package org.apache.activemq.security;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.security.Permission;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Set;
import javax.naming.Context;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.command.ActiveMQTopic;
import org.apache.activemq.jaas.GroupPrincipal;
import org.apache.activemq.util.Wait;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.shared.ldap.model.ldif.LdifEntry;
import org.apache.directory.shared.ldap.model.ldif.LdifReader;
import org.apache.directory.shared.ldap.model.message.ModifyRequest;
import org.apache.directory.shared.ldap.model.message.ModifyRequestImpl;
import org.apache.directory.shared.ldap.model.name.Dn;
import org.apache.directory.shared.ldap.model.name.Rdn;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/activemq/security/AbstractCachedLDAPAuthorizationMapLegacyTest.class */
public abstract class AbstractCachedLDAPAuthorizationMapLegacyTest extends AbstractLdapTestUnit {
    static final GroupPrincipal GUESTS = new GroupPrincipal("guests");
    static final GroupPrincipal USERS = new GroupPrincipal("users");
    static final GroupPrincipal ADMINS = new GroupPrincipal("admins");
    protected LdapConnection connection;
    protected SimpleCachedLDAPAuthorizationMap map;

    @Before
    public void setup() throws Exception {
        this.connection = getLdapConnection();
        this.map = createMap();
    }

    @After
    public void cleanup() throws Exception {
        if (this.connection != null) {
            try {
                this.connection.close();
            } catch (IOException e) {
            }
        }
        if (this.map != null) {
            this.map.destroy();
        }
    }

    @Test
    public void testQuery() throws Exception {
        this.map.query();
        Set readACLs = this.map.getReadACLs(new ActiveMQQueue("TEST.FOO"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
    }

    @Test
    public void testSynchronousUpdate() throws Exception {
        this.map.setRefreshInterval(1);
        this.map.query();
        Set readACLs = this.map.getReadACLs(new ActiveMQQueue("TEST.FOO"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
        LdifReader ldifReader = new LdifReader(getRemoveLdif());
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            this.connection.delete(((LdifEntry) it.next()).getDn());
        }
        ldifReader.close();
        Assert.assertTrue("did not get expected size. ", Wait.waitFor(new Wait.Condition() { // from class: org.apache.activemq.security.AbstractCachedLDAPAuthorizationMapLegacyTest.1
            public boolean isSatisified() throws Exception {
                return AbstractCachedLDAPAuthorizationMapLegacyTest.this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")).size() == 0;
            }
        }));
        Assert.assertNull(this.map.getTempDestinationReadACLs());
        Assert.assertNull(this.map.getTempDestinationWriteACLs());
        Assert.assertNull(this.map.getTempDestinationAdminACLs());
    }

    @Test
    public void testWildcards() throws Exception {
        this.map.query();
        Set readACLs = this.map.getReadACLs(new ActiveMQQueue("FOO.1"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
        Set readACLs2 = this.map.getReadACLs(new ActiveMQQueue("BAR.2"));
        Assert.assertEquals("set size: " + readACLs2, 2L, readACLs2.size());
        Assert.assertTrue("Contains admin group", readACLs2.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs2.contains(USERS));
    }

    @Test
    public void testAdvisory() throws Exception {
        this.map.query();
        Set readACLs = this.map.getReadACLs(new ActiveMQTopic("ActiveMQ.Advisory.Connection"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
    }

    @Test
    public void testTemporary() throws Exception {
        this.map.query();
        Thread.sleep(1000L);
        Set tempDestinationReadACLs = this.map.getTempDestinationReadACLs();
        Assert.assertEquals("set size: " + tempDestinationReadACLs, 2L, tempDestinationReadACLs.size());
        Assert.assertTrue("Contains admin group", tempDestinationReadACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", tempDestinationReadACLs.contains(USERS));
    }

    @Test
    public void testAdd() throws Exception {
        this.map.query();
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
        LdifReader ldifReader = new LdifReader(getAddLdif());
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            this.connection.add(((LdifEntry) it.next()).getEntry());
        }
        ldifReader.close();
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("FAILED")), 2L, r0.size());
    }

    @Test
    public void testRemove() throws Exception {
        this.map.query();
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        LdifReader ldifReader = new LdifReader(getRemoveLdif());
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            this.connection.delete(((LdifEntry) it.next()).getDn());
        }
        ldifReader.close();
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
        Assert.assertTrue(this.map.getTempDestinationReadACLs() == null || this.map.getTempDestinationReadACLs().isEmpty());
        Assert.assertTrue(this.map.getTempDestinationWriteACLs() == null || this.map.getTempDestinationWriteACLs().isEmpty());
        Assert.assertTrue(this.map.getTempDestinationAdminACLs() == null || this.map.getTempDestinationAdminACLs().isEmpty());
    }

    @Test
    public void testRenameDestination() throws Exception {
        this.map.query();
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        this.connection.rename(new Dn(new String[]{"cn=TEST.FOO," + getQueueBaseDn()}), new Rdn("cn=TEST.BAR"));
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.BAR")), 2L, r0.size());
    }

    @Test
    public void testRenamePermission() throws Exception {
        this.map.query();
        this.connection.delete(new Dn(new String[]{"cn=Read,cn=TEST.FOO," + getQueueBaseDn()}));
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
        Assert.assertEquals("set size: " + this.map.getWriteACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        this.connection.rename(new Dn(new String[]{"cn=Write,cn=TEST.FOO," + getQueueBaseDn()}), new Rdn("cn=Read"));
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        Assert.assertEquals("set size: " + this.map.getWriteACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
    }

    @Test
    public void testChange() throws Exception {
        this.map.query();
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        Dn dn = new Dn(new String[]{"cn=read,cn=TEST.FOO," + getQueueBaseDn()});
        ModifyRequestImpl modifyRequestImpl = new ModifyRequestImpl();
        modifyRequestImpl.setName(dn);
        setupModifyRequest(modifyRequestImpl);
        this.connection.modify(modifyRequestImpl);
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 1L, r0.size());
        ModifyRequestImpl modifyRequestImpl2 = new ModifyRequestImpl();
        modifyRequestImpl2.setName(new Dn(new String[]{"cn=TEST.FOO," + getQueueBaseDn()}));
        modifyRequestImpl2.add("description", new String[]{"This is a description!  In fact, it is a very good description."});
        this.connection.modify(modifyRequestImpl2);
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 1L, r0.size());
    }

    @Test
    public void testRestartAsync() throws Exception {
        testRestart(false);
    }

    @Test
    public void testRestartSync() throws Exception {
        testRestart(true);
    }

    public void testRestart(final boolean z) throws Exception {
        if (z) {
            this.map.setRefreshInterval(1000);
        }
        this.map.query();
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        getLdapServer().stop();
        Wait.waitFor(new Wait.Condition() { // from class: org.apache.activemq.security.AbstractCachedLDAPAuthorizationMapLegacyTest.2
            public boolean isSatisified() throws Exception {
                return z ? !AbstractCachedLDAPAuthorizationMapLegacyTest.this.map.isContextAlive() : AbstractCachedLDAPAuthorizationMapLegacyTest.this.map.context == null;
            }
        });
        Assert.assertEquals("set size: " + this.map.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        getLdapServer().start();
        Thread.sleep(2000L);
        this.connection = getLdapConnection();
        LdifReader ldifReader = new LdifReader(getAddLdif());
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            this.connection.add(((LdifEntry) it.next()).getEntry());
        }
        ldifReader.close();
        Assert.assertTrue("did not get expected size. ", Wait.waitFor(new Wait.Condition() { // from class: org.apache.activemq.security.AbstractCachedLDAPAuthorizationMapLegacyTest.3
            public boolean isSatisified() throws Exception {
                return AbstractCachedLDAPAuthorizationMapLegacyTest.this.map.getReadACLs(new ActiveMQQueue("FAILED")).size() == 2;
            }
        }));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SimpleCachedLDAPAuthorizationMap createMap() {
        return new SimpleCachedLDAPAuthorizationMap();
    }

    protected abstract InputStream getAddLdif();

    protected abstract InputStream getRemoveLdif();

    protected void setupModifyRequest(ModifyRequest modifyRequest) {
        modifyRequest.remove("member", new String[]{"cn=users"});
    }

    protected abstract String getQueueBaseDn();

    protected abstract LdapConnection getLdapConnection() throws Exception;

    public static void cleanAndLoad(String str, String str2, String str3, int i, String str4, String str5, DirContext dirContext) throws Exception {
        LinkedList linkedList = new LinkedList();
        linkedList.add(str);
        while (!linkedList.isEmpty()) {
            String str6 = (String) linkedList.get(linkedList.size() - 1);
            NamingEnumeration list = ((Context) dirContext.lookup(str6)).list("");
            if (list.hasMore()) {
                while (list.hasMore()) {
                    linkedList.add(((NameClassPair) list.next()).getNameInNamespace());
                }
            } else {
                dirContext.unbind(str6);
                linkedList.remove(linkedList.size() - 1);
            }
        }
        System.setSecurityManager(new SecurityManager() { // from class: org.apache.activemq.security.AbstractCachedLDAPAuthorizationMapLegacyTest.4
            @Override // java.lang.SecurityManager
            public void checkPermission(Permission permission) {
                if (permission.getName().contains("exitVM")) {
                    throw new SecurityException("System.exit calls disabled for the moment.");
                }
            }
        });
        File file = new File(AbstractCachedLDAPAuthorizationMapLegacyTest.class.getClassLoader().getResource(str2).toURI());
        try {
            Class.forName("LDAPModify").getMethod("main", String[].class).invoke(null, new String[]{"-v", "-h", str3, "-p", String.valueOf(i), "-D", str4, "-w", str5, "-a", "-f", file.toString()});
        } catch (InvocationTargetException e) {
            if (!(e.getTargetException() instanceof SecurityException)) {
                throw e;
            }
        }
        System.setSecurityManager(null);
    }
}
