package org.neo4j.server.security.auth;

import com.google.common.jimfs.Configuration;
import com.google.common.jimfs.Jimfs;
import java.io.IOException;
import java.nio.file.CopyOption;
import java.nio.file.FileSystem;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.spi.FileSystemProvider;
import java.util.Arrays;
import java.util.Collection;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.neo4j.io.fs.DelegatingFileSystem;
import org.neo4j.io.fs.DelegatingFileSystemProvider;
import org.neo4j.logging.AssertableLogProvider;
import org.neo4j.logging.NullLogProvider;
import org.neo4j.server.security.auth.exception.ConcurrentModificationException;
import org.neo4j.string.UTF8;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/neo4j/server/security/auth/FileUserRepositoryTest.class */
public class FileUserRepositoryTest {
    private final FileSystem fs;
    private Path authFile;

    @Rule
    public ExpectedException thrown = ExpectedException.none();

    @Parameterized.Parameters(name = "{1} filesystem")
    public static Collection<Object[]> data() {
        return Arrays.asList(new Object[]{Configuration.unix(), "unix"}, new Object[]{Configuration.osX(), "osX"}, new Object[]{Configuration.windows(), "windows"});
    }

    public FileUserRepositoryTest(Configuration configuration, String str) {
        this.fs = Jimfs.newFileSystem(configuration);
        this.authFile = this.fs.getPath("dbms", "auth.db");
    }

    @Test
    public void shouldStoreAndRetriveUsersByName() throws Exception {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        User user = new User("jake", Credential.INACCESSIBLE, true);
        fileUserRepository.create(user);
        MatcherAssert.assertThat(fileUserRepository.findByName(user.name()), CoreMatchers.equalTo(user));
    }

    @Test
    public void shouldPersistUsers() throws Throwable {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        User user = new User("jake", Credential.INACCESSIBLE, true);
        fileUserRepository.create(user);
        FileUserRepository fileUserRepository2 = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        fileUserRepository2.start();
        MatcherAssert.assertThat(fileUserRepository2.findByName(user.name()), CoreMatchers.equalTo(user));
    }

    @Test
    public void shouldNotFindUserAfterDelete() throws Throwable {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        User user = new User("jake", Credential.INACCESSIBLE, true);
        fileUserRepository.create(user);
        fileUserRepository.delete(user);
        MatcherAssert.assertThat(fileUserRepository.findByName(user.name()), CoreMatchers.nullValue());
    }

    @Test
    public void shouldNotAllowComplexNames() throws Exception {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        Assert.assertTrue(fileUserRepository.isValidName("neo4j"));
        Assert.assertTrue(fileUserRepository.isValidName("johnosbourne"));
        Assert.assertTrue(fileUserRepository.isValidName("john_osbourne"));
        Assert.assertFalse(fileUserRepository.isValidName(":"));
        Assert.assertFalse(fileUserRepository.isValidName(""));
        Assert.assertFalse(fileUserRepository.isValidName("john osbourne"));
        Assert.assertFalse(fileUserRepository.isValidName("john:osbourne"));
    }

    @Test
    public void shouldRecoverIfCrashedDuringMove() throws Throwable {
        final IOException iOException = new IOException("simulated IO Exception on create");
        Path path = new DelegatingFileSystem(this.fs) { // from class: org.neo4j.server.security.auth.FileUserRepositoryTest.1
            protected DelegatingFileSystemProvider createDelegate(FileSystemProvider fileSystemProvider) {
                return new DelegatingFileSystem.WrappedProvider(fileSystemProvider, this) { // from class: org.neo4j.server.security.auth.FileUserRepositoryTest.1.1
                    public void move(Path path2, Path path3, CopyOption... copyOptionArr) throws IOException {
                        if (FileUserRepositoryTest.this.authFile.getFileName().toString().equals(path3.getFileName().toString())) {
                            throw iOException;
                        }
                        super.move(path2, path3, copyOptionArr);
                    }
                };
            }
        }.getPath("dbms", "auth.db");
        FileUserRepository fileUserRepository = new FileUserRepository(path, NullLogProvider.getInstance());
        fileUserRepository.start();
        try {
            fileUserRepository.create(new User("jake", Credential.INACCESSIBLE, true));
            Assert.fail("Expected an IOException");
        } catch (IOException e) {
            Assert.assertSame(iOException, e);
        }
        Assert.assertFalse(Files.exists(path, new LinkOption[0]));
        Assert.assertFalse(Files.newDirectoryStream(path.getParent()).iterator().hasNext());
    }

    @Test
    public void shouldThrowIfUpdateChangesName() throws Throwable {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        User user = new User("jake", Credential.INACCESSIBLE, true);
        fileUserRepository.create(user);
        try {
            fileUserRepository.update(user, new User("john", Credential.INACCESSIBLE, true));
            Assert.fail("expected exception not thrown");
        } catch (IllegalArgumentException e) {
        }
        MatcherAssert.assertThat(fileUserRepository.findByName(user.name()), CoreMatchers.equalTo(user));
    }

    @Test
    public void shouldThrowIfExistingUserDoesNotMatch() throws Throwable {
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, NullLogProvider.getInstance());
        fileUserRepository.create(new User("jake", Credential.INACCESSIBLE, true));
        try {
            fileUserRepository.update(new User("jake", Credential.forPassword("foo"), false), new User("jake", Credential.forPassword("bar"), false));
            Assert.fail("expected exception not thrown");
        } catch (ConcurrentModificationException e) {
        }
    }

    @Test
    public void shouldFailOnReadingInvalidEntries() throws Throwable {
        AssertableLogProvider assertableLogProvider = new AssertableLogProvider();
        Files.createDirectories(this.authFile.getParent(), new FileAttribute[0]);
        Files.write(this.authFile, UTF8.encode("admin:SHA-256,A42E541F276CF17036DB7818F8B09B1C229AAD52A17F69F4029617F3A554640F,FB7E8AE08A6A7C741F678AD22217808F:\nneo4j:fc4c600b43ffe4d5857b4439c35df88f:SHA-256,A42E541F276CF17036DB7818F8B09B1C229AAD52A17F69F4029617F3A554640F,FB7E8AE08A6A7C741F678AD22217808F:\n"), new OpenOption[0]);
        FileUserRepository fileUserRepository = new FileUserRepository(this.authFile, assertableLogProvider);
        this.thrown.expect(IllegalStateException.class);
        this.thrown.expectMessage(CoreMatchers.startsWith("Failed to read authentication file: "));
        try {
            fileUserRepository.start();
        } catch (IllegalStateException e) {
            MatcherAssert.assertThat(Integer.valueOf(fileUserRepository.numberOfUsers()), CoreMatchers.equalTo(0));
            assertableLogProvider.assertExactly(new AssertableLogProvider.LogMatcher[]{AssertableLogProvider.inLog(FileUserRepository.class).error("Failed to read authentication file \"%s\" (%s)", new Object[]{this.authFile.toAbsolutePath(), "wrong number of line fields [line 2]"})});
            throw e;
        }
    }
}
