package com.floragunn.searchguard.enterprise.auditlog.impl;

import com.floragunn.searchguard.auditlog.AuditLog;
import com.floragunn.searchguard.configuration.ConfigurationRepository;
import com.floragunn.searchguard.enterprise.auditlog.helper.MockRestRequest;
import com.floragunn.searchguard.enterprise.auditlog.impl.AuditMessage;
import com.floragunn.searchguard.enterprise.auditlog.integration.TestAuditlogImpl;
import com.floragunn.searchguard.legacy.test.AbstractSGUnitTest;
import com.floragunn.searchguard.user.UserInformation;
import com.google.common.base.Joiner;
import java.net.InetSocketAddress;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.Map;
import org.elasticsearch.client.Client;
import org.elasticsearch.cluster.ClusterName;
import org.elasticsearch.cluster.metadata.ComposableIndexTemplate;
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
import org.elasticsearch.cluster.metadata.IndexTemplateMetadata;
import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.tasks.Task;
import org.elasticsearch.tasks.TaskId;
import org.elasticsearch.transport.TransportRequest;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:com/floragunn/searchguard/enterprise/auditlog/impl/DisabledCategoriesTest.class */
public class DisabledCategoriesTest {
    ClusterService cs = (ClusterService) Mockito.mock(ClusterService.class);
    DiscoveryNode dn = (DiscoveryNode) Mockito.mock(DiscoveryNode.class);
    ConfigurationRepository configurationRepository = (ConfigurationRepository) Mockito.mock(ConfigurationRepository.class);

    @Before
    public void setup() {
        Mockito.when(this.dn.getHostAddress()).thenReturn("hostaddress");
        Mockito.when(this.dn.getId()).thenReturn("hostaddress");
        Mockito.when(this.dn.getHostName()).thenReturn("hostaddress");
        Mockito.when(this.cs.localNode()).thenReturn(this.dn);
        Mockito.when(this.cs.getClusterName()).thenReturn(new ClusterName("cname"));
        TestAuditlogImpl.clear();
    }

    @Test
    public void completetlyInvalidConfigurationTest() throws Exception {
        Settings.Builder builder = Settings.builder();
        builder.put("searchguard.audit.type", TestAuditlogImpl.class.getName());
        builder.put("searchguard.audit.config.disabled_transport_categories", "nonexistent");
        builder.put("searchguard.audit.config.disabled_rest_categories", "nonexistent");
        AuditLogImpl auditLogImpl = new AuditLogImpl(builder.build(), (Path) null, (Client) null, AbstractSGUnitTest.MOCK_POOL, (IndexNameExpressionResolver) null, this.cs, this.configurationRepository);
        logAll(auditLogImpl);
        auditLogImpl.close();
        Assert.assertTrue(categoriesPresentInLog(TestAuditlogImpl.sb.toString(), filterComplianceCategories(AuditMessage.Category.values())));
    }

    @Test
    public void invalidConfigurationTest() {
        Settings.Builder builder = Settings.builder();
        builder.put("searchguard.audit.type", "debug");
        builder.put("searchguard.audit.config.disabled_categories", "nonexistant, bad_headers");
        logAll(new AuditLogImpl(builder.build(), (Path) null, (Client) null, AbstractSGUnitTest.MOCK_POOL, (IndexNameExpressionResolver) null, this.cs, this.configurationRepository));
        Assert.assertFalse(categoriesPresentInLog(TestAuditlogImpl.sb.toString(), AuditMessage.Category.BAD_HEADERS));
    }

    @Test
    public void enableAllCategoryTest() throws Exception {
        Settings.Builder builder = Settings.builder();
        builder.put("searchguard.audit.type", TestAuditlogImpl.class.getName());
        builder.put("searchguard.audit.config.disabled_transport_categories", "NONE");
        builder.put("searchguard.audit.config.disabled_rest_categories", "NONE");
        AuditLogImpl auditLogImpl = new AuditLogImpl(builder.build(), (Path) null, (Client) null, AbstractSGUnitTest.MOCK_POOL, (IndexNameExpressionResolver) null, this.cs, this.configurationRepository);
        logAll(auditLogImpl);
        auditLogImpl.close();
        String stringBuffer = TestAuditlogImpl.sb.toString();
        Assert.assertTrue(AuditMessage.Category.values() + "#" + stringBuffer, categoriesPresentInLog(stringBuffer, filterComplianceCategories(AuditMessage.Category.values())));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.transport.succeededlogin"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.rest.succeededlogin"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.rest.failedlogin"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.transport.failedlogin"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("privilege.missing"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("action.indexattempt"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("action.transport.ssl"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("action.success"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("Empty"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("putted-composable-template-name"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("putted-legacy-template-name"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("deleted-template-name"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("created-index-name"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("deleted-index-name"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("index-with-updated-settings"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("index-with-updated-mappings"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.kibana.succeededlogin"));
        Assert.assertThat(stringBuffer, CoreMatchers.containsString("testuser.kibana.succeededlogout"));
    }

    @Test
    public void disableSingleCategoryTest() throws Exception {
        for (AuditMessage.Category category : AuditMessage.Category.values()) {
            TestAuditlogImpl.clear();
            checkCategoriesDisabled(category);
        }
    }

    @Test
    public void disableAllCategoryTest() throws Exception {
        checkCategoriesDisabled(AuditMessage.Category.values());
    }

    @Test
    public void disableSomeCategoryTest() throws Exception {
        checkCategoriesDisabled(AuditMessage.Category.AUTHENTICATED, AuditMessage.Category.BAD_HEADERS, AuditMessage.Category.FAILED_LOGIN, AuditMessage.Category.INDEX_TEMPLATE_WRITE);
    }

    protected void checkCategoriesDisabled(AuditMessage.Category... categoryArr) throws Exception {
        LinkedList linkedList = new LinkedList();
        for (AuditMessage.Category category : categoryArr) {
            linkedList.add(category.name().toLowerCase());
        }
        String join = Joiner.on(",").join(linkedList);
        Settings.Builder builder = Settings.builder();
        builder.put("searchguard.audit.type", TestAuditlogImpl.class.getName());
        builder.put("searchguard.audit.config.disabled_transport_categories", join);
        builder.put("searchguard.audit.config.disabled_rest_categories", join);
        AuditLogImpl auditLogImpl = new AuditLogImpl(builder.build(), (Path) null, (Client) null, AbstractSGUnitTest.MOCK_POOL, (IndexNameExpressionResolver) null, this.cs, this.configurationRepository);
        logAll(auditLogImpl);
        auditLogImpl.close();
        String stringBuffer = TestAuditlogImpl.sb.toString();
        LinkedList linkedList2 = new LinkedList(Arrays.asList(AuditMessage.Category.values()));
        linkedList2.removeAll(Arrays.asList(categoryArr));
        System.out.println(stringBuffer + "###" + join);
        Assert.assertFalse(categoriesPresentInLog(stringBuffer, categoryArr));
        Assert.assertTrue(categoriesPresentInLog(stringBuffer, filterComplianceCategories((AuditMessage.Category[]) linkedList2.toArray(new AuditMessage.Category[0]))));
    }

    protected boolean categoriesPresentInLog(String str, AuditMessage.Category... categoryArr) {
        String replaceAll = str.replaceAll(" ", "");
        for (AuditMessage.Category category : categoryArr) {
            if (!replaceAll.contains("\"audit_category\":\"" + category.name() + "\"")) {
                System.out.println("MISSING: " + category.name());
                return false;
            }
        }
        return true;
    }

    protected void logAll(AuditLog auditLog) {
        logRestFailedLogin(auditLog);
        logRestBadHeaders(auditLog);
        logRestSSLException(auditLog);
        logRestSucceededLogin(auditLog);
        logMissingPrivileges(auditLog);
        logSgIndexAttempt(auditLog);
        logAuthenticatedRequest(auditLog);
        logTransportSSLException(auditLog);
        logTransportBadHeaders(auditLog);
        logTransportFailedLogin(auditLog);
        logTransportSucceededLogin(auditLog);
        logBlockedIp(auditLog);
        logBlockedUser(auditLog);
        logComposableIndexTemplatePutted(auditLog);
        logLegacyIndexTemplatePutted(auditLog);
        logIndexTemplateDeleted(auditLog);
        logIndexCreated(auditLog);
        logIndicesDeleted(auditLog);
        logIndexSettingsUpdated(auditLog);
        logIndexMappingsUpdated(auditLog);
        logSucceededKibanaLogin(auditLog);
        logSucceededKibanaLogout(auditLog);
    }

    protected void logRestSucceededLogin(AuditLog auditLog) {
        auditLog.logSucceededLogin(UserInformation.forName("testuser.rest.succeededlogin"), false, UserInformation.forName("testuser.rest.succeededlogin"), new MockRestRequest());
    }

    protected void logTransportSucceededLogin(AuditLog auditLog) {
        auditLog.logSucceededLogin(UserInformation.forName("testuser.transport.succeededlogin"), false, UserInformation.forName("testuser.transport.succeededlogin"), new TransportRequest.Empty(), "test/action", new Task(0L, "x", "ac", "", (TaskId) null, (Map) null));
    }

    protected void logRestFailedLogin(AuditLog auditLog) {
        auditLog.logFailedLogin(UserInformation.forName("testuser.rest.failedlogin"), false, UserInformation.forName("testuser.rest.failedlogin"), new MockRestRequest());
    }

    protected void logTransportFailedLogin(AuditLog auditLog) {
        auditLog.logFailedLogin(UserInformation.forName("testuser.transport.failedlogin"), false, UserInformation.forName("testuser.transport.failedlogin"), new TransportRequest.Empty(), (Task) null);
    }

    protected void logMissingPrivileges(AuditLog auditLog) {
        auditLog.logMissingPrivileges("privilege.missing", new TransportRequest.Empty(), (Task) null);
    }

    protected void logTransportBadHeaders(AuditLog auditLog) {
        auditLog.logBadHeaders(new TransportRequest.Empty(), "action", (Task) null);
    }

    protected void logRestBadHeaders(AuditLog auditLog) {
        auditLog.logBadHeaders(new MockRestRequest());
    }

    protected void logSgIndexAttempt(AuditLog auditLog) {
        auditLog.logSgIndexAttempt(new TransportRequest.Empty(), "action.indexattempt", (Task) null);
    }

    protected void logRestSSLException(AuditLog auditLog) {
        auditLog.logSSLException(new MockRestRequest(), new Exception());
    }

    protected void logTransportSSLException(AuditLog auditLog) {
        auditLog.logSSLException(new TransportRequest.Empty(), new Exception(), "action.transport.ssl", (Task) null);
    }

    protected void logAuthenticatedRequest(AuditLog auditLog) {
        auditLog.logGrantedPrivileges("action.success", new TransportRequest.Empty(), (Task) null);
    }

    protected void logBlockedIp(AuditLog auditLog) {
        auditLog.logBlockedIp(new MockRestRequest(), new InetSocketAddress(1234));
    }

    protected void logBlockedUser(AuditLog auditLog) {
        auditLog.logBlockedUser(UserInformation.forName("horst"), false, UserInformation.forName("horst"), new MockRestRequest());
    }

    protected void logComposableIndexTemplatePutted(AuditLog auditLog) {
        auditLog.logIndexTemplatePutted("putted-composable-template-name", (ComposableIndexTemplate) null, new ComposableIndexTemplate.Builder().build(), "action.index-template-putted", new TransportRequest.Empty());
    }

    protected void logLegacyIndexTemplatePutted(AuditLog auditLog) {
        auditLog.logIndexTemplatePutted("putted-composable-template-name", (IndexTemplateMetadata) null, IndexTemplateMetadata.builder("putted-legacy-template-name").patterns(Collections.singletonList("index-pattern")).build(), "action.index-template-putted", new TransportRequest.Empty());
    }

    protected void logIndexTemplateDeleted(AuditLog auditLog) {
        auditLog.logIndexTemplateDeleted(Collections.singletonList("deleted-template-name"), "action.index-template-deleted", new TransportRequest.Empty());
    }

    protected void logIndexCreated(AuditLog auditLog) {
        auditLog.logIndexCreated("created-index-name", "action.index-created", new TransportRequest.Empty());
    }

    protected void logIndicesDeleted(AuditLog auditLog) {
        auditLog.logIndicesDeleted(Collections.singletonList("deleted-index-name"), "action.index-deleted", new TransportRequest.Empty());
    }

    protected void logIndexSettingsUpdated(AuditLog auditLog) {
        Settings settings = Settings.EMPTY;
        auditLog.logIndexSettingsUpdated(Collections.singletonList("index-with-updated-settings"), "index-with-updated-settings", new TransportRequest.Empty());
    }

    protected void logIndexMappingsUpdated(AuditLog auditLog) {
        try {
            auditLog.logIndexMappingsUpdated(Collections.singletonList("index-with-updated-mappings"), "index-with-updated-mappings", new TransportRequest.Empty());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected void logSucceededKibanaLogin(AuditLog auditLog) {
        auditLog.logSucceededKibanaLogin(UserInformation.forName("testuser.kibana.succeededlogin"));
    }

    protected void logSucceededKibanaLogout(AuditLog auditLog) {
        auditLog.logSucceededKibanaLogout(UserInformation.forName("testuser.kibana.succeededlogout"));
    }

    private static final AuditMessage.Category[] filterComplianceCategories(AuditMessage.Category[] categoryArr) {
        ArrayList arrayList = new ArrayList();
        for (AuditMessage.Category category : categoryArr) {
            if (!category.toString().startsWith("COMPLIANCE")) {
                arrayList.add(category);
            }
        }
        return (AuditMessage.Category[]) arrayList.toArray(new AuditMessage.Category[0]);
    }
}
