package org.apache.ambari.server.controller.internal;

import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Sets;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.concurrent.TimeUnit;
import org.apache.ambari.server.controller.UserPrivilegeResponse;
import org.apache.ambari.server.controller.spi.NoSuchParentResourceException;
import org.apache.ambari.server.controller.spi.NoSuchResourceException;
import org.apache.ambari.server.controller.spi.Predicate;
import org.apache.ambari.server.controller.spi.Request;
import org.apache.ambari.server.controller.spi.Resource;
import org.apache.ambari.server.controller.spi.SystemException;
import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
import org.apache.ambari.server.orm.dao.ClusterDAO;
import org.apache.ambari.server.orm.dao.GroupDAO;
import org.apache.ambari.server.orm.dao.UserDAO;
import org.apache.ambari.server.orm.dao.ViewInstanceDAO;
import org.apache.ambari.server.orm.entities.ClusterEntity;
import org.apache.ambari.server.orm.entities.GroupEntity;
import org.apache.ambari.server.orm.entities.PrincipalEntity;
import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
import org.apache.ambari.server.orm.entities.PrivilegeEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.apache.ambari.server.orm.entities.ViewEntity;
import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
import org.apache.ambari.server.security.authorization.AuthorizationException;
import org.apache.ambari.server.security.authorization.AuthorizationHelper;
import org.apache.ambari.server.security.authorization.ResourceType;
import org.apache.ambari.server.security.authorization.RoleAuthorization;
import org.apache.ambari.server.security.authorization.Users;

/* loaded from: input_file:org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.class */
public class UserPrivilegeResourceProvider extends ReadOnlyResourceProvider {
    protected static final String USER_NAME_PROPERTY_ID = "user_name";
    protected static final String PRIVILEGE_ID = "PrivilegeInfo/privilege_id";
    protected static final String PERMISSION_NAME = "PrivilegeInfo/permission_name";
    protected static final String PERMISSION_LABEL = "PrivilegeInfo/permission_label";
    protected static final String PRINCIPAL_NAME = "PrivilegeInfo/principal_name";
    protected static final String PRINCIPAL_TYPE = "PrivilegeInfo/principal_type";
    protected static final String VIEW_NAME = "PrivilegeInfo/view_name";
    protected static final String VIEW_VERSION = "PrivilegeInfo/version";
    protected static final String INSTANCE_NAME = "PrivilegeInfo/instance_name";
    protected static final String TYPE = "PrivilegeInfo/type";
    protected static UserDAO userDAO;
    protected static ClusterDAO clusterDAO;
    protected static GroupDAO groupDAO;
    protected static ViewInstanceDAO viewInstanceDAO;
    private static Users users;
    private ThreadLocal<LoadingCache<Long, ClusterEntity>> clusterCache;
    private ThreadLocal<LoadingCache<Long, ViewInstanceEntity>> viewInstanceCache;
    private ThreadLocal<LoadingCache<String, UserEntity>> usersCache;
    private ThreadLocal<LoadingCache<PrincipalEntity, GroupEntity>> groupsCache;
    protected static final String CLUSTER_NAME = "PrivilegeInfo/cluster_name";
    protected static final String USER_NAME = "PrivilegeInfo/user_name";
    private static Set<String> propertyIds = Sets.newHashSet(new String[]{"PrivilegeInfo/privilege_id", "PrivilegeInfo/permission_name", "PrivilegeInfo/permission_label", "PrivilegeInfo/principal_name", "PrivilegeInfo/principal_type", "PrivilegeInfo/view_name", "PrivilegeInfo/version", "PrivilegeInfo/instance_name", CLUSTER_NAME, "PrivilegeInfo/type", USER_NAME});
    private static Set<String> pkPropertyIds = new HashSet<String>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.1
        {
            add("PrivilegeInfo/privilege_id");
        }
    };
    private static Map<Resource.Type, String> keyPropertyIds = ImmutableMap.builder().put(Resource.Type.User, USER_NAME).put(Resource.Type.UserPrivilege, "PrivilegeInfo/privilege_id").build();

    public static void init(UserDAO userDAO2, ClusterDAO clusterDAO2, GroupDAO groupDAO2, ViewInstanceDAO viewInstanceDAO2, Users users2) {
        userDAO = userDAO2;
        clusterDAO = clusterDAO2;
        groupDAO = groupDAO2;
        viewInstanceDAO = viewInstanceDAO2;
        users = users2;
    }

    private GroupEntity getCachedGroupByPrincipal(PrincipalEntity principalEntity) {
        GroupEntity groupEntity = (GroupEntity) this.groupsCache.get().getIfPresent(principalEntity);
        if (groupEntity == null) {
            for (GroupEntity groupEntity2 : groupDAO.findAll()) {
                this.groupsCache.get().put(groupEntity2.getPrincipal(), groupEntity2);
            }
            groupEntity = (GroupEntity) this.groupsCache.get().getUnchecked(principalEntity);
        }
        return groupEntity;
    }

    public UserPrivilegeResourceProvider() {
        super(Resource.Type.UserPrivilege, propertyIds, keyPropertyIds, null);
        this.clusterCache = new ThreadLocal<LoadingCache<Long, ClusterEntity>>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.2
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public LoadingCache<Long, ClusterEntity> initialValue() {
                return CacheBuilder.newBuilder().expireAfterWrite(20L, TimeUnit.SECONDS).build(new CacheLoader<Long, ClusterEntity>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.2.1
                    public ClusterEntity load(Long l) throws Exception {
                        return UserPrivilegeResourceProvider.clusterDAO.findByResourceId(l.longValue());
                    }
                });
            }
        };
        this.viewInstanceCache = new ThreadLocal<LoadingCache<Long, ViewInstanceEntity>>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.3
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public LoadingCache<Long, ViewInstanceEntity> initialValue() {
                return CacheBuilder.newBuilder().expireAfterWrite(20L, TimeUnit.SECONDS).build(new CacheLoader<Long, ViewInstanceEntity>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.3.1
                    public ViewInstanceEntity load(Long l) throws Exception {
                        return UserPrivilegeResourceProvider.viewInstanceDAO.findByResourceId(l.longValue());
                    }
                });
            }
        };
        this.usersCache = new ThreadLocal<LoadingCache<String, UserEntity>>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.4
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public LoadingCache<String, UserEntity> initialValue() {
                return CacheBuilder.newBuilder().expireAfterWrite(20L, TimeUnit.SECONDS).build(new CacheLoader<String, UserEntity>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.4.1
                    public UserEntity load(String str) throws Exception {
                        return UserPrivilegeResourceProvider.userDAO.findUserByName(str);
                    }
                });
            }
        };
        this.groupsCache = new ThreadLocal<LoadingCache<PrincipalEntity, GroupEntity>>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.5
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public LoadingCache<PrincipalEntity, GroupEntity> initialValue() {
                return CacheBuilder.newBuilder().expireAfterWrite(20L, TimeUnit.SECONDS).build(new CacheLoader<PrincipalEntity, GroupEntity>() { // from class: org.apache.ambari.server.controller.internal.UserPrivilegeResourceProvider.5.1
                    public GroupEntity load(PrincipalEntity principalEntity) throws Exception {
                        return UserPrivilegeResourceProvider.groupDAO.findGroupByPrincipal(principalEntity);
                    }
                });
            }
        };
        EnumSet of = EnumSet.of(RoleAuthorization.AMBARI_ASSIGN_ROLES);
        setRequiredCreateAuthorizations(of);
        setRequiredDeleteAuthorizations(of);
        setRequiredGetAuthorizations(of);
        setRequiredUpdateAuthorizations(of);
    }

    @Override // org.apache.ambari.server.controller.internal.AbstractResourceProvider
    protected Set<String> getPKPropertyIds() {
        return pkPropertyIds;
    }

    @Override // org.apache.ambari.server.controller.internal.ReadOnlyResourceProvider, org.apache.ambari.server.controller.internal.AbstractAuthorizedResourceProvider, org.apache.ambari.server.controller.spi.ResourceProvider
    public Set<Resource> getResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        HashSet hashSet = new HashSet();
        Set<String> requestPropertyIds = getRequestPropertyIds(request, predicate);
        boolean isAuthorized = AuthorizationHelper.isAuthorized(ResourceType.AMBARI, (Long) null, RoleAuthorization.AMBARI_MANAGE_USERS);
        Iterator<Map<String, Object>> it = getPropertyMaps(predicate).iterator();
        while (it.hasNext()) {
            String str = (String) it.next().get(USER_NAME);
            if (!isAuthorized && !AuthorizationHelper.getAuthenticatedName().equalsIgnoreCase(str)) {
                throw new AuthorizationException();
            }
            if (str != null) {
                UserEntity userEntity = (UserEntity) this.usersCache.get().getIfPresent(str);
                if (userEntity == null) {
                    TreeMap treeMap = new TreeMap();
                    for (UserEntity userEntity2 : userDAO.findAll()) {
                        if (((UserEntity) treeMap.get(userEntity2.getUserName())) == null) {
                            treeMap.put(userEntity2.getUserName(), userEntity2);
                        }
                    }
                    this.usersCache.get().putAll(treeMap);
                    userEntity = (UserEntity) this.usersCache.get().getIfPresent(str);
                }
                if (userEntity == null) {
                    userEntity = userDAO.findUserByName(str);
                }
                if (userEntity == null) {
                    throw new NoSuchParentResourceException("User was not found");
                }
                Iterator<PrivilegeEntity> it2 = users.getUserPrivileges(userEntity).iterator();
                while (it2.hasNext()) {
                    hashSet.add(toResource(getResponse(it2.next(), str), requestPropertyIds));
                }
            }
        }
        return hashSet;
    }

    protected UserPrivilegeResponse getResponse(PrivilegeEntity privilegeEntity, String str) {
        String permissionLabel = privilegeEntity.getPermission().getPermissionLabel();
        String permissionName = privilegeEntity.getPermission().getPermissionName();
        String name = privilegeEntity.getPrincipal().getPrincipalType().getName();
        UserPrivilegeResponse userPrivilegeResponse = new UserPrivilegeResponse(str, permissionLabel, permissionName, privilegeEntity.getId(), PrincipalTypeEntity.PrincipalType.valueOf(name));
        if (name.equals(PrincipalTypeEntity.USER_PRINCIPAL_TYPE_NAME)) {
            userPrivilegeResponse.setPrincipalName(userDAO.findUserByPrincipal(privilegeEntity.getPrincipal()).getUserName());
        } else if (name.equals(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE_NAME)) {
            userPrivilegeResponse.setPrincipalName(getCachedGroupByPrincipal(privilegeEntity.getPrincipal()).getGroupName());
        }
        ResourceType translate = ResourceType.translate(privilegeEntity.getResource().getResourceType().getName());
        if (translate != null) {
            switch (translate) {
                case CLUSTER:
                    userPrivilegeResponse.setClusterName(((ClusterEntity) this.clusterCache.get().getUnchecked(privilegeEntity.getResource().getId())).getClusterName());
                    break;
                case VIEW:
                    ViewInstanceEntity viewInstanceEntity = (ViewInstanceEntity) this.viewInstanceCache.get().getUnchecked(privilegeEntity.getResource().getId());
                    ViewEntity viewEntity = viewInstanceEntity.getViewEntity();
                    userPrivilegeResponse.setViewName(viewEntity.getCommonName());
                    userPrivilegeResponse.setVersion(viewEntity.getVersion());
                    userPrivilegeResponse.setInstanceName(viewInstanceEntity.getName());
                    break;
            }
            userPrivilegeResponse.setType(translate);
        }
        return userPrivilegeResponse;
    }

    protected Resource toResource(UserPrivilegeResponse userPrivilegeResponse, Set<String> set) {
        ResourceImpl resourceImpl = new ResourceImpl(Resource.Type.UserPrivilege);
        setResourceProperty(resourceImpl, USER_NAME, userPrivilegeResponse.getUserName(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/privilege_id", userPrivilegeResponse.getPrivilegeId(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/permission_name", userPrivilegeResponse.getPermissionName(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/permission_label", userPrivilegeResponse.getPermissionLabel(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/principal_type", userPrivilegeResponse.getPrincipalType().name(), set);
        if (userPrivilegeResponse.getPrincipalName() != null) {
            setResourceProperty(resourceImpl, "PrivilegeInfo/principal_name", userPrivilegeResponse.getPrincipalName(), set);
        }
        if (userPrivilegeResponse.getType() != null) {
            setResourceProperty(resourceImpl, "PrivilegeInfo/type", userPrivilegeResponse.getType().name(), set);
            switch (userPrivilegeResponse.getType()) {
                case CLUSTER:
                    setResourceProperty(resourceImpl, CLUSTER_NAME, userPrivilegeResponse.getClusterName(), set);
                    break;
                case VIEW:
                    setResourceProperty(resourceImpl, "PrivilegeInfo/view_name", userPrivilegeResponse.getViewName(), set);
                    setResourceProperty(resourceImpl, "PrivilegeInfo/version", userPrivilegeResponse.getVersion(), set);
                    setResourceProperty(resourceImpl, "PrivilegeInfo/instance_name", userPrivilegeResponse.getInstanceName(), set);
                    break;
            }
        }
        return resourceImpl;
    }
}
