package pl.codewise.commons.aws.cqrs.operations;

import com.amazonaws.services.identitymanagement.AmazonIdentityManagement;
import com.amazonaws.services.identitymanagement.model.AddRoleToInstanceProfileRequest;
import com.amazonaws.services.identitymanagement.model.AddRoleToInstanceProfileResult;
import com.amazonaws.services.identitymanagement.model.AmazonIdentityManagementException;
import com.amazonaws.services.identitymanagement.model.AttachRolePolicyRequest;
import com.amazonaws.services.identitymanagement.model.AttachRolePolicyResult;
import com.amazonaws.services.identitymanagement.model.CreateInstanceProfileRequest;
import com.amazonaws.services.identitymanagement.model.CreateInstanceProfileResult;
import com.amazonaws.services.identitymanagement.model.CreateRoleRequest;
import com.amazonaws.services.identitymanagement.model.CreateRoleResult;
import com.amazonaws.services.identitymanagement.model.DeleteInstanceProfileRequest;
import com.amazonaws.services.identitymanagement.model.DeleteInstanceProfileResult;
import com.amazonaws.services.identitymanagement.model.DeleteRoleRequest;
import com.amazonaws.services.identitymanagement.model.DeleteRoleResult;
import com.amazonaws.services.identitymanagement.model.DetachRolePolicyRequest;
import com.amazonaws.services.identitymanagement.model.DetachRolePolicyResult;
import com.amazonaws.services.identitymanagement.model.InstanceProfile;
import com.amazonaws.services.identitymanagement.model.RemoveRoleFromInstanceProfileRequest;
import com.amazonaws.services.identitymanagement.model.RemoveRoleFromInstanceProfileResult;
import com.amazonaws.services.identitymanagement.model.Role;
import java.util.Arrays;
import java.util.Collections;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.mockito.stubbing.OngoingStubbing;
import pl.codewise.commons.aws.cqrs.discovery.IamDiscovery;
import pl.codewise.commons.aws.cqrs.model.iam.AwsIamRole;
import pl.codewise.commons.aws.cqrs.model.iam.AwsInstanceProfile;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:pl/codewise/commons/aws/cqrs/operations/IamOperationsTest.class */
public class IamOperationsTest {
    private final String policy1 = "test-policy-1";
    private final String policy2 = "test-policy-2";
    private final String arnPrefix = "arn:aws:iam::123456789012:";
    private final String role1 = "test-role-1";
    private final String role2 = "test-role-2";
    private final String profile1 = "test-profile";
    private IamOperations iamOperations;

    @Mock
    private IamDiscovery iamDiscovery;

    @Mock
    private AmazonIdentityManagement amazonIdentityManagement;

    @Before
    public void setUp() {
        this.iamOperations = new IamOperations(this.iamDiscovery, this.amazonIdentityManagement);
    }

    @Test
    public void shouldReturnEmptyWhenUnableToCreateInstanceProfile() {
        givenExceptionThrownDuringInstanceProfileCreation(new AmazonIdentityManagementException("UnableToCreate"));
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.createInstanceProfile("test-profile");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToCreate");
    }

    @Test
    public void shouldReturnCreatedInstanceProfileWhenCreationSuccessful() {
        givenSuccessfulInstanceProfileCreation("test-profile");
        Assertions.assertThat(this.iamOperations.createInstanceProfile("test-profile")).as("Result of new instance profile creation when attempt was successful", new Object[0]).isEqualTo(new AwsInstanceProfile("test-profile", "arn:aws:iam::123456789012:test-profile"));
    }

    @Test
    public void shouldFailDeletingInstanceProfile() {
        whenDeleteInstanceProfileRequested().thenThrow(new Throwable[]{new AmazonIdentityManagementException("UnableToDeleteInstanceProfile")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.deleteInstanceProfile("test-profile");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToDeleteInstanceProfile");
    }

    @Test
    public void shouldDeleteInstanceProfile() {
        whenDeleteInstanceProfileRequested().thenReturn(someDeleteInstanceProfileResult());
        this.iamOperations.deleteInstanceProfile("test-profile");
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).deleteInstanceProfile(new DeleteInstanceProfileRequest().withInstanceProfileName("test-profile"));
    }

    @Test
    public void shouldReturnEmptyWhenUnableToCreateRole() {
        givenExceptionThrownDuringRoleCreation(new AmazonIdentityManagementException("UnableToCreate"));
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.createRole("test-role-1");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToCreate");
    }

    @Test
    public void shouldReturnCreatedRoleWhenCreationSuccessful() {
        givenSuccessfulRoleCreation("test-role-1");
        Assertions.assertThat(this.iamOperations.createRole("test-role-1")).as("Result of new role creation when the attempt was successful", new Object[0]).isEqualTo(new AwsIamRole("test-role-1"));
    }

    @Test
    public void shouldFailDeletingRole() {
        whenDeleteRoleRequested().thenThrow(new Throwable[]{new AmazonIdentityManagementException("UnableToDeleteRole")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.deleteRole("test-role-1");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToDeleteRole");
    }

    @Test
    public void shouldDeleteRole() {
        whenDeleteRoleRequested().thenReturn(someDeleteRoleResult());
        this.iamOperations.deleteRole("test-role-1");
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).deleteRole(new DeleteRoleRequest().withRoleName("test-role-1"));
    }

    @Test
    public void shouldReturnFalseWhenUnableToAddRoleToInstanceProfile() {
        givenExceptionThrownWhenAddingRoleToInstanceProfile(new AmazonIdentityManagementException("UnableToAddRoleToInstanceProfile"));
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.addRoleToInstanceProfile("test-role-1", "test-profile");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToAddRoleToInstanceProfile");
    }

    @Test
    public void shouldReturnTrueWhenSuccessfullyAddedRoleToInstanceProfile() {
        givenSuccessfulAdditionOfRoleToPolicy();
        this.iamOperations.addRoleToInstanceProfile("test-role-1", "test-profile");
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).addRoleToInstanceProfile(new AddRoleToInstanceProfileRequest().withRoleName("test-role-1").withInstanceProfileName("test-profile"));
    }

    @Test
    public void shouldFailRemovingRolesFromInstanceProfile() {
        Mockito.when(this.iamDiscovery.getInstanceProfileRoles("test-profile")).thenReturn(Collections.singletonList("test-role-1"));
        whenRemoveRoleFromInstanceProfileRequested("test-role-1").thenThrow(new Throwable[]{new AmazonIdentityManagementException("UnableToRemoveRoleFromProfile")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.removeRolesFromInstanceProfile("test-profile");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToRemoveRoleFromProfile");
    }

    @Test
    public void shouldRemoveRolesFromInstanceProfile() {
        Mockito.when(this.iamDiscovery.getInstanceProfileRoles("test-profile")).thenReturn(Arrays.asList("test-role-1", "test-role-2"));
        whenRemoveRoleFromInstanceProfileRequested("test-role-1").thenReturn(someRemoveRoleFromInstanceProfileResult());
        whenRemoveRoleFromInstanceProfileRequested("test-role-2").thenReturn(someRemoveRoleFromInstanceProfileResult());
        this.iamOperations.removeRolesFromInstanceProfile("test-profile");
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).removeRoleFromInstanceProfile(new RemoveRoleFromInstanceProfileRequest().withInstanceProfileName("test-profile").withRoleName("test-role-1"));
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).removeRoleFromInstanceProfile(new RemoveRoleFromInstanceProfileRequest().withInstanceProfileName("test-profile").withRoleName("test-role-2"));
    }

    @Test
    public void shouldReturnFalseWhenPolicyDoesNotExist() {
        givenNoPolicies();
        Assertions.assertThat(this.iamOperations.attachPolicyToRole("test-policy-1", "test-role-1")).as("Successful result of attaching non-existing policy", new Object[0]).isFalse();
    }

    @Test
    public void shouldReturnFalseWhenUnableToAttachPolicyToRole() {
        givenPolicies("test-policy-1");
        givenExceptionThrownWhenAttachingPolicy(new AmazonIdentityManagementException("UnableToAttachPolicy"));
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.attachPolicyToRole("test-policy-1", "test-role-1");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("UnableToAttachPolicy");
    }

    @Test
    public void shouldReturnTrueWhenSuccessfullyAttachedPolicy() {
        givenPolicies("test-policy-1");
        givenSuccessfulAttachmentOfAPolicy();
        Assertions.assertThat(this.iamOperations.attachPolicyToRole("test-policy-1", "test-role-1")).as("Successful result of attaching a policy to a role", new Object[0]).isTrue();
    }

    @Test
    public void shouldFailWhenUnableToDetachPolicies() {
        Mockito.when(this.iamDiscovery.getAttachedPoliciesArnsForRole("test-role-1")).thenReturn(Arrays.asList(prefixed("test-policy-1"), prefixed("test-policy-2")));
        whenDetachRolePolicyRequested("test-policy-1", "test-role-1").thenThrow(new Throwable[]{new AmazonIdentityManagementException("NoSuchRole")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.iamOperations.detachAllPoliciesFromRole("test-role-1");
        })).isExactlyInstanceOf(AmazonIdentityManagementException.class).hasMessageContaining("NoSuchRole");
    }

    @Test
    public void shouldDetachPolicyFromRole() {
        Mockito.when(this.iamDiscovery.getAttachedPoliciesArnsForRole("test-role-1")).thenReturn(Arrays.asList(prefixed("test-policy-1"), prefixed("test-policy-2")));
        whenDetachRolePolicyRequested("test-policy-1", "test-role-1").thenReturn(someDetachRolePolicyResult());
        whenDetachRolePolicyRequested("test-policy-2", "test-role-1").thenReturn(someDetachRolePolicyResult());
        this.iamOperations.detachAllPoliciesFromRole("test-role-1");
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).detachRolePolicy(new DetachRolePolicyRequest().withPolicyArn(prefixed("test-policy-1")).withRoleName("test-role-1"));
        ((AmazonIdentityManagement) Mockito.verify(this.amazonIdentityManagement)).detachRolePolicy(new DetachRolePolicyRequest().withPolicyArn(prefixed("test-policy-2")).withRoleName("test-role-1"));
    }

    private void givenPolicies(String... strArr) {
        for (String str : strArr) {
            Mockito.when(this.iamDiscovery.getPolicyArn(str)).thenReturn(Optional.of(prefixed(str)));
        }
    }

    private void givenNoPolicies() {
        Mockito.when(this.iamDiscovery.getPolicyArn((String) ArgumentMatchers.any())).thenReturn(Optional.empty());
    }

    private void givenExceptionThrownDuringInstanceProfileCreation(Exception exc) {
        Mockito.when(this.amazonIdentityManagement.createInstanceProfile((CreateInstanceProfileRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{exc});
    }

    private void givenExceptionThrownDuringRoleCreation(Exception exc) {
        Mockito.when(this.amazonIdentityManagement.createRole((CreateRoleRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{exc});
    }

    private void givenSuccessfulInstanceProfileCreation(String str) {
        Mockito.when(this.amazonIdentityManagement.createInstanceProfile((CreateInstanceProfileRequest) ArgumentMatchers.any())).thenReturn(getSuccessfulCreateInstanceProfileResult(str));
    }

    private void givenSuccessfulRoleCreation(String str) {
        Mockito.when(this.amazonIdentityManagement.createRole((CreateRoleRequest) ArgumentMatchers.any())).thenReturn(getSuccessfulCreateRoleResult(str));
    }

    private void givenExceptionThrownWhenAddingRoleToInstanceProfile(Exception exc) {
        Mockito.when(this.amazonIdentityManagement.addRoleToInstanceProfile((AddRoleToInstanceProfileRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{exc});
    }

    private void givenSuccessfulAdditionOfRoleToPolicy() {
        Mockito.when(this.amazonIdentityManagement.addRoleToInstanceProfile((AddRoleToInstanceProfileRequest) ArgumentMatchers.any())).thenReturn(new AddRoleToInstanceProfileResult());
    }

    private void givenExceptionThrownWhenAttachingPolicy(Exception exc) {
        Mockito.when(this.amazonIdentityManagement.attachRolePolicy((AttachRolePolicyRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{exc});
    }

    private void givenSuccessfulAttachmentOfAPolicy() {
        Mockito.when(this.amazonIdentityManagement.attachRolePolicy((AttachRolePolicyRequest) ArgumentMatchers.any())).thenReturn(new AttachRolePolicyResult());
    }

    private CreateInstanceProfileResult getSuccessfulCreateInstanceProfileResult(String str) {
        return new CreateInstanceProfileResult().withInstanceProfile(instanceProfileWithName(str));
    }

    private CreateRoleResult getSuccessfulCreateRoleResult(String str) {
        return new CreateRoleResult().withRole(roleWithArn(str));
    }

    private InstanceProfile instanceProfileWithName(String str) {
        return new InstanceProfile().withInstanceProfileName(str);
    }

    private Role roleWithArn(String str) {
        return new Role().withRoleName(str);
    }

    private String prefixed(String str) {
        return "arn:aws:iam::123456789012:" + str;
    }

    private OngoingStubbing<DetachRolePolicyResult> whenDetachRolePolicyRequested(String str, String str2) {
        return Mockito.when(this.amazonIdentityManagement.detachRolePolicy(new DetachRolePolicyRequest().withRoleName(str2).withPolicyArn(prefixed(str))));
    }

    private DetachRolePolicyResult someDetachRolePolicyResult() {
        return new DetachRolePolicyResult();
    }

    private OngoingStubbing<DeleteInstanceProfileResult> whenDeleteInstanceProfileRequested() {
        return Mockito.when(this.amazonIdentityManagement.deleteInstanceProfile(new DeleteInstanceProfileRequest().withInstanceProfileName("test-profile")));
    }

    private DeleteInstanceProfileResult someDeleteInstanceProfileResult() {
        return new DeleteInstanceProfileResult();
    }

    private OngoingStubbing<DeleteRoleResult> whenDeleteRoleRequested() {
        return Mockito.when(this.amazonIdentityManagement.deleteRole(new DeleteRoleRequest().withRoleName("test-role-1")));
    }

    private DeleteRoleResult someDeleteRoleResult() {
        return new DeleteRoleResult();
    }

    private OngoingStubbing<RemoveRoleFromInstanceProfileResult> whenRemoveRoleFromInstanceProfileRequested(String str) {
        return Mockito.when(this.amazonIdentityManagement.removeRoleFromInstanceProfile(new RemoveRoleFromInstanceProfileRequest().withRoleName(str).withInstanceProfileName("test-profile")));
    }

    private RemoveRoleFromInstanceProfileResult someRemoveRoleFromInstanceProfileResult() {
        return new RemoveRoleFromInstanceProfileResult();
    }
}
