package org.infinispan.scripting;

import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import org.infinispan.Cache;
import org.infinispan.configuration.cache.CacheMode;
import org.infinispan.configuration.cache.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.scripting.utils.ScriptingUtils;
import org.infinispan.security.AuthorizationPermission;
import org.infinispan.security.Security;
import org.infinispan.security.impl.IdentityRoleMapper;
import org.infinispan.tasks.TaskContext;
import org.infinispan.test.MultipleCacheManagersTest;
import org.infinispan.test.TestingUtil;
import org.infinispan.test.fwk.CleanupAfterTest;
import org.testng.AssertJUnit;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

@CleanupAfterTest
@Test(groups = {"functional"}, testName = "scripting.ReplicatedSecuredScriptingTest")
/* loaded from: input_file:org/infinispan/scripting/ReplicatedSecuredScriptingTest.class */
public class ReplicatedSecuredScriptingTest extends MultipleCacheManagersTest {
    static final Subject ADMIN = TestingUtil.makeSubject(new String[]{"admin", "___script_manager"});
    static final Subject RUNNER = TestingUtil.makeSubject(new String[]{"runner", "runner"});
    static final Subject PHEIDIPPIDES = TestingUtil.makeSubject(new String[]{"pheidippides", "pheidippides"});

    protected void createCacheManagers() throws Throwable {
        final GlobalConfigurationBuilder defaultClusteredBuilder = GlobalConfigurationBuilder.defaultClusteredBuilder();
        final ConfigurationBuilder defaultClusteredCacheConfig = getDefaultClusteredCacheConfig(CacheMode.REPL_SYNC);
        defaultClusteredBuilder.security().authorization().enable().principalRoleMapper(new IdentityRoleMapper()).role("admin").permission(AuthorizationPermission.ALL).role("runner").permission(AuthorizationPermission.EXEC).permission(AuthorizationPermission.READ).permission(AuthorizationPermission.WRITE).permission(AuthorizationPermission.ADMIN).role("pheidippides").permission(AuthorizationPermission.EXEC).permission(AuthorizationPermission.READ).permission(AuthorizationPermission.WRITE);
        defaultClusteredCacheConfig.security().authorization().enable().role("admin").role("runner").role("pheidippides");
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ReplicatedSecuredScriptingTest.this.createCluster(defaultClusteredBuilder, defaultClusteredCacheConfig, 2);
                ReplicatedSecuredScriptingTest.this.defineConfigurationOnAllManagers("secured-script-exec", defaultClusteredCacheConfig);
                Iterator it = ReplicatedSecuredScriptingTest.this.cacheManagers.iterator();
                while (it.hasNext()) {
                    ((EmbeddedCacheManager) it.next()).getCache("secured-script-exec");
                }
                ReplicatedSecuredScriptingTest.this.waitForClusterToForm();
                return null;
            }
        });
    }

    @AfterClass(alwaysRun = true)
    protected void destroy() {
        Security.doAs(ADMIN, new PrivilegedAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                ReplicatedSecuredScriptingTest.super.destroy();
                return null;
            }
        });
    }

    @AfterMethod(alwaysRun = true)
    protected void clearContent() throws Throwable {
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                try {
                    ReplicatedSecuredScriptingTest.super.clearContent();
                    return null;
                } catch (Throwable th) {
                    throw new Exception(th);
                }
            }
        });
    }

    public void testLocalScriptExecutionWithRole() throws Exception {
        final ScriptingManager scriptingManager = ScriptingUtils.getScriptingManager(manager(0));
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ScriptingUtils.loadScript(scriptingManager, "/testRole.js");
                return null;
            }
        });
        Security.doAs(PHEIDIPPIDES, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                Cache cache = ReplicatedSecuredScriptingTest.this.manager(0).getCache("secured-script-exec");
                AssertJUnit.assertEquals("value", (String) scriptingManager.runScript("testRole.js", new TaskContext().cache(cache).addParameter("a", "value")).get());
                AssertJUnit.assertEquals("value", cache.get("a"));
                return null;
            }
        });
    }

    @Test(expectedExceptions = {PrivilegedActionException.class, SecurityException.class})
    public void testLocalScriptExecutionWithAuthException() throws Exception {
        final ScriptingManager scriptingManager = ScriptingUtils.getScriptingManager(manager(0));
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ScriptingUtils.loadScript(scriptingManager, "/testRole.js");
                return null;
            }
        });
        Security.doAs(RUNNER, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                scriptingManager.runScript("testRole.js", new TaskContext().cache(ReplicatedSecuredScriptingTest.this.manager(0).getCache()).addParameter("a", "value")).get();
                return null;
            }
        });
    }

    @Test(enabled = false, description = "Enable when ISPN-6374 is fixed.")
    public void testDistributedScriptExecutionWithRole() throws Exception {
        final ScriptingManager scriptingManager = ScriptingUtils.getScriptingManager(manager(0));
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.8
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ScriptingUtils.loadScript(scriptingManager, "/testRole_dist.js");
                return null;
            }
        });
        Security.doAs(RUNNER, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.9
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                Cache cache = ReplicatedSecuredScriptingTest.this.manager(0).getCache();
                List list = (List) scriptingManager.runScript("testRole_dist.js", new TaskContext().cache(cache).addParameter("a", "value")).get();
                AssertJUnit.assertEquals(list.get(0), ReplicatedSecuredScriptingTest.this.manager(0).getAddress());
                AssertJUnit.assertEquals(list.get(1), ReplicatedSecuredScriptingTest.this.manager(1).getAddress());
                AssertJUnit.assertEquals("value", cache.get("a"));
                AssertJUnit.assertEquals("value", ReplicatedSecuredScriptingTest.this.manager(1).getCache().get("a"));
                return null;
            }
        });
    }

    @Test(expectedExceptions = {PrivilegedActionException.class, SecurityException.class})
    public void testDistributedScriptExecutionWithAuthException() throws Exception {
        final ScriptingManager scriptingManager = ScriptingUtils.getScriptingManager(manager(0));
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.10
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ScriptingUtils.loadScript(scriptingManager, "/testRole_dist.js");
                return null;
            }
        });
        Security.doAs(PHEIDIPPIDES, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.scripting.ReplicatedSecuredScriptingTest.11
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                scriptingManager.runScript("testRole_dist.js", new TaskContext().cache(ReplicatedSecuredScriptingTest.this.manager(0).getCache()).addParameter("a", "value")).get();
                return null;
            }
        });
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "cacheModeProvider")
    private static Object[][] providePrinciples() {
        return new Object[]{new Object[]{CacheMode.REPL_SYNC}, new Object[]{CacheMode.DIST_SYNC}};
    }
}
