package com.floragunn.signals;

import com.floragunn.codova.config.temporal.DurationFormat;
import com.floragunn.codova.validation.ConfigValidationException;
import com.floragunn.codova.validation.ValidatingDocNode;
import com.floragunn.codova.validation.ValidationErrors;
import com.floragunn.searchguard.internalauthtoken.InternalAuthTokenProvider;
import com.floragunn.searchguard.support.PrivilegedConfigClient;
import com.floragunn.searchguard.test.TestSgConfig;
import com.floragunn.searchguard.test.helper.cluster.LocalCluster;
import com.floragunn.searchguard.user.User;
import com.floragunn.searchsupport.diag.DiagnosticContext;
import com.floragunn.signals.accounts.AccountRegistry;
import com.floragunn.signals.execution.ActionExecutionException;
import com.floragunn.signals.execution.WatchExecutionContext;
import com.floragunn.signals.proxy.service.HttpProxyHostRegistry;
import com.floragunn.signals.settings.SignalsSettings;
import com.floragunn.signals.truststore.service.TrustManagerRegistry;
import com.floragunn.signals.watch.Watch;
import com.floragunn.signals.watch.WatchBuilder;
import com.floragunn.signals.watch.action.handlers.ActionExecutionResult;
import com.floragunn.signals.watch.action.handlers.ActionHandler;
import com.floragunn.signals.watch.common.Ack;
import com.floragunn.signals.watch.common.ValidationLevel;
import com.floragunn.signals.watch.init.WatchInitializationService;
import java.io.IOException;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Arrays;
import net.jcip.annotations.NotThreadSafe;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.awaitility.Awaitility;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.support.WriteRequest;
import org.elasticsearch.client.internal.Client;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.env.NodeEnvironment;
import org.elasticsearch.features.FeatureService;
import org.elasticsearch.node.PluginAwareNode;
import org.elasticsearch.script.ScriptService;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.xcontent.NamedXContentRegistry;
import org.elasticsearch.xcontent.ToXContent;
import org.elasticsearch.xcontent.XContentBuilder;
import org.elasticsearch.xcontent.XContentFactory;
import org.elasticsearch.xcontent.XContentType;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Ignore;
import org.junit.Test;
import org.mockito.Mockito;

@NotThreadSafe
/* loaded from: input_file:com/floragunn/signals/SignalsTenantTest.class */
public class SignalsTenantTest {
    public static final String UPLOADED_TRUSTSTORE_ID = "uploaded-truststore-id";
    private static ClusterService clusterService;
    private static NodeEnvironment nodeEnvironment;
    private static NamedXContentRegistry xContentRegistry;
    private static ScriptService scriptService;
    private static InternalAuthTokenProvider internalAuthTokenProvider;
    private static DiagnosticContext diagnosticContext;
    private static TrustManagerRegistry trustManagerRegistry;
    private static HttpProxyHostRegistry httpProxyHostRegistry;
    private static FeatureService featureService;
    private static final Logger log = LogManager.getLogger(SignalsTenantTest.class);
    private static TestSgConfig.User USER_CERTIFICATE = new TestSgConfig.User("certificate-user").roles(new TestSgConfig.Role[]{TestSgConfig.Role.ALL_ACCESS});

    @ClassRule
    public static LocalCluster cluster = new LocalCluster.Builder().singleNode().sslEnabled().resources("sg_config/no-tenants").nodeSettings(new Object[]{"signals.enabled", true, "signals.index_names.log", "signals_main_log", "searchguard.enterprise_modules_enabled", false}).enableModule(SignalsModule.class).user(USER_CERTIFICATE).build();
    private static final User UHURA = User.forUser(RestApiTest.USERNAME_UHURA).backendRoles(new String[]{"signals_admin", "all_access"}).build();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/floragunn/signals/SignalsTenantTest$SleepAction.class */
    public static class SleepAction extends ActionHandler {
        private Duration duration;

        /* loaded from: input_file:com/floragunn/signals/SignalsTenantTest$SleepAction$Factory.class */
        public static class Factory extends ActionHandler.Factory<SleepAction> {
            public Factory() {
                super("sleep");
            }

            /* JADX INFO: Access modifiers changed from: protected */
            /* renamed from: create, reason: merged with bridge method [inline-methods] */
            public SleepAction m10create(WatchInitializationService watchInitializationService, ValidatingDocNode validatingDocNode, ValidationErrors validationErrors) throws ConfigValidationException {
                return new SleepAction(validatingDocNode.get("duration").asDuration());
            }
        }

        SleepAction(Duration duration) {
            this.duration = duration;
        }

        public XContentBuilder toXContent(XContentBuilder xContentBuilder, ToXContent.Params params) throws IOException {
            xContentBuilder.field("duration", DurationFormat.INSTANCE.format(this.duration));
            return xContentBuilder;
        }

        public ActionExecutionResult execute(WatchExecutionContext watchExecutionContext) throws ActionExecutionException {
            try {
                Thread.sleep(this.duration.toMillis());
            } catch (InterruptedException e) {
            }
            return new ActionExecutionResult("zzz");
        }

        public String getType() {
            return "sleep";
        }
    }

    @BeforeClass
    public static void setupTestData() throws Throwable {
        cluster.before();
        PluginAwareNode node = cluster.node();
        clusterService = (ClusterService) node.injector().getInstance(ClusterService.class);
        xContentRegistry = (NamedXContentRegistry) node.injector().getInstance(NamedXContentRegistry.class);
        scriptService = (ScriptService) node.injector().getInstance(ScriptService.class);
        internalAuthTokenProvider = (InternalAuthTokenProvider) node.injector().getInstance(InternalAuthTokenProvider.class);
        nodeEnvironment = (NodeEnvironment) node.injector().getInstance(NodeEnvironment.class);
        diagnosticContext = (DiagnosticContext) node.injector().getInstance(DiagnosticContext.class);
        trustManagerRegistry = ((Signals) cluster.getInjectable(Signals.class)).getTruststoreRegistry();
        httpProxyHostRegistry = ((Signals) cluster.getInjectable(Signals.class)).getHttpProxyHostRegistry();
        featureService = ((Signals) cluster.getInjectable(Signals.class)).getFeatureService();
        PrivilegedConfigClient adapt = PrivilegedConfigClient.adapt(cluster.getInternalNodeClient());
        Client internalNodeClient = cluster.getInternalNodeClient();
        Watch build = new WatchBuilder("test").cronTrigger("*/2 * * * * ?").search("testsource").query("{\"match_all\" : {} }").as("testsearch").put("{\"bla\": {\"blub\": 42}}").as("teststatic").then().index("testsink").name("testsink").throttledFor("5s").build();
        build.setTenant("test");
        XContentBuilder jsonBuilder = XContentFactory.jsonBuilder();
        build.toXContent(jsonBuilder, ToXContent.EMPTY_PARAMS);
        adapt.index(new IndexRequest(".signals_watches").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(jsonBuilder).id("test/test_watch")).actionGet();
        internalNodeClient.index(new IndexRequest("testsource").source(XContentType.JSON, new Object[]{"key1", "val1", "key2", "val2"})).actionGet();
        internalNodeClient.index(new IndexRequest("testsource").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(XContentType.JSON, new Object[]{"a", "x", "b", "y"})).actionGet();
        internalNodeClient.index(new IndexRequest("testsource").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(XContentType.JSON, new Object[]{"a", "xx", "b", "yy"})).actionGet();
    }

    @Test
    @Ignore("TODO why is this ignored?")
    public void initializationTest() throws Exception {
        SignalsTenant signalsTenant = new SignalsTenant("test", cluster.getInternalNodeClient(), clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(Settings.builder().build()), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
        try {
            signalsTenant.init();
            Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
            Assert.assertTrue(signalsTenant.runsWatchLocally("test_watch"));
            signalsTenant.close();
        } catch (Throwable th) {
            try {
                signalsTenant.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    @Ignore("TODO somethings wrong with mockito here")
    public void nodeFilterTest() throws Exception {
        Client internalNodeClient = cluster.getInternalNodeClient();
        SignalsSettings signalsSettings = (SignalsSettings) Mockito.mock(SignalsSettings.class, Mockito.RETURNS_DEEP_STUBS);
        Mockito.when(signalsSettings.getTenant("test").getNodeFilter()).thenReturn("unknown_attr:true");
        SignalsTenant signalsTenant = new SignalsTenant("test", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, signalsSettings, (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
        try {
            signalsTenant.init();
            Assert.assertEquals(0L, signalsTenant.getLocalWatchCount());
            Assert.assertFalse(signalsTenant.runsWatchLocally("test_watch"));
            signalsTenant.close();
        } catch (Throwable th) {
            try {
                signalsTenant.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    public void failoverTest() throws Exception {
        Client internalNodeClient = cluster.getInternalNodeClient();
        Settings build = Settings.builder().build();
        SignalsTenant signalsTenant = new SignalsTenant("failover_test", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
        try {
            signalsTenant.init();
            signalsTenant.addWatch(new WatchBuilder("test_watch").atInterval("100ms").search("testsource").query("{\"match_all\" : {} }").as("testsearch").put("{\"bla\": {\"blub\": 42}}").as("teststatic").then().index("testsink").name("testsink").build(), UHURA, ValidationLevel.STRICT);
            for (int i = 0; i < 20; i++) {
                Thread.sleep(100L);
                if (signalsTenant.getLocalWatchCount() != 0) {
                    break;
                }
            }
            Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
            Assert.assertTrue(signalsTenant.runsWatchLocally("test_watch"));
            Thread.sleep(500L);
            Assert.assertEquals(Arrays.asList("testsink"), new ArrayList(signalsTenant.ack("test_watch", new User("horst")).keySet()));
            Ack acked = signalsTenant.getWatchStateManager().getWatchState("test_watch").getActionState("testsink").getAcked();
            Assert.assertNotNull(acked);
            Thread.sleep(500L);
            signalsTenant.close();
            Thread.sleep(1000L);
            signalsTenant = new SignalsTenant("failover_test", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
            try {
                signalsTenant.init();
                for (int i2 = 0; i2 < 20; i2++) {
                    Thread.sleep(100L);
                    if (signalsTenant.getLocalWatchCount() != 0) {
                        break;
                    }
                }
                Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
                Assert.assertTrue(signalsTenant.runsWatchLocally("test_watch"));
                Assert.assertEquals(acked, signalsTenant.getWatchStateManager().getWatchState("test_watch").getActionState("testsink").getAcked());
                signalsTenant.close();
            } finally {
            }
        } finally {
        }
    }

    @Test
    public void failoverWhileRunningTest() throws Exception {
        Client internalNodeClient = cluster.getInternalNodeClient();
        Settings build = Settings.builder().build();
        SignalsTenant signalsTenant = new SignalsTenant("failover_while_running_test", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
        try {
            signalsTenant.init();
            signalsTenant.addWatch(new WatchBuilder("test_watch").atInterval("100ms").search("testsource").query("{\"match_all\" : {} }").as("testsearch").put("{\"bla\": {\"blub\": 42}}").as("teststatic").then().act(new SleepAction(Duration.ofSeconds(4L))).name("sleep").and().index("failover_while_running_testsink").name("testsink").build(), UHURA, ValidationLevel.STRICT);
            for (int i = 0; i < 20; i++) {
                Thread.sleep(100L);
                if (signalsTenant.getLocalWatchCount() != 0) {
                    break;
                }
            }
            Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
            Assert.assertTrue(signalsTenant.runsWatchLocally("test_watch"));
            Thread.sleep(500L);
            signalsTenant.shutdownHard();
            signalsTenant.close();
            Thread.sleep(1000L);
            signalsTenant = new SignalsTenant("failover_while_running_test", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
            try {
                signalsTenant.init();
                for (int i2 = 0; i2 < 20; i2++) {
                    Thread.sleep(100L);
                    if (signalsTenant.getLocalWatchCount() != 0) {
                        break;
                    }
                }
                Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
                Assert.assertTrue(signalsTenant.runsWatchLocally("test_watch"));
                signalsTenant.close();
            } finally {
            }
        } finally {
        }
    }

    @Test
    public void shouldInitWatchWhichUsesTruststoreDuringStartupTime() throws Throwable {
        MockWebserviceProvider mockWebserviceProvider = new MockWebserviceProvider("/tls_endpoint", true, false);
        try {
            Client internalNodeClient = cluster.getInternalNodeClient();
            mockWebserviceProvider.uploadMockServerCertificateAsTruststore(cluster, USER_CERTIFICATE, "uploaded-truststore-id");
            Watch build = new WatchBuilder("tls_execution_test").atMsInterval(100L).search("testsource").query("{\"match_all\" : {} }").as("testsearch").put("{\"bla\": {\"blub\": 42}}").as("teststatic").then().postWebhook(mockWebserviceProvider.getUri()).truststoreId("uploaded-truststore-id").throttledFor("0").name("send-http-request").build();
            Settings build2 = Settings.builder().build();
            SignalsTenant signalsTenant = new SignalsTenant("test_tenant", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build2), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
            try {
                signalsTenant.init();
                signalsTenant.addWatch(build, UHURA, ValidationLevel.STRICT);
                Awaitility.await().until(() -> {
                    return Boolean.valueOf(signalsTenant.getLocalWatchCount() != 0);
                });
                Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
                Assert.assertTrue(signalsTenant.runsWatchLocally("tls_execution_test"));
                Awaitility.await().until(() -> {
                    return Boolean.valueOf(mockWebserviceProvider.getRequestCount() > 0);
                });
                signalsTenant.close();
                Thread.sleep(1000L);
                log.debug("Current number of webhook requests " + mockWebserviceProvider.getRequestCount());
                int requestCount = mockWebserviceProvider.getRequestCount();
                signalsTenant = new SignalsTenant("test_tenant", internalNodeClient, clusterService, nodeEnvironment, scriptService, xContentRegistry, internalAuthTokenProvider, new SignalsSettings(build2), (AccountRegistry) null, diagnosticContext, (ThreadPool) Mockito.mock(ThreadPool.class), trustManagerRegistry, httpProxyHostRegistry, featureService);
                try {
                    signalsTenant.init();
                    Awaitility.await().until(() -> {
                        return Boolean.valueOf(signalsTenant.getLocalWatchCount() != 0);
                    });
                    Assert.assertEquals(1L, signalsTenant.getLocalWatchCount());
                    Assert.assertTrue(signalsTenant.runsWatchLocally("tls_execution_test"));
                    Awaitility.await().until(() -> {
                        return Boolean.valueOf(mockWebserviceProvider.getRequestCount() > requestCount);
                    });
                    log.debug("Current number of webhook requests " + mockWebserviceProvider.getRequestCount());
                    signalsTenant.close();
                    mockWebserviceProvider.close();
                } finally {
                }
            } finally {
            }
        } catch (Throwable th) {
            try {
                mockWebserviceProvider.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    static {
        ActionHandler.factoryRegistry.add(new ActionHandler.Factory[]{new SleepAction.Factory()});
    }
}
