package org.apache.hadoop.ozone.client.rpc;

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import net.jcip.annotations.NotThreadSafe;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.scm.protocolPB.StorageContainerLocationProtocolClientSideTranslatorPB;
import org.apache.hadoop.ozone.MiniOzoneCluster;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.audit.AuditEventStatus;
import org.apache.hadoop.ozone.audit.OMAction;
import org.apache.hadoop.ozone.client.ObjectStore;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.client.OzoneClientFactory;
import org.apache.hadoop.ozone.client.OzoneVolume;
import org.apache.hadoop.ozone.client.VolumeArgs;
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.test.GenericTestUtils;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.FixMethodOrder;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@NotThreadSafe
@Ignore("Fix this after adding audit support for HA Acl code. This will be fixed by HDDS-2038")
/* loaded from: input_file:org/apache/hadoop/ozone/client/rpc/TestOzoneRpcClientForAclAuditLog.class */
public class TestOzoneRpcClientForAclAuditLog {
    private static UserGroupInformation ugi;
    private static StorageContainerLocationProtocolClientSideTranslatorPB storageContainerLocationClient;
    private static final Logger LOG = LoggerFactory.getLogger(TestOzoneRpcClientForAclAuditLog.class);
    private static final OzoneAcl USER_ACL = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "johndoe", IAccessAuthorizer.ACLType.ALL, OzoneAcl.AclScope.ACCESS);
    private static final OzoneAcl USER_ACL_2 = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "jane", IAccessAuthorizer.ACLType.ALL, OzoneAcl.AclScope.ACCESS);
    private static List<OzoneAcl> aclListToAdd = new ArrayList();
    private static MiniOzoneCluster cluster = null;
    private static OzoneClient ozClient = null;
    private static ObjectStore store = null;
    private static String scmId = UUID.randomUUID().toString();

    @BeforeClass
    public static void init() throws Exception {
        System.setProperty("log4j.configurationFile", "auditlog.properties");
        ugi = UserGroupInformation.getCurrentUser();
        OzoneConfiguration ozoneConfiguration = new OzoneConfiguration();
        ozoneConfiguration.setBoolean("ozone.acl.enabled", true);
        ozoneConfiguration.set("ozone.administrators", "*");
        ozoneConfiguration.set("ozone.acl.authorizer.class", "org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer");
        startCluster(ozoneConfiguration);
        aclListToAdd.add(USER_ACL);
        aclListToAdd.add(USER_ACL_2);
        emptyAuditLog();
    }

    private static void startCluster(OzoneConfiguration ozoneConfiguration) throws Exception {
        cluster = MiniOzoneCluster.newBuilder(ozoneConfiguration).setNumDatanodes(3).setScmId(scmId).build();
        cluster.waitForClusterToBeReady();
        ozClient = OzoneClientFactory.getRpcClient(ozoneConfiguration);
        store = ozClient.getObjectStore();
        storageContainerLocationClient = cluster.getStorageContainerLocationClient();
    }

    @AfterClass
    public static void teardown() throws IOException {
        shutdownCluster();
        deleteAuditLog();
    }

    private static void deleteAuditLog() throws IOException {
        File file = new File("audit.log");
        if (FileUtils.deleteQuietly(file)) {
            LOG.info("{} has been deleted.", file.getName());
        } else {
            LOG.info("audit.log could not be deleted.");
        }
    }

    private static void emptyAuditLog() throws IOException {
        FileUtils.writeLines(new File("audit.log"), new ArrayList(), false);
    }

    private static void shutdownCluster() throws IOException {
        if (ozClient != null) {
            ozClient.close();
        }
        if (storageContainerLocationClient != null) {
            storageContainerLocationClient.close();
        }
        if (cluster != null) {
            cluster.shutdown();
        }
    }

    @Test
    public void testXXXAclSuccessAudits() throws Exception {
        String userName = ugi.getUserName();
        String userName2 = ugi.getUserName();
        String str = "volume" + RandomStringUtils.randomNumeric(5);
        store.createVolume(str, VolumeArgs.newBuilder().setAdmin(userName2).setOwner(userName).build());
        verifyLog(OMAction.CREATE_VOLUME.name(), str, AuditEventStatus.SUCCESS.name());
        OzoneVolume volume = store.getVolume(str);
        verifyLog(OMAction.READ_VOLUME.name(), str, AuditEventStatus.SUCCESS.name());
        Assert.assertTrue(volume.getName().equalsIgnoreCase(str));
        OzoneObjInfo build = new OzoneObjInfo.Builder().setVolumeName(str).setResType(OzoneObj.ResourceType.VOLUME).setStoreType(OzoneObj.StoreType.OZONE).build();
        List acl = store.getAcl(build);
        verifyLog(OMAction.GET_ACL.name(), str, AuditEventStatus.SUCCESS.name());
        Assert.assertTrue(acl.size() > 0);
        store.addAcl(build, USER_ACL);
        verifyLog(OMAction.ADD_ACL.name(), str, "johndoe", AuditEventStatus.SUCCESS.name());
        store.removeAcl(build, USER_ACL);
        verifyLog(OMAction.REMOVE_ACL.name(), str, "johndoe", AuditEventStatus.SUCCESS.name());
        store.setAcl(build, aclListToAdd);
        verifyLog(OMAction.SET_ACL.name(), str, "johndoe", "jane", AuditEventStatus.SUCCESS.name());
    }

    @Test
    public void testXXXAclFailureAudits() throws Exception {
        String str = "volume" + RandomStringUtils.randomNumeric(5);
        store.createVolume(str, VolumeArgs.newBuilder().setAdmin("bilbo").setOwner("bilbo").build());
        verifyLog(OMAction.CREATE_VOLUME.name(), str, AuditEventStatus.SUCCESS.name());
        OzoneObjInfo build = new OzoneObjInfo.Builder().setVolumeName(str).setResType(OzoneObj.ResourceType.VOLUME).setStoreType(OzoneObj.StoreType.OZONE).build();
        try {
            store.getAcl(build);
        } catch (Exception e) {
            verifyLog(OMAction.GET_ACL.name(), str, AuditEventStatus.FAILURE.name());
        }
        try {
            store.addAcl(build, USER_ACL);
        } catch (Exception e2) {
            verifyLog(OMAction.ADD_ACL.name(), str, AuditEventStatus.FAILURE.name());
        }
        try {
            store.removeAcl(build, USER_ACL);
        } catch (Exception e3) {
            verifyLog(OMAction.REMOVE_ACL.name(), str, AuditEventStatus.FAILURE.name());
        }
        try {
            store.setAcl(build, aclListToAdd);
        } catch (Exception e4) {
            verifyLog(OMAction.SET_ACL.name(), str, "johndoe", "jane", AuditEventStatus.FAILURE.name());
        }
    }

    private void verifyLog(String... strArr) throws Exception {
        List readLines = FileUtils.readLines(new File("audit.log"), (String) null);
        GenericTestUtils.waitFor(() -> {
            return Boolean.valueOf(readLines != null);
        }, 100, 60000);
        try {
            try {
                Assert.assertTrue(readLines.size() != 0);
                for (String str : strArr) {
                    Assert.assertTrue(((String) readLines.get(0)).contains(str));
                }
            } catch (AssertionError e) {
                LOG.error("Error occurred in log verification", e);
                if (readLines.size() != 0) {
                    LOG.error("Actual line ::: " + ((String) readLines.get(0)));
                    LOG.error("Expected tokens ::: " + Arrays.toString(strArr));
                }
                throw e;
            }
        } finally {
            emptyAuditLog();
        }
    }
}
