package alluxio.security.authorization;

import alluxio.security.authorization.AclEntry;
import alluxio.security.authorization.Mode;
import com.google.common.collect.Lists;
import com.google.common.testing.EqualsTester;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:alluxio/security/authorization/AccessControlListTest.class */
public class AccessControlListTest {
    private static final String OWNING_USER = "owning_user";
    private static final String OWNING_GROUP = "owning_group";
    private static final String NAMED_USER = "named_user";
    private static final String NAMED_GROUP = "named_group";
    private static final String NAMED_GROUP2 = "named_group2";
    private static final String OTHER_USER = "other_user";
    private static final String OTHER_GROUP = "other_group";

    @Test
    public void constructor() {
        AccessControlList accessControlList = new AccessControlList();
        Assert.assertEquals("", accessControlList.getOwningUser());
        Assert.assertEquals("", accessControlList.getOwningGroup());
    }

    @Test
    public void ownerGroup() {
        AccessControlList accessControlList = new AccessControlList();
        accessControlList.setOwningUser(OWNING_USER);
        accessControlList.setOwningGroup(OWNING_GROUP);
        Assert.assertEquals(OWNING_USER, accessControlList.getOwningUser());
        Assert.assertEquals(OWNING_GROUP, accessControlList.getOwningGroup());
    }

    @Test
    public void actions() {
        AccessControlList accessControlList = new AccessControlList();
        accessControlList.setOwningUser(OWNING_USER);
        accessControlList.setOwningGroup(OWNING_GROUP);
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(OWNING_USER).addAction(AclAction.READ).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(OWNING_GROUP).addAction(AclAction.READ).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OTHER).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.NAMED_USER).setSubject(NAMED_USER).addAction(AclAction.READ).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(NAMED_GROUP).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        accessControlList.updateMask();
        Assert.assertTrue(checkMode(accessControlList, OWNING_USER, Collections.emptyList(), Mode.Bits.ALL));
        Assert.assertTrue(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OWNING_GROUP}), Mode.Bits.READ_EXECUTE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OWNING_GROUP}), Mode.Bits.WRITE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Collections.emptyList(), Mode.Bits.READ));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Collections.emptyList(), Mode.Bits.WRITE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Collections.emptyList(), Mode.Bits.EXECUTE));
        Assert.assertTrue(checkMode(accessControlList, NAMED_USER, Collections.emptyList(), Mode.Bits.ALL));
        Assert.assertTrue(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}), Mode.Bits.WRITE_EXECUTE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}), Mode.Bits.READ));
    }

    private boolean checkMode(AccessControlList accessControlList, String str, List<String> list, Mode.Bits bits) {
        Iterator it = bits.toAclActionSet().iterator();
        while (it.hasNext()) {
            if (!accessControlList.checkPermission(str, list, (AclAction) it.next())) {
                return false;
            }
        }
        return true;
    }

    @Test
    public void getMode() {
        AccessControlList accessControlList = new AccessControlList();
        Assert.assertEquals(0L, accessControlList.getMode());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(OWNING_USER).addAction(AclAction.READ).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(OWNING_GROUP).addAction(AclAction.WRITE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OTHER).addAction(AclAction.EXECUTE).build());
        Assert.assertEquals(new Mode(Mode.Bits.READ, Mode.Bits.WRITE, Mode.Bits.EXECUTE).toShort(), accessControlList.getMode());
    }

    @Test
    public void setMode() {
        AccessControlList accessControlList = new AccessControlList();
        short s = new Mode(Mode.Bits.EXECUTE, Mode.Bits.WRITE, Mode.Bits.READ).toShort();
        accessControlList.setMode(s);
        Assert.assertEquals(s, accessControlList.getMode());
    }

    private void setPermissions(AccessControlList accessControlList) {
        accessControlList.setOwningUser(OWNING_USER);
        accessControlList.setOwningGroup(OWNING_GROUP);
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(OWNING_USER).addAction(AclAction.READ).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(OWNING_GROUP).addAction(AclAction.READ).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.OTHER).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.NAMED_USER).setSubject(NAMED_USER).addAction(AclAction.READ).addAction(AclAction.EXECUTE).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(NAMED_GROUP).addAction(AclAction.READ).build());
        accessControlList.setEntry(new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(NAMED_GROUP2).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        accessControlList.updateMask();
    }

    @Test
    public void checkPermission() {
        AccessControlList accessControlList = new AccessControlList();
        setPermissions(accessControlList);
        Assert.assertTrue(checkMode(accessControlList, OWNING_USER, Collections.emptyList(), Mode.Bits.ALL));
        Assert.assertTrue(checkMode(accessControlList, NAMED_USER, Collections.emptyList(), Mode.Bits.READ_EXECUTE));
        Assert.assertFalse(checkMode(accessControlList, NAMED_USER, Collections.emptyList(), Mode.Bits.WRITE));
        Assert.assertTrue(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OWNING_GROUP}), Mode.Bits.READ_EXECUTE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OWNING_GROUP}), Mode.Bits.WRITE));
        Assert.assertTrue(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}), Mode.Bits.READ));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}), Mode.Bits.WRITE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}), Mode.Bits.EXECUTE));
        Assert.assertTrue(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OTHER_GROUP}), Mode.Bits.EXECUTE));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OTHER_GROUP}), Mode.Bits.READ));
        Assert.assertFalse(checkMode(accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OTHER_GROUP}), Mode.Bits.WRITE));
    }

    private void assertMode(Mode.Bits bits, AccessControlList accessControlList, String str, List<String> list) {
        Assert.assertEquals(bits, accessControlList.getPermission(str, list).toModeBits());
    }

    @Test
    public void getPermission() {
        AccessControlList accessControlList = new AccessControlList();
        setPermissions(accessControlList);
        assertMode(Mode.Bits.ALL, accessControlList, OWNING_USER, Collections.emptyList());
        assertMode(Mode.Bits.READ_EXECUTE, accessControlList, NAMED_USER, Collections.emptyList());
        assertMode(Mode.Bits.READ_EXECUTE, accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OWNING_GROUP}));
        assertMode(Mode.Bits.READ, accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP}));
        assertMode(Mode.Bits.WRITE_EXECUTE, accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP2}));
        assertMode(Mode.Bits.ALL, accessControlList, OTHER_USER, Lists.newArrayList(new String[]{NAMED_GROUP, NAMED_GROUP2}));
        assertMode(Mode.Bits.EXECUTE, accessControlList, OTHER_USER, Collections.emptyList());
        assertMode(Mode.Bits.EXECUTE, accessControlList, OTHER_USER, Lists.newArrayList(new String[]{OTHER_GROUP}));
    }

    @Test
    public void checkEquals() {
        AccessControlList accessControlList = new AccessControlList();
        accessControlList.setOwningUser("test1");
        DefaultAccessControlList defaultAccessControlList = new DefaultAccessControlList();
        defaultAccessControlList.setOwningUser("test2");
        new EqualsTester().addEqualityGroup(new Object[]{new DefaultAccessControlList(), new DefaultAccessControlList()}).addEqualityGroup(new Object[]{new AccessControlList(), new AccessControlList()}).addEqualityGroup(new Object[]{accessControlList}).addEqualityGroup(new Object[]{defaultAccessControlList}).testEquals();
    }
}
