestFS, FsPermission.valueOf("-rwxrwxrwx"));
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.33
                /* JADX WARN: Multi-variable type inference failed */
                /* JADX WARN: Type inference failed for: r0v2, types: [byte[][], byte[][][]] */
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    new BulkLoadHelper(new Path(dataTestDirOnTestFS, new Path(User.getCurrent().getName()))).bulkLoadHFile(TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, TestAccessController.TEST_QUALIFIER, new byte[][]{new byte[]{new byte[]{0}, new byte[]{9}}}, 3);
                    return null;
                }
            };
            verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_GROUP_CREATE);
            verifyDenied(accessTestAction, USER_RW, USER_NONE, USER_RO, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_ADMIN);
            TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE);
            TEST_UTIL.getHBaseAdmin().enableTable(TEST_TABLE);
        } catch (Throwable th) {
            TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE);
            TEST_UTIL.getHBaseAdmin().enableTable(TEST_TABLE);
            throw th;
        }
    }

    @Test
    public void testAppend() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.34
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                byte[] bArr = TestAccessController.TEST_ROW;
                byte[] bArr2 = TestAccessController.TEST_QUALIFIER;
                Put put = new Put(bArr);
                put.add(TestAccessController.TEST_FAMILY, bArr2, Bytes.toBytes(1));
                Append append = new Append(bArr);
                append.add(TestAccessController.TEST_FAMILY, bArr2, Bytes.toBytes(2));
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            table.put(put);
                            table.append(append);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_GROUP_WRITE);
        verifyDenied(accessTestAction, USER_RO, USER_NONE, USER_GROUP_CREATE, USER_GROUP_READ, USER_GROUP_ADMIN);
    }

    @Test
    public void testGrantRevoke() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.35
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                    Throwable th2 = null;
                    try {
                        try {
                            ProtobufUtil.grant((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(TestAccessController.TEST_TABLE.getName())), TestAccessController.USER_RO.getShortName(), TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, (byte[]) null, new Permission.Action[]{Permission.Action.READ});
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.36
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                    Throwable th2 = null;
                    try {
                        try {
                            ProtobufUtil.revoke((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(TestAccessController.TEST_TABLE.getName())), TestAccessController.USER_RO.getShortName(), TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, (byte[]) null, new Permission.Action[]{Permission.Action.READ});
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.37
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                    Throwable th2 = null;
                    try {
                        try {
                            ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(TestAccessController.TEST_TABLE.getName())), TestAccessController.TEST_TABLE);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.38
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                    Throwable th2 = null;
                    try {
                        try {
                            ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(HConstants.EMPTY_START_ROW)));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            th2 = th5;
                            throw th5;
                        }
                    } catch (Throwable th6) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th7) {
                                    th2.addSuppressed(th7);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th6;
                    }
                } catch (Throwable th8) {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                    throw th8;
                }
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        try {
            verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
            verifyDenied(accessTestAction2, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            verifyAllowed(accessTestAction3, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
            verifyDenied(accessTestAction3, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            verifyAllowed(accessTestAction4, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
            verifyDenied(accessTestAction4, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
            grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
        } catch (Throwable th) {
            grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
            throw th;
        }
    }

    @Test
    public void testPostGrantRevoke() throws Exception {
        final TableName valueOf = TableName.valueOf("TempTable");
        final byte[] bytes = Bytes.toBytes("f1");
        final byte[] bytes2 = Bytes.toBytes("f2");
        final byte[] bytes3 = Bytes.toBytes("q");
        if (TEST_UTIL.getHBaseAdmin().tableExists(valueOf)) {
            deleteTable(TEST_UTIL, valueOf);
        }
        HTableDescriptor hTableDescriptor = new HTableDescriptor(valueOf);
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes2));
        createTable(TEST_UTIL, hTableDescriptor);
        try {
            User createUserForTesting = User.createUserForTesting(TEST_UTIL.getConfiguration(), "tbluser", new String[0]);
            User createUserForTesting2 = User.createUserForTesting(TEST_UTIL.getConfiguration(), "gbluser", new String[0]);
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.39
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Put put = new Put(Bytes.toBytes("a"));
                    put.add(bytes, bytes3, Bytes.toBytes("v1"));
                    put.add(bytes2, bytes3, Bytes.toBytes("v2"));
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.put(put);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.40
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Put put = new Put(Bytes.toBytes("a"));
                    put.add(bytes, bytes3, Bytes.toBytes("v1"));
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            table.put(put);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th7;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.41
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Put put = new Put(Bytes.toBytes("a"));
                    put.add(bytes2, bytes3, Bytes.toBytes("v2"));
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            table.put(put);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th7;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.42
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Get get = new Get(TestAccessController.TEST_ROW);
                    get.addFamily(bytes);
                    get.addFamily(bytes2);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            table.get(get);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th7;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction5 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.43
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Get get = new Get(TestAccessController.TEST_ROW);
                    get.addFamily(bytes);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.get(get);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction6 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.44
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Get get = new Get(TestAccessController.TEST_ROW);
                    get.addFamily(bytes2);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.get(get);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction7 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.45
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Delete delete = new Delete(TestAccessController.TEST_ROW);
                    delete.deleteFamily(bytes);
                    delete.deleteFamily(bytes2);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            table.delete(delete);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th7;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction8 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.46
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Delete delete = new Delete(TestAccessController.TEST_ROW);
                    delete.deleteFamily(bytes);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.delete(delete);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction9 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.47
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Delete delete = new Delete(TestAccessController.TEST_ROW);
                    delete.deleteFamily(bytes2);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.delete(delete);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            verifyDenied(createUserForTesting, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyDenied(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            grantGlobal(TEST_UTIL, createUserForTesting2.getShortName(), Permission.Action.READ);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, Permission.Action.READ);
            verifyAllowed(createUserForTesting, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyAllowed(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            grantGlobal(TEST_UTIL, createUserForTesting2.getShortName(), Permission.Action.WRITE);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, Permission.Action.WRITE);
            verifyDenied(createUserForTesting, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyAllowed(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyAllowed(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyDenied(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyAllowed(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyAllowed(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            revokeGlobal(TEST_UTIL, createUserForTesting2.getShortName(), new Permission.Action[0]);
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, new Permission.Action[0]);
            verifyDenied(createUserForTesting, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyDenied(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            grantGlobal(TEST_UTIL, createUserForTesting2.getShortName(), Permission.Action.READ);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, null, Permission.Action.READ);
            verifyAllowed(createUserForTesting, accessTestAction4, accessTestAction5);
            verifyDenied(createUserForTesting, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyAllowed(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            grantGlobal(TEST_UTIL, createUserForTesting2.getShortName(), Permission.Action.WRITE);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes2, null, Permission.Action.WRITE);
            verifyAllowed(createUserForTesting, accessTestAction4, accessTestAction5);
            verifyAllowed(createUserForTesting, accessTestAction3, accessTestAction9);
            verifyDenied(createUserForTesting, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8);
            verifyDenied(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyAllowed(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyAllowed(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            revokeGlobal(TEST_UTIL, createUserForTesting2.getShortName(), new Permission.Action[0]);
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes2, null, new Permission.Action[0]);
            verifyAllowed(createUserForTesting, accessTestAction4, accessTestAction5);
            verifyDenied(createUserForTesting, accessTestAction6);
            verifyDenied(createUserForTesting, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting, accessTestAction7, accessTestAction8, accessTestAction9);
            verifyDenied(createUserForTesting2, accessTestAction4, accessTestAction5, accessTestAction6);
            verifyDenied(createUserForTesting2, accessTestAction, accessTestAction2, accessTestAction3);
            verifyDenied(createUserForTesting2, accessTestAction7, accessTestAction8, accessTestAction9);
            deleteTable(TEST_UTIL, valueOf);
        } catch (Throwable th) {
            deleteTable(TEST_UTIL, valueOf);
            throw th;
        }
    }

    private boolean hasFoundUserPermission(UserPermission userPermission, List<UserPermission> list) {
        return list.contains(userPermission);
    }

    @Test
    public void testPostGrantRevokeAtQualifierLevel() throws Exception {
        final TableName valueOf = TableName.valueOf("testGrantRevokeAtQualifierLevel");
        final byte[] bytes = Bytes.toBytes("f1");
        byte[] bytes2 = Bytes.toBytes("f2");
        final byte[] bytes3 = Bytes.toBytes("q");
        if (TEST_UTIL.getHBaseAdmin().tableExists(valueOf)) {
            deleteTable(TEST_UTIL, valueOf);
        }
        HTableDescriptor hTableDescriptor = new HTableDescriptor(valueOf);
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes2));
        createTable(TEST_UTIL, hTableDescriptor);
        try {
            User createUserForTesting = User.createUserForTesting(TEST_UTIL.getConfiguration(), "user", new String[0]);
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.48
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Get get = new Get(TestAccessController.TEST_ROW);
                    get.addColumn(bytes, bytes3);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.get(get);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.49
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Put put = new Put(TestAccessController.TEST_ROW);
                    put.add(bytes, bytes3, Bytes.toBytes("v1"));
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            table.put(put);
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            if (createConnection == null) {
                                return null;
                            }
                            if (0 == 0) {
                                createConnection.close();
                                return null;
                            }
                            try {
                                createConnection.close();
                                return null;
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                                return null;
                            }
                        } catch (Throwable th5) {
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th7;
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.50
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Delete delete = new Delete(TestAccessController.TEST_ROW);
                    delete.deleteColumn(bytes, bytes3);
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(valueOf);
                        Throwable th2 = null;
                        try {
                            try {
                                table.delete(delete);
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, null, new Permission.Action[0]);
            verifyDenied(createUserForTesting, accessTestAction);
            verifyDenied(createUserForTesting, accessTestAction2);
            verifyDenied(createUserForTesting, accessTestAction3);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.READ);
            verifyAllowed(createUserForTesting, accessTestAction);
            verifyDenied(createUserForTesting, accessTestAction2);
            verifyDenied(createUserForTesting, accessTestAction3);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.WRITE);
            verifyDenied(createUserForTesting, accessTestAction);
            verifyAllowed(createUserForTesting, accessTestAction2);
            verifyAllowed(createUserForTesting, accessTestAction3);
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.READ, Permission.Action.WRITE);
            verifyAllowed(createUserForTesting, accessTestAction);
            verifyAllowed(createUserForTesting, accessTestAction2);
            verifyAllowed(createUserForTesting, accessTestAction3);
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, new Permission.Action[0]);
            verifyDenied(createUserForTesting, accessTestAction);
            verifyDenied(createUserForTesting, accessTestAction2);
            verifyDenied(createUserForTesting, accessTestAction3);
            deleteTable(TEST_UTIL, valueOf);
        } catch (Throwable th) {
            deleteTable(TEST_UTIL, valueOf);
            throw th;
        }
    }

    @Test
    public void testPermissionList() throws Exception {
        TableName valueOf = TableName.valueOf("testPermissionList");
        byte[] bytes = Bytes.toBytes("f1");
        byte[] bytes2 = Bytes.toBytes("f2");
        byte[] bytes3 = Bytes.toBytes("q");
        HBaseAdmin hBaseAdmin = TEST_UTIL.getHBaseAdmin();
        if (hBaseAdmin.tableExists(valueOf)) {
            deleteTable(TEST_UTIL, valueOf);
        }
        HTableDescriptor hTableDescriptor = new HTableDescriptor(valueOf);
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes2));
        hTableDescriptor.setOwner(USER_OWNER);
        createTable(TEST_UTIL, hTableDescriptor);
        try {
            Table table = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
            try {
                List<UserPermission> userPermissions = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(valueOf.getName())), valueOf);
                table.close();
                Assert.assertTrue("Owner should have all permissions on table", hasFoundUserPermission(new UserPermission(Bytes.toBytes(USER_OWNER.getName()), valueOf, (byte[]) null, Permission.Action.values()), userPermissions));
                User createUserForTesting = User.createUserForTesting(TEST_UTIL.getConfiguration(), "user", new String[0]);
                byte[] bytes4 = Bytes.toBytes(createUserForTesting.getShortName());
                UserPermission userPermission = new UserPermission(bytes4, valueOf, bytes, bytes3, new Permission.Action[]{Permission.Action.READ});
                Assert.assertFalse("User should not be granted permission: " + userPermission.toString(), hasFoundUserPermission(userPermission, userPermissions));
                grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.READ);
                table = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                try {
                    List<UserPermission> userPermissions2 = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(valueOf.getName())), valueOf);
                    table.close();
                    UserPermission userPermission2 = new UserPermission(bytes4, valueOf, bytes, bytes3, new Permission.Action[]{Permission.Action.READ});
                    Assert.assertTrue("User should be granted permission: " + userPermission2.toString(), hasFoundUserPermission(userPermission2, userPermissions2));
                    UserPermission userPermission3 = new UserPermission(bytes4, valueOf, bytes, bytes3, new Permission.Action[]{Permission.Action.WRITE});
                    Assert.assertFalse("User should not be granted permission: " + userPermission3.toString(), hasFoundUserPermission(userPermission3, userPermissions2));
                    grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.WRITE, Permission.Action.READ);
                    Table table2 = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                    try {
                        List<UserPermission> userPermissions3 = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table2.coprocessorService(valueOf.getName())), valueOf);
                        table2.close();
                        UserPermission userPermission4 = new UserPermission(bytes4, valueOf, bytes, bytes3, new Permission.Action[]{Permission.Action.WRITE, Permission.Action.READ});
                        Assert.assertTrue("User should be granted permission: " + userPermission4.toString(), hasFoundUserPermission(userPermission4, userPermissions3));
                        revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, bytes, bytes3, Permission.Action.WRITE, Permission.Action.READ);
                        table = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                        try {
                            List<UserPermission> userPermissions4 = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(valueOf.getName())), valueOf);
                            table.close();
                            Assert.assertFalse("User should not be granted permission: " + userPermission4.toString(), hasFoundUserPermission(userPermission4, userPermissions4));
                            hBaseAdmin.disableTable(valueOf);
                            User createUserForTesting2 = User.createUserForTesting(conf, "new_owner", new String[0]);
                            hTableDescriptor.setOwner(createUserForTesting2);
                            hBaseAdmin.modifyTable(valueOf, hTableDescriptor);
                            Table table3 = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
                            try {
                                List<UserPermission> userPermissions5 = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table3.coprocessorService(valueOf.getName())), valueOf);
                                table3.close();
                                Assert.assertTrue("New owner should have all permissions on table", hasFoundUserPermission(new UserPermission(Bytes.toBytes(createUserForTesting2.getName()), valueOf, (byte[]) null, Permission.Action.values()), userPermissions5));
                                deleteTable(TEST_UTIL, valueOf);
                            } finally {
                                table3.close();
                            }
                        } finally {
                            table.close();
                        }
                    } finally {
                        table2.close();
                    }
                } finally {
                }
            } finally {
            }
        } catch (Throwable th) {
            deleteTable(TEST_UTIL, valueOf);
            throw th;
        }
    }

    @Test
    public void testGlobalPermissionList() throws Exception {
        Table table = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
        try {
            List<UserPermission> userPermissions = ProtobufUtil.getUserPermissions((RpcController) null, AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(HConstants.EMPTY_START_ROW)));
            table.close();
            Assert.assertTrue("Only global users and user admin has permission on table _acl_ per setup", userPermissions.size() == 5 && hasFoundUserPermission(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()), AccessControlLists.ACL_TABLE_NAME, (byte[]) null, (byte[]) null, Bytes.toBytes("ACRW")), userPermissions));
        } catch (Throwable th) {
            table.close();
            throw th;
        }
    }

    private void verifyGlobal(SecureTestUtil.AccessTestAction accessTestAction) throws Exception {
        verifyAllowed(accessTestAction, SUPERUSER);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_NONE, USER_RO);
    }

    /* JADX WARN: Finally extract failed */
    @Test
    public void testCheckPermissions() throws Exception {
        verifyGlobal(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.51
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkGlobalPerms(TestAccessController.TEST_UTIL, Permission.Action.ADMIN);
                return null;
            }
        });
        verifyGlobal(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.52
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                SecureTestUtil.checkGlobalPerms(TestAccessController.TEST_UTIL, Permission.Action.READ, Permission.Action.WRITE);
                return null;
            }
        });
        final byte[] bytes = Bytes.toBytes("q1");
        final byte[] bytes2 = Bytes.toBytes("q2");
        User createUserForTesting = User.createUserForTesting(conf, "user_check_perms_table", new String[0]);
        User createUserForTesting2 = User.createUserForTesting(conf, "user_check_perms_family", new String[0]);
        User createUserForTesting3 = User.createUserForTesting(conf, "user_check_perms_q", new String[0]);
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.READ);
        grantOnTable(TEST_UTIL, createUserForTesting2.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
        grantOnTable(TEST_UTIL, createUserForTesting3.getShortName(), TEST_TABLE, TEST_FAMILY, bytes, Permission.Action.READ);
        try {
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.53
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, (byte[]) null, (byte[]) null, Permission.Action.READ);
                    return null;
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.54
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, (byte[]) null, Permission.Action.READ);
                    return null;
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.55
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, bytes, Permission.Action.READ);
                    return null;
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.56
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, new TablePermission(TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, bytes, new Permission.Action[]{Permission.Action.READ}), new TablePermission(TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, bytes2, new Permission.Action[]{Permission.Action.READ}));
                    return null;
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction5 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.57
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, new Permission(new Permission.Action[]{Permission.Action.READ}), new TablePermission(TestAccessController.TEST_TABLE, (byte[]) null, (byte[]) null, new Permission.Action[]{Permission.Action.READ}));
                    return null;
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction6 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.58
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, new Permission[0]);
                    return null;
                }
            };
            verifyAllowed(accessTestAction, SUPERUSER, createUserForTesting);
            verifyDenied(accessTestAction, createUserForTesting2, createUserForTesting3);
            verifyAllowed(accessTestAction2, SUPERUSER, createUserForTesting, createUserForTesting2);
            verifyDenied(accessTestAction2, createUserForTesting3);
            verifyAllowed(accessTestAction3, SUPERUSER, createUserForTesting, createUserForTesting2, createUserForTesting3);
            verifyAllowed(accessTestAction4, SUPERUSER, createUserForTesting, createUserForTesting2);
            verifyDenied(accessTestAction4, createUserForTesting3);
            verifyAllowed(accessTestAction5, SUPERUSER);
            verifyDenied(accessTestAction5, createUserForTesting, createUserForTesting2, createUserForTesting3);
            verifyAllowed(accessTestAction6, SUPERUSER, createUserForTesting, createUserForTesting2, createUserForTesting3);
            SecureTestUtil.AccessTestAction accessTestAction7 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.59
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    SecureTestUtil.checkTablePerms(TestAccessController.TEST_UTIL, TestAccessController.TEST_TABLE, TestAccessController.TEST_FAMILY, (byte[]) null, Permission.Action.READ, Permission.Action.WRITE);
                    return null;
                }
            };
            verifyAllowed(accessTestAction7, SUPERUSER, USER_OWNER, USER_CREATE, USER_RW);
            verifyDenied(accessTestAction7, USER_NONE, USER_RO);
            AccessControlProtos.CheckPermissionsRequest build = AccessControlProtos.CheckPermissionsRequest.newBuilder().addPermission(AccessControlProtos.Permission.newBuilder().setType(AccessControlProtos.Permission.Type.Table).setTablePermission(AccessControlProtos.TablePermission.newBuilder().setTableName(ProtobufUtil.toProtoTableName(TEST_TABLE)).addAction(AccessControlProtos.Permission.Action.CREATE))).build();
            Table table = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
            try {
                try {
                    AccessControlProtos.AccessControlService.newBlockingStub(table.coprocessorService(new byte[0])).checkPermissions((RpcController) null, build);
                    Assert.fail("this should have thrown CoprocessorException");
                } catch (ServiceException e) {
                }
                table.close();
                revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.READ);
                revokeFromTable(TEST_UTIL, createUserForTesting2.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
                revokeFromTable(TEST_UTIL, createUserForTesting3.getShortName(), TEST_TABLE, TEST_FAMILY, bytes, Permission.Action.READ);
            } catch (Throwable th) {
                table.close();
                throw th;
            }
        } catch (Throwable th2) {
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.READ);
            revokeFromTable(TEST_UTIL, createUserForTesting2.getShortName(), TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);
            revokeFromTable(TEST_UTIL, createUserForTesting3.getShortName(), TEST_TABLE, TEST_FAMILY, bytes, Permission.Action.READ);
            throw th2;
        }
    }

    @Test
    public void testStopRegionServer() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.60
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preStopRegionServer(ObserverContext.createAndPrepare(TestAccessController.RSCP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testRollWALWriterRequest() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.61
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preRollWALWriterRequest(ObserverContext.createAndPrepare(TestAccessController.RSCP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testOpenRegion() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.62
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preOpen(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null));
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testCloseRegion() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.63
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preClose(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null), false);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE, USER_GROUP_READ, USER_GROUP_WRITE);
    }

    @Test
    public void testSnapshot() throws Exception {
        final HTableDescriptor tableDescriptor = TEST_UTIL.getHBaseAdmin().getTableDescriptor(TEST_TABLE);
        HBaseProtos.SnapshotDescription.Builder newBuilder = HBaseProtos.SnapshotDescription.newBuilder();
        newBuilder.setName(TEST_TABLE.getNameAsString() + "-snapshot");
        newBuilder.setTable(TEST_TABLE.getNameAsString());
        final HBaseProtos.SnapshotDescription build = newBuilder.build();
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.64
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build, tableDescriptor);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.65
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.66
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build, tableDescriptor);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.67
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preCloneSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (HBaseProtos.SnapshotDescription) null, (HTableDescriptor) null);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        verifyAllowed(accessTestAction4, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction2, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        verifyAllowed(accessTestAction3, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction3, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction4, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testSnapshotWithOwner() throws Exception {
        final HTableDescriptor tableDescriptor = TEST_UTIL.getHBaseAdmin().getTableDescriptor(TEST_TABLE);
        HBaseProtos.SnapshotDescription.Builder newBuilder = HBaseProtos.SnapshotDescription.newBuilder();
        newBuilder.setName(TEST_TABLE.getNameAsString() + "-snapshot");
        newBuilder.setTable(TEST_TABLE.getNameAsString());
        newBuilder.setOwner(USER_OWNER.getName());
        final HBaseProtos.SnapshotDescription build = newBuilder.build();
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.68
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build, tableDescriptor);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.69
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build);
                return null;
            }
        };
        verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction2, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.70
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), build, tableDescriptor);
                return null;
            }
        };
        verifyAllowed(accessTestAction3, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction3, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
        SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.71
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preCloneSnapshot(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (HBaseProtos.SnapshotDescription) null, (HTableDescriptor) null);
                return null;
            }
        };
        verifyAllowed(accessTestAction4, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
        verifyDenied(accessTestAction4, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
    }

    @Test
    public void testGlobalAuthorizationForNewRegisteredRS() throws Exception {
        final HRegionInfo regionInfo;
        final HTable table;
        Throwable th;
        LOG.debug("Test for global authorization for a new registered RegionServer.");
        MiniHBaseCluster hBaseCluster = TEST_UTIL.getHBaseCluster();
        final HBaseAdmin hBaseAdmin = TEST_UTIL.getHBaseAdmin();
        HTableDescriptor hTableDescriptor = new HTableDescriptor(TEST_TABLE2);
        hTableDescriptor.addFamily(new HColumnDescriptor(TEST_FAMILY));
        createTable(TEST_UTIL, hTableDescriptor);
        final HRegionServer regionServer = hBaseCluster.startRegionServer().getRegionServer();
        RegionLocator regionLocator = systemUserConnection.getRegionLocator(TEST_TABLE2);
        Throwable th2 = null;
        try {
            try {
                List allRegionLocations = regionLocator.getAllRegionLocations();
                if (regionLocator != null) {
                    if (0 != 0) {
                        try {
                            regionLocator.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    } else {
                        regionLocator.close();
                    }
                }
                HRegionLocation hRegionLocation = (HRegionLocation) allRegionLocations.get(0);
                regionInfo = hRegionLocation.getRegionInfo();
                hRegionLocation.getServerName();
                table = systemUserConnection.getTable(TEST_TABLE2);
                th = null;
            } catch (Throwable th4) {
                th2 = th4;
                throw th4;
            }
            try {
                try {
                    SUPERUSER.runAs(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.72
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            hBaseAdmin.move(regionInfo.getEncodedNameAsBytes(), Bytes.toBytes(regionServer.getServerName().getServerName()));
                            return null;
                        }
                    });
                    int i = 0;
                    while (regionServer.getOnlineRegions(TEST_TABLE2).size() < 1 && i < 10) {
                        LOG.debug("Waiting for region to be opened. Already retried " + i + " times.");
                        try {
                            Thread.sleep(1000L);
                        } catch (InterruptedException e) {
                        }
                        i++;
                        if (i == 9) {
                            Assert.fail("Retry exhaust for waiting region to be opened.");
                        }
                    }
                    USER_ADMIN.runAs(new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.73
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            Put put = new Put(Bytes.toBytes("test"));
                            put.add(TestAccessController.TEST_FAMILY, Bytes.toBytes("qual"), Bytes.toBytes("value"));
                            table.put(put);
                            return null;
                        }
                    });
                    if (table != null) {
                        if (0 == 0) {
                            table.close();
                            return;
                        }
                        try {
                            table.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    }
                } catch (Throwable th6) {
                    th = th6;
                    throw th6;
                }
            } catch (Throwable th7) {
                if (table != null) {
                    if (th != null) {
                        try {
                            table.close();
                        } catch (Throwable th8) {
                            th.addSuppressed(th8);
                        }
                    } else {
                        table.close();
                    }
                }
                throw th7;
            }
        } catch (Throwable th9) {
            if (regionLocator != null) {
                if (th2 != null) {
                    try {
                        regionLocator.close();
                    } catch (Throwable th10) {
                        th2.addSuppressed(th10);
                    }
                } else {
                    regionLocator.close();
                }
            }
            throw th9;
        }
    }

    @Test
    public void testTableDescriptorsEnumeration() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "UserA", new String[0]);
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.ADMIN);
        try {
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.74
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.TEST_UTIL.getConfiguration());
                    Throwable th = null;
                    try {
                        Admin admin = createConnection.getAdmin();
                        Throwable th2 = null;
                        try {
                            try {
                                List asList = Arrays.asList(admin.listTables());
                                if (admin != null) {
                                    if (0 != 0) {
                                        try {
                                            admin.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        admin.close();
                                    }
                                }
                                return asList;
                            } finally {
                            }
                        } catch (Throwable th4) {
                            if (admin != null) {
                                if (th2 != null) {
                                    try {
                                        admin.close();
                                    } catch (Throwable th5) {
                                        th2.addSuppressed(th5);
                                    }
                                } else {
                                    admin.close();
                                }
                            }
                            throw th4;
                        }
                    } finally {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th6) {
                                    th.addSuppressed(th6);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                    }
                }
            };
            SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.75
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.TEST_UTIL.getConfiguration());
                    Throwable th = null;
                    try {
                        Admin admin = createConnection.getAdmin();
                        Throwable th2 = null;
                        try {
                            try {
                                HTableDescriptor tableDescriptor = admin.getTableDescriptor(TestAccessController.TEST_TABLE);
                                if (admin != null) {
                                    if (0 != 0) {
                                        try {
                                            admin.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        admin.close();
                                    }
                                }
                                return tableDescriptor;
                            } finally {
                            }
                        } catch (Throwable th4) {
                            if (admin != null) {
                                if (th2 != null) {
                                    try {
                                        admin.close();
                                    } catch (Throwable th5) {
                                        th2.addSuppressed(th5);
                                    }
                                } else {
                                    admin.close();
                                }
                            }
                            throw th4;
                        }
                    } finally {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th6) {
                                    th.addSuppressed(th6);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                    }
                }
            };
            verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, createUserForTesting, USER_GROUP_CREATE, USER_GROUP_ADMIN);
            verifyIfEmptyList(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
            verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, createUserForTesting, USER_GROUP_CREATE, USER_GROUP_ADMIN);
            verifyDenied(accessTestAction2, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.ADMIN);
        } catch (Throwable th) {
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.ADMIN);
            throw th;
        }
    }

    @Test
    public void testTableNameEnumeration() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.76
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.TEST_UTIL.getConfiguration());
                Admin admin = createConnection.getAdmin();
                try {
                    List asList = Arrays.asList(admin.listTableNames());
                    admin.close();
                    createConnection.close();
                    return asList;
                } catch (Throwable th) {
                    admin.close();
                    createConnection.close();
                    throw th;
                }
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_GROUP_CREATE, USER_GROUP_ADMIN, USER_GROUP_READ, USER_GROUP_WRITE);
        verifyIfEmptyList(accessTestAction, USER_NONE);
    }

    @Test
    public void testTableDeletion() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "TestUser", new String[0]);
        final TableName valueOf = TableName.valueOf("testTableDeletion");
        createTestTable(valueOf);
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, Permission.Action.ADMIN);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.77
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.TEST_UTIL.getConfiguration());
                Admin admin = createConnection.getAdmin();
                try {
                    SecureTestUtil.deleteTable(TestAccessController.TEST_UTIL, admin, valueOf);
                    return null;
                } finally {
                    admin.close();
                    createConnection.close();
                }
            }
        };
        verifyDenied(accessTestAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ, USER_GROUP_WRITE);
        verifyAllowed(accessTestAction, createUserForTesting);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v3, types: [byte[], byte[][]] */
    private void createTestTable(TableName tableName) throws Exception {
        HTableDescriptor hTableDescriptor = new HTableDescriptor(tableName);
        HColumnDescriptor hColumnDescriptor = new HColumnDescriptor(TEST_FAMILY);
        hColumnDescriptor.setMaxVersions(100);
        hTableDescriptor.addFamily(hColumnDescriptor);
        hTableDescriptor.setOwner(USER_OWNER);
        TEST_UTIL.createTable(hTableDescriptor, (byte[][]) new byte[]{Bytes.toBytes("s")});
    }

    @Test
    public void testNamespaceUserGrant() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.78
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            Result result = table.get(new Get(TestAccessController.TEST_ROW));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            return result;
                        } finally {
                        }
                    } catch (Throwable th4) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th4;
                    }
                } finally {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                }
            }
        };
        String namespaceAsString = TEST_TABLE.getNamespaceAsString();
        grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(), namespaceAsString, Permission.Action.READ);
        verifyAllowed(accessTestAction, USER_NONE);
        revokeFromNamespace(TEST_UTIL, USER_NONE.getShortName(), namespaceAsString, Permission.Action.READ);
        verifyDenied(accessTestAction, USER_NONE);
    }

    @Test
    public void testAccessControlClientGrantRevoke() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "testGrantRevoke", new String[0]);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.79
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            Result result = table.get(new Get(TestAccessController.TEST_ROW));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            return result;
                        } finally {
                        }
                    } catch (Throwable th4) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th4;
                    }
                } finally {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                }
            }
        };
        verifyDenied(accessTestAction, createUserForTesting);
        String shortName = createUserForTesting.getShortName();
        try {
            grantOnTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, TEST_TABLE, null, null, Permission.Action.READ);
        } catch (Throwable th) {
            LOG.error("error during call of AccessControlClient.grant. ", th);
        }
        try {
            verifyAllowed(accessTestAction, createUserForTesting);
            try {
                revokeFromTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, TEST_TABLE, null, null, Permission.Action.READ);
            } catch (Throwable th2) {
                LOG.error("error during call of AccessControlClient.revoke ", th2);
            }
            verifyDenied(accessTestAction, createUserForTesting);
            revokeGlobal(TEST_UTIL, shortName, Permission.Action.READ);
        } catch (Throwable th3) {
            revokeGlobal(TEST_UTIL, shortName, Permission.Action.READ);
            throw th3;
        }
    }

    @Test
    public void testAccessControlClientGlobalGrantRevoke() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "testGlobalGrantRevoke", new String[0]);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.80
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            Result result = table.get(new Get(TestAccessController.TEST_ROW));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            return result;
                        } finally {
                        }
                    } catch (Throwable th4) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th4;
                    }
                } finally {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                }
            }
        };
        verifyDenied(accessTestAction, createUserForTesting);
        String shortName = createUserForTesting.getShortName();
        try {
            grantGlobalUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, Permission.Action.READ);
        } catch (Throwable th) {
            LOG.error("error during call of AccessControlClient.grant. ", th);
        }
        try {
            verifyAllowed(accessTestAction, createUserForTesting);
            try {
                revokeGlobalUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, Permission.Action.READ);
            } catch (Throwable th2) {
                LOG.error("error during call of AccessControlClient.revoke ", th2);
            }
            verifyDenied(accessTestAction, createUserForTesting);
            revokeGlobal(TEST_UTIL, shortName, Permission.Action.READ);
        } catch (Throwable th3) {
            revokeGlobal(TEST_UTIL, shortName, Permission.Action.READ);
            throw th3;
        }
    }

    @Test
    public void testAccessControlClientGrantRevokeOnNamespace() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "testNS", new String[0]);
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.81
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                Throwable th = null;
                try {
                    Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                    Throwable th2 = null;
                    try {
                        try {
                            Result result = table.get(new Get(TestAccessController.TEST_ROW));
                            if (table != null) {
                                if (0 != 0) {
                                    try {
                                        table.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            return result;
                        } finally {
                        }
                    } catch (Throwable th4) {
                        if (table != null) {
                            if (th2 != null) {
                                try {
                                    table.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                table.close();
                            }
                        }
                        throw th4;
                    }
                } finally {
                    if (createConnection != null) {
                        if (0 != 0) {
                            try {
                                createConnection.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            createConnection.close();
                        }
                    }
                }
            }
        };
        verifyDenied(accessTestAction, createUserForTesting);
        String shortName = createUserForTesting.getShortName();
        String namespaceAsString = TEST_TABLE.getNamespaceAsString();
        try {
            grantOnNamespaceUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, namespaceAsString, Permission.Action.READ);
        } catch (Throwable th) {
            LOG.error("error during call of AccessControlClient.grant. ", th);
        }
        try {
            verifyAllowed(accessTestAction, createUserForTesting);
            try {
                revokeFromNamespaceUsingAccessControlClient(TEST_UTIL, systemUserConnection, shortName, namespaceAsString, Permission.Action.READ);
            } catch (Throwable th2) {
                LOG.error("error during call of AccessControlClient.revoke ", th2);
            }
            verifyDenied(accessTestAction, createUserForTesting);
            revokeFromNamespace(TEST_UTIL, shortName, namespaceAsString, Permission.Action.READ);
        } catch (Throwable th3) {
            revokeFromNamespace(TEST_UTIL, shortName, namespaceAsString, Permission.Action.READ);
            throw th3;
        }
    }

    @Test
    public void testCoprocessorExec() throws Exception {
        Iterator<JVMClusterUtil.RegionServerThread> it = TEST_UTIL.getMiniHBaseCluster().getRegionServerThreads().iterator();
        while (it.hasNext()) {
            Iterator it2 = it.next().getRegionServer().getOnlineRegions(TEST_TABLE).iterator();
            while (it2.hasNext()) {
                ((Region) it2.next()).getCoprocessorHost().load(PingCoprocessor.class, 1073741823, conf);
            }
        }
        User createUserForTesting = User.createUserForTesting(conf, "UserA", new String[0]);
        User createUserForTesting2 = User.createUserForTesting(conf, "UserB", new String[0]);
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.EXEC);
        try {
            SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.82
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        Table table = createConnection.getTable(TestAccessController.TEST_TABLE);
                        Throwable th2 = null;
                        try {
                            try {
                                PingCoprocessor.newBlockingStub(table.coprocessorService(HConstants.EMPTY_BYTE_ARRAY)).noop(null, PingProtos.NoopRequest.newBuilder().m864build());
                                if (table != null) {
                                    if (0 != 0) {
                                        try {
                                            table.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        table.close();
                                    }
                                }
                                if (createConnection == null) {
                                    return null;
                                }
                                if (0 == 0) {
                                    createConnection.close();
                                    return null;
                                }
                                try {
                                    createConnection.close();
                                    return null;
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                    return null;
                                }
                            } catch (Throwable th5) {
                                th2 = th5;
                                throw th5;
                            }
                        } catch (Throwable th6) {
                            if (table != null) {
                                if (th2 != null) {
                                    try {
                                        table.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    table.close();
                                }
                            }
                            throw th6;
                        }
                    } catch (Throwable th8) {
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        throw th8;
                    }
                }
            };
            String namespaceAsString = TEST_TABLE.getNamespaceAsString();
            grantOnNamespace(TEST_UTIL, createUserForTesting2.getShortName(), namespaceAsString, Permission.Action.EXEC);
            verifyAllowed(accessTestAction, createUserForTesting, createUserForTesting2);
            revokeFromNamespace(TEST_UTIL, createUserForTesting2.getShortName(), namespaceAsString, Permission.Action.EXEC);
            verifyDenied(accessTestAction, createUserForTesting2);
            verifyAllowed(accessTestAction, createUserForTesting);
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.EXEC);
        } catch (Throwable th) {
            revokeFromTable(TEST_UTIL, createUserForTesting.getShortName(), TEST_TABLE, null, null, Permission.Action.EXEC);
            throw th;
        }
    }

    @Test
    public void testGetNamespacePermission() throws Exception {
        createNamespace(TEST_UTIL, NamespaceDescriptor.create("testGetNamespacePermission").build());
        grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(), "testGetNamespacePermission", Permission.Action.READ);
        try {
            List userPermissions = AccessControlClient.getUserPermissions(systemUserConnection, AccessControlLists.toNamespaceEntry("testGetNamespacePermission"));
            Assert.assertTrue(userPermissions != null);
            Assert.assertTrue(userPermissions.size() == 1);
            deleteNamespace(TEST_UTIL, "testGetNamespacePermission");
        } catch (Throwable th) {
            throw new HBaseException(th);
        }
    }

    @Test
    public void testTruncatePerms() throws Throwable {
        List userPermissions = AccessControlClient.getUserPermissions(systemUserConnection, TEST_TABLE.getNameAsString());
        Assert.assertTrue(userPermissions != null);
        Assert.assertTrue(userPermissions.size() > 1);
        Admin admin = systemUserConnection.getAdmin();
        Throwable th = null;
        try {
            try {
                admin.disableTable(TEST_TABLE);
                admin.truncateTable(TEST_TABLE, true);
                if (admin != null) {
                    if (0 != 0) {
                        try {
                            admin.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        admin.close();
                    }
                }
                Assert.assertTrue(AccessControlClient.getUserPermissions(systemUserConnection, TEST_TABLE.getNameAsString()) != null);
                Assert.assertEquals(userPermissions.size(), r0.size());
            } finally {
            }
        } catch (Throwable th3) {
            if (admin != null) {
                if (th != null) {
                    try {
                        admin.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    admin.close();
                }
            }
            throw th3;
        }
    }

    private PrivilegedAction<List<UserPermission>> getPrivilegedAction(final String str) {
        return new PrivilegedAction<List<UserPermission>>() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.83
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public List<UserPermission> run() {
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestAccessController.conf);
                    Throwable th = null;
                    try {
                        List<UserPermission> userPermissions = AccessControlClient.getUserPermissions(createConnection, str);
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        return userPermissions;
                    } finally {
                    }
                } catch (Throwable th3) {
                    TestAccessController.LOG.error("error during call of AccessControlClient.getUserPermissions.", th3);
                    return null;
                }
            }
        };
    }

    @Test
    public void testAccessControlClientUserPerms() throws Exception {
        TableName valueOf = TableName.valueOf("testAccessControlClientUserPerms");
        createTestTable(valueOf);
        try {
            String nameWithNamespaceInclAsString = valueOf.getNameWithNamespaceInclAsString();
            User createUserForTesting = User.createUserForTesting(conf, "testUserPerms", new String[0]);
            Assert.assertEquals(0L, ((List) createUserForTesting.runAs(getPrivilegedAction(nameWithNamespaceInclAsString))).size());
            grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, Permission.Action.ADMIN);
            Assert.assertNotNull((List) createUserForTesting.runAs(getPrivilegedAction(nameWithNamespaceInclAsString)));
            Assert.assertEquals(2L, r0.size());
            deleteTable(TEST_UTIL, valueOf);
        } catch (Throwable th) {
            deleteTable(TEST_UTIL, valueOf);
            throw th;
        }
    }

    @Test
    public void testAccessControllerUserPermsRegexHandling() throws Exception {
        User createUserForTesting = User.createUserForTesting(conf, "testRegexHandling", new String[0]);
        TableName valueOf = TableName.valueOf("testRegex");
        byte[] bytes = Bytes.toBytes("f1");
        TEST_UTIL.getHBaseAdmin();
        HTableDescriptor hTableDescriptor = new HTableDescriptor(valueOf);
        hTableDescriptor.addFamily(new HColumnDescriptor(bytes));
        createTable(TEST_UTIL, hTableDescriptor);
        NamespaceDescriptor build = NamespaceDescriptor.create("testNamespace").build();
        TableName valueOf2 = TableName.valueOf("testNamespace", "testRegex");
        createNamespace(TEST_UTIL, build);
        HTableDescriptor hTableDescriptor2 = new HTableDescriptor(valueOf2);
        hTableDescriptor2.addFamily(new HColumnDescriptor(bytes));
        createTable(TEST_UTIL, hTableDescriptor2);
        String nameAsString = AccessControlLists.ACL_TABLE_NAME.getNameAsString();
        Assert.assertEquals(5L, ((List) SUPERUSER.runAs(getPrivilegedAction(nameAsString))).size());
        Assert.assertEquals(0L, ((List) createUserForTesting.runAs(getPrivilegedAction(nameAsString))).size());
        Assert.assertEquals(0L, ((List) createUserForTesting.runAs(getPrivilegedAction(".*"))).size());
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf, null, null, Permission.Action.ADMIN);
        Assert.assertEquals(2L, ((List) createUserForTesting.runAs(getPrivilegedAction(".*"))).size());
        grantOnTable(TEST_UTIL, createUserForTesting.getShortName(), valueOf2, null, null, Permission.Action.ADMIN);
        Assert.assertEquals(4L, ((List) createUserForTesting.runAs(getPrivilegedAction(".*"))).size());
        Assert.assertEquals(2L, ((List) createUserForTesting.runAs(getPrivilegedAction("testRegex"))).size());
        Assert.assertEquals(2L, ((List) createUserForTesting.runAs(getPrivilegedAction(NamespaceDescriptor.DEFAULT_NAMESPACE_NAME_STR + ":testRegex"))).size());
        Assert.assertEquals(2L, ((List) createUserForTesting.runAs(getPrivilegedAction("testNamespace:testRegex"))).size());
        Assert.assertEquals(0L, ((List) createUserForTesting.runAs(getPrivilegedAction("notMatchingAny"))).size());
        deleteTable(TEST_UTIL, valueOf);
        deleteTable(TEST_UTIL, valueOf2);
        deleteNamespace(TEST_UTIL, "testNamespace");
    }

    private void verifyAnyCreate(SecureTestUtil.AccessTestAction accessTestAction) throws Exception {
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_ADMIN_CF, USER_GROUP_CREATE);
        verifyDenied(accessTestAction, USER_NONE, USER_RO, USER_RW, USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_ADMIN);
    }

    @Test
    public void testPrepareAndCleanBulkLoad() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.84
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.prePrepareBulkLoad(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null), (SecureBulkLoadProtos.PrepareBulkLoadRequest) null);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.85
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preCleanupBulkLoad(ObserverContext.createAndPrepare(TestAccessController.RCP_ENV, (ObserverContext) null), (SecureBulkLoadProtos.CleanupBulkLoadRequest) null);
                return null;
            }
        };
        verifyAnyCreate(accessTestAction);
        verifyAnyCreate(accessTestAction2);
    }

    @Test
    public void testReplicateLogEntries() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.86
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preReplicateLogEntries(ObserverContext.createAndPrepare(TestAccessController.RSCP_ENV, (ObserverContext) null), (List) null, (CellScanner) null);
                TestAccessController.ACCESS_CONTROLLER.postReplicateLogEntries(ObserverContext.createAndPrepare(TestAccessController.RSCP_ENV, (ObserverContext) null), (List) null, (CellScanner) null);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN, USER_GROUP_WRITE);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ, USER_GROUP_ADMIN, USER_GROUP_CREATE);
    }

    @Test
    public void testSetQuota() throws Exception {
        SecureTestUtil.AccessTestAction accessTestAction = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.87
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSetUserQuota(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (String) null, (QuotaProtos.Quotas) null);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction2 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.88
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSetUserQuota(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (String) null, TestAccessController.TEST_TABLE, (QuotaProtos.Quotas) null);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction3 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.89
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSetUserQuota(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (String) null, (String) null, (QuotaProtos.Quotas) null);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction4 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.90
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSetTableQuota(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), TestAccessController.TEST_TABLE, (QuotaProtos.Quotas) null);
                return null;
            }
        };
        SecureTestUtil.AccessTestAction accessTestAction5 = new SecureTestUtil.AccessTestAction() { // from class: org.apache.hadoop.hbase.security.access.TestAccessController.91
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestAccessController.ACCESS_CONTROLLER.preSetNamespaceQuota(ObserverContext.createAndPrepare(TestAccessController.CP_ENV, (ObserverContext) null), (String) null, (QuotaProtos.Quotas) null);
                return null;
            }
        };
        verifyAllowed(accessTestAction, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
        verifyAllowed(accessTestAction2, SUPERUSER, USER_ADMIN, USER_OWNER);
        verifyDenied(accessTestAction2, USER_CREATE, USER_RW, USER_RO, USER_NONE);
        verifyAllowed(accessTestAction3, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction3, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
        verifyAllowed(accessTestAction4, SUPERUSER, USER_ADMIN, USER_OWNER);
        verifyDenied(accessTestAction4, USER_CREATE, USER_RW, USER_RO, USER_NONE);
        verifyAllowed(accessTestAction5, SUPERUSER, USER_ADMIN);
        verifyDenied(accessTestAction5, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
    }

    static {
        Logger.getLogger(AccessController.class).setLevel(Level.TRACE);
        Logger.getLogger(AccessControlFilter.class).setLevel(Level.TRACE);
        Logger.getLogger(TableAuthManager.class).setLevel(Level.TRACE);
        TEST_TABLE = TableName.valueOf("testtable1");
        TEST_UTIL = new HBaseTestingUtility();
        TEST_TABLE2 = TableName.valueOf("testtable2");
        TEST_FAMILY = Bytes.toBytes("f1");
        TEST_QUALIFIER = Bytes.toBytes("q1");
        TEST_ROW = Bytes.toBytes("r1");
    }
}
