package org.apache.hadoop.hdfs.server.federation.router;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.server.federation.MiniRouterDFSCluster;
import org.apache.hadoop.hdfs.server.federation.RouterConfigBuilder;
import org.apache.hadoop.hdfs.server.namenode.ha.ConfiguredFailoverProxyProvider;
import org.apache.hadoop.hdfs.tools.federation.RouterAdmin;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.authorize.ProxyUsers;
import org.apache.hadoop.test.LambdaTestUtils;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hdfs/server/federation/router/TestRouterRefreshSuperUserGroupsConfiguration.class */
public class TestRouterRefreshSuperUserGroupsConfiguration {
    private static final Logger LOG = LoggerFactory.getLogger(TestRouterRefreshSuperUserGroupsConfiguration.class);
    private MiniRouterDFSCluster cluster;
    private static final String ROUTER_NS = "rbfns";
    private static final String HDFS_SCHEMA = "hdfs://";
    private static final String LOOPBACK_ADDRESS = "127.0.0.1";
    private String tempResource = null;

    @Before
    public void setUpCluster() throws Exception {
        Configuration build = new RouterConfigBuilder().rpc().admin().build();
        this.cluster = new MiniRouterDFSCluster(false, 1);
        this.cluster.addRouterOverrides(build);
        this.cluster.startRouters();
    }

    @After
    public void tearDown() {
        if (this.cluster != null) {
            this.cluster.shutdown();
            this.cluster = null;
        }
        if (this.tempResource != null) {
            new File(this.tempResource).delete();
            this.tempResource = null;
        }
    }

    private Configuration initializeClientConfig() throws Exception {
        Configuration configuration = new Configuration(false);
        Router router = this.cluster.getRouters().get(0).getRouter();
        configuration.set("dfs.nameservices", "ns0,ns1,rbfns");
        configuration.set("dfs.ha.namenodes.rbfns", "r1");
        configuration.set("dfs.federation.router.admin-address", "127.0.0.1:" + router.getAdminServerAddress().getPort());
        configuration.set("dfs.namenode.rpc-address.rbfns.r1", "127.0.0.1:" + router.getRpcServerAddress().getPort());
        configuration.set("dfs.client.failover.proxy.provider.rbfns", ConfiguredFailoverProxyProvider.class.getCanonicalName());
        configuration.set("fs.defaultFS", "hdfs://rbfns");
        configuration.setBoolean("dfs.client.failover.random.order", false);
        configuration.set("fs.defaultFS", "hdfs://rbfns");
        return configuration;
    }

    @Test
    public void testRefreshSuperUserGroupsConfiguration() throws Exception {
        testRefreshSuperUserGroupsConfigurationInternal(initializeClientConfig());
    }

    private void testRefreshSuperUserGroupsConfigurationInternal(Configuration configuration) throws Exception {
        UserGroupInformation userGroupInformation = (UserGroupInformation) Mockito.mock(UserGroupInformation.class);
        UserGroupInformation userGroupInformation2 = (UserGroupInformation) Mockito.mock(UserGroupInformation.class);
        Mockito.when(userGroupInformation2.getShortUserName()).thenReturn("impersonator");
        Mockito.when(userGroupInformation2.getUserName()).thenReturn("impersonator");
        Mockito.when(userGroupInformation.getRealUser()).thenReturn(userGroupInformation2);
        Mockito.when(userGroupInformation.getUserName()).thenReturn("victim");
        Mockito.when(userGroupInformation.getGroups()).thenReturn(Arrays.asList("groupVictim"));
        LambdaTestUtils.intercept(AuthorizationException.class, "User: impersonator is not allowed to impersonate victim", () -> {
            ProxyUsers.authorize(userGroupInformation, LOOPBACK_ADDRESS);
        });
        this.tempResource = addFileBasedConfigResource("testRouterRefreshSuperUserGroupsConfiguration_rsrc.xml", new ArrayList(Arrays.asList("hadoop.proxyuser.impersonator.groups", "hadoop.proxyuser.impersonator.hosts")), new ArrayList(Arrays.asList("groupVictim", LOOPBACK_ADDRESS)));
        Configuration.addDefaultResource("testRouterRefreshSuperUserGroupsConfiguration_rsrc.xml");
        Assert.assertEquals("CLI command was not successful", 0L, new RouterAdmin(configuration).run(new String[]{"-refreshSuperUserGroupsConfiguration"}));
        ProxyUsers.authorize(userGroupInformation, LOOPBACK_ADDRESS);
    }

    private static String addFileBasedConfigResource(String str, ArrayList<String> arrayList, ArrayList<String> arrayList2) throws IOException {
        if (arrayList.size() != arrayList2.size()) {
            throw new IOException("keyArray and valueArray should be equal in size");
        }
        String str2 = new Path(URLDecoder.decode(new Configuration().getResource("hdfs-site.xml").getPath(), "UTF-8")).getParent().toString() + "/" + str;
        StringBuilder sb = new StringBuilder();
        sb.append("<configuration>");
        for (int i = 0; i < arrayList.size(); i++) {
            sb.append("<property>").append("<name>").append(arrayList.get(i)).append("</name>").append("<value>").append(arrayList2.get(i)).append("</value>").append("</property>");
        }
        sb.append("</configuration>");
        PrintWriter printWriter = new PrintWriter(new FileOutputStream(str2));
        printWriter.println(sb.toString());
        printWriter.close();
        return str2;
    }
}
