package org.apache.ignite.internal.processors.security.cluster;

import java.io.File;
import java.lang.invoke.SerializedLambda;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteException;
import org.apache.ignite.Ignition;
import org.apache.ignite.client.ClientConnectionException;
import org.apache.ignite.client.ClientException;
import org.apache.ignite.client.Config;
import org.apache.ignite.client.IgniteClient;
import org.apache.ignite.cluster.ClusterNode;
import org.apache.ignite.compute.ComputeJob;
import org.apache.ignite.compute.ComputeJobAdapter;
import org.apache.ignite.compute.ComputeJobResult;
import org.apache.ignite.compute.ComputeTaskAdapter;
import org.apache.ignite.configuration.ClientConfiguration;
import org.apache.ignite.configuration.ClientConnectorConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.configuration.ThinClientConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.processors.security.AbstractSecurityTest;
import org.apache.ignite.internal.processors.security.impl.TestSecurityData;
import org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider;
import org.apache.ignite.internal.util.lang.RunnableX;
import org.apache.ignite.plugin.security.SecurityException;
import org.apache.ignite.plugin.security.SecurityPermission;
import org.apache.ignite.plugin.security.SecurityPermissionSetBuilder;
import org.apache.ignite.resources.IgniteInstanceResource;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.multijvm.IgniteProcessProxy;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest.class */
public class ClusterNodeOperationPermissionTest extends AbstractSecurityTest {
    private IgniteClient cli;
    private IgniteProcessProxy ignite;
    public static final String RESTART_FILE_PATH = "src/test/resources/ignite-restart.tmp";

    /* loaded from: input_file:org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest$ClusterNodeOperationExecutor.class */
    public static final class ClusterNodeOperationExecutor extends ComputeTaskAdapter<Operation, Void> {

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest$ClusterNodeOperationExecutor$Job.class */
        public static final class Job extends ComputeJobAdapter {
            private final Operation op;

            @IgniteInstanceResource
            Ignite ignite;

            public Job(Operation operation) {
                this.op = operation;
            }

            public Object execute() throws IgniteException {
                switch (this.op) {
                    case STOP:
                        this.ignite.cluster().stopNodes(Collections.singleton(this.ignite.cluster().localNode().id()));
                        return null;
                    case STOP_ALL:
                        this.ignite.cluster().stopNodes();
                        return null;
                    case RESTART:
                        this.ignite.cluster().restartNodes(Collections.singleton(this.ignite.cluster().localNode().id()));
                        return null;
                    case RESTART_ALL:
                        this.ignite.cluster().restartNodes();
                        return null;
                    default:
                        return null;
                }
            }
        }

        @NotNull
        public Map<? extends ComputeJob, ClusterNode> map(List<ClusterNode> list, @Nullable Operation operation) throws IgniteException {
            return Collections.singletonMap(new Job(operation), list.get(0));
        }

        @Nullable
        public Void reduce(List<ComputeJobResult> list) throws IgniteException {
            return null;
        }

        @Nullable
        /* renamed from: reduce, reason: collision with other method in class */
        public /* bridge */ /* synthetic */ Object m1330reduce(List list) throws IgniteException {
            return reduce((List<ComputeJobResult>) list);
        }

        @NotNull
        public /* bridge */ /* synthetic */ Map map(List list, @Nullable Object obj) throws IgniteException {
            return map((List<ClusterNode>) list, (Operation) obj);
        }
    }

    /* loaded from: input_file:org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest$Operation.class */
    public enum Operation {
        STOP,
        STOP_ALL,
        RESTART,
        RESTART_ALL
    }

    private IgniteConfiguration configuration(int i) throws Exception {
        String testIgniteInstanceName = getTestIgniteInstanceName(i);
        return getConfiguration(testIgniteInstanceName, new TestSecurityPluginProvider(testIgniteInstanceName, "", SecurityPermissionSetBuilder.systemPermissions(new SecurityPermission[]{SecurityPermission.JOIN_AS_SERVER}), null, false, new TestSecurityData("stop-allowed", clientPermissionsBuilder().appendSystemPermissions(new SecurityPermission[]{SecurityPermission.ADMIN_CLUSTER_NODE_STOP}).build()), new TestSecurityData("stop-forbidden", clientPermissionsBuilder().build()))).setClientConnectorConfiguration(new ClientConnectorConfiguration().setThinClientConfiguration(new ThinClientConfiguration().setMaxActiveComputeTasksPerConnection(1)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTest() throws Exception {
        super.afterTest();
        stopAllGrids();
    }

    @Test
    public void testStartNodeAuthorization() throws Exception {
        IgniteEx startGrid = startGrid(configuration(0));
        assertAuthorizationFailed(() -> {
            startGrid.cluster().startNodes(new File("src/test/config/start-nodes.ini"), true, 1, 1);
        }, SecurityException.class);
        assertAuthorizationFailed(() -> {
        }, SecurityException.class);
        assertAuthorizationFailed(() -> {
            startGrid.cluster().startNodes(Collections.emptyList(), Collections.emptyMap(), true, 1, 1);
        }, SecurityException.class);
        assertAuthorizationFailed(() -> {
            startGrid.cluster().startNodes(Collections.emptyList(), Collections.emptyMap(), true, 1, 1);
        }, SecurityException.class);
    }

    @Test
    public void testStopNodeAuthorization() throws Exception {
        for (Operation operation : Operation.values()) {
            doClusterNodeTest("stop-allowed", operation, true);
            doClusterNodeTest("stop-forbidden", operation, false);
        }
    }

    private void doClusterNodeTest(String str, Operation operation, boolean z) throws Exception {
        prepareCluster(str);
        try {
            if (z) {
                try {
                    this.cli.compute().execute(ClusterNodeOperationExecutor.class.getName(), operation);
                } catch (ClientException e) {
                    assertTrue(e.getMessage().contains("Task cancelled due to stopping of the grid"));
                }
                assertTrue(GridTestUtils.waitForCondition(() -> {
                    return !this.ignite.getProcess().getProcess().isAlive();
                }, getTestTimeout()));
                assertTrue(!(operation == Operation.RESTART || operation == Operation.RESTART_ALL) || new File(RESTART_FILE_PATH).exists());
            } else {
                assertAuthorizationFailed(() -> {
                    this.cli.compute().execute(ClusterNodeOperationExecutor.class.getName(), operation);
                }, ClientException.class);
                assertTrue(this.ignite.getProcess().getProcess().isAlive());
            }
        } finally {
            stopCluster();
        }
    }

    private void prepareCluster(String str) throws Exception {
        this.ignite = new IgniteProcessProxy(configuration(0), log, null, true, Collections.singletonList("-DIGNITE_SUCCESS_FILE=src/test/resources/ignite-restart.tmp"));
        AtomicReference atomicReference = new AtomicReference();
        assertTrue(GridTestUtils.waitForCondition(() -> {
            try {
                atomicReference.set(startClient(str));
                return true;
            } catch (ClientConnectionException e) {
                return false;
            }
        }, getTestTimeout()));
        this.cli = (IgniteClient) atomicReference.get();
    }

    private void stopCluster() throws Exception {
        this.cli.close();
        this.ignite.kill();
        GridTestUtils.waitForCondition(() -> {
            return !this.ignite.getProcess().getProcess().isAlive();
        }, getTestTimeout());
        File file = new File(RESTART_FILE_PATH);
        if (file.exists()) {
            file.delete();
        }
    }

    private void assertAuthorizationFailed(RunnableX runnableX, Class<? extends Exception> cls) {
        GridTestUtils.assertThrowsAnyCause(log, () -> {
            runnableX.run();
            return null;
        }, cls, "Authorization failed");
    }

    private IgniteClient startClient(String str) {
        return Ignition.startClient(new ClientConfiguration().setAddresses(new String[]{Config.SERVER}).setUserName(str).setUserPassword(""));
    }

    private SecurityPermissionSetBuilder clientPermissionsBuilder() {
        return new SecurityPermissionSetBuilder().defaultAllowAll(false).appendTaskPermissions(ClusterNodeOperationExecutor.class.getName(), new SecurityPermission[]{SecurityPermission.TASK_EXECUTE});
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1882336932:
                if (implMethodName.equals("lambda$doClusterNodeTest$4bd1ad2e$1")) {
                    z = false;
                    break;
                }
                break;
            case -974922428:
                if (implMethodName.equals("lambda$testStartNodeAuthorization$4e17e7d2$1")) {
                    z = 4;
                    break;
                }
                break;
            case -974922427:
                if (implMethodName.equals("lambda$testStartNodeAuthorization$4e17e7d2$2")) {
                    z = 3;
                    break;
                }
                break;
            case -974922426:
                if (implMethodName.equals("lambda$testStartNodeAuthorization$4e17e7d2$3")) {
                    z = 2;
                    break;
                }
                break;
            case -974922425:
                if (implMethodName.equals("lambda$testStartNodeAuthorization$4e17e7d2$4")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/internal/util/lang/RunnableX") && serializedLambda.getFunctionalInterfaceMethodName().equals("runx") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest$Operation;)V")) {
                    ClusterNodeOperationPermissionTest clusterNodeOperationPermissionTest = (ClusterNodeOperationPermissionTest) serializedLambda.getCapturedArg(0);
                    Operation operation = (Operation) serializedLambda.getCapturedArg(1);
                    return () -> {
                        this.cli.compute().execute(ClusterNodeOperationExecutor.class.getName(), operation);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/internal/util/lang/RunnableX") && serializedLambda.getFunctionalInterfaceMethodName().equals("runx") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/ignite/internal/IgniteEx;)V")) {
                    IgniteEx igniteEx = (IgniteEx) serializedLambda.getCapturedArg(0);
                    return () -> {
                        igniteEx.cluster().startNodes(Collections.emptyList(), Collections.emptyMap(), true, 1, 1);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/internal/util/lang/RunnableX") && serializedLambda.getFunctionalInterfaceMethodName().equals("runx") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/ignite/internal/IgniteEx;)V")) {
                    IgniteEx igniteEx2 = (IgniteEx) serializedLambda.getCapturedArg(0);
                    return () -> {
                        igniteEx2.cluster().startNodes(Collections.emptyList(), Collections.emptyMap(), true, 1, 1);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/internal/util/lang/RunnableX") && serializedLambda.getFunctionalInterfaceMethodName().equals("runx") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/ignite/internal/IgniteEx;)V")) {
                    IgniteEx igniteEx3 = (IgniteEx) serializedLambda.getCapturedArg(0);
                    return () -> {
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/ignite/internal/util/lang/RunnableX") && serializedLambda.getFunctionalInterfaceMethodName().equals("runx") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("org/apache/ignite/internal/processors/security/cluster/ClusterNodeOperationPermissionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/ignite/internal/IgniteEx;)V")) {
                    IgniteEx igniteEx4 = (IgniteEx) serializedLambda.getCapturedArg(0);
                    return () -> {
                        igniteEx4.cluster().startNodes(new File("src/test/config/start-nodes.ini"), true, 1, 1);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
