package org.apache.hadoop.hbase.security.visibility;

import com.google.protobuf.ByteString;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.security.access.SecureTestUtil;
import org.apache.hadoop.hbase.testclassification.LargeTests;
import org.apache.hadoop.hbase.testclassification.SecurityTests;
import org.apache.hadoop.hbase.util.Bytes;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.rules.TestName;

@Category({SecurityTests.class, LargeTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/security/visibility/TestWithDisabledAuthorization.class */
public class TestWithDisabledAuthorization {
    private static final String CONFIDENTIAL = "confidential";
    private static final String SECRET = "secret";
    private static final String PRIVATE = "private";

    @Rule
    public final TestName TEST_NAME = new TestName();
    private static User SUPERUSER;
    private static User USER_RW;
    private static Configuration conf;
    private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
    private static final byte[] TEST_FAMILY = Bytes.toBytes("test");
    private static final byte[] TEST_QUALIFIER = Bytes.toBytes("q");
    private static final byte[] ZERO = Bytes.toBytes(0);

    @BeforeClass
    public static void setUpBeforeClass() throws Exception {
        conf = TEST_UTIL.getConfiguration();
        conf.setInt("hbase.regionserver.metahandler.count", 10);
        SecureTestUtil.configureSuperuser(conf);
        VisibilityTestUtil.enableVisiblityLabels(conf);
        conf.setBoolean("hbase.security.authorization", false);
        TEST_UTIL.startMiniCluster();
        TEST_UTIL.waitUntilAllRegionsAssigned(VisibilityConstants.LABELS_TABLE_NAME);
        SUPERUSER = User.createUserForTesting(conf, "admin", new String[]{"supergroup"});
        USER_RW = User.createUserForTesting(conf, "rwuser", new String[0]);
        SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() { // from class: org.apache.hadoop.hbase.security.visibility.TestWithDisabledAuthorization.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.conf);
                    Throwable th = null;
                    try {
                        VisibilityClient.addLabels(createConnection, new String[]{"secret", "confidential", "private"});
                        VisibilityClient.setAuths(createConnection, new String[]{"secret", "confidential"}, TestWithDisabledAuthorization.USER_RW.getShortName());
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        return null;
                    } finally {
                    }
                } catch (Throwable th3) {
                    Assert.fail("Should not have failed");
                    return null;
                }
            }
        });
    }

    @AfterClass
    public static void tearDownAfterClass() throws Exception {
        TEST_UTIL.shutdownMiniCluster();
    }

    @Test(timeout = 180000)
    public void testManageUserAuths() throws Throwable {
        SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() { // from class: org.apache.hadoop.hbase.security.visibility.TestWithDisabledAuthorization.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.conf);
                    Throwable th = null;
                    try {
                        VisibilityClient.setAuths(createConnection, new String[]{"secret", "confidential"}, TestWithDisabledAuthorization.USER_RW.getShortName());
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        return null;
                    } finally {
                    }
                } catch (Throwable th3) {
                    Assert.fail("Should not have failed");
                    return null;
                }
            }
        });
        PrivilegedExceptionAction<List<String>> privilegedExceptionAction = new PrivilegedExceptionAction<List<String>>() { // from class: org.apache.hadoop.hbase.security.visibility.TestWithDisabledAuthorization.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public List<String> run() throws Exception {
                VisibilityLabelsProtos.GetAuthsResponse getAuthsResponse = null;
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.conf);
                    Throwable th = null;
                    try {
                        try {
                            getAuthsResponse = VisibilityClient.getAuths(createConnection, TestWithDisabledAuthorization.USER_RW.getShortName());
                            if (createConnection != null) {
                                if (0 != 0) {
                                    try {
                                        createConnection.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    createConnection.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    Assert.fail("Should not have failed");
                }
                ArrayList arrayList = new ArrayList();
                Iterator it = getAuthsResponse.getAuthList().iterator();
                while (it.hasNext()) {
                    arrayList.add(Bytes.toString(((ByteString) it.next()).toByteArray()));
                }
                return arrayList;
            }
        };
        List list = (List) SUPERUSER.runAs(privilegedExceptionAction);
        Assert.assertEquals(2L, list.size());
        Assert.assertTrue(list.contains("secret"));
        Assert.assertTrue(list.contains("confidential"));
        SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() { // from class: org.apache.hadoop.hbase.security.visibility.TestWithDisabledAuthorization.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.conf);
                    Throwable th = null;
                    try {
                        VisibilityClient.clearAuths(createConnection, new String[]{"secret"}, TestWithDisabledAuthorization.USER_RW.getShortName());
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        return null;
                    } finally {
                    }
                } catch (Throwable th3) {
                    Assert.fail("Should not have failed");
                    return null;
                }
            }
        });
        List list2 = (List) SUPERUSER.runAs(privilegedExceptionAction);
        Assert.assertEquals(1L, list2.size());
        Assert.assertTrue(list2.contains("confidential"));
        SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() { // from class: org.apache.hadoop.hbase.security.visibility.TestWithDisabledAuthorization.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                try {
                    Connection createConnection = ConnectionFactory.createConnection(TestWithDisabledAuthorization.conf);
                    Throwable th = null;
                    try {
                        VisibilityClient.clearAuths(createConnection, new String[]{"confidential"}, TestWithDisabledAuthorization.USER_RW.getShortName());
                        if (createConnection != null) {
                            if (0 != 0) {
                                try {
                                    createConnection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createConnection.close();
                            }
                        }
                        return null;
                    } finally {
                    }
                } catch (Throwable th3) {
                    Assert.fail("Should not have failed");
                    return null;
                }
            }
        });
        Assert.assertEquals(0L, ((List) SUPERUSER.runAs(privilegedExceptionAction)).size());
    }

    @Test(timeout = 180000)
    public void testPassiveVisibility() throws Exception {
        ResultScanner scanner;
        Throwable th;
        Throwable th2;
        Throwable th3;
        Table createTableAndWriteDataWithLabels = createTableAndWriteDataWithLabels(TableName.valueOf(this.TEST_NAME.getMethodName()), "secret", "private", "secret|confidential", "private|confidential");
        Throwable th4 = null;
        try {
            Scan scan = new Scan();
            scan.setAuthorizations(new Authorizations(new String[0]));
            ResultScanner scanner2 = createTableAndWriteDataWithLabels.getScanner(scan);
            Throwable th5 = null;
            try {
                try {
                    Assert.assertEquals(scanner2.next(10).length, 4L);
                    if (scanner2 != null) {
                        if (0 != 0) {
                            try {
                                scanner2.close();
                            } catch (Throwable th6) {
                                th5.addSuppressed(th6);
                            }
                        } else {
                            scanner2.close();
                        }
                    }
                    Scan scan2 = new Scan();
                    scan2.setAuthorizations(new Authorizations(new String[]{"secret"}));
                    scanner = createTableAndWriteDataWithLabels.getScanner(scan2);
                    th = null;
                } catch (Throwable th7) {
                    th5 = th7;
                    throw th7;
                }
                try {
                    try {
                        Assert.assertEquals(scanner.next(10).length, 4L);
                        if (scanner != null) {
                            if (0 != 0) {
                                try {
                                    scanner.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                scanner.close();
                            }
                        }
                        Scan scan3 = new Scan();
                        scan3.setAuthorizations(new Authorizations(new String[]{"secret", "confidential"}));
                        scanner2 = createTableAndWriteDataWithLabels.getScanner(scan3);
                        th2 = null;
                    } catch (Throwable th9) {
                        th = th9;
                        throw th9;
                    }
                    try {
                        try {
                            Assert.assertEquals(scanner2.next(10).length, 4L);
                            if (scanner2 != null) {
                                if (0 != 0) {
                                    try {
                                        scanner2.close();
                                    } catch (Throwable th10) {
                                        th2.addSuppressed(th10);
                                    }
                                } else {
                                    scanner2.close();
                                }
                            }
                            Scan scan4 = new Scan();
                            scan4.setAuthorizations(new Authorizations(new String[]{"secret", "confidential", "private"}));
                            scanner2 = createTableAndWriteDataWithLabels.getScanner(scan4);
                            th3 = null;
                        } catch (Throwable th11) {
                            th2 = th11;
                            throw th11;
                        }
                        try {
                            try {
                                Assert.assertEquals(scanner2.next(10).length, 4L);
                                if (scanner2 != null) {
                                    if (0 != 0) {
                                        try {
                                            scanner2.close();
                                        } catch (Throwable th12) {
                                            th3.addSuppressed(th12);
                                        }
                                    } else {
                                        scanner2.close();
                                    }
                                }
                                if (createTableAndWriteDataWithLabels != null) {
                                    if (0 == 0) {
                                        createTableAndWriteDataWithLabels.close();
                                        return;
                                    }
                                    try {
                                        createTableAndWriteDataWithLabels.close();
                                    } catch (Throwable th13) {
                                        th4.addSuppressed(th13);
                                    }
                                }
                            } catch (Throwable th14) {
                                th3 = th14;
                                throw th14;
                            }
                        } finally {
                        }
                    } finally {
                    }
                } finally {
                    if (scanner != null) {
                        if (th != null) {
                            try {
                                scanner.close();
                            } catch (Throwable th15) {
                                th.addSuppressed(th15);
                            }
                        } else {
                            scanner.close();
                        }
                    }
                }
            } finally {
                if (scanner2 != null) {
                    if (th5 != null) {
                        try {
                            scanner2.close();
                        } catch (Throwable th16) {
                            th5.addSuppressed(th16);
                        }
                    } else {
                        scanner2.close();
                    }
                }
            }
        } catch (Throwable th17) {
            if (createTableAndWriteDataWithLabels != null) {
                if (0 != 0) {
                    try {
                        createTableAndWriteDataWithLabels.close();
                    } catch (Throwable th18) {
                        th4.addSuppressed(th18);
                    }
                } else {
                    createTableAndWriteDataWithLabels.close();
                }
            }
            throw th17;
        }
    }

    static Table createTableAndWriteDataWithLabels(TableName tableName, String... strArr) throws Exception {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < strArr.length; i++) {
            Put put = new Put(Bytes.toBytes("row" + (i + 1)));
            put.addColumn(TEST_FAMILY, TEST_QUALIFIER, Long.MAX_VALUE, ZERO);
            put.setCellVisibility(new CellVisibility(strArr[i]));
            arrayList.add(put);
        }
        Table createTable = TEST_UTIL.createTable(tableName, TEST_FAMILY);
        createTable.put(arrayList);
        return createTable;
    }
}
