package org.apache.drill.exec.impersonation.hive;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.Maps;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.calcite.schema.Schema;
import org.apache.drill.categories.HiveStorageTest;
import org.apache.drill.categories.SlowTest;
import org.apache.drill.exec.hive.HiveTestUtilities;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.ql.Driver;
import org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator;
import org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener;
import org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider;
import org.apache.hadoop.hive.ql.session.SessionState;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({SlowTest.class, HiveStorageTest.class})
/* loaded from: input_file:org/apache/drill/exec/impersonation/hive/TestStorageBasedHiveAuthorization.class */
public class TestStorageBasedHiveAuthorization extends BaseTestHiveImpersonation {
    private static final String db_general = "db_general";
    private static final String g_student_u0_700 = "student_u0_700";
    private static final String g_student_u0g0_750 = "student_u0g0_750";
    private static final String g_student_all_755 = "student_all_755";
    private static final String g_voter_u1_700 = "voter_u1_700";
    private static final String g_voter_u2g1_750 = "voter_u2g1_750";
    private static final String g_voter_all_755 = "voter_all_755";
    private static final String g_partitioned_student_u0_700 = "partitioned_student_u0_700";
    private static final String db_u0_only = "db_u0_only";
    private static final String u0_student_all_755 = "student_all_755";
    private static final String u0_voter_all_755 = "voter_all_755";
    private static final String db_u1g1_only = "db_u1g1_only";
    private static final String u1g1_student_all_755 = "student_all_755";
    private static final String u1g1_student_u1_700 = "student_u1_700";
    private static final String u1g1_voter_all_755 = "voter_all_755";
    private static final String u1g1_voter_u1_700 = "voter_u1_700";
    private static final String v_student_u0g0_750 = "v_student_u0g0_750";
    private static final String query_v_student_u0g0_750 = String.format("SELECT rownum FROM %s.%s.%s ORDER BY rownum LIMIT 1", "miniDfsPlugin", "tmp", v_student_u0g0_750);
    private static final String v_student_u1g1_750 = "v_student_u1g1_750";
    private static final String query_v_student_u1g1_750 = String.format("SELECT rownum FROM %s.%s.%s ORDER BY rownum LIMIT 1", "miniDfsPlugin", "tmp", v_student_u1g1_750);
    private static final String v_partitioned_student_u0g0_750 = "v_partitioned_student_u0g0_750";
    private static final String query_v_partitioned_student_u0g0_750 = String.format("SELECT rownum FROM %s.%s.%s ORDER BY rownum LIMIT 1", "miniDfsPlugin", "tmp", v_partitioned_student_u0g0_750);
    private static final String v_partitioned_student_u1g1_750 = "v_partitioned_student_u1g1_750";
    private static final String query_v_partitioned_student_u1g1_750 = String.format("SELECT rownum FROM %s.%s.%s ORDER BY rownum LIMIT 1", "miniDfsPlugin", "tmp", v_partitioned_student_u1g1_750);

    @BeforeClass
    public static void setup() throws Exception {
        startMiniDfsCluster(TestStorageBasedHiveAuthorization.class.getName());
        prepHiveConfAndData();
        setStorabaseBasedAuthorizationInHiveConf();
        startHiveMetaStore();
        startDrillCluster(true);
        addHiveStoragePlugin(getHivePluginConfig());
        addMiniDfsBasedStorage(Maps.newHashMap());
        generateTestData();
    }

    private static void setStorabaseBasedAuthorizationInHiveConf() {
        hiveConf.set(HiveConf.ConfVars.METASTORE_PRE_EVENT_LISTENERS.varname, AuthorizationPreEventListener.class.getName());
        hiveConf.set(HiveConf.ConfVars.HIVE_METASTORE_AUTHENTICATOR_MANAGER.varname, HadoopDefaultMetastoreAuthenticator.class.getName());
        hiveConf.set(HiveConf.ConfVars.HIVE_METASTORE_AUTHORIZATION_MANAGER.varname, StorageBasedAuthorizationProvider.class.getName());
        hiveConf.set(HiveConf.ConfVars.HIVE_METASTORE_AUTHORIZATION_AUTH_READS.varname, "true");
        hiveConf.set(HiveConf.ConfVars.METASTORE_EXECUTE_SET_UGI.varname, "true");
        hiveConf.set(HiveConf.ConfVars.DYNAMICPARTITIONINGMODE.varname, "nonstrict");
    }

    private static Map<String, String> getHivePluginConfig() {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put(HiveConf.ConfVars.METASTOREURIS.varname, hiveConf.get(HiveConf.ConfVars.METASTOREURIS.varname));
        newHashMap.put("fs.defaultFS", dfsConf.get("fs.defaultFS"));
        newHashMap.put(HiveConf.ConfVars.HIVE_SERVER2_ENABLE_DOAS.varname, hiveConf.get(HiveConf.ConfVars.HIVE_SERVER2_ENABLE_DOAS.varname));
        newHashMap.put(HiveConf.ConfVars.METASTORE_EXECUTE_SET_UGI.varname, hiveConf.get(HiveConf.ConfVars.METASTORE_EXECUTE_SET_UGI.varname));
        return newHashMap;
    }

    private static void generateTestData() throws Exception {
        SessionState.start(new SessionState(hiveConf));
        Driver driver = new Driver(hiveConf);
        HiveTestUtilities.executeQuery(driver, "CREATE DATABASE db_general");
        createTable(driver, db_general, g_student_u0_700, "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[0], org1Groups[0], (short) 448);
        createTable(driver, db_general, g_student_u0g0_750, "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[0], org1Groups[0], (short) 488);
        createTable(driver, db_general, "student_all_755", "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[2], org1Groups[2], (short) 493);
        createTable(driver, db_general, "voter_u1_700", "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[1], org1Groups[1], (short) 448);
        createTable(driver, db_general, g_voter_u2g1_750, "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[2], org1Groups[1], (short) 488);
        createTable(driver, db_general, "voter_all_755", "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[1], org1Groups[1], (short) 493);
        createPartitionedTable(driver, db_general, g_partitioned_student_u0_700, "CREATE TABLE %s.%s(rownum INT, name STRING, gpa FLOAT, studentnum BIGINT) partitioned by (age INT) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", "INSERT OVERWRITE TABLE %s.%s PARTITION(age) SELECT rownum, name, age, gpa, studentnum FROM %s.%s", "student_all_755", org1Users[0], org1Groups[0], (short) 448);
        changeDBPermissions(db_general, (short) 493, org1Users[0], org1Groups[0]);
        HiveTestUtilities.executeQuery(driver, "CREATE DATABASE db_u1g1_only");
        createTable(driver, db_u1g1_only, "student_all_755", "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[1], org1Groups[1], (short) 493);
        createTable(driver, db_u1g1_only, u1g1_student_u1_700, "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[1], org1Groups[1], (short) 448);
        createTable(driver, db_u1g1_only, "voter_all_755", "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[1], org1Groups[1], (short) 493);
        createTable(driver, db_u1g1_only, "voter_u1_700", "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[1], org1Groups[1], (short) 448);
        changeDBPermissions(db_u1g1_only, (short) 488, org1Users[1], org1Groups[1]);
        HiveTestUtilities.executeQuery(driver, "CREATE DATABASE db_u0_only");
        createTable(driver, db_u0_only, "student_all_755", "CREATE TABLE %s.%s(rownum int, name string, age int, gpa float, studentnum bigint) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", studentData, org1Users[0], org1Groups[0], (short) 493);
        createTable(driver, db_u0_only, "voter_all_755", "CREATE TABLE %s.%s(voter_id int,name varchar(30), age tinyint, registration string, contributions double,voterzone smallint,create_time timestamp) ROW FORMAT DELIMITED FIELDS TERMINATED BY ',' STORED AS TEXTFILE", voterData, org1Users[0], org1Groups[0], (short) 493);
        changeDBPermissions(db_u0_only, (short) 448, org1Users[0], org1Groups[0]);
        createView(org1Users[0], org1Groups[0], v_student_u0g0_750, String.format("SELECT rownum, name, age, studentnum FROM %s.%s.%s", "hive", db_general, g_student_u0_700));
        createView(org1Users[1], org1Groups[1], v_student_u1g1_750, String.format("SELECT rownum, name, age FROM %s.%s.%s", "miniDfsPlugin", "tmp", v_student_u0g0_750));
        createView(org1Users[0], org1Groups[0], v_partitioned_student_u0g0_750, String.format("SELECT rownum, name, age, studentnum FROM %s.%s.%s", "hive", db_general, g_partitioned_student_u0_700));
        createView(org1Users[1], org1Groups[1], v_partitioned_student_u1g1_750, String.format("SELECT rownum, name, age FROM %s.%s.%s", "miniDfsPlugin", "tmp", v_partitioned_student_u0g0_750));
    }

    private static void createPartitionedTable(Driver driver, String str, String str2, String str3, String str4, String str5, String str6, String str7, short s) throws Exception {
        HiveTestUtilities.executeQuery(driver, String.format(str3, str, str2));
        HiveTestUtilities.executeQuery(driver, String.format(str4, str, str2, str, str5));
        Path whPathForHiveObject = getWhPathForHiveObject(str, str2);
        fs.setPermission(whPathForHiveObject, new FsPermission(s));
        fs.setOwner(whPathForHiveObject, str6, str7);
    }

    private static void createTable(Driver driver, String str, String str2, String str3, String str4, String str5, String str6, short s) throws Exception {
        HiveTestUtilities.executeQuery(driver, String.format(str3, str, str2));
        HiveTestUtilities.executeQuery(driver, String.format("LOAD DATA LOCAL INPATH '%s' INTO TABLE %s.%s", str4, str, str2));
        Path whPathForHiveObject = getWhPathForHiveObject(str, str2);
        fs.setPermission(whPathForHiveObject, new FsPermission(s));
        fs.setOwner(whPathForHiveObject, str5, str6);
    }

    private static void changeDBPermissions(String str, short s, String str2, String str3) throws Exception {
        Path whPathForHiveObject = getWhPathForHiveObject(str, null);
        fs.setPermission(whPathForHiveObject, new FsPermission(s));
        fs.setOwner(whPathForHiveObject, str2, str3);
    }

    @Test
    public void showSchemas() throws Exception {
        testBuilder().sqlQuery("SHOW SCHEMAS LIKE 'hive.%'").unOrdered().baselineColumns(new String[]{"SCHEMA_NAME"}).baselineValues(new Object[]{"hive.db_general"}).baselineValues(new Object[]{"hive.db_u0_only"}).baselineValues(new Object[]{"hive.db_u1g1_only"}).baselineValues(new Object[]{"hive.default"}).go();
    }

    @Test
    public void showTablesUser0() throws Exception {
        updateClient(org1Users[0]);
        showTablesHelper(db_general, ImmutableList.of(g_student_u0_700, g_student_u0g0_750, "student_all_755", "voter_all_755", g_partitioned_student_u0_700));
        showTablesHelper(db_u0_only, ImmutableList.of("student_all_755", "voter_all_755"));
        showTablesHelper(db_u1g1_only, Collections.emptyList());
    }

    @Test
    public void fromInfoSchemaUser0() throws Exception {
        updateClient(org1Users[0]);
        fromInfoSchemaHelper("hive", db_general, ImmutableList.of(g_student_u0_700, g_student_u0g0_750, "student_all_755", "voter_all_755", g_partitioned_student_u0_700), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u0_only, ImmutableList.of("student_all_755", "voter_all_755"), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u1g1_only, Collections.emptyList(), Collections.emptyList());
    }

    @Test
    public void showTablesUser1() throws Exception {
        updateClient(org1Users[1]);
        showTablesHelper(db_general, ImmutableList.of(g_student_u0g0_750, "student_all_755", "voter_u1_700", g_voter_u2g1_750, "voter_all_755"));
        showTablesHelper(db_u1g1_only, ImmutableList.of("student_all_755", u1g1_student_u1_700, "voter_all_755", "voter_u1_700"));
        showTablesHelper(db_u0_only, Collections.emptyList());
    }

    @Test
    public void fromInfoSchemaUser1() throws Exception {
        updateClient(org1Users[1]);
        fromInfoSchemaHelper("hive", db_general, ImmutableList.of(g_student_u0g0_750, "student_all_755", "voter_u1_700", g_voter_u2g1_750, "voter_all_755"), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u1g1_only, ImmutableList.of("student_all_755", u1g1_student_u1_700, "voter_all_755", "voter_u1_700"), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u0_only, Collections.emptyList(), Collections.emptyList());
    }

    @Test
    public void showTablesUser2() throws Exception {
        updateClient(org1Users[2]);
        showTablesHelper(db_general, ImmutableList.of("student_all_755", g_voter_u2g1_750, "voter_all_755"));
        showTablesHelper(db_u1g1_only, ImmutableList.of("student_all_755", "voter_all_755"));
        showTablesHelper(db_u0_only, Collections.emptyList());
    }

    @Test
    public void fromInfoSchemaUser2() throws Exception {
        updateClient(org1Users[2]);
        fromInfoSchemaHelper("hive", db_general, ImmutableList.of("student_all_755", g_voter_u2g1_750, "voter_all_755"), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u1g1_only, ImmutableList.of("student_all_755", "voter_all_755"), ImmutableList.of(Schema.TableType.TABLE, Schema.TableType.TABLE));
        fromInfoSchemaHelper("hive", db_u0_only, Collections.emptyList(), Collections.emptyList());
    }

    @Test
    public void selectUser0_db_general() throws Exception {
        updateClient(org1Users[0]);
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_general, g_student_u0_700));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_general, "student_all_755"));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY name DESC LIMIT 2", db_general, "voter_all_755"));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_general, g_partitioned_student_u0_700));
    }

    @Test
    public void selectUser0_db_u0_only() throws Exception {
        updateClient(org1Users[0]);
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_u0_only, "student_all_755"));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY name DESC LIMIT 2", db_u0_only, "voter_all_755"));
    }

    @Test
    public void selectUser0_db_u1g1_only() throws Exception {
        updateClient(org1Users[0]);
        errorMsgTestHelper(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_u1g1_only, "student_all_755"), String.format("Table 'hive.%s.%s' not found", db_u1g1_only, "student_all_755"));
    }

    @Test
    public void selectUser1_db_general() throws Exception {
        updateClient(org1Users[1]);
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_general, g_student_u0g0_750));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_general, "student_all_755"));
        test(String.format("SELECT * FROM hive.%s.%s ORDER BY name DESC LIMIT 2", db_general, g_voter_u2g1_750));
    }

    @Test
    public void selectUser1_db_u0_only() throws Exception {
        updateClient(org1Users[1]);
        errorMsgTestHelper(String.format("SELECT * FROM hive.%s.%s ORDER BY gpa DESC LIMIT 2", db_u0_only, "student_all_755"), String.format("Table 'hive.%s.%s' not found", db_u0_only, "student_all_755"));
    }

    private static void queryViewHelper(String str, String str2) throws Exception {
        updateClient(str);
        testBuilder().sqlQuery(str2).unOrdered().baselineColumns(new String[]{"rownum"}).baselineValues(new Object[]{1}).go();
    }

    @Test
    public void selectUser0_v_student_u0g0_750() throws Exception {
        queryViewHelper(org1Users[0], query_v_student_u0g0_750);
    }

    @Test
    public void selectUser1_v_student_u0g0_750() throws Exception {
        queryViewHelper(org1Users[1], query_v_student_u0g0_750);
    }

    @Test
    public void selectUser2_v_student_u0g0_750() throws Exception {
        updateClient(org1Users[2]);
        errorMsgTestHelper(query_v_student_u0g0_750, "Not authorized to read view [v_student_u0g0_750] in schema [miniDfsPlugin.tmp]");
    }

    @Test
    public void selectUser0_v_student_u1g1_750() throws Exception {
        updateClient(org1Users[0]);
        errorMsgTestHelper(query_v_student_u1g1_750, "Not authorized to read view [v_student_u1g1_750] in schema [miniDfsPlugin.tmp]");
    }

    @Test
    public void selectUser1_v_student_u1g1_750() throws Exception {
        queryViewHelper(org1Users[1], query_v_student_u1g1_750);
    }

    @Test
    public void selectUser2_v_student_u1g1_750() throws Exception {
        queryViewHelper(org1Users[2], query_v_student_u1g1_750);
    }

    @Test
    public void selectUser0_v_partitioned_student_u0g0_750() throws Exception {
        queryViewHelper(org1Users[0], query_v_partitioned_student_u0g0_750);
    }

    @Test
    public void selectUser1_v_partitioned_student_u0g0_750() throws Exception {
        queryViewHelper(org1Users[1], query_v_partitioned_student_u0g0_750);
    }

    @Test
    public void selectUser2_v_partitioned_student_u0g0_750() throws Exception {
        updateClient(org1Users[2]);
        errorMsgTestHelper(query_v_partitioned_student_u0g0_750, "Not authorized to read view [v_partitioned_student_u0g0_750] in schema [miniDfsPlugin.tmp]");
    }

    @Test
    public void selectUser0_v_partitioned_student_u1g1_750() throws Exception {
        updateClient(org1Users[0]);
        errorMsgTestHelper(query_v_partitioned_student_u1g1_750, "Not authorized to read view [v_partitioned_student_u1g1_750] in schema [miniDfsPlugin.tmp]");
    }

    @Test
    public void selectUser1_v_partitioned_student_u1g1_750() throws Exception {
        queryViewHelper(org1Users[1], query_v_partitioned_student_u1g1_750);
    }

    @Test
    public void selectUser2_v_partitioned_student_u1g1_750() throws Exception {
        queryViewHelper(org1Users[2], query_v_partitioned_student_u1g1_750);
    }

    @AfterClass
    public static void shutdown() throws Exception {
        stopMiniDfsCluster();
        stopHiveMetaStore();
    }
}
