package io.trino.plugin.jdbc.logging;

import io.trino.spi.TrinoException;
import io.trino.spi.security.ConnectorIdentity;
import io.trino.testing.TestingConnectorSession;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:io/trino/plugin/jdbc/logging/TestFormatBasedRemoteQueryModifier.class */
public class TestFormatBasedRemoteQueryModifier {
    @Test
    public void testCreatingCommentToAppendBasedOnFormatAndConnectorSession() {
        TestingConnectorSession build = TestingConnectorSession.builder().setTraceToken("trace_token").setSource("source").setIdentity(ConnectorIdentity.ofUser("Alice")).build();
        Assertions.assertThat(createRemoteQueryModifier("Query=$QUERY_ID Execution for user=$USER with source=$SOURCE ttoken=$TRACE_TOKEN").apply(build, "SELECT * from USERS")).isEqualTo("SELECT * from USERS /*Query=%s Execution for user=%s with source=%s ttoken=%s*/", new Object[]{build.getQueryId(), "Alice", "source", "trace_token"});
    }

    @Test
    public void testCreatingCommentWithDuplicatedPredefinedValues() {
        TestingConnectorSession build = TestingConnectorSession.builder().setTraceToken("trace_token").setSource("source").setIdentity(ConnectorIdentity.ofUser("Alice")).build();
        Assertions.assertThat(createRemoteQueryModifier("$QUERY_ID, $QUERY_ID, $QUERY_ID, $QUERY_ID, $USER, $USER, $SOURCE, $SOURCE, $SOURCE, $TRACE_TOKEN, $TRACE_TOKEN").apply(build, "SELECT * from USERS")).isEqualTo("SELECT * from USERS /*%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s*/", new Object[]{build.getQueryId(), build.getQueryId(), build.getQueryId(), build.getQueryId(), "Alice", "Alice", "source", "source", "source", "trace_token", "trace_token"});
    }

    @Test
    public void testForSQLInjectionsByTraceToken() {
        TestingConnectorSession build = TestingConnectorSession.builder().setTraceToken("*/; DROP TABLE TABLE_A; /*").setSource("source").setIdentity(ConnectorIdentity.ofUser("Alice")).build();
        FormatBasedRemoteQueryModifier createRemoteQueryModifier = createRemoteQueryModifier("Query=$QUERY_ID Execution for user=$USER with source=$SOURCE ttoken=$TRACE_TOKEN");
        Assertions.assertThatThrownBy(() -> {
            createRemoteQueryModifier.apply(build, "SELECT * from USERS");
        }).isInstanceOf(TrinoException.class).hasMessageMatching("Rendering metadata using 'query.comment-format' does not meet security criteria: Query=.* Execution for user=Alice with source=source ttoken=\\*/; DROP TABLE TABLE_A; /\\*");
    }

    @Test
    public void testForSQLInjectionsBySource() {
        testForSQLInjectionsBySource("*/; DROP TABLE TABLE_A; /*");
        testForSQLInjectionsBySource("Prefix */; DROP TABLE TABLE_A; /*");
        testForSQLInjectionsBySource("\n\nMultiline */; DROP TABLE TABLE_A; /*");
    }

    @Test
    public void testFormatQueryModifierWithUser() {
        Assertions.assertThat(createRemoteQueryModifier("user=$USER").apply(TestingConnectorSession.builder().setIdentity(ConnectorIdentity.ofUser("Alice")).setSource("$invalid@value").setTraceToken("#invalid&value").build(), "SELECT * FROM USERS")).isEqualTo("SELECT * FROM USERS /*user=Alice*/");
    }

    @Test
    public void testFormatQueryModifierWithSource() {
        Assertions.assertThat(createRemoteQueryModifier("source=$SOURCE").apply(TestingConnectorSession.builder().setIdentity(ConnectorIdentity.ofUser("Alice")).setSource("valid-value").setTraceToken("$invalid@value").build(), "SELECT * FROM USERS")).isEqualTo("SELECT * FROM USERS /*source=valid-value*/");
    }

    @Test
    public void testFormatQueryModifierWithTraceToken() {
        Assertions.assertThat(createRemoteQueryModifier("ttoken=$TRACE_TOKEN").apply(TestingConnectorSession.builder().setIdentity(ConnectorIdentity.ofUser("Alice")).setSource("$invalid@value").setTraceToken("valid-value").build(), "SELECT * FROM USERS")).isEqualTo("SELECT * FROM USERS /*ttoken=valid-value*/");
    }

    @Test
    public void testFormatWithValidValues() {
        testFormatWithValidValues("trino");
        testFormatWithValidValues("123");
        testFormatWithValidValues("1t2r3i4n0");
        testFormatWithValidValues("trino-cli");
        testFormatWithValidValues("trino_cli");
        testFormatWithValidValues("trino-cli_123");
        testFormatWithValidValues("123_trino-cli");
        testFormatWithValidValues("123-trino_cli");
        testFormatWithValidValues("-trino-cli");
        testFormatWithValidValues("_trino_cli");
    }

    private void testFormatWithValidValues(String str) {
        Assertions.assertThat(createRemoteQueryModifier("source=$SOURCE ttoken=$TRACE_TOKEN").apply(TestingConnectorSession.builder().setIdentity(ConnectorIdentity.ofUser("Alice")).setSource(str).setTraceToken(str).build(), "SELECT * FROM USERS")).isEqualTo("SELECT * FROM USERS /*source=%1$s ttoken=%1$s*/".formatted(str));
    }

    private void testForSQLInjectionsBySource(String str) {
        TestingConnectorSession build = TestingConnectorSession.builder().setTraceToken("trace_token").setSource(str).setIdentity(ConnectorIdentity.ofUser("Alice")).build();
        FormatBasedRemoteQueryModifier createRemoteQueryModifier = createRemoteQueryModifier("Query=$QUERY_ID Execution for user=$USER with source=$SOURCE ttoken=$TRACE_TOKEN");
        Assertions.assertThatThrownBy(() -> {
            createRemoteQueryModifier.apply(build, "SELECT * from USERS");
        }).isInstanceOf(TrinoException.class).hasMessageContaining("Rendering metadata using 'query.comment-format' does not meet security criteria: Query=");
    }

    private static FormatBasedRemoteQueryModifier createRemoteQueryModifier(String str) {
        return new FormatBasedRemoteQueryModifier(new FormatBasedRemoteQueryModifierConfig().setFormat(str));
    }
}
