package org.apache.activemq.security;

import java.util.Iterator;
import java.util.Set;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.command.ActiveMQTopic;
import org.apache.activemq.jaas.GroupPrincipal;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.message.BindResponse;
import org.apache.directory.ldap.client.api.message.ModifyRequest;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifFiles;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.shared.ldap.ldif.LdifEntry;
import org.apache.directory.shared.ldap.ldif.LdifReader;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.DN;
import org.apache.directory.shared.ldap.name.RDN;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")})
@RunWith(FrameworkRunner.class)
@ApplyLdifFiles({"org/apache/activemq/security/activemq-apacheds.ldif"})
/* loaded from: input_file:org/apache/activemq/security/CachedLDAPAuthorizationModuleTest.class */
public class CachedLDAPAuthorizationModuleTest extends AbstractLdapTestUnit {
    static final GroupPrincipal GUESTS = new GroupPrincipal("guests");
    static final GroupPrincipal USERS = new GroupPrincipal("users");
    static final GroupPrincipal ADMINS = new GroupPrincipal("admins");

    @Test
    public void testQuery() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Set readACLs = cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
    }

    @Test
    public void testWildcards() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Set readACLs = cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("FOO.1"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap2 = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap2.query();
        Set readACLs2 = cachedLDAPAuthorizationMap2.getReadACLs(new ActiveMQQueue("BAR.2"));
        Assert.assertEquals("set size: " + readACLs2, 2L, readACLs2.size());
        Assert.assertTrue("Contains admin group", readACLs2.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs2.contains(USERS));
    }

    @Test
    public void testAdvisory() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Set readACLs = cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQTopic("ActiveMQ.Advisory.Connection"));
        Assert.assertEquals("set size: " + readACLs, 2L, readACLs.size());
        Assert.assertTrue("Contains admin group", readACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", readACLs.contains(USERS));
    }

    @Test
    public void testTemporary() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Thread.sleep(1000L);
        Set tempDestinationReadACLs = cachedLDAPAuthorizationMap.getTempDestinationReadACLs();
        Assert.assertEquals("set size: " + tempDestinationReadACLs, 2L, tempDestinationReadACLs.size());
        Assert.assertTrue("Contains admin group", tempDestinationReadACLs.contains(ADMINS));
        Assert.assertTrue("Contains users group", tempDestinationReadACLs.contains(USERS));
    }

    @Test
    public void testAdd() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("FAILED")), 0L, r0.size());
        LdapConnection ldapConnection = new LdapConnection("localhost", 1024);
        BindResponse bind = ldapConnection.bind("uid=admin,ou=system", "secret");
        Assert.assertNotNull(bind);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bind.getLdapResult().getResultCode());
        Assert.assertTrue(ldapConnection.isAuthenticated());
        LdifReader ldifReader = new LdifReader(getClass().getClassLoader().getResourceAsStream("org/apache/activemq/security/add.ldif"));
        service.getTestEntries();
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            ldapConnection.add(((LdifEntry) it.next()).getEntry());
        }
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("FAILED")), 2L, r0.size());
        ldapConnection.close();
    }

    @Test
    public void testRemove() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        LdapConnection ldapConnection = new LdapConnection("localhost", 1024);
        BindResponse bind = ldapConnection.bind("uid=admin,ou=system", "secret");
        Assert.assertNotNull(bind);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bind.getLdapResult().getResultCode());
        Assert.assertTrue(ldapConnection.isAuthenticated());
        LdifReader ldifReader = new LdifReader(getClass().getClassLoader().getResourceAsStream("org/apache/activemq/security/delete.ldif"));
        service.getTestEntries();
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            ldapConnection.delete(((LdifEntry) it.next()).getDn());
        }
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
        ldapConnection.close();
    }

    @Test
    public void testRename() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        LdapConnection ldapConnection = new LdapConnection("localhost", 1024);
        BindResponse bind = ldapConnection.bind("uid=admin,ou=system", "secret");
        Assert.assertNotNull(bind);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bind.getLdapResult().getResultCode());
        Assert.assertTrue(ldapConnection.isAuthenticated());
        ldapConnection.rename(new DN("cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system"), new RDN("cn=TEST.BAR"));
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 0L, r0.size());
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.BAR")), 2L, r0.size());
        ldapConnection.close();
    }

    @Test
    public void testChange() throws Exception {
        CachedLDAPAuthorizationMap cachedLDAPAuthorizationMap = new CachedLDAPAuthorizationMap();
        cachedLDAPAuthorizationMap.query();
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 2L, r0.size());
        LdapConnection ldapConnection = new LdapConnection("localhost", 1024);
        BindResponse bind = ldapConnection.bind("uid=admin,ou=system", "secret");
        Assert.assertNotNull(bind);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bind.getLdapResult().getResultCode());
        Assert.assertTrue(ldapConnection.isAuthenticated());
        ModifyRequest modifyRequest = new ModifyRequest(new DN("cn=read,cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system"));
        modifyRequest.remove("member", new String[]{"cn=users"});
        ldapConnection.modify(modifyRequest);
        Thread.sleep(2000L);
        Assert.assertEquals("set size: " + cachedLDAPAuthorizationMap.getReadACLs(new ActiveMQQueue("TEST.FOO")), 1L, r0.size());
        ldapConnection.close();
    }
}
