package org.neo4j.server.security.enterprise.auth;

import java.io.IOException;
import java.time.Clock;
import java.util.Set;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.Mockito;
import org.neo4j.internal.kernel.api.security.AuthSubject;
import org.neo4j.internal.kernel.api.security.SecurityContext;
import org.neo4j.kernel.api.exceptions.InvalidArgumentsException;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.logging.Log;
import org.neo4j.server.security.auth.BasicPasswordPolicy;
import org.neo4j.server.security.auth.InMemoryUserRepository;
import org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy;
import org.neo4j.server.security.enterprise.auth.InternalFlatFileRealmIT;
import org.neo4j.server.security.enterprise.log.SecurityLog;

/* loaded from: input_file:org/neo4j/server/security/enterprise/auth/PersonalUserManagerTest.class */
public class PersonalUserManagerTest {

    @Rule
    public ExpectedException expectedException = ExpectedException.none();
    private PersonalUserManager userManager;
    private EvilUserManager evilUserManager;
    private Log log;

    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/PersonalUserManagerTest$EvilUserManager.class */
    private class EvilUserManager implements EnterpriseUserManager {
        private boolean failNextCall;
        private EnterpriseUserManager delegate;

        EvilUserManager(EnterpriseUserManager enterpriseUserManager) {
            this.delegate = enterpriseUserManager;
        }

        void setFailNextCall() {
            this.failNextCall = true;
        }

        public User newUser(String str, String str2, boolean z) throws IOException, InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.newUser(str, str2, z);
            }
            this.failNextCall = false;
            throw new IOException("newUserException");
        }

        public boolean deleteUser(String str) throws IOException, InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.deleteUser(str);
            }
            this.failNextCall = false;
            throw new IOException("deleteUserException");
        }

        public User getUser(String str) throws InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.getUser(str);
            }
            this.failNextCall = false;
            throw new InvalidArgumentsException("getUserException");
        }

        public User silentlyGetUser(String str) {
            return this.delegate.silentlyGetUser(str);
        }

        public void setUserPassword(String str, String str2, boolean z) throws IOException, InvalidArgumentsException {
            if (this.failNextCall) {
                this.failNextCall = false;
                throw new IOException("setUserPasswordException");
            }
            this.delegate.setUserPassword(str, str2, z);
        }

        public Set<String> getAllUsernames() {
            return this.delegate.getAllUsernames();
        }

        public void suspendUser(String str) throws IOException, InvalidArgumentsException {
            if (this.failNextCall) {
                this.failNextCall = false;
                throw new IOException("suspendUserException");
            }
            this.delegate.suspendUser(str);
        }

        public void activateUser(String str, boolean z) throws IOException, InvalidArgumentsException {
            if (this.failNextCall) {
                this.failNextCall = false;
                throw new IOException("activateUserException");
            }
            this.delegate.activateUser(str, z);
        }

        public RoleRecord newRole(String str, String... strArr) throws IOException, InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.newRole(str, strArr);
            }
            this.failNextCall = false;
            throw new IOException("newRoleException");
        }

        public boolean deleteRole(String str) throws IOException, InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.deleteRole(str);
            }
            this.failNextCall = false;
            throw new IOException("deleteRoleException");
        }

        public RoleRecord getRole(String str) throws InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.getRole(str);
            }
            this.failNextCall = false;
            throw new InvalidArgumentsException("getRoleException");
        }

        public RoleRecord silentlyGetRole(String str) {
            return this.delegate.silentlyGetRole(str);
        }

        public void addRoleToUser(String str, String str2) throws IOException, InvalidArgumentsException {
            if (this.failNextCall) {
                this.failNextCall = false;
                throw new IOException("addRoleToUserException");
            }
            this.delegate.addRoleToUser(str, str2);
        }

        public void removeRoleFromUser(String str, String str2) throws IOException, InvalidArgumentsException {
            if (this.failNextCall) {
                this.failNextCall = false;
                throw new IOException("removeRoleFromUserException");
            }
            this.delegate.removeRoleFromUser(str, str2);
        }

        public Set<String> getAllRoleNames() {
            return this.delegate.getAllRoleNames();
        }

        public Set<String> getRoleNamesForUser(String str) throws InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.getRoleNamesForUser(str);
            }
            this.failNextCall = false;
            throw new InvalidArgumentsException("getRoleNamesForUserException");
        }

        public Set<String> silentlyGetRoleNamesForUser(String str) {
            return this.delegate.silentlyGetRoleNamesForUser(str);
        }

        public Set<String> getUsernamesForRole(String str) throws InvalidArgumentsException {
            if (!this.failNextCall) {
                return this.delegate.getUsernamesForRole(str);
            }
            this.failNextCall = false;
            throw new InvalidArgumentsException("getUsernamesForRoleException");
        }

        public Set<String> silentlyGetUsernamesForRole(String str) {
            return this.delegate.silentlyGetUsernamesForRole(str);
        }
    }

    @Test
    public void shouldHandleFailureToCreateUser() throws Exception {
        this.evilUserManager.setFailNextCall();
        this.expectedException.expect(IOException.class);
        this.expectedException.expectMessage("newUserException");
        this.userManager.newUser("hewhoshallnotbenamed", "avada kedavra", false);
        ((Log) Mockito.verify(this.log)).error(withSubject(SecurityContext.AUTH_DISABLED.subject(), "tried to create user `%s`: %s"), new Object[]{"hewhoshallnotbenamed", "newUserException"});
    }

    @Before
    public void setup() {
        this.evilUserManager = new EvilUserManager(new InternalFlatFileRealm(new InMemoryUserRepository(), new InMemoryRoleRepository(), new BasicPasswordPolicy(), new RateLimitedAuthenticationStrategy(Clock.systemUTC(), 3), new InternalFlatFileRealmIT.TestJobScheduler(), new InMemoryUserRepository(), new InMemoryUserRepository()));
        this.log = (Log) Mockito.spy(Log.class);
        this.userManager = new PersonalUserManager(this.evilUserManager, AuthSubject.AUTH_DISABLED, new SecurityLog(this.log), true);
    }

    private String withSubject(AuthSubject authSubject, String str) {
        return "[" + authSubject.username() + "] " + str;
    }
}
