package alluxio.security.authorization;

import alluxio.Configuration;
import alluxio.ConfigurationTestUtils;
import alluxio.PropertyKey;
import alluxio.security.LoginUserTestUtils;
import alluxio.security.authentication.AuthType;
import alluxio.security.authentication.AuthenticatedClientUser;
import alluxio.security.authorization.Mode;
import alluxio.security.group.GroupMappingService;
import alluxio.security.group.provider.IdentityUserGroupsMapping;
import org.junit.After;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;

@PrepareForTest({GroupMappingService.Factory.class})
@RunWith(PowerMockRunner.class)
/* loaded from: input_file:alluxio/security/authorization/PermissionTest.class */
public final class PermissionTest {

    @Rule
    public ExpectedException mThrown = ExpectedException.none();

    @After
    public void after() {
        ConfigurationTestUtils.resetConfiguration();
    }

    @Test
    public void applyUMask() {
        Mode mode = new Mode((short) 18);
        Permission permission = new Permission("user1", "group1", Mode.getDefault());
        permission.applyUMask(mode);
        Assert.assertEquals(Mode.Bits.ALL, permission.getMode().getOwnerBits());
        Assert.assertEquals(Mode.Bits.READ_EXECUTE, permission.getMode().getGroupBits());
        Assert.assertEquals(Mode.Bits.READ_EXECUTE, permission.getMode().getOtherBits());
        verifyPermission("user1", "group1", (short) 493, permission);
    }

    @Test
    public void defaults() throws Exception {
        Configuration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
        verifyPermission("", "", (short) 511, Permission.defaults());
    }

    @Test
    public void setOwnerFromThriftClient() throws Exception {
        Permission defaults = Permission.defaults();
        Configuration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
        defaults.setOwnerFromThriftClient();
        verifyPermission("", "", (short) 511, defaults);
        Configuration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
        Configuration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS, IdentityUserGroupsMapping.class.getName());
        AuthenticatedClientUser.set("test_client_user");
        defaults.setOwnerFromThriftClient();
        verifyPermission("test_client_user", "test_client_user", (short) 511, defaults);
    }

    @Test
    public void setOwnerFromLoginModule() throws Exception {
        Permission defaults = Permission.defaults();
        Configuration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
        defaults.setOwnerFromThriftClient();
        verifyPermission("", "", (short) 511, defaults);
        Configuration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
        Configuration.set(PropertyKey.SECURITY_LOGIN_USERNAME, "test_login_user");
        Configuration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS, IdentityUserGroupsMapping.class.getName());
        LoginUserTestUtils.resetLoginUser();
        defaults.setOwnerFromLoginModule();
        verifyPermission("test_login_user", "test_login_user", (short) 511, defaults);
    }

    private void verifyPermission(String str, String str2, short s, Permission permission) {
        Assert.assertEquals(str, permission.getOwner());
        Assert.assertEquals(str2, permission.getGroup());
        Assert.assertEquals(s, permission.getMode().toShort());
    }
}
