package io.trino.plugin.hive.metastore.cache;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.google.common.io.Files;
import com.google.common.io.MoreFiles;
import com.google.common.io.RecursiveDeleteOption;
import io.trino.Session;
import io.trino.plugin.hive.HivePlugin;
import io.trino.spi.security.Identity;
import io.trino.spi.security.SelectedRole;
import io.trino.testing.DistributedQueryRunner;
import io.trino.testing.TestingSession;
import java.io.File;
import java.io.IOException;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

@Test(singleThreaded = true)
/* loaded from: input_file:io/trino/plugin/hive/metastore/cache/TestCachingHiveMetastoreWithQueryRunner.class */
public class TestCachingHiveMetastoreWithQueryRunner {
    private static final String CATALOG = "test";
    private static final String SCHEMA = "test";
    private static final Session ADMIN = getTestSession(Identity.forUser("admin").withConnectorRole("test", new SelectedRole(SelectedRole.Type.ROLE, Optional.of("admin"))).build());
    private static final String ALICE_NAME = "alice";
    private static final Session ALICE = getTestSession(new Identity.Builder(ALICE_NAME).build());
    private DistributedQueryRunner queryRunner;
    private File temporaryDirectory;

    @BeforeMethod
    public void createQueryRunner() throws Exception {
        this.queryRunner = DistributedQueryRunner.builder(ADMIN).setNodeCount(1).build();
        this.queryRunner.installPlugin(new HivePlugin());
        this.temporaryDirectory = Files.createTempDir();
        this.queryRunner.createCatalog("test", "hive", ImmutableMap.of("hive.metastore", "file", "hive.metastore.catalog.dir", this.temporaryDirectory.toURI().toString(), "hive.security", "sql-standard", "hive.metastore-cache-ttl", "60m", "hive.metastore-refresh-interval", "10m"));
        this.queryRunner.execute(ADMIN, "CREATE SCHEMA test");
        this.queryRunner.execute("CREATE TABLE test (test INT)");
    }

    @AfterMethod(alwaysRun = true)
    public void cleanUp() throws IOException {
        this.queryRunner.close();
        MoreFiles.deleteRecursively(this.temporaryDirectory.toPath(), new RecursiveDeleteOption[]{RecursiveDeleteOption.ALLOW_INSECURE});
    }

    private static Session getTestSession(Identity identity) {
        return TestingSession.testSessionBuilder().setCatalog("test").setSchema("test").setIdentity(identity).build();
    }

    @Test
    public void testCacheRefreshOnGrantAndRevoke() {
        Assertions.assertThatThrownBy(() -> {
            this.queryRunner.execute(ALICE, "SELECT * FROM test");
        }).hasMessageContaining("Access Denied");
        this.queryRunner.execute("GRANT SELECT ON test TO alice");
        this.queryRunner.execute(ALICE, "SELECT * FROM test");
        this.queryRunner.execute("REVOKE SELECT ON test FROM alice");
        Assertions.assertThatThrownBy(() -> {
            this.queryRunner.execute(ALICE, "SELECT * FROM test");
        }).hasMessageContaining("Access Denied");
    }

    @Test(dataProvider = "testCacheRefreshOnRoleGrantAndRevokeParams")
    public void testCacheRefreshOnRoleGrantAndRevoke(List<String> list, String str) {
        Assertions.assertThatThrownBy(() -> {
            this.queryRunner.execute(ALICE, "SELECT * FROM test");
        }).hasMessageContaining("Access Denied");
        this.queryRunner.execute("CREATE ROLE test_role IN test");
        DistributedQueryRunner distributedQueryRunner = this.queryRunner;
        Objects.requireNonNull(distributedQueryRunner);
        list.forEach(distributedQueryRunner::execute);
        this.queryRunner.execute(ALICE, "SELECT * FROM test");
        this.queryRunner.execute(str);
        Assertions.assertThatThrownBy(() -> {
            this.queryRunner.execute(ALICE, "SELECT * FROM test");
        }).hasMessageContaining("Access Denied");
    }

    @DataProvider
    private Object[][] testCacheRefreshOnRoleGrantAndRevokeParams() {
        return (Object[][]) Lists.cartesianProduct(new List[]{ImmutableList.of(ImmutableList.of("GRANT SELECT ON test TO ROLE test_role", "GRANT test_role TO alice IN test"), ImmutableList.of("GRANT test_role TO alice IN test", "GRANT SELECT ON test TO ROLE test_role")), ImmutableList.of("DROP ROLE test_role IN test", "REVOKE SELECT ON test FROM ROLE test_role", "REVOKE test_role FROM alice IN test")}).stream().map(list -> {
            return list.toArray(i -> {
                return new Object[i];
            });
        }).toArray(i -> {
            return new Object[i];
        });
    }
}
