package org.neo4j.server.security.enterprise.auth;

import java.util.Iterator;
import java.util.Map;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Test;
import org.neo4j.graphdb.Notification;
import org.neo4j.graphdb.ResourceIterator;
import org.neo4j.graphdb.Result;
import org.neo4j.helpers.collection.MapUtil;
import org.neo4j.kernel.api.KernelTransaction;
import org.neo4j.kernel.api.exceptions.Status;
import org.neo4j.kernel.impl.coreapi.InternalTransaction;
import org.neo4j.kernel.impl.factory.GraphDatabaseFacade;
import org.neo4j.server.security.enterprise.configuration.SecuritySettings;
import org.neo4j.values.virtual.VirtualValues;

/* loaded from: input_file:org/neo4j/server/security/enterprise/auth/ConfiguredAuthScenariosInteractionTestBase.class */
public abstract class ConfiguredAuthScenariosInteractionTestBase<S> extends ProcedureInteractionTestBase<S> {
    private Map<String, Object> userList = MapUtil.map(new Object[]{"adminSubject", listOf("admin"), "readSubject", listOf("reader"), "schemaSubject", listOf("architect"), "writeSubject", listOf("publisher"), "editorSubject", listOf("editor"), "pwdSubject", listOf(new String[0]), "noneSubject", listOf(new String[0]), "neo4j", listOf("admin")});

    @Override // org.neo4j.server.security.enterprise.auth.ProcedureInteractionTestBase
    public void setUp() throws Throwable {
    }

    @Test
    public void shouldAllowRoleCallCreateNewTokensProceduresWhenConfigured() throws Throwable {
        configuredSetup(MapUtil.stringMap(new String[]{SecuritySettings.default_allowed.name(), "role1"}));
        this.userManager.newRole("role1", new String[]{"noneSubject"});
        assertEmpty(this.noneSubject, "CALL db.createLabel('MySpecialLabel')");
        assertEmpty(this.noneSubject, "CALL db.createRelationshipType('MySpecialRelationship')");
        assertEmpty(this.noneSubject, "CALL db.createProperty('MySpecialProperty')");
    }

    @Test
    public void shouldWarnWhenUsingNativeAndOtherProvider() throws Throwable {
        configuredSetup(MapUtil.stringMap(new String[]{SecuritySettings.auth_providers.name(), "native ,LDAP"}));
        assertSuccess(this.adminSubject, "CALL dbms.security.listUsers", resourceIterator -> {
            assertKeyIsMap((ResourceIterator<Map<String, Object>>) resourceIterator, "username", "roles", valueOf(this.userList));
        });
        GraphDatabaseFacade localGraph = this.neo.getLocalGraph();
        InternalTransaction beginTransaction = localGraph.beginTransaction(KernelTransaction.Type.explicit, StandardEnterpriseSecurityContext.AUTH_DISABLED);
        MatcherAssert.assertThat(Boolean.valueOf(containsNotification(localGraph.execute(beginTransaction, "EXPLAIN CALL dbms.security.listUsers", VirtualValues.EMPTY_MAP), String.format("%s (%s)", Status.Procedure.ProcedureWarning.code().description(), "dbms.security.listUsers only applies to native users."))), Matchers.equalTo(true));
        beginTransaction.success();
        beginTransaction.close();
    }

    @Test
    public void shouldNotWarnWhenOnlyUsingNativeProvider() throws Throwable {
        configuredSetup(MapUtil.stringMap(new String[]{SecuritySettings.auth_provider.name(), "native"}));
        assertSuccess(this.adminSubject, "CALL dbms.security.listUsers", resourceIterator -> {
            assertKeyIsMap((ResourceIterator<Map<String, Object>>) resourceIterator, "username", "roles", valueOf(this.userList));
        });
        GraphDatabaseFacade localGraph = this.neo.getLocalGraph();
        InternalTransaction beginTransaction = localGraph.beginTransaction(KernelTransaction.Type.explicit, StandardEnterpriseSecurityContext.AUTH_DISABLED);
        MatcherAssert.assertThat(Boolean.valueOf(containsNotification(localGraph.execute(beginTransaction, "EXPLAIN CALL dbms.security.listUsers", VirtualValues.EMPTY_MAP), String.format("%s (%s)", Status.Procedure.ProcedureWarning.code().description(), "dbms.security.listUsers only applies to native users."))), Matchers.equalTo(false));
        beginTransaction.success();
        beginTransaction.close();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.neo4j.server.security.enterprise.auth.ProcedureInteractionTestBase
    public Object valueOf(Object obj) {
        return obj;
    }

    private boolean containsNotification(Result result, String str) {
        Iterator it = result.getNotifications().iterator();
        boolean z = false;
        while (true) {
            boolean z2 = z;
            if (!it.hasNext()) {
                return z2;
            }
            z = z2 | ((Notification) it.next()).getDescription().equals(str);
        }
    }
}
