package org.infinispan.security;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import javax.security.auth.Subject;
import org.infinispan.Cache;
import org.infinispan.configuration.cache.AuthorizationConfigurationBuilder;
import org.infinispan.configuration.cache.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalAuthorizationConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.security.impl.IdentityRoleMapper;
import org.infinispan.test.SingleCacheManagerTest;
import org.infinispan.test.TestingUtil;
import org.infinispan.test.fwk.TestCacheManagerFactory;
import org.infinispan.transaction.LockingMode;
import org.infinispan.util.logging.Log;
import org.infinispan.util.logging.LogFactory;
import org.testng.annotations.Test;

@Test(groups = {"functional", "smoke"}, testName = "security.SingleCacheManagerTest")
/* loaded from: input_file:org/infinispan/security/CacheAuthorizationTest.class */
public class CacheAuthorizationTest extends SingleCacheManagerTest {
    static final Subject ADMIN;
    static final Log log = LogFactory.getLog(CacheAuthorizationTest.class);
    static final Map<AuthorizationPermission, Subject> SUBJECTS = new HashMap(AuthorizationPermission.values().length);

    @Override // org.infinispan.test.SingleCacheManagerTest
    protected EmbeddedCacheManager createCacheManager() throws Exception {
        final GlobalConfigurationBuilder globalConfigurationBuilder = new GlobalConfigurationBuilder();
        GlobalAuthorizationConfigurationBuilder principalRoleMapper = globalConfigurationBuilder.security().authorization().enable().principalRoleMapper(new IdentityRoleMapper());
        final ConfigurationBuilder defaultCacheConfiguration = TestCacheManagerFactory.getDefaultCacheConfiguration(true);
        defaultCacheConfiguration.transaction().lockingMode(LockingMode.PESSIMISTIC);
        defaultCacheConfiguration.invocationBatching().enable();
        AuthorizationConfigurationBuilder enable = defaultCacheConfiguration.security().authorization().enable();
        for (AuthorizationPermission authorizationPermission : AuthorizationPermission.values()) {
            principalRoleMapper.role(authorizationPermission.toString()).permission(authorizationPermission);
            enable.role(authorizationPermission.toString());
        }
        return (EmbeddedCacheManager) Security.doAs(ADMIN, new PrivilegedAction<EmbeddedCacheManager>() { // from class: org.infinispan.security.CacheAuthorizationTest.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public EmbeddedCacheManager run() {
                return TestCacheManagerFactory.createCacheManager(globalConfigurationBuilder, defaultCacheConfiguration);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.test.SingleCacheManagerTest
    public void setup() throws Exception {
        this.cacheManager = createCacheManager();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.test.SingleCacheManagerTest
    public void teardown() {
        Security.doAs(ADMIN, new PrivilegedAction<Void>() { // from class: org.infinispan.security.CacheAuthorizationTest.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                CacheAuthorizationTest.super.teardown();
                return null;
            }
        });
    }

    @Override // org.infinispan.test.SingleCacheManagerTest
    protected void clearContent() {
        Security.doAs(ADMIN, new PrivilegedAction<Void>() { // from class: org.infinispan.security.CacheAuthorizationTest.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                CacheAuthorizationTest.this.cacheManager.getCache().clear();
                return null;
            }
        });
    }

    public void testAllCombinations() throws Exception {
        Method[] methods = SecureCache.class.getMethods();
        HashSet<String> hashSet = new HashSet();
        for (Method method : methods) {
            StringBuilder sb = new StringBuilder("test");
            String name = method.getName();
            sb.append(name.substring(0, 1).toUpperCase());
            sb.append(name.substring(1));
            Class<?>[] parameterTypes = method.getParameterTypes();
            int length = parameterTypes.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    hashSet.add(sb.toString());
                    break;
                }
                Class<?> cls = parameterTypes[i];
                Package r0 = cls.getPackage();
                if (r0 == null || !r0.getName().startsWith("java.util.function")) {
                    sb.append("_");
                    sb.append(cls.getSimpleName().replaceAll("\\[\\]", "Array"));
                    i++;
                }
            }
        }
        final SecureCacheTestDriver secureCacheTestDriver = new SecureCacheTestDriver();
        final SecureCache secureCache = (SecureCache) Security.doAs(ADMIN, new PrivilegedAction<Cache<String, String>>() { // from class: org.infinispan.security.CacheAuthorizationTest.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Cache<String, String> run() {
                return CacheAuthorizationTest.this.cacheManager.getCache();
            }
        });
        for (final String str : hashSet) {
            try {
                final Method method2 = secureCacheTestDriver.getClass().getMethod(str, SecureCache.class);
                TestCachePermission testCachePermission = (TestCachePermission) method2.getAnnotation(TestCachePermission.class);
                if (testCachePermission == null) {
                    throw new Exception(String.format("Method %s on class %s is missing the TestCachePermission annotation", str, secureCacheTestDriver.getClass().getName()));
                }
                final AuthorizationPermission value = testCachePermission.value();
                AuthorizationPermission[] values = AuthorizationPermission.values();
                int length2 = values.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length2) {
                        break;
                    }
                    final AuthorizationPermission authorizationPermission = values[i2];
                    if (authorizationPermission != AuthorizationPermission.NONE) {
                        if (testCachePermission.needsSecurityManager() && System.getSecurityManager() == null) {
                            log.debugf("Method %s (skipped, needs SecurityManager)", str);
                            break;
                        }
                        log.debugf("Method %s > %s", str, authorizationPermission.toString());
                        if (value == AuthorizationPermission.NONE) {
                            try {
                                method2.invoke(secureCacheTestDriver, secureCache);
                            } catch (SecurityException e) {
                                throw new Exception(String.format("Unexpected SecurityException while invoking %s with permission %s", str, authorizationPermission.toString()), e);
                            }
                        } else {
                            Security.doAs(SUBJECTS.get(authorizationPermission), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.security.CacheAuthorizationTest.5
                                /* JADX WARN: Can't rename method to resolve collision */
                                @Override // java.security.PrivilegedExceptionAction
                                public Void run() throws Exception {
                                    try {
                                        method2.invoke(secureCacheTestDriver, secureCache);
                                        if (authorizationPermission.implies(value)) {
                                            return null;
                                        }
                                        throw new Exception(String.format("Expected SecurityException while invoking %s with permission %s", str, authorizationPermission.toString()));
                                    } catch (InvocationTargetException e2) {
                                        if (!(e2.getCause() instanceof SecurityException)) {
                                            throw new Exception("Unexpected non-SecurityException", e2);
                                        }
                                        if (authorizationPermission.implies(value)) {
                                            throw new Exception(String.format("Unexpected SecurityException while invoking %s with permission %s", str, authorizationPermission.toString()), e2);
                                        }
                                        return null;
                                    }
                                }
                            });
                        }
                    }
                    i2++;
                }
            } catch (NoSuchMethodException e2) {
                throw new Exception(String.format("Class %s needs to declare a method with the following signature: void %s(SecureCache<String, String> cache) {}\n", secureCacheTestDriver.getClass().getName(), str), e2);
            }
        }
    }

    static {
        for (AuthorizationPermission authorizationPermission : AuthorizationPermission.values()) {
            SUBJECTS.put(authorizationPermission, TestingUtil.makeSubject(authorizationPermission.toString() + "_user", authorizationPermission.toString()));
        }
        ADMIN = SUBJECTS.get(AuthorizationPermission.ALL);
    }
}
