package org.dasein.cloud.test.identity;

import java.util.Iterator;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.identity.CloudGroup;
import org.dasein.cloud.identity.CloudPermission;
import org.dasein.cloud.identity.CloudPolicy;
import org.dasein.cloud.identity.CloudUser;
import org.dasein.cloud.identity.IdentityAndAccessSupport;
import org.dasein.cloud.identity.IdentityServices;
import org.dasein.cloud.network.FirewallSupport;
import org.dasein.cloud.test.DaseinTestManager;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;

/* loaded from: input_file:org/dasein/cloud/test/identity/StatefulIAMTests.class */
public class StatefulIAMTests {
    private static DaseinTestManager tm;

    @Rule
    public final TestName name = new TestName();
    private String testGroupId;
    private String testPolicyId;
    private String testUserId;

    @BeforeClass
    public static void configure() {
        tm = new DaseinTestManager(StatefulIAMTests.class);
    }

    @AfterClass
    public static void cleanUp() {
        if (tm != null) {
            tm.close();
        }
    }

    @Before
    public void before() {
        tm.begin(this.name.getMethodName());
        Assume.assumeTrue(!tm.isTestSkipped());
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        IdentityAndAccessSupport identityAndAccessSupport = null;
        if (identityServices != null) {
            identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        }
        if (this.name.getMethodName().equals("joinGroup")) {
            this.testGroupId = tm.getTestGroupId(DaseinTestManager.STATEFUL, true);
            this.testUserId = tm.getTestUserId(DaseinTestManager.STATEFUL, true, null);
            if (this.testUserId == null || this.testGroupId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                boolean z = false;
                Iterator it = identityAndAccessSupport.listGroupsForUser(this.testUserId).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    } else if (this.testGroupId.equals(((CloudGroup) it.next()).getProviderGroupId())) {
                        z = true;
                        break;
                    }
                }
                if (z) {
                    identityAndAccessSupport.removeUserFromGroup(this.testUserId, this.testGroupId);
                }
                return;
            } catch (Throwable th) {
                return;
            }
        }
        if (this.name.getMethodName().equals("leaveGroup")) {
            this.testGroupId = tm.getTestGroupId(DaseinTestManager.STATEFUL, true);
            this.testUserId = tm.getTestUserId(DaseinTestManager.STATEFUL, true, null);
            if (this.testUserId == null || this.testGroupId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                boolean z2 = false;
                Iterator it2 = identityAndAccessSupport.listGroupsForUser(this.testUserId).iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    } else if (this.testGroupId.equals(((CloudGroup) it2.next()).getProviderGroupId())) {
                        z2 = true;
                        break;
                    }
                }
                if (!z2) {
                    identityAndAccessSupport.addUserToGroups(this.testUserId, new String[]{this.testGroupId});
                }
                return;
            } catch (Throwable th2) {
                return;
            }
        }
        if (this.name.getMethodName().equals("removeGroup")) {
            this.testGroupId = tm.getTestGroupId(DaseinTestManager.REMOVED, true);
            return;
        }
        if (this.name.getMethodName().equals("removeUser")) {
            this.testUserId = tm.getTestUserId(DaseinTestManager.REMOVED, true, null);
            return;
        }
        if (this.name.getMethodName().equals("removeGroupPolicy")) {
            this.testGroupId = tm.getTestGroupId(DaseinTestManager.STATEFUL, true);
            if (this.testGroupId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                Iterator it3 = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId).iterator();
                while (it3.hasNext()) {
                    try {
                        identityAndAccessSupport.removeGroupPolicy(this.testGroupId, ((CloudPolicy) it3.next()).getProviderPolicyId());
                    } catch (Throwable th3) {
                    }
                }
            } catch (Throwable th4) {
            }
            try {
                String[] saveGroupPolicy = identityAndAccessSupport.saveGroupPolicy(this.testGroupId, "DSN" + System.currentTimeMillis(), CloudPermission.ALLOW, FirewallSupport.CREATE_FIREWALL, (String) null);
                if (saveGroupPolicy.length > 0) {
                    this.testPolicyId = saveGroupPolicy[0];
                }
                return;
            } catch (Throwable th5) {
                return;
            }
        }
        if (this.name.getMethodName().equals("removeUserPolicy")) {
            this.testUserId = tm.getTestUserId(DaseinTestManager.STATEFUL, true, null);
            if (this.testUserId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                Iterator it4 = identityAndAccessSupport.listPoliciesForUser(this.testUserId).iterator();
                while (it4.hasNext()) {
                    try {
                        identityAndAccessSupport.removeUserPolicy(this.testUserId, ((CloudPolicy) it4.next()).getProviderPolicyId());
                    } catch (Throwable th6) {
                    }
                }
            } catch (Throwable th7) {
            }
            try {
                String[] saveUserPolicy = identityAndAccessSupport.saveUserPolicy(this.testUserId, "DSN" + System.currentTimeMillis(), CloudPermission.ALLOW, FirewallSupport.CREATE_FIREWALL, (String) null);
                if (saveUserPolicy.length > 0) {
                    this.testPolicyId = saveUserPolicy[0];
                }
                return;
            } catch (Throwable th8) {
                return;
            }
        }
        if (this.name.getMethodName().equals("saveGroupPolicy")) {
            this.testGroupId = tm.getTestGroupId(DaseinTestManager.STATEFUL, true);
            if (this.testGroupId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                Iterator it5 = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId).iterator();
                while (it5.hasNext()) {
                    try {
                        identityAndAccessSupport.removeGroupPolicy(this.testGroupId, ((CloudPolicy) it5.next()).getProviderPolicyId());
                    } catch (Throwable th9) {
                    }
                }
                return;
            } catch (Throwable th10) {
                return;
            }
        }
        if (this.name.getMethodName().equals("saveUserPolicy")) {
            this.testUserId = tm.getTestUserId(DaseinTestManager.STATEFUL, true, null);
            if (this.testUserId == null || identityAndAccessSupport == null) {
                return;
            }
            try {
                Iterator it6 = identityAndAccessSupport.listPoliciesForUser(this.testUserId).iterator();
                while (it6.hasNext()) {
                    try {
                        identityAndAccessSupport.removeUserPolicy(this.testUserId, ((CloudPolicy) it6.next()).getProviderPolicyId());
                    } catch (Throwable th11) {
                    }
                }
            } catch (Throwable th12) {
            }
        }
    }

    @After
    public void after() {
        try {
            this.testGroupId = null;
            this.testPolicyId = null;
            this.testUserId = null;
            tm.end();
        } catch (Throwable th) {
            tm.end();
            throw th;
        }
    }

    @Test
    public void createGroup() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityResources identityResources = DaseinTestManager.getIdentityResources();
        Assert.assertNotNull("The tests failed to initialize a proper set of identity services", identityResources);
        String provisionGroup = identityResources.provisionGroup(identityAndAccessSupport, "provision", "dsncgrp");
        tm.out("New Group", provisionGroup);
        Assert.assertNotNull("The newly created group ID may not be null", provisionGroup);
        CloudGroup group = identityAndAccessSupport.getGroup(provisionGroup);
        Assert.assertNotNull("No group exists in the cloud for the new ID " + provisionGroup, group);
        Assert.assertEquals("The IDs for the requested group and the created group do not match", provisionGroup, group.getProviderGroupId());
    }

    @Test
    public void saveGroupPolicy() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testGroupId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test group exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listPoliciesForGroup = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId);
        boolean z = false;
        tm.out("Before", listPoliciesForGroup);
        Iterator it = listPoliciesForGroup.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy = (CloudPolicy) it.next();
            if (cloudPolicy.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy.getAction()) && cloudPolicy.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertFalse("Test policy exists before the start of the test", z);
        String[] saveGroupPolicy = identityAndAccessSupport.saveGroupPolicy(this.testGroupId, "DSN" + System.currentTimeMillis(), CloudPermission.ALLOW, FirewallSupport.CREATE_FIREWALL, (String) null);
        Iterable listPoliciesForGroup2 = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId);
        tm.out("After", listPoliciesForGroup2);
        Iterator it2 = listPoliciesForGroup2.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy2 = (CloudPolicy) it2.next();
            boolean z2 = false;
            int length = saveGroupPolicy.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (saveGroupPolicy[i].equals(cloudPolicy2.getProviderPolicyId())) {
                    z2 = true;
                    break;
                }
                i++;
            }
            if (z2 && cloudPolicy2.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy2.getAction()) && cloudPolicy2.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("Unable to find new group permission", z);
    }

    @Test
    public void removeGroupPolicy() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testGroupId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test group exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listPoliciesForGroup = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId);
        boolean z = false;
        tm.out("Before", listPoliciesForGroup);
        Iterator it = listPoliciesForGroup.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy = (CloudPolicy) it.next();
            if (cloudPolicy.getProviderPolicyId().equals(this.testPolicyId) && cloudPolicy.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy.getAction()) && cloudPolicy.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("Unable to find new group permission", z);
        identityAndAccessSupport.removeGroupPolicy(this.testGroupId, this.testPolicyId);
        Iterable listPoliciesForGroup2 = identityAndAccessSupport.listPoliciesForGroup(this.testGroupId);
        tm.out("After", listPoliciesForGroup2);
        boolean z2 = false;
        Iterator it2 = listPoliciesForGroup2.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy2 = (CloudPolicy) it2.next();
            if (cloudPolicy2.getProviderPolicyId().equals(this.testPolicyId) && cloudPolicy2.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy2.getAction()) && cloudPolicy2.getResourceId() == null) {
                z2 = true;
                break;
            }
        }
        Assert.assertFalse("Test policy exists before the start of the test", z2);
    }

    @Test
    public void removeGroup() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testGroupId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test group exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        CloudGroup group = identityAndAccessSupport.getGroup(this.testGroupId);
        Assert.assertNotNull("The test group does not exist prior to running this test", group);
        tm.out("Before", group);
        identityAndAccessSupport.removeGroup(this.testGroupId);
        CloudGroup group2 = identityAndAccessSupport.getGroup(this.testGroupId);
        tm.out("After", group2);
        Assert.assertNull("The test group still exists after the removal", group2);
    }

    @Test
    public void createUser() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityResources identityResources = DaseinTestManager.getIdentityResources();
        Assert.assertNotNull("The tests failed to initialize a proper set of identity services", identityResources);
        String provisionUser = identityResources.provisionUser(identityAndAccessSupport, "provision", "dsncusr", new String[0]);
        tm.out("New User", provisionUser);
        Assert.assertNotNull("The newly created user ID may not be null", provisionUser);
        CloudUser user = identityAndAccessSupport.getUser(provisionUser);
        Assert.assertNotNull("No user exists in the cloud for the new ID " + provisionUser, user);
        Assert.assertEquals("The IDs for the requested user and the created user do not match", provisionUser, user.getProviderUserId());
    }

    @Test
    public void joinGroup() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testUserId == null || this.testGroupId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test user/group exists for running " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listGroupsForUser = identityAndAccessSupport.listGroupsForUser(this.testUserId);
        boolean z = false;
        tm.out("Before", listGroupsForUser);
        Iterator it = listGroupsForUser.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (this.testGroupId.equals(((CloudGroup) it.next()).getProviderGroupId())) {
                z = true;
                break;
            }
        }
        Assert.assertFalse("That user is already a member of the test group", z);
        identityAndAccessSupport.addUserToGroups(this.testUserId, new String[]{this.testGroupId});
        long currentTimeMillis = System.currentTimeMillis() + 60000;
        while (currentTimeMillis > System.currentTimeMillis()) {
            listGroupsForUser = identityAndAccessSupport.listGroupsForUser(this.testUserId);
            Iterator it2 = listGroupsForUser.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                } else if (this.testGroupId.equals(((CloudGroup) it2.next()).getProviderGroupId())) {
                    z = true;
                    break;
                }
            }
            if (z) {
                break;
            } else {
                try {
                    Thread.sleep(5000L);
                } catch (InterruptedException e) {
                }
            }
        }
        tm.out("After", listGroupsForUser);
        Assert.assertTrue("The user is not a member of the target group after one minute", z);
    }

    @Test
    public void leaveGroup() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testUserId == null || this.testGroupId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test user/group exists for running " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listGroupsForUser = identityAndAccessSupport.listGroupsForUser(this.testUserId);
        boolean z = false;
        tm.out("Before", listGroupsForUser);
        Iterator it = listGroupsForUser.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (this.testGroupId.equals(((CloudGroup) it.next()).getProviderGroupId())) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("The user is not a member of the target group and so cannot be tested for removal", z);
        identityAndAccessSupport.removeUserFromGroup(this.testUserId, this.testGroupId);
        long currentTimeMillis = System.currentTimeMillis() + 60000;
        while (currentTimeMillis > System.currentTimeMillis()) {
            z = false;
            listGroupsForUser = identityAndAccessSupport.listGroupsForUser(this.testUserId);
            Iterator it2 = listGroupsForUser.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (this.testGroupId.equals(((CloudGroup) it2.next()).getProviderGroupId())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                break;
            } else {
                try {
                    Thread.sleep(5000L);
                } catch (InterruptedException e) {
                }
            }
        }
        tm.out("After", listGroupsForUser);
        Assert.assertFalse("That user remains a member of the group after one minute", z);
    }

    @Test
    public void saveUserPolicy() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testUserId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test user exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listPoliciesForUser = identityAndAccessSupport.listPoliciesForUser(this.testUserId);
        boolean z = false;
        tm.out("Before", listPoliciesForUser);
        Iterator it = listPoliciesForUser.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy = (CloudPolicy) it.next();
            if (cloudPolicy.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy.getAction()) && cloudPolicy.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertFalse("Test policy exists before the start of the test", z);
        String[] saveUserPolicy = identityAndAccessSupport.saveUserPolicy(this.testUserId, "DSN" + System.currentTimeMillis(), CloudPermission.ALLOW, FirewallSupport.CREATE_FIREWALL, (String) null);
        Iterable listPoliciesForUser2 = identityAndAccessSupport.listPoliciesForUser(this.testUserId);
        tm.out("After", listPoliciesForUser2);
        Iterator it2 = listPoliciesForUser2.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy2 = (CloudPolicy) it2.next();
            boolean z2 = false;
            int length = saveUserPolicy.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (saveUserPolicy[i].equals(cloudPolicy2.getProviderPolicyId())) {
                    z2 = true;
                    break;
                }
                i++;
            }
            if (z2 && cloudPolicy2.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy2.getAction()) && cloudPolicy2.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("Unable to find new user permission", z);
    }

    @Test
    public void removeUserPolicy() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testUserId == null || this.testPolicyId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test user/policy exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        Iterable listPoliciesForUser = identityAndAccessSupport.listPoliciesForUser(this.testUserId);
        boolean z = false;
        tm.out("Before", listPoliciesForUser);
        Iterator it = listPoliciesForUser.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy = (CloudPolicy) it.next();
            if (cloudPolicy.getProviderPolicyId().equals(this.testPolicyId) && cloudPolicy.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy.getAction()) && cloudPolicy.getResourceId() == null) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("Unable to find user permission before removal", z);
        identityAndAccessSupport.removeUserPolicy(this.testUserId, this.testPolicyId);
        boolean z2 = false;
        Iterable listPoliciesForUser2 = identityAndAccessSupport.listPoliciesForUser(this.testUserId);
        tm.out("After", listPoliciesForUser2);
        Iterator it2 = listPoliciesForUser2.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            CloudPolicy cloudPolicy2 = (CloudPolicy) it2.next();
            if (cloudPolicy2.getProviderPolicyId().equals(this.testPolicyId) && cloudPolicy2.getPermission().equals(CloudPermission.ALLOW) && FirewallSupport.CREATE_FIREWALL.equals(cloudPolicy2.getAction()) && cloudPolicy2.getResourceId() == null) {
                z2 = true;
                break;
            }
        }
        Assert.assertFalse("Test policy exists even after removal", z2);
    }

    @Test
    public void removeUser() throws CloudException, InternalException {
        IdentityServices identityServices = tm.getProvider().getIdentityServices();
        if (identityServices == null) {
            tm.ok("Identity services are not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        IdentityAndAccessSupport identityAndAccessSupport = identityServices.getIdentityAndAccessSupport();
        if (identityAndAccessSupport == null) {
            tm.ok("Identity and access management is not supported in " + tm.getContext().getRegionId() + " of " + tm.getProvider().getCloudName());
            return;
        }
        if (this.testUserId == null) {
            if (identityAndAccessSupport.isSubscribed()) {
                Assert.fail("No test user exists for running the test " + this.name.getMethodName());
                return;
            } else {
                tm.ok("Not subscribed to IAM services");
                return;
            }
        }
        CloudUser user = identityAndAccessSupport.getUser(this.testUserId);
        Assert.assertNotNull("The test user does not exist prior to running this test", user);
        tm.out("Before", user);
        identityAndAccessSupport.removeUser(this.testUserId);
        CloudUser user2 = identityAndAccessSupport.getUser(this.testUserId);
        tm.out("After", user2);
        Assert.assertNull("The test user still exists after the removal", user2);
    }
}
