package com.floragunn.searchguard.enterprise.dlsfls.legacy;

import com.floragunn.searchguard.legacy.test.RestHelper;
import com.floragunn.searchguard.test.helper.cluster.FileHelper;
import org.apache.http.Header;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.support.WriteRequest;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.xcontent.XContentType;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:com/floragunn/searchguard/enterprise/dlsfls/legacy/DFMFieldMaskedTest.class */
public class DFMFieldMaskedTest extends AbstractDlsFlsTest {
    @Override // com.floragunn.searchguard.enterprise.dlsfls.legacy.AbstractDlsFlsTest
    protected void populateData(Client client) {
        client.index(new IndexRequest("searchguard").id("config").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{"config", FileHelper.readYamlContent("dlsfls_legacy/sg_config.yml")})).actionGet();
        client.index(new IndexRequest("searchguard").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).id("internalusers").source(new Object[]{"internalusers", FileHelper.readYamlContent("dlsfls_legacy/sg_internal_users.yml")})).actionGet();
        client.index(new IndexRequest("searchguard").id("roles").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{"roles", FileHelper.readYamlContent("dlsfls_legacy/sg_roles.yml")})).actionGet();
        client.index(new IndexRequest("searchguard").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).id("rolesmapping").source(new Object[]{"rolesmapping", FileHelper.readYamlContent("dlsfls_legacy/sg_roles_mapping.yml")})).actionGet();
        client.index(new IndexRequest("searchguard").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).id("actiongroups").source(new Object[]{"actiongroups", FileHelper.readYamlContent("dlsfls_legacy/sg_action_groups.yml")})).actionGet();
        client.index(new IndexRequest("deals-0").id("0").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust1\"}, \"ip_source\": \"100.100.1.1\",\"ip_dest\": \"123.123.1.1\",\"amount\": 10}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("deals-1").id("1").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust2\"}, \"ip_source\": \"100.100.2.2\",\"ip_dest\": \"123.123.2.2\",\"amount\": 20}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("deals-2").id("2").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust3\"}, \"ip_source\": \"100.100.2.3\",\"ip_dest\": \"123.123.3.2\",\"amount\": 30}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("deals-outdated-1").id("1").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust4\"}, \"ip_source\": \"100.100.32.1\",\"ip_dest\": \"123.123.4.2\",\"amount\": 100}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("deals-outdated-2").id("2").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust5\"}, \"ip_source\": \"100.100.3.2\",\"ip_dest\": \"123.123.5.2\",\"amount\": 200}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("deals-outdated-3").id("3").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"customer\": {\"name\":\"cust6\"}, \"ip_source\": \"100.100.3.3\",\"ip_dest\": \"123.123.6.2\",\"amount\": 300}", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("index1-1").id("0").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"field1\": 1, \"field2\": \"value-2-1\", \"field3\": \"value-3-1\", \"field4\": \"value-4-1\" }", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("index1-2").id("0").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"field1\": 2, \"field2\": \"value-2-2\", \"field3\": \"value-3-2\", \"field4\": \"value-4-2\" }", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("index1-3").id("0").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"field1\": 3, \"field2\": \"value-2-3\", \"field3\": \"value-3-3\", \"field4\": \"value-4-3\" }", XContentType.JSON)).actionGet();
        client.index(new IndexRequest("index1-4").id("0").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source("{\"field1\": 4, \"field2\": \"value-2-4\", \"field3\": \"value-3-4\", \"field4\": \"value-4-4\" }", XContentType.JSON)).actionGet();
    }

    @Test
    public void testMaskedSearch() throws Exception {
        setup(Settings.builder().build());
        RestHelper.HttpResponse executeGetRequest = this.rh.executeGetRequest("/deals-outdated-*/_search?pretty", new Header[]{encodeBasicHeader("admin", "admin")});
        Assert.assertEquals(200L, executeGetRequest.getStatusCode());
        System.out.println(executeGetRequest.getBody());
        RestHelper.HttpResponse executeGetRequest2 = this.rh.executeGetRequest("/deals-outdated-*/_search?pretty", new Header[]{encodeBasicHeader("dfm_user", "password")});
        Assert.assertEquals(200L, executeGetRequest2.getStatusCode());
        System.out.println(executeGetRequest2.getBody());
        RestHelper.HttpResponse executeGetRequest3 = this.rh.executeGetRequest("/deals-*/_search?pretty", new Header[]{encodeBasicHeader("dfm_user", "password")});
        Assert.assertEquals(200L, executeGetRequest3.getStatusCode());
        System.out.println(executeGetRequest3.getBody());
        RestHelper.HttpResponse executeGetRequest4 = this.rh.executeGetRequest("/deals*/_search?pretty", new Header[]{encodeBasicHeader("dfm_user", "password")});
        Assert.assertEquals(200L, executeGetRequest4.getStatusCode());
        System.out.println(executeGetRequest4.getBody());
    }

    @Test
    public void testDFMUnrestrictedUser() throws Exception {
        setup(Settings.builder().build());
        RestHelper.HttpResponse executeGetRequest = this.rh.executeGetRequest("/index1-*/_search?pretty", new Header[]{encodeBasicHeader("admin", "admin")});
        Assert.assertEquals(200L, executeGetRequest.getStatusCode());
        System.out.println(executeGetRequest.getBody());
        Assert.assertTrue(executeGetRequest.getBody().contains("index1-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-4"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-4"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-4"));
    }

    @Test
    public void testDFMRestrictedUser() throws Exception {
        setup(Settings.builder().build());
        RestHelper.HttpResponse executeGetRequest = this.rh.executeGetRequest("/_searchguard/authinfo?pretty", new Header[]{encodeBasicHeader("dfm_restricted_role", "password")});
        Assert.assertEquals(200L, executeGetRequest.getStatusCode());
        System.out.println(executeGetRequest.getBody());
        RestHelper.HttpResponse executeGetRequest2 = this.rh.executeGetRequest("/index1-*/_search?pretty", new Header[]{encodeBasicHeader("dfm_restricted_role", "password")});
        Assert.assertEquals(200L, executeGetRequest2.getStatusCode());
        System.out.println(executeGetRequest2.getBody());
        Assert.assertFalse(executeGetRequest2.getBody().contains("index1-1"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-1"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-1"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-2"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-2"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-3"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-3"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-4"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-4"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-2-1"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-2-2"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-2-3"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-2-4"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("514b27191e2322b0f7cd6afc3a5d657ff438fd0cc8dc229bd1a589804fdffd99"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("3090f7e867f390fb96b20ba30ee518b09a927b857393ebd1262f31191a385efa"));
    }

    @Test
    public void testDFMRestrictedAndUnrestrictedAllIndices() throws Exception {
        setup(Settings.builder().build());
        RestHelper.HttpResponse executeGetRequest = this.rh.executeGetRequest("/index1-*/_search?pretty", new Header[]{encodeBasicHeader("dfm_restricted_and_unrestricted_all_indices_role", "password")});
        Assert.assertEquals(200L, executeGetRequest.getStatusCode());
        System.out.println(executeGetRequest.getBody());
        Assert.assertTrue(executeGetRequest.getBody().contains("index1-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-3-4"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-4-4"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-1"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-2"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-3"));
        Assert.assertTrue(executeGetRequest.getBody().contains("value-2-4"));
    }

    @Test
    public void testDFMRestrictedAndUnrestrictedOneIndex() throws Exception {
        setup(Settings.builder().build());
        RestHelper.HttpResponse executeGetRequest = this.rh.executeGetRequest("/_searchguard/authinfo?pretty", new Header[]{encodeBasicHeader("dfm_restricted_and_unrestricted_one_index_role", "password")});
        Assert.assertEquals(200L, executeGetRequest.getStatusCode());
        System.out.println(executeGetRequest.getBody());
        RestHelper.HttpResponse executeGetRequest2 = this.rh.executeGetRequest("/index1-*/_search?pretty", new Header[]{encodeBasicHeader("dfm_restricted_and_unrestricted_one_index_role", "password")});
        Assert.assertEquals(200L, executeGetRequest2.getStatusCode());
        System.out.println(executeGetRequest2.getBody());
        Assert.assertTrue(executeGetRequest2.getBody().contains("index1-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-2-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-3-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-4-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-3-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-4-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-3-4"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-4-4"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-2"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-2"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-3-3"));
        Assert.assertFalse(executeGetRequest2.getBody().contains("value-4-3"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-2-1"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("value-2-4"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("514b27191e2322b0f7cd6afc3a5d657ff438fd0cc8dc229bd1a589804fdffd99"));
        Assert.assertTrue(executeGetRequest2.getBody().contains("3090f7e867f390fb96b20ba30ee518b09a927b857393ebd1262f31191a385efa"));
    }
}
