package org.apache.iotdb.db.auth;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import org.apache.iotdb.commons.auth.entity.ModelType;
import org.apache.iotdb.commons.auth.entity.PathPrivilege;
import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.auth.entity.Role;
import org.apache.iotdb.commons.auth.entity.User;
import org.apache.iotdb.commons.exception.IllegalPathException;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
import org.apache.iotdb.rpc.TSStatusCode;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/iotdb/db/auth/AuthorizerManagerTest.class */
public class AuthorizerManagerTest {
    ClusterAuthorityFetcher authorityFetcher = new ClusterAuthorityFetcher(new BasicAuthorityCache());
    static final /* synthetic */ boolean $assertionsDisabled;

    @Test
    public void permissionCacheTest() throws IllegalPathException {
        User user = new User();
        Role role = new Role();
        Role role2 = new Role();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet hashSet3 = new HashSet();
        PathPrivilege pathPrivilege = new PathPrivilege(new PartialPath("root.ln"));
        ArrayList arrayList = new ArrayList();
        hashSet2.add(PrivilegeType.READ_DATA);
        hashSet3.add(PrivilegeType.MAINTAIN);
        pathPrivilege.setPrivileges(hashSet2);
        arrayList.add(pathPrivilege);
        role.setName("role1");
        role.setPrivilegeList(arrayList);
        role2.setName("role2");
        role2.setPrivilegeList(new ArrayList());
        hashSet.add("role1");
        hashSet.add("role2");
        user.setName("user");
        user.setPassword("password");
        user.setPrivilegeList(arrayList);
        user.setSysPrivilegeSet(hashSet3);
        user.setRoleSet(hashSet);
        user.grantDBPrivilege("test", PrivilegeType.ALTER, false);
        user.grantTBPrivilege("test", "table", PrivilegeType.SELECT, true);
        user.grantDBPrivilege("test2", PrivilegeType.SELECT, true);
        user.grantAnyScopePrivilege(PrivilegeType.ALTER, false);
        user.grantAnyScopePrivilege(PrivilegeType.SELECT, true);
        TPermissionInfoResp tPermissionInfoResp = new TPermissionInfoResp();
        tPermissionInfoResp.setUserInfo(user.getUserInfo(ModelType.ALL));
        tPermissionInfoResp.setRoleInfo(new HashMap());
        this.authorityFetcher.getAuthorCache().putUserCache(user.getName(), this.authorityFetcher.cacheUser(tPermissionInfoResp));
        User userCache = this.authorityFetcher.getAuthorCache().getUserCache(user.getName());
        if (!$assertionsDisabled && userCache == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(user, userCache);
        this.authorityFetcher.getAuthorCache().invalidateCache(user.getName(), "");
        TPermissionInfoResp tPermissionInfoResp2 = new TPermissionInfoResp();
        tPermissionInfoResp2.setUserInfo(user.getUserInfo(ModelType.ALL));
        tPermissionInfoResp2.putToRoleInfo(role.getName(), role.getRoleInfo(ModelType.ALL));
        tPermissionInfoResp2.putToRoleInfo(role2.getName(), role2.getRoleInfo(ModelType.ALL));
        this.authorityFetcher.getAuthorCache().putUserCache(user.getName(), this.authorityFetcher.cacheUser(tPermissionInfoResp2));
        Assert.assertEquals(role, this.authorityFetcher.getAuthorCache().getRoleCache(role.getName()));
        this.authorityFetcher.getAuthorCache().invalidateCache(userCache.getName(), "");
        User userCache2 = this.authorityFetcher.getAuthorCache().getUserCache(user.getName());
        Role roleCache = this.authorityFetcher.getAuthorCache().getRoleCache(role.getName());
        Assert.assertNull(userCache2);
        Assert.assertNull(roleCache);
    }

    @Test
    public void grantOptTest() throws IllegalPathException {
        User user = new User("user1", "123456");
        Role role = new Role("role1");
        user.grantSysPrivilege(PrivilegeType.MANAGE_DATABASE, false);
        user.grantSysPrivilege(PrivilegeType.USE_PIPE, true);
        user.grantPathPrivilege(new PartialPath("root.d1.**"), PrivilegeType.READ_DATA, false);
        user.grantPathPrivilege(new PartialPath("root.d1.**"), PrivilegeType.WRITE_SCHEMA, true);
        user.grantDBPrivilege("database", PrivilegeType.SELECT, false);
        user.grantDBPrivilege("database", PrivilegeType.ALTER, true);
        user.grantTBPrivilege("database", "table", PrivilegeType.DELETE, true);
        user.grantAnyScopePrivilege(PrivilegeType.ALTER, true);
        role.grantSysPrivilege(PrivilegeType.USE_UDF, false);
        role.grantSysPrivilege(PrivilegeType.USE_CQ, true);
        role.grantSysPrivilegeGrantOption(PrivilegeType.USE_CQ);
        role.grantPathPrivilege(new PartialPath("root.t.**"), PrivilegeType.READ_DATA, true);
        role.grantDBPrivilege("database", PrivilegeType.INSERT, true);
        user.addRole("role1");
        TPermissionInfoResp tPermissionInfoResp = new TPermissionInfoResp();
        tPermissionInfoResp.setUserInfo(user.getUserInfo(ModelType.ALL));
        tPermissionInfoResp.putToRoleInfo(role.getName(), role.getRoleInfo(ModelType.ALL));
        this.authorityFetcher.getAuthorCache().putUserCache(user.getName(), this.authorityFetcher.cacheUser(tPermissionInfoResp));
        Assert.assertEquals(user, this.authorityFetcher.getAuthorCache().getUserCache(user.getName()));
        Assert.assertEquals(role, this.authorityFetcher.getAuthorCache().getRoleCache(role.getName()));
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserSysPrivilegesGrantOpt("user1", PrivilegeType.USE_PIPE).getCode());
        Assert.assertEquals(TSStatusCode.NO_PERMISSION.getStatusCode(), this.authorityFetcher.checkUserSysPrivilegesGrantOpt("user1", PrivilegeType.MANAGE_USER).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.d1.**")), PrivilegeType.WRITE_SCHEMA).getCode());
        Assert.assertEquals(TSStatusCode.NO_PERMISSION.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.**")), PrivilegeType.WRITE_SCHEMA).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.d1.d2")), PrivilegeType.WRITE_SCHEMA).getCode());
        Assert.assertEquals(TSStatusCode.NO_PERMISSION.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.d1.d2")), PrivilegeType.READ_SCHEMA).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserDBPrivilegesGrantOpt("user1", "database", PrivilegeType.ALTER).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserTBPrivilegesGrantOpt("user1", "database", "table", PrivilegeType.INSERT).getCode());
        Assert.assertEquals(TSStatusCode.NO_PERMISSION.getStatusCode(), this.authorityFetcher.checkUserTBPrivilegesGrantOpt("user1", "database", "table", PrivilegeType.SELECT).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.t.**")), PrivilegeType.READ_DATA).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserPathPrivilegesGrantOpt("user1", Collections.singletonList(new PartialPath("root.t.t1")), PrivilegeType.READ_DATA).getCode());
        Assert.assertEquals(TSStatusCode.NO_PERMISSION.getStatusCode(), this.authorityFetcher.checkUserSysPrivilegesGrantOpt("user1", PrivilegeType.USE_TRIGGER).getCode());
        Assert.assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(), this.authorityFetcher.checkUserSysPrivilegesGrantOpt("user1", PrivilegeType.USE_CQ).getCode());
    }

    static {
        $assertionsDisabled = !AuthorizerManagerTest.class.desiredAssertionStatus();
    }
}
