package com.hortonworks.smm.kafka.services.authorization;

import com.hortonworks.smm.kafka.common.utils.AdminClientUtil;
import com.hortonworks.smm.kafka.services.extension.KafkaAdminServiceTest;
import com.hortonworks.smm.kafka.services.management.TopicManagementService;
import com.hortonworks.smm.kafka.services.security.AuthorizerConfiguration;
import com.hortonworks.smm.kafka.services.security.KafkaAuthorizerConfiguration;
import com.hortonworks.smm.kafka.services.security.SMMAuthorizer;
import com.hortonworks.smm.kafka.services.security.SMMPrincipal;
import com.hortonworks.smm.kafka.services.security.SecurityUtil;
import com.hortonworks.smm.kafka.services.security.auth.SMMSecurityContext;
import com.hortonworks.smm.kafka.services.security.impl.DefaultSMMAuthorizer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.kafka.clients.admin.AdminClient;
import org.apache.kafka.clients.admin.NewTopic;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.TestTemplate;

@DisplayName("Basic test to validate authorization API.")
@KafkaAdminServiceTest(numBrokerNodes = 3)
/* loaded from: input_file:com/hortonworks/smm/kafka/services/authorization/BasicRangerIntegrationTest.class */
class BasicRangerIntegrationTest {
    private static final int TIMEOUT_MS = 120000;

    BasicRangerIntegrationTest() {
    }

    @TestTemplate
    void testTopicFiltering(AdminClient adminClient, TopicManagementService topicManagementService) {
        List list = (List) IntStream.range(1, 8).boxed().map(num -> {
            return "topic-" + num;
        }).collect(Collectors.toList());
        ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(new NewTopic((String) it.next(), 3, (short) 2));
        }
        AdminClientUtil.createTopics(adminClient, arrayList, 120000L);
        topicManagementService.syncCacheRefresh();
        Collection collection = topicManagementService.topicInfos(list);
        UserGroupInformation.createUserForTesting("admin", new String[]{"IT"});
        UserGroupInformation.createUserForTesting("devuser", new String[]{"devgroup"});
        UserGroupInformation.createUserForTesting("testuser", new String[]{"testgroup"});
        SMMAuthorizer defaultSMMAuthorizer = getDefaultSMMAuthorizer();
        Assertions.assertEquals(collection, SecurityUtil.filterTopics(defaultSMMAuthorizer, new SMMSecurityContext(new SMMPrincipal("admin"), "http", "BASIC"), collection, (v0) -> {
            return v0.name();
        }));
        Collection filterTopics = SecurityUtil.filterTopics(defaultSMMAuthorizer, new SMMSecurityContext(new SMMPrincipal("testuser"), "http", "BASIC"), collection, (v0) -> {
            return v0.name();
        });
        HashSet hashSet = new HashSet(Arrays.asList("topic-1", "topic-2", "topic-3", "topic-4"));
        Assertions.assertEquals(4, filterTopics.size(), "count mismatch for testuser");
        Assertions.assertEquals(hashSet, filterTopics.stream().map((v0) -> {
            return v0.name();
        }).collect(Collectors.toSet()));
        Collection filterTopics2 = SecurityUtil.filterTopics(defaultSMMAuthorizer, new SMMSecurityContext(new SMMPrincipal("devuser"), "http", "BASIC"), collection, (v0) -> {
            return v0.name();
        });
        HashSet hashSet2 = new HashSet(Arrays.asList("topic-6", "topic-7", "topic-5"));
        Assertions.assertEquals(3, filterTopics2.size(), "count mismatch for devuser");
        Assertions.assertEquals(hashSet2, filterTopics2.stream().map((v0) -> {
            return v0.name();
        }).collect(Collectors.toSet()));
        AdminClientUtil.deleteTopics(adminClient, list, 120000L);
    }

    private SMMAuthorizer getDefaultSMMAuthorizer() {
        KafkaAuthorizerConfiguration kafkaAuthorizerConfiguration = new KafkaAuthorizerConfiguration();
        kafkaAuthorizerConfiguration.setClassName("org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer");
        kafkaAuthorizerConfiguration.setProperties(new HashMap());
        AuthorizerConfiguration authorizerConfiguration = new AuthorizerConfiguration();
        authorizerConfiguration.setKafkaAuthorizerConfiguration(kafkaAuthorizerConfiguration);
        DefaultSMMAuthorizer defaultSMMAuthorizer = new DefaultSMMAuthorizer();
        defaultSMMAuthorizer.init(authorizerConfiguration);
        return defaultSMMAuthorizer;
    }
}
