package org.apache.sentry.hdfs;

import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclEntryScope;
import org.apache.hadoop.fs.permission.AclEntryType;
import org.apache.hadoop.fs.permission.FsAction;
import org.apache.sentry.hdfs.service.thrift.TPrivilegePrincipal;
import org.apache.sentry.hdfs.service.thrift.TPrivilegePrincipalType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/sentry/hdfs/SentryPermissions.class */
public class SentryPermissions implements AuthzPermissions {
    private final Map<String, PrivilegeInfo> privileges = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private Map<String, Set<String>> authzObjChildren = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private final Map<String, RoleInfo> roles = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private static Logger LOG = LoggerFactory.getLogger(SentryINodeAttributesProvider.class);

    /* loaded from: input_file:org/apache/sentry/hdfs/SentryPermissions$HdfsAclEntity.class */
    public static class HdfsAclEntity {
        private final AclEntryType type;
        private final String value;

        private HdfsAclEntity(AclEntryType aclEntryType, String str) throws IllegalArgumentException {
            if (aclEntryType != AclEntryType.USER && aclEntryType != AclEntryType.GROUP) {
                throw new IllegalArgumentException("Invalid AclEntryType");
            }
            this.type = aclEntryType;
            this.value = str;
        }

        public static HdfsAclEntity constructAclEntityForUser(String str) {
            return new HdfsAclEntity(AclEntryType.USER, str);
        }

        public static HdfsAclEntity constructAclEntityForGroup(String str) {
            return new HdfsAclEntity(AclEntryType.GROUP, str);
        }

        public AclEntryType getType() {
            return this.type;
        }

        public String getValue() {
            return this.value;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            HdfsAclEntity hdfsAclEntity = (HdfsAclEntity) obj;
            if (this.type == null) {
                if (hdfsAclEntity.type != null) {
                    return false;
                }
            } else if (!this.type.equals(hdfsAclEntity.type)) {
                return false;
            }
            return this.value == null ? hdfsAclEntity.value == null : this.value.equals(hdfsAclEntity.value);
        }

        public int hashCode() {
            return (31 * ((31 * 1) + (this.type == null ? 0 : this.type.hashCode()))) + (this.value == null ? 0 : this.value.hashCode());
        }
    }

    /* loaded from: input_file:org/apache/sentry/hdfs/SentryPermissions$PrivilegeInfo.class */
    public static class PrivilegeInfo {
        private final String authzObj;
        private final Map<TPrivilegePrincipal, FsAction> privilegeEntityFsActionMap = new HashMap();

        public PrivilegeInfo(String str) {
            this.authzObj = str;
        }

        public PrivilegeInfo setPermission(TPrivilegePrincipal tPrivilegePrincipal, FsAction fsAction) {
            this.privilegeEntityFsActionMap.put(tPrivilegePrincipal, fsAction);
            return this;
        }

        public PrivilegeInfo removePermission(TPrivilegePrincipal tPrivilegePrincipal) {
            this.privilegeEntityFsActionMap.remove(tPrivilegePrincipal);
            return this;
        }

        public FsAction getPermission(TPrivilegePrincipal tPrivilegePrincipal) {
            return this.privilegeEntityFsActionMap.get(tPrivilegePrincipal);
        }

        public Map<TPrivilegePrincipal, FsAction> getAllPermissions() {
            return this.privilegeEntityFsActionMap;
        }

        public String getAuthzObj() {
            return this.authzObj;
        }

        public String toString() {
            return "PrivilegeInfo(" + this.authzObj + " --> " + this.privilegeEntityFsActionMap + ")";
        }
    }

    /* loaded from: input_file:org/apache/sentry/hdfs/SentryPermissions$RoleInfo.class */
    public static class RoleInfo {
        private final String role;
        private final Set<String> groups = new HashSet();

        public RoleInfo(String str) {
            this.role = str;
        }

        public RoleInfo addGroup(String str) {
            this.groups.add(str);
            return this;
        }

        public RoleInfo delGroup(String str) {
            this.groups.remove(str);
            return this;
        }

        public String getRole() {
            return this.role;
        }

        public Set<String> getAllGroups() {
            return this.groups;
        }

        public String toString() {
            return "RoleInfo(" + this.role + " --> " + this.groups + ")";
        }
    }

    String getParentAuthzObject(String str) {
        int indexOf;
        return (str == null || (indexOf = str.indexOf(46)) <= 0) ? str : str.substring(0, indexOf);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addParentChildMappings(String str) {
        String parentAuthzObject = getParentAuthzObject(str);
        if (parentAuthzObject != null) {
            Set<String> set = this.authzObjChildren.get(parentAuthzObject);
            if (set == null) {
                set = new HashSet();
                this.authzObjChildren.put(parentAuthzObject, set);
            }
            set.add(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeParentChildMappings(String str) {
        String parentAuthzObject = getParentAuthzObject(str);
        if (parentAuthzObject == null) {
            this.authzObjChildren.remove(str);
            return;
        }
        Set<String> set = this.authzObjChildren.get(parentAuthzObject);
        if (set != null) {
            set.remove(str);
        }
    }

    private Map<HdfsAclEntity, FsAction> getPerms(String str) {
        String parentAuthzObject = getParentAuthzObject(str);
        Map<HdfsAclEntity, FsAction> hashMap = (parentAuthzObject == null || parentAuthzObject.equals(str)) ? new HashMap() : getPerms(parentAuthzObject);
        PrivilegeInfo privilegeInfo = this.privileges.get(str);
        if (privilegeInfo != null) {
            for (Map.Entry<TPrivilegePrincipal, FsAction> entry : privilegeInfo.getAllPermissions().entrySet()) {
                constructHdfsPermissions(entry.getKey(), entry.getValue(), hashMap);
            }
        }
        return hashMap;
    }

    public List<AclEntry> getAcls(String str) {
        Map<HdfsAclEntity, FsAction> perms = getPerms(str);
        LinkedList linkedList = new LinkedList();
        for (Map.Entry<HdfsAclEntity, FsAction> entry : perms.entrySet()) {
            AclEntry.Builder builder = new AclEntry.Builder();
            if (entry.getKey().getType() == AclEntryType.GROUP) {
                builder.setName(entry.getKey().getValue());
                builder.setType(AclEntryType.GROUP);
            } else if (entry.getKey().getType() == AclEntryType.USER) {
                builder.setName(entry.getKey().getValue());
                builder.setType(AclEntryType.USER);
            } else {
                LOG.warn("Permissions for Invalid AclEntryType: %s", entry.getKey().getType());
            }
            builder.setScope(AclEntryScope.ACCESS);
            FsAction value = entry.getValue();
            if (value == FsAction.READ || value == FsAction.WRITE || value == FsAction.READ_WRITE) {
                value = value.or(FsAction.EXECUTE);
            }
            builder.setPermission(value);
            linkedList.add(builder.build());
        }
        return linkedList;
    }

    private void constructHdfsPermissions(TPrivilegePrincipal tPrivilegePrincipal, FsAction fsAction, Map<HdfsAclEntity, FsAction> map) {
        if (tPrivilegePrincipal.getType() != TPrivilegePrincipalType.ROLE) {
            if (tPrivilegePrincipal.getType() == TPrivilegePrincipalType.USER) {
                HdfsAclEntity constructAclEntityForUser = HdfsAclEntity.constructAclEntityForUser(tPrivilegePrincipal.getValue());
                FsAction fsAction2 = map.get(constructAclEntityForUser);
                if (fsAction2 == null) {
                    fsAction2 = FsAction.NONE;
                }
                map.put(constructAclEntityForUser, fsAction2.or(fsAction));
                return;
            }
            return;
        }
        RoleInfo roleInfo = this.roles.get(tPrivilegePrincipal.getValue());
        if (roleInfo != null) {
            Iterator it = roleInfo.groups.iterator();
            while (it.hasNext()) {
                HdfsAclEntity constructAclEntityForGroup = HdfsAclEntity.constructAclEntityForGroup((String) it.next());
                FsAction fsAction3 = map.get(constructAclEntityForGroup);
                if (fsAction3 == null) {
                    fsAction3 = FsAction.NONE;
                }
                map.put(constructAclEntityForGroup, fsAction3.or(fsAction));
            }
        }
    }

    public PrivilegeInfo getPrivilegeInfo(String str) {
        return this.privileges.get(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<PrivilegeInfo> getAllPrivileges() {
        return this.privileges.values();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<RoleInfo> getAllRoles() {
        return this.roles.values();
    }

    public void delPrivilegeInfo(String str) {
        this.privileges.remove(str);
    }

    public void addPrivilegeInfo(PrivilegeInfo privilegeInfo) {
        this.privileges.put(privilegeInfo.authzObj, privilegeInfo);
    }

    public Set<String> getChildren(String str) {
        return this.authzObjChildren.get(str);
    }

    public RoleInfo getRoleInfo(String str) {
        return this.roles.get(str);
    }

    public void delRoleInfo(String str) {
        this.roles.remove(str);
    }

    public void addRoleInfo(RoleInfo roleInfo) {
        this.roles.put(roleInfo.role, roleInfo);
    }

    public String dumpContent() {
        return new StringBuffer(getClass().getSimpleName()).append(": Privileges: ").append(this.privileges).append(", Roles: ").append(this.roles).append(", AuthzObjChildren: ").append(this.authzObjChildren).toString();
    }

    public String toString() {
        return new StringBuffer(getClass().getSimpleName()).append(": Privileges: ").append(this.privileges.size()).append(", Roles: ").append(this.roles.size()).append(", AuthzObjChildren: ").append(this.authzObjChildren.size()).toString();
    }
}
