package org.apache.accumulo.test.randomwalk.security;

import java.util.Properties;
import org.apache.accumulo.core.client.AccumuloException;
import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
import org.apache.accumulo.core.client.security.SecurityErrorCode;
import org.apache.accumulo.core.security.SystemPermission;
import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.test.randomwalk.Environment;
import org.apache.accumulo.test.randomwalk.State;
import org.apache.accumulo.test.randomwalk.Test;
import org.apache.log4j.Logger;

/* loaded from: input_file:org/apache/accumulo/test/randomwalk/security/Validate.class */
public class Validate extends Test {
    @Override // org.apache.accumulo.test.randomwalk.Node
    public void visit(State state, Environment environment, Properties properties) throws Exception {
        validate(state, environment, this.log);
    }

    public static void validate(State state, Environment environment, Logger logger) throws Exception {
        boolean hasTablePermission;
        boolean hasSystemPermission;
        Connector connector = environment.getConnector();
        boolean tableExists = WalkingSecurity.get(state, environment).getTableExists();
        if (tableExists != connector.tableOperations().list().contains(WalkingSecurity.get(state, environment).getTableName())) {
            throw new AccumuloException("Table existance out of sync");
        }
        boolean userExists = WalkingSecurity.get(state, environment).userExists(WalkingSecurity.get(state, environment).getTabUserName());
        if (userExists != connector.securityOperations().listLocalUsers().contains(WalkingSecurity.get(state, environment).getTabUserName())) {
            throw new AccumuloException("Table User existance out of sync");
        }
        Properties properties = new Properties();
        properties.setProperty("target", "system");
        Authenticate.authenticate(environment.getUserName(), environment.getToken(), state, environment, properties);
        properties.setProperty("target", "table");
        Authenticate.authenticate(environment.getUserName(), environment.getToken(), state, environment, properties);
        for (String str : new String[]{WalkingSecurity.get(state, environment).getSysUserName(), WalkingSecurity.get(state, environment).getTabUserName()}) {
            for (SystemPermission systemPermission : SystemPermission.values()) {
                boolean hasSystemPermission2 = WalkingSecurity.get(state, environment).hasSystemPermission(str, systemPermission);
                try {
                    hasSystemPermission = connector.securityOperations().hasSystemPermission(str, systemPermission);
                    logger.debug("Just checked to see if user " + str + " has system perm " + systemPermission.name() + " with answer " + hasSystemPermission);
                } catch (AccumuloSecurityException e) {
                    if (!e.getSecurityErrorCode().equals(SecurityErrorCode.USER_DOESNT_EXIST)) {
                        throw new AccumuloException("Unexpected exception!", e);
                    }
                    if (userExists) {
                        throw new AccumuloException("Got user DNE error when they should", e);
                    }
                }
                if (hasSystemPermission2 != hasSystemPermission) {
                    throw new AccumuloException(str + " existance out of sync for system perm " + systemPermission + " hasSp/CloudhasSP " + hasSystemPermission2 + " " + hasSystemPermission);
                }
            }
            for (TablePermission tablePermission : TablePermission.values()) {
                boolean hasTablePermission2 = WalkingSecurity.get(state, environment).hasTablePermission(str, WalkingSecurity.get(state, environment).getTableName(), tablePermission);
                try {
                    hasTablePermission = connector.securityOperations().hasTablePermission(str, WalkingSecurity.get(state, environment).getTableName(), tablePermission);
                    logger.debug("Just checked to see if user " + str + " has table perm " + tablePermission.name() + " with answer " + hasTablePermission);
                } catch (AccumuloSecurityException e2) {
                    if (e2.getSecurityErrorCode().equals(SecurityErrorCode.USER_DOESNT_EXIST)) {
                        if (userExists) {
                            throw new AccumuloException("Got user DNE error when they should", e2);
                        }
                    } else {
                        if (!e2.getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST)) {
                            throw new AccumuloException("Unexpected exception!", e2);
                        }
                        if (tableExists) {
                            throw new AccumuloException("Got table DNE when it should", e2);
                        }
                    }
                }
                if (hasTablePermission2 != hasTablePermission) {
                    throw new AccumuloException(str + " existance out of sync for table perm " + tablePermission + " hasTp/CloudhasTP " + hasTablePermission2 + " " + hasTablePermission);
                }
            }
        }
        try {
            if (!WalkingSecurity.get(state, environment).getUserAuthorizations(WalkingSecurity.get(state, environment).getTabCredentials()).equals(connector.securityOperations().getUserAuthorizations(WalkingSecurity.get(state, environment).getTabUserName()))) {
                throw new AccumuloException("Table User authorizations out of sync");
            }
        } catch (ThriftSecurityException e3) {
            if (e3.getCode() != org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode.USER_DOESNT_EXIST) {
                throw new AccumuloException("Unexpected exception!", e3);
            }
            if (userExists) {
                throw new AccumuloException("Table user didn't exist when they should.", e3);
            }
        }
    }
}
