package org.apache.hadoop.ozone.om;

import java.util.BitSet;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.ObjectStore;
import org.apache.hadoop.ozone.client.OzoneBucket;
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/hadoop/ozone/om/TestOzoneManagerHAWithACL.class */
public class TestOzoneManagerHAWithACL extends TestOzoneManagerHA {
    @Test
    public void testAddBucketAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testAddAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.BUCKET).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testRemoveBucketAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testRemoveAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.BUCKET).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testSetBucketAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testSetAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.BUCKET).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    private boolean containsAcl(OzoneAcl ozoneAcl, List<OzoneAcl> list) {
        Iterator<OzoneAcl> it = list.iterator();
        while (it.hasNext()) {
            boolean compareAcls = compareAcls(ozoneAcl, it.next());
            if (compareAcls) {
                return compareAcls;
            }
        }
        return false;
    }

    private boolean compareAcls(OzoneAcl ozoneAcl, OzoneAcl ozoneAcl2) {
        if (!ozoneAcl.getType().equals(ozoneAcl2.getType()) || !ozoneAcl.getName().equals(ozoneAcl2.getName()) || !ozoneAcl.getAclScope().equals(ozoneAcl2.getAclScope())) {
            return false;
        }
        BitSet bitSet = (BitSet) ozoneAcl.getAclBitSet().clone();
        bitSet.and(ozoneAcl2.getAclBitSet());
        return bitSet.equals(ozoneAcl2.getAclBitSet());
    }

    @Test
    public void testAddKeyAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testAddAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.KEY).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setKeyName(createKey(ozoneBucket)).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testRemoveKeyAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testRemoveAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.KEY).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setKeyName(createKey(ozoneBucket)).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testSetKeyAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testSetAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.KEY).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setKeyName(createKey(ozoneBucket)).build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testAddPrefixAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testAddAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setPrefixName(RandomStringUtils.randomAlphabetic(5) + "/").build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    @Test
    public void testRemovePrefixAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        String str = RandomStringUtils.randomAlphabetic(5) + "/";
        OzoneAcl ozoneAcl = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.ACCESS);
        OzoneAcl ozoneAcl2 = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remote", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.ACCESS);
        OzoneObjInfo build = OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setPrefixName(str).build();
        ObjectStore objectStore = getObjectStore();
        Assert.assertTrue(objectStore.addAcl(build, ozoneAcl));
        Assert.assertTrue(objectStore.addAcl(build, ozoneAcl2));
        Assert.assertTrue(objectStore.removeAcl(build, ozoneAcl));
        Assert.assertFalse(objectStore.removeAcl(build, ozoneAcl));
        Assert.assertTrue(objectStore.removeAcl(build, ozoneAcl2));
    }

    @Test
    public void testSetPrefixAcl() throws Exception {
        OzoneBucket ozoneBucket = setupBucket();
        testSetAcl("remoteUser", OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setPrefixName(RandomStringUtils.randomAlphabetic(5) + "/").build(), new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "remoteUser", IAccessAuthorizer.ACLType.READ, OzoneAcl.AclScope.DEFAULT));
    }

    private void testSetAcl(String str, OzoneObj ozoneObj, OzoneAcl ozoneAcl) throws Exception {
        ObjectStore objectStore = getObjectStore();
        if (!ozoneObj.getResourceType().name().equals(OzoneObj.ResourceType.PREFIX.name())) {
            Assert.assertTrue(objectStore.getAcl(ozoneObj).size() > 0);
        }
        List singletonList = Collections.singletonList(new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, str, IAccessAuthorizer.ACLType.WRITE, OzoneAcl.AclScope.DEFAULT));
        Assert.assertTrue(objectStore.setAcl(ozoneObj, singletonList));
        List acl = objectStore.getAcl(ozoneObj);
        Assert.assertTrue(singletonList.size() == acl.size());
        int i = 0;
        Iterator it = singletonList.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            Assert.assertTrue(compareAcls((OzoneAcl) acl.get(i2), (OzoneAcl) it.next()));
        }
    }

    private void testAddAcl(String str, OzoneObj ozoneObj, OzoneAcl ozoneAcl) throws Exception {
        ObjectStore objectStore = getObjectStore();
        Assert.assertTrue(objectStore.addAcl(ozoneObj, ozoneAcl));
        Assert.assertTrue(containsAcl(ozoneAcl, objectStore.getAcl(ozoneObj)));
        Assert.assertFalse(objectStore.addAcl(ozoneObj, ozoneAcl));
        Assert.assertTrue(objectStore.addAcl(ozoneObj, new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, str, IAccessAuthorizer.ACLType.WRITE, OzoneAcl.AclScope.DEFAULT)));
    }

    private void testRemoveAcl(String str, OzoneObj ozoneObj, OzoneAcl ozoneAcl) throws Exception {
        ObjectStore objectStore = getObjectStore();
        List acl = objectStore.getAcl(ozoneObj);
        Assert.assertTrue(acl.size() > 0);
        Assert.assertTrue(objectStore.removeAcl(ozoneObj, (OzoneAcl) acl.get(0)));
        Assert.assertFalse(objectStore.removeAcl(ozoneObj, (OzoneAcl) acl.get(0)));
        Assert.assertTrue(objectStore.addAcl(ozoneObj, ozoneAcl));
        OzoneAcl ozoneAcl2 = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, str, IAccessAuthorizer.ACLType.WRITE, OzoneAcl.AclScope.DEFAULT);
        Assert.assertTrue(objectStore.addAcl(ozoneObj, ozoneAcl2));
        Assert.assertTrue(objectStore.removeAcl(ozoneObj, ozoneAcl2));
        Assert.assertTrue(objectStore.removeAcl(ozoneObj, ozoneAcl));
    }
}
