package org.apache.hadoop.hbase.security.access;

import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.UUID;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.security.access.Permission;
import org.apache.hadoop.hbase.testclassification.LargeTests;
import org.apache.hadoop.hbase.testclassification.SecurityTests;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.hbase.util.LoadTestTool;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.rules.TestName;

@Category({SecurityTests.class, LargeTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/security/access/TestAccessControlFilter.class */
public class TestAccessControlFilter extends SecureTestUtil {

    @Rule
    public TestName name = new TestName();
    private static HBaseTestingUtility TEST_UTIL;
    private static User READER;
    private static User LIMITED;
    private static User DENIED;
    private static TableName TABLE;
    private static byte[] FAMILY = Bytes.toBytes("f1");
    private static byte[] PRIVATE_COL = Bytes.toBytes("private");
    private static byte[] PUBLIC_COL = Bytes.toBytes("public");

    @Before
    public void setup() {
        TABLE = TableName.valueOf(this.name.getMethodName());
    }

    @BeforeClass
    public static void setupBeforeClass() throws Exception {
        TEST_UTIL = new HBaseTestingUtility();
        Configuration configuration = TEST_UTIL.getConfiguration();
        configuration.setInt("hbase.regionserver.metahandler.count", 10);
        enableSecurity(configuration);
        verifyConfiguration(configuration);
        configuration.setBoolean("hbase.security.access.early_out", false);
        TEST_UTIL.startMiniCluster();
        TEST_UTIL.waitTableEnabled(AccessControlLists.ACL_TABLE_NAME.getName(), 50000L);
        READER = User.createUserForTesting(configuration, LoadTestTool.OPT_READER, new String[0]);
        LIMITED = User.createUserForTesting(configuration, "limited", new String[0]);
        DENIED = User.createUserForTesting(configuration, "denied", new String[0]);
    }

    @AfterClass
    public static void tearDownAfterClass() throws Exception {
        TEST_UTIL.shutdownMiniCluster();
    }

    /* JADX WARN: Type inference failed for: r2v1, types: [byte[], byte[][]] */
    @Test(timeout = 180000)
    public void testQualifierAccess() throws Exception {
        Table createTable = createTable(TEST_UTIL, TABLE, (byte[][]) new byte[]{FAMILY});
        try {
            doQualifierAccess(createTable);
            createTable.close();
        } catch (Throwable th) {
            createTable.close();
            throw th;
        }
    }

    private void doQualifierAccess(Table table) throws Exception {
        SecureTestUtil.grantOnTable(TEST_UTIL, READER.getShortName(), TABLE, null, null, Permission.Action.READ);
        SecureTestUtil.grantOnTable(TEST_UTIL, LIMITED.getShortName(), TABLE, FAMILY, PUBLIC_COL, Permission.Action.READ);
        ArrayList arrayList = new ArrayList(100);
        for (int i = 0; i < 100; i++) {
            Put put = new Put(Bytes.toBytes(i));
            put.addColumn(FAMILY, PRIVATE_COL, Bytes.toBytes("secret " + i));
            put.addColumn(FAMILY, PUBLIC_COL, Bytes.toBytes("info " + i));
            arrayList.add(put);
        }
        table.put(arrayList);
        READER.runAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hbase.security.access.TestAccessControlFilter.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Configuration configuration = new Configuration(TestAccessControlFilter.TEST_UTIL.getConfiguration());
                configuration.set("testkey", UUID.randomUUID().toString());
                Connection createConnection = ConnectionFactory.createConnection(configuration);
                Table table2 = createConnection.getTable(TestAccessControlFilter.TABLE);
                try {
                    int i2 = 0;
                    for (Result result : table2.getScanner(new Scan())) {
                        i2++;
                        int i3 = Bytes.toInt(result.getRow());
                        Assert.assertTrue(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PRIVATE_COL));
                        Assert.assertEquals("secret " + i3, Bytes.toString(result.getValue(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PRIVATE_COL)));
                        Assert.assertTrue(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL));
                        Assert.assertEquals("info " + i3, Bytes.toString(result.getValue(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL)));
                    }
                    Assert.assertEquals("Expected 100 rows returned", 100L, i2);
                    table2.close();
                    createConnection.close();
                    return null;
                } catch (Throwable th) {
                    table2.close();
                    createConnection.close();
                    throw th;
                }
            }
        });
        LIMITED.runAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hbase.security.access.TestAccessControlFilter.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Configuration configuration = new Configuration(TestAccessControlFilter.TEST_UTIL.getConfiguration());
                configuration.set("testkey", UUID.randomUUID().toString());
                Connection createConnection = ConnectionFactory.createConnection(configuration);
                Table table2 = createConnection.getTable(TestAccessControlFilter.TABLE);
                try {
                    int i2 = 0;
                    for (Result result : table2.getScanner(new Scan())) {
                        i2++;
                        int i3 = Bytes.toInt(result.getRow());
                        Assert.assertFalse(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PRIVATE_COL));
                        Assert.assertTrue(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL));
                        Assert.assertEquals("info " + i3, Bytes.toString(result.getValue(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL)));
                    }
                    Assert.assertEquals("Expected 100 rows returned", 100L, i2);
                    table2.close();
                    createConnection.close();
                    return null;
                } catch (Throwable th) {
                    table2.close();
                    createConnection.close();
                    throw th;
                }
            }
        });
        DENIED.runAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hbase.security.access.TestAccessControlFilter.3
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                Configuration configuration = new Configuration(TestAccessControlFilter.TEST_UTIL.getConfiguration());
                configuration.set("testkey", UUID.randomUUID().toString());
                Connection createConnection = ConnectionFactory.createConnection(configuration);
                Table table2 = createConnection.getTable(TestAccessControlFilter.TABLE);
                try {
                    int i2 = 0;
                    for (Result result : table2.getScanner(new Scan())) {
                        i2++;
                        int i3 = Bytes.toInt(result.getRow());
                        Assert.assertFalse(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PRIVATE_COL));
                        Assert.assertTrue(result.containsColumn(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL));
                        Assert.assertEquals("info " + i3, Bytes.toString(result.getValue(TestAccessControlFilter.FAMILY, TestAccessControlFilter.PUBLIC_COL)));
                    }
                    Assert.assertEquals("Expected 0 rows returned", 0L, i2);
                    table2.close();
                    createConnection.close();
                    return null;
                } catch (Throwable th) {
                    table2.close();
                    createConnection.close();
                    throw th;
                }
            }
        });
    }
}
