package org.apache.sentry.provider.db.service.thrift;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import junit.framework.Assert;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.model.db.DBModelAuthorizable;
import org.apache.sentry.core.model.db.Database;
import org.apache.sentry.core.model.db.Server;
import org.apache.sentry.core.model.db.Table;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.class */
public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBase {
    @BeforeClass
    public static void setup() throws Exception {
        kerberos = false;
        beforeSetup();
        setupConf();
        startSentryService();
        afterSetup();
    }

    @Test
    public void testCreateRole() throws Exception {
        setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
        writePolicyFile();
        this.client.dropRoleIfExists("admin_user", "admin_r");
        this.client.createRole("admin_user", "admin_r");
        this.client.dropRole("admin_user", "admin_r");
    }

    @Test
    public void testQueryPushDown() throws Exception {
        setLocalGroupMapping("admin_user", Sets.newHashSet(new String[]{"admin_group"}));
        writePolicyFile();
        this.client.dropRoleIfExists("admin_user", "admin_r1");
        this.client.createRole("admin_user", "admin_r1");
        this.client.grantRoleToGroup("admin_user", "g1", "admin_r1");
        this.client.grantTablePrivilege("admin_user", "admin_r1", "server", "db1", "table1", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r1", "server", "db1", "table2", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r1", "server", "db2", "table3", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r1", "server", "db2", "table4", "ALL");
        this.client.dropRoleIfExists("admin_user", "admin_r2");
        this.client.createRole("admin_user", "admin_r2");
        this.client.grantRoleToGroup("admin_user", "g1", "admin_r2");
        this.client.grantRoleToGroup("admin_user", "g2", "admin_r2");
        this.client.grantTablePrivilege("admin_user", "admin_r2", "server", "db1", "table1", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r2", "server", "db1", "table2", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r2", "server", "db2", "table3", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r2", "server", "db2", "table4", "ALL");
        this.client.grantTablePrivilege("admin_user", "admin_r2", "server", "db3", "table5", "ALL");
        Assert.assertEquals("Privilege not assigned to role2 !!", 5, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", (List) null).size());
        Assert.assertEquals("Privilege not assigned to role2 !!", 5, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", new ArrayList()).size());
        Assert.assertEquals("Privilege not assigned to role2 !!", 2, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", Lists.newArrayList(new DBModelAuthorizable[]{new Server("server"), new Database("db1")})).size());
        Assert.assertEquals("Privilege not assigned to role2 !!", 0, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", Lists.newArrayList(new DBModelAuthorizable[]{new Server("server"), new Database("db2"), new Table("table1")})).size());
        Assert.assertEquals("Privilege not assigned to role2 !!", 1, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", Lists.newArrayList(new DBModelAuthorizable[]{new Server("server"), new Database("db1"), new Table("table1")})).size());
        Assert.assertEquals("Privilege not assigned to role2 !!", 1, this.client.listPrivilegesByRoleName("admin_user", "admin_r2", Lists.newArrayList(new DBModelAuthorizable[]{new Server("server"), new Database("db3")})).size());
        Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(new String[]{"server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"}), this.client.listPrivilegesForProvider(Sets.newHashSet(new String[]{"g1", "g2"}), ActiveRoleSet.ALL, new Authorizable[]{new Server("server"), new Database("db2")}));
        Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(new String[]{"server=server->db=db3->table=table5->action=all"}), this.client.listPrivilegesForProvider(Sets.newHashSet(new String[]{"g1", "g2"}), ActiveRoleSet.ALL, new Authorizable[]{new Server("server"), new Database("db3")}));
        Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(new String[]{"server=+"}), this.client.listPrivilegesForProvider(Sets.newHashSet(new String[]{"g1", "g2"}), new ActiveRoleSet(Sets.newHashSet(new String[]{"admin_r1"})), new Authorizable[]{new Server("server"), new Database("db3")}));
        Assert.assertEquals("Privilege not correctly assigned to roles !!", new HashSet(), this.client.listPrivilegesForProvider(Sets.newHashSet(new String[]{"g1", "g2"}), new ActiveRoleSet(Sets.newHashSet(new String[]{"admin_r1"})), new Authorizable[]{new Server("server1")}));
    }

    @Test
    public void testDropRole() throws Exception {
        HashSet newHashSet = Sets.newHashSet(new String[]{"admin_group"});
        setLocalGroupMapping("admin_user", newHashSet);
        writePolicyFile();
        this.client.dropRoleIfExists("admin_user", "admin_r");
        this.client.createRole("admin_user", "admin_r");
        this.client.grantRoleToGroup("admin_user", "admin_group", "admin_r");
        this.client.grantDatabasePrivilege("admin_user", "admin_r", "server1", "db2", "*");
        this.client.grantTablePrivilege("admin_user", "admin_r", "server1", "db3", "tab3", "ALL");
        Assert.assertEquals(2, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
        this.client.dropRole("admin_user", "admin_r");
        Assert.assertEquals(0, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
        this.client.createRole("admin_user", "admin_r");
        this.client.grantRoleToGroup("admin_user", "admin_group", "admin_r");
        Assert.assertEquals(0, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
        this.client.grantDatabasePrivilege("admin_user", "admin_r", "server1", "db2", "*");
        Assert.assertEquals(1, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
        this.client.dropRole("admin_user", "admin_r");
        Assert.assertEquals(0, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
        Assert.assertEquals(0, this.client.listPrivilegesForProvider(newHashSet, ActiveRoleSet.ALL, new Authorizable[0]).size());
    }
}
