package org.apache.drill.exec.impersonation;

import com.google.common.base.Charsets;
import com.google.common.io.Files;
import java.io.IOException;
import junit.framework.Assert;
import org.apache.drill.common.util.FileUtils;
import org.apache.drill.exec.ExecConstants;
import org.apache.drill.exec.rpc.user.InboundImpersonationManager;
import org.apache.drill.exec.server.options.OptionDefinition;
import org.apache.drill.exec.server.options.OptionSet;
import org.apache.drill.exec.server.options.OptionValue;
import org.apache.drill.exec.server.options.SystemOptionManager;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/drill/exec/impersonation/TestInboundImpersonationPrivileges.class */
public class TestInboundImpersonationPrivileges extends BaseTestImpersonation {
    private static final Logger logger = LoggerFactory.getLogger(TestInboundImpersonationPrivileges.class);
    private static final String IMPERSONATION_POLICIES;

    private static boolean checkPrivileges(String str, String str2) {
        OptionDefinition optionDefinition = (OptionDefinition) SystemOptionManager.createDefaultOptionDefinitions().get("exec.impersonation.inbound_policies");
        ExecConstants.IMPERSONATION_POLICY_VALIDATOR.validate(OptionValue.create(optionDefinition.getMetaData().getAccessibleScopes(), "exec.impersonation.inbound_policies", IMPERSONATION_POLICIES, OptionValue.OptionScope.SYSTEM), optionDefinition.getMetaData(), (OptionSet) null);
        try {
            return InboundImpersonationManager.hasImpersonationPrivileges(str, str2, IMPERSONATION_POLICIES);
        } catch (Exception e) {
            logger.error("Failed to check impersonation privileges.", e);
            return false;
        }
    }

    private static void run(String str, String str2, boolean z) {
        Assert.assertEquals("proxyName: " + str + " targetName: " + str2, z, checkPrivileges(str, str2));
    }

    @Test
    public void allTargetUsers() {
        for (String str : org1Users) {
            run("user0_1", str, true);
        }
        for (String str2 : org2Users) {
            run("user0_1", str2, true);
        }
    }

    @Test
    public void noTargetUsers() {
        for (String str : org1Users) {
            run("user1_1", str, false);
        }
        for (String str2 : org2Users) {
            run("user1_1", str2, false);
        }
    }

    @Test
    public void someTargetUsersAndGroups() {
        run("user2_1", "user3_1", true);
        run("user2_1", "user3_1", true);
        run("user2_1", "user1_1", false);
        run("user2_1", "user4_1", false);
        for (String str : org1Users) {
            if (!str.equals("user3_1") && !str.equals("user2_1")) {
                run("user2_1", str, false);
            }
        }
        for (String str2 : org2Users) {
            run("user2_1", str2, false);
        }
    }

    @Test
    public void someTargetUsers() {
        run("user4_1", "user1_1", true);
        run("user4_1", "user3_1", true);
        for (String str : org1Users) {
            if (!str.equals("user1_1") && !str.equals("user3_1")) {
                run("user4_1", str, false);
            }
        }
        for (String str2 : org2Users) {
            run("user4_1", str2, false);
        }
    }

    @Test
    public void oneTargetGroup() {
        run("user5_1", "user4_2", true);
        run("user5_1", "user5_2", true);
        run("user5_1", "user4_1", false);
        run("user5_1", "user3_2", false);
    }

    @Test
    public void twoTargetUsers() {
        run("user5_2", "user0_2", true);
        run("user5_2", "user1_2", true);
        run("user5_2", "user2_2", false);
        run("user5_2", "user0_1", false);
        run("user5_2", "user1_1", false);
    }

    @Test
    public void twoTargetGroups() {
        run("user3_2", "user4_2", true);
        run("user3_2", "user1_2", true);
        run("user3_2", "user2_2", true);
        run("user3_2", "user0_2", false);
        run("user3_2", "user5_2", false);
        for (String str : org1Users) {
            run("user3_2", str, false);
        }
    }

    static {
        try {
            IMPERSONATION_POLICIES = Files.toString(FileUtils.getResourceAsFile("/inbound_impersonation_policies.json"), Charsets.UTF_8);
        } catch (IOException e) {
            throw new RuntimeException("Cannot load impersonation policies.", e);
        }
    }
}
