package org.neo4j.commandline.admin.security;

import java.io.File;
import java.io.IOException;
import java.nio.file.Path;
import org.hamcrest.CoreMatchers;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.RuleChain;
import org.mockito.Mockito;
import org.neo4j.commandline.admin.AdminTool;
import org.neo4j.commandline.admin.CommandFailed;
import org.neo4j.commandline.admin.CommandLocator;
import org.neo4j.commandline.admin.IncorrectUsage;
import org.neo4j.commandline.admin.OutsideWorld;
import org.neo4j.kernel.api.security.exception.InvalidArgumentsException;
import org.neo4j.logging.NullLogProvider;
import org.neo4j.server.security.auth.Credential;
import org.neo4j.server.security.auth.FileUserRepository;
import org.neo4j.server.security.auth.User;
import org.neo4j.test.rule.TestDirectory;

/* loaded from: input_file:org/neo4j/commandline/admin/security/SetPasswordCommandTest.class */
public class SetPasswordCommandTest {
    private static String password_change_required = "password_change_required";
    private TestDirectory testDir = TestDirectory.testDirectory();

    @Rule
    public RuleChain ruleChain = RuleChain.outerRule(this.testDir);

    @Test
    public void shouldFailWithNoArguments() throws Exception {
        try {
            new SetPasswordCommand(this.testDir.directory("home").toPath(), this.testDir.directory("conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[0]);
            Assert.fail("Should have thrown an exception.");
        } catch (IncorrectUsage e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("password"));
        }
    }

    @Test
    public void shouldFailOnOnlyOneArgument() throws Exception {
        try {
            new SetPasswordCommand(this.testDir.directory("home").toPath(), this.testDir.directory("conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[]{"neo4j"});
            Assert.fail("Should have thrown an exception.");
        } catch (IncorrectUsage e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("password"));
        }
    }

    @Test
    public void shouldFailWitNonExistingUser() throws Exception {
        try {
            new SetPasswordCommand(this.testDir.directory("home").toPath(), this.testDir.directory("conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[]{"nosuchuser", "whatever"});
            Assert.fail("Should have thrown an exception.");
        } catch (CommandFailed e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("does not exist"));
        }
    }

    @Test
    public void shouldRunSetPasswordCommandWithExistinguser() throws Throwable {
        File graphDbDir = this.testDir.graphDbDir();
        createTestUser("neo4j", "neo4j");
        assertUserRequiresPasswordChange("neo4j");
        new SetPasswordCommand(graphDbDir.toPath(), new File(graphDbDir, "conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[]{"neo4j", "abc"});
        assertUserDoesNotRequirePasswordChange("neo4j");
    }

    @Test
    public void shouldRunSetPasswordCommandWithoutExistingUser() throws Throwable {
        File graphDbDir = this.testDir.graphDbDir();
        new SetPasswordCommand(graphDbDir.toPath(), new File(graphDbDir, "conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[]{"neo4j", "abc", "--create"});
        assertUserDoesNotRequirePasswordChange("neo4j");
    }

    @Test
    public void shouldFailToRunSetPasswordCommandWithoutExistingUser() throws Throwable {
        File graphDbDir = this.testDir.graphDbDir();
        try {
            new SetPasswordCommand(graphDbDir.toPath(), new File(graphDbDir, "conf").toPath(), (OutsideWorld) Mockito.mock(OutsideWorld.class)).execute(new String[]{"neo4j", "abc"});
        } catch (CommandFailed e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("does not exist"));
        }
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndNoArgs() throws Throwable {
        createTestUser("neo4j", "neo4j");
        assertUserRequiresPasswordChange("neo4j");
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password"});
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdOutLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("neo4j-admin set-password [--create=<true|false>] <username> <password>");
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("    Sets the password for the specified user and removes the password change ");
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("    requirement. If the user does not exist an error message will be shown, unless ");
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("    you specify the option --create=true.");
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("Missing arguments: expected username and password");
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(1);
        assertUserRequiresPasswordChange("neo4j");
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndArgsButNoUser() throws Throwable {
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdOutLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("command failed: Failed to set password for 'neo4j': User 'neo4j' does not exist");
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(1);
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndArgsButNoUserAndCreateFalse() throws Throwable {
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password", "neo4j", "abc", "--create=false"});
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdOutLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("command failed: Failed to set password for 'neo4j': User 'neo4j' does not exist");
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(1);
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndExistingUser() throws Throwable {
        createTestUser("neo4j", "neo4j");
        assertUserRequiresPasswordChange("neo4j");
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdOutLine("Changed password for user 'neo4j'");
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdErrLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(0);
        assertUserDoesNotRequirePasswordChange("neo4j");
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndNoExistingUser() throws Throwable {
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password", "--create=true", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdOutLine("Created new user 'neo4j'");
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdErrLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(0);
        assertUserDoesNotRequirePasswordChange("neo4j");
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndExistingUserAndCreateTrue() throws Throwable {
        createTestUser("neo4j", "neo4j");
        assertUserRequiresPasswordChange("neo4j");
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true).execute(path, path2, new String[]{"set-password", "--create=true", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdOutLine("Changed password for user 'neo4j'");
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdErrLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(0);
        assertUserDoesNotRequirePasswordChange("neo4j");
    }

    @Test
    public void shouldRunAdminToolWithSetPasswordCommandAndExistingUserAndCreateTrueAndSamePassword() throws Throwable {
        createTestUser("neo4j", "neo4j");
        assertUserRequiresPasswordChange("neo4j");
        Path path = this.testDir.graphDbDir().toPath();
        Path path2 = this.testDir.directory("conf").toPath();
        OutsideWorld outsideWorld = (OutsideWorld) Mockito.mock(OutsideWorld.class);
        AdminTool adminTool = new AdminTool(CommandLocator.fromServiceLocator(), outsideWorld, true);
        adminTool.execute(path, path2, new String[]{"set-password", "--create=true", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdOutLine("Changed password for user 'neo4j'");
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdErrLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(0);
        assertUserDoesNotRequirePasswordChange("neo4j");
        Mockito.reset(new OutsideWorld[]{outsideWorld});
        adminTool.execute(path, path2, new String[]{"set-password", "--create=true", "neo4j", "abc"});
        ((OutsideWorld) Mockito.verify(outsideWorld, Mockito.times(0))).stdOutLine(org.mockito.Matchers.anyString());
        ((OutsideWorld) Mockito.verify(outsideWorld)).stdErrLine("command failed: Failed to set password for 'neo4j': Old password and new password cannot be the same.");
        ((OutsideWorld) Mockito.verify(outsideWorld)).exit(1);
    }

    private File authFile() {
        return new File(new File(new File(this.testDir.graphDbDir(), "data"), "dbms"), "auth.db");
    }

    private User createTestUser(String str, String str2) throws IOException, InvalidArgumentsException {
        FileUserRepository fileUserRepository = new FileUserRepository(authFile().toPath(), NullLogProvider.getInstance());
        User build = new User.Builder(str, Credential.forPassword(str2)).withRequiredPasswordChange(true).build();
        fileUserRepository.create(build);
        return build;
    }

    private User getUser(String str) throws Throwable {
        FileUserRepository fileUserRepository = new FileUserRepository(authFile().toPath(), NullLogProvider.getInstance());
        fileUserRepository.start();
        return fileUserRepository.getUserByName(str);
    }

    private void assertUserRequiresPasswordChange(String str) throws Throwable {
        Assert.assertThat("User should require password change", getUser(str).getFlags(), CoreMatchers.hasItem(password_change_required));
    }

    private void assertUserDoesNotRequirePasswordChange(String str) throws Throwable {
        Assert.assertThat("User should not require password change", getUser(str).getFlags(), Matchers.not(CoreMatchers.hasItem(password_change_required)));
    }
}
