package org.apache.hadoop.hive.ql.security.authorization.plugin;

import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.ql.Driver;
import org.apache.hadoop.hive.ql.lockmgr.DbTxnManager;
import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
import org.apache.hadoop.hive.ql.session.SessionState;
import org.apache.hadoop.security.UserGroupInformation;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.Matchers;
import org.mockito.Mockito;

/* loaded from: input_file:org/apache/hadoop/hive/ql/security/authorization/plugin/TestHivePrivilegeObjectOwnerNameAndType.class */
public class TestHivePrivilegeObjectOwnerNameAndType {
    protected static HiveConf conf;
    protected static Driver driver;
    private static final String TABLE_NAME = TestHivePrivilegeObjectOwnerNameAndType.class.getSimpleName() + "Table";
    static HiveAuthorizer mockedAuthorizer;

    /* loaded from: input_file:org/apache/hadoop/hive/ql/security/authorization/plugin/TestHivePrivilegeObjectOwnerNameAndType$MockedHiveAuthorizerFactory.class */
    static class MockedHiveAuthorizerFactory implements HiveAuthorizerFactory {
        MockedHiveAuthorizerFactory() {
        }

        public HiveAuthorizer createHiveAuthorizer(HiveMetastoreClientFactory hiveMetastoreClientFactory, HiveConf hiveConf, HiveAuthenticationProvider hiveAuthenticationProvider, HiveAuthzSessionContext hiveAuthzSessionContext) {
            TestHivePrivilegeObjectOwnerNameAndType.mockedAuthorizer = (HiveAuthorizer) Mockito.mock(HiveAuthorizer.class);
            return TestHivePrivilegeObjectOwnerNameAndType.mockedAuthorizer;
        }
    }

    @BeforeClass
    public static void beforeTest() throws Exception {
        UserGroupInformation.setLoginUser(UserGroupInformation.createRemoteUser("hive"));
        conf = new HiveConf();
        conf.setVar(HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER, MockedHiveAuthorizerFactory.class.getName());
        conf.setBoolVar(HiveConf.ConfVars.HIVE_AUTHORIZATION_ENABLED, true);
        conf.setBoolVar(HiveConf.ConfVars.HIVE_SERVER2_ENABLE_DOAS, false);
        conf.setBoolVar(HiveConf.ConfVars.HIVE_SUPPORT_CONCURRENCY, true);
        conf.setVar(HiveConf.ConfVars.HIVE_TXN_MANAGER, DbTxnManager.class.getName());
        conf.setVar(HiveConf.ConfVars.HIVEMAPREDMODE, "nonstrict");
        SessionState.start(conf);
        driver = new Driver(conf);
        runCmd("create table " + TABLE_NAME + " (i int, j int, k string) partitioned by (city string, `date` string) ");
    }

    private static void runCmd(String str) throws Exception {
        driver.run(str);
    }

    @AfterClass
    public static void afterTests() throws Exception {
        runCmd("drop table if exists " + TABLE_NAME);
        driver.close();
    }

    @Test
    public void testOwnerNames() throws Exception {
        Mockito.reset(new HiveAuthorizer[]{mockedAuthorizer});
        driver.compile("create table default.t1 (name string)", true);
        Pair<List<HivePrivilegeObject>, List<HivePrivilegeObject>> hivePrivilegeObjectInputs = getHivePrivilegeObjectInputs();
        boolean z = false;
        boolean z2 = false;
        for (HivePrivilegeObject hivePrivilegeObject : (List) hivePrivilegeObjectInputs.getLeft()) {
            if (hivePrivilegeObject.getType() == HivePrivilegeObject.HivePrivilegeObjectType.DATABASE && hivePrivilegeObject.getOwnerName() != null) {
                z = true;
            }
            if (hivePrivilegeObject.getType() == HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW && hivePrivilegeObject.getOwnerName() != null) {
                z2 = true;
            }
        }
        for (HivePrivilegeObject hivePrivilegeObject2 : (List) hivePrivilegeObjectInputs.getRight()) {
            if (hivePrivilegeObject2.getType() == HivePrivilegeObject.HivePrivilegeObjectType.DATABASE && hivePrivilegeObject2.getOwnerName() != null) {
                z = true;
            }
            if (hivePrivilegeObject2.getType() == HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW && hivePrivilegeObject2.getOwnerName() != null) {
                z2 = true;
            }
        }
        if (!z2 || !z) {
            throw new HiveAuthzPluginException("Ownername is not present in HivePrivilegeObject");
        }
    }

    @Test
    public void testOwnerType() throws Exception {
        Mockito.reset(new HiveAuthorizer[]{mockedAuthorizer});
        driver.compile("create table default.t1 (name string)", true);
        Pair<List<HivePrivilegeObject>, List<HivePrivilegeObject>> hivePrivilegeObjectInputs = getHivePrivilegeObjectInputs();
        boolean z = false;
        Iterator it = ((List) hivePrivilegeObjectInputs.getLeft()).iterator();
        while (it.hasNext()) {
            if (((HivePrivilegeObject) it.next()).getOwnerType() != null) {
                z = true;
            }
        }
        Iterator it2 = ((List) hivePrivilegeObjectInputs.getRight()).iterator();
        while (it2.hasNext()) {
            if (((HivePrivilegeObject) it2.next()).getOwnerType() != null) {
                z = true;
            }
        }
        Assert.assertTrue(z);
    }

    private Pair<List<HivePrivilegeObject>, List<HivePrivilegeObject>> getHivePrivilegeObjectInputs() throws HiveAuthzPluginException, HiveAccessControlException {
        ArgumentCaptor forClass = ArgumentCaptor.forClass(List.class);
        ArgumentCaptor forClass2 = ArgumentCaptor.forClass(List.class);
        ((HiveAuthorizer) Mockito.verify(mockedAuthorizer)).checkPrivileges((HiveOperationType) Matchers.any(HiveOperationType.class), (List) forClass.capture(), (List) forClass2.capture(), (HiveAuthzContext) Matchers.any(HiveAuthzContext.class));
        return new ImmutablePair(forClass.getValue(), forClass2.getValue());
    }
}
