package io.trino.plugin.hive;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import io.trino.testing.AbstractTestQueryFramework;
import io.trino.testing.QueryRunner;
import org.assertj.core.api.Assertions;
import org.testng.annotations.Test;

/* loaded from: input_file:io/trino/plugin/hive/TestHiveSystemSecurity.class */
public class TestHiveSystemSecurity extends AbstractTestQueryFramework {
    /* JADX WARN: Type inference failed for: r0v2, types: [io.trino.plugin.hive.HiveQueryRunner$Builder] */
    protected QueryRunner createQueryRunner() throws Exception {
        return HiveQueryRunner.builder().setHiveProperties(ImmutableMap.of("hive.security", "system")).setInitialTables(ImmutableList.of()).build();
    }

    @Test
    public void testDefinerView() {
        assertUpdate("CREATE VIEW system_security_definer_view AS SELECT 42 as n");
        assertQueryFails("SELECT * from system_security_definer_view", "Catalog does not support run-as DEFINER views: hive.tpch.system_security_definer_view");
        assertUpdate("DROP VIEW system_security_definer_view");
    }

    @Test
    public void testInvokerView() {
        assertUpdate("CREATE VIEW system_security_invoker_view SECURITY INVOKER AS SELECT 42 as n");
        assertQuery("SELECT * from system_security_invoker_view", "SELECT 42 as n");
        assertQueryFails("ALTER VIEW system_security_invoker_view SET AUTHORIZATION user", "Catalog does not support permission management: hive");
        assertQueryFails("ALTER VIEW system_security_invoker_view SET AUTHORIZATION ROLE PUBLIC", ".*Role 'public' does not exist");
        assertUpdate("DROP VIEW system_security_invoker_view");
    }

    @Test
    public void testCreateSchema() {
        assertUpdate("CREATE SCHEMA system_security_schema");
        Assertions.assertThat((String) computeScalar("SHOW CREATE SCHEMA system_security_schema")).doesNotContain(new CharSequence[]{"AUTHORIZATION"});
        assertQueryFails("ALTER SCHEMA system_security_schema SET AUTHORIZATION user", "Catalog does not support permission management: hive");
        assertQueryFails("ALTER SCHEMA system_security_schema SET AUTHORIZATION ROLE PUBLIC", ".*Role 'public' does not exist");
        assertUpdate("DROP SCHEMA system_security_schema");
    }

    @Test
    public void testTableSchema() {
        assertUpdate("CREATE table system_security_table (n bigint)");
        assertQueryFails("ALTER TABLE system_security_table SET AUTHORIZATION user", "Catalog does not support permission management: hive");
        assertQueryFails("ALTER TABLE system_security_table SET AUTHORIZATION ROLE PUBLIC", ".*Role 'public' does not exist");
        assertUpdate("DROP TABLE system_security_table");
    }
}
