package org.apache.hadoop.hbase.zookeeper;

import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Abortable;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.MediumTests;
import org.apache.hadoop.hbase.TestZooKeeper;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Stat;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({MediumTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/zookeeper/TestZooKeeperACL.class */
public class TestZooKeeperACL {
    private static final Log LOG = LogFactory.getLog(TestZooKeeperACL.class);
    private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
    private static ZooKeeperWatcher zkw;
    private static boolean secureZKAvailable;

    @BeforeClass
    public static void setUpBeforeClass() throws Exception {
        File createTempFile = File.createTempFile("tmp", "jaas.conf");
        FileWriter fileWriter = new FileWriter(createTempFile);
        fileWriter.write("Server {\norg.apache.zookeeper.server.auth.DigestLoginModule required\nuser_hbase=\"secret\";\n};\nClient {\norg.apache.zookeeper.server.auth.DigestLoginModule required\nusername=\"hbase\"\npassword=\"secret\";\n};\n");
        fileWriter.close();
        System.setProperty("java.security.auth.login.config", createTempFile.getAbsolutePath());
        System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider");
        TEST_UTIL.getConfiguration().setBoolean("dfs.support.append", true);
        TEST_UTIL.getConfiguration().setInt("hbase.zookeeper.property.maxClientCnxns", 1000);
        try {
            TEST_UTIL.startMiniCluster();
            zkw = new ZooKeeperWatcher(new Configuration(TEST_UTIL.getConfiguration()), TestZooKeeper.class.getName(), (Abortable) null);
        } catch (IOException e) {
            LOG.warn("Hadoop is missing HADOOP-7070", e);
            secureZKAvailable = false;
        }
    }

    @AfterClass
    public static void tearDownAfterClass() throws Exception {
        if (secureZKAvailable) {
            TEST_UTIL.shutdownMiniCluster();
        }
    }

    @Before
    public void setUp() throws Exception {
        if (secureZKAvailable) {
            TEST_UTIL.ensureSomeRegionServersAvailable(2);
        }
    }

    @Test(timeout = 30000)
    public void testHBaseRootZNodeACL() throws Exception {
        if (secureZKAvailable) {
            List acl = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase", new Stat());
            Assert.assertEquals(acl.size(), 1L);
            Assert.assertEquals(((ACL) acl.get(0)).getId().getScheme(), "sasl");
            Assert.assertEquals(((ACL) acl.get(0)).getId().getId(), "hbase");
            Assert.assertEquals(((ACL) acl.get(0)).getPerms(), 31L);
        }
    }

    @Test(timeout = 30000)
    public void testHBaseRootRegionServerZNodeACL() throws Exception {
        if (secureZKAvailable) {
            List acl = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase/root-region-server", new Stat());
            Assert.assertEquals(acl.size(), 2L);
            boolean z = false;
            boolean z2 = false;
            for (int i = 0; i < 2; i++) {
                if (((ACL) acl.get(i)).getId().getScheme().equals("world")) {
                    Assert.assertEquals(((ACL) acl.get(0)).getId().getId(), "anyone");
                    Assert.assertEquals(((ACL) acl.get(0)).getPerms(), 1L);
                    z = true;
                } else if (((ACL) acl.get(i)).getId().getScheme().equals("sasl")) {
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getId(), "hbase");
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getScheme(), "sasl");
                    z2 = true;
                } else {
                    Assert.assertTrue(false);
                }
            }
            Assert.assertTrue(z);
            Assert.assertTrue(z2);
        }
    }

    @Test(timeout = 30000)
    public void testHBaseMasterServerZNodeACL() throws Exception {
        if (secureZKAvailable) {
            List acl = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase/master", new Stat());
            Assert.assertEquals(acl.size(), 2L);
            boolean z = false;
            boolean z2 = false;
            for (int i = 0; i < 2; i++) {
                if (((ACL) acl.get(i)).getId().getScheme().equals("world")) {
                    Assert.assertEquals(((ACL) acl.get(0)).getId().getId(), "anyone");
                    Assert.assertEquals(((ACL) acl.get(0)).getPerms(), 1L);
                    z = true;
                } else if (((ACL) acl.get(i)).getId().getScheme().equals("sasl")) {
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getId(), "hbase");
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getScheme(), "sasl");
                    z2 = true;
                } else {
                    Assert.assertTrue(false);
                }
            }
            Assert.assertTrue(z);
            Assert.assertTrue(z2);
        }
    }

    @Test(timeout = 30000)
    public void testHBaseIDZNodeACL() throws Exception {
        if (secureZKAvailable) {
            List acl = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase/hbaseid", new Stat());
            Assert.assertEquals(acl.size(), 2L);
            boolean z = false;
            boolean z2 = false;
            for (int i = 0; i < 2; i++) {
                if (((ACL) acl.get(i)).getId().getScheme().equals("world")) {
                    Assert.assertEquals(((ACL) acl.get(0)).getId().getId(), "anyone");
                    Assert.assertEquals(((ACL) acl.get(0)).getPerms(), 1L);
                    z = true;
                } else if (((ACL) acl.get(i)).getId().getScheme().equals("sasl")) {
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getId(), "hbase");
                    Assert.assertEquals(((ACL) acl.get(1)).getId().getScheme(), "sasl");
                    z2 = true;
                } else {
                    Assert.assertTrue(false);
                }
            }
            Assert.assertTrue(z);
            Assert.assertTrue(z2);
        }
    }

    @Test
    public void testOutsideHBaseNodeACL() throws Exception {
        if (secureZKAvailable) {
            ZKUtil.createWithParents(zkw, "/testACLNode");
            List acl = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/testACLNode", new Stat());
            Assert.assertEquals(acl.size(), 1L);
            Assert.assertEquals(((ACL) acl.get(0)).getId().getScheme(), "sasl");
            Assert.assertEquals(((ACL) acl.get(0)).getId().getId(), "hbase");
            Assert.assertEquals(((ACL) acl.get(0)).getPerms(), 31L);
        }
    }

    @Test
    public void testIsZooKeeperSecure() throws Exception {
        Assert.assertEquals(Boolean.valueOf(ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()))), Boolean.valueOf(secureZKAvailable));
        File createTempFile = File.createTempFile("tmp", "fakeJaas.conf");
        FileWriter fileWriter = new FileWriter(createTempFile);
        fileWriter.write("");
        fileWriter.close();
        System.setProperty("java.security.auth.login.config", createTempFile.getAbsolutePath());
        Assert.assertEquals(Boolean.valueOf(ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()))), false);
        createTempFile.delete();
    }
}
