package org.apache.ambari.server.controller.internal;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Sets;
import com.google.inject.Inject;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.ambari.server.StaticallyInject;
import org.apache.ambari.server.controller.GroupPrivilegeResponse;
import org.apache.ambari.server.controller.spi.NoSuchParentResourceException;
import org.apache.ambari.server.controller.spi.NoSuchResourceException;
import org.apache.ambari.server.controller.spi.Predicate;
import org.apache.ambari.server.controller.spi.Request;
import org.apache.ambari.server.controller.spi.Resource;
import org.apache.ambari.server.controller.spi.SystemException;
import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
import org.apache.ambari.server.orm.dao.ClusterDAO;
import org.apache.ambari.server.orm.dao.GroupDAO;
import org.apache.ambari.server.orm.dao.ViewInstanceDAO;
import org.apache.ambari.server.orm.entities.GroupEntity;
import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
import org.apache.ambari.server.orm.entities.PrivilegeEntity;
import org.apache.ambari.server.orm.entities.ViewEntity;
import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
import org.apache.ambari.server.security.authorization.AuthorizationException;
import org.apache.ambari.server.security.authorization.AuthorizationHelper;
import org.apache.ambari.server.security.authorization.ResourceType;
import org.apache.ambari.server.security.authorization.RoleAuthorization;
import org.apache.ambari.server.security.authorization.Users;

@StaticallyInject
/* loaded from: input_file:org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProvider.class */
public class GroupPrivilegeResourceProvider extends ReadOnlyResourceProvider {
    protected static final String GROUP_NAME_PROPERTY_ID = "group_name";
    protected static final String PRIVILEGE_ID = "PrivilegeInfo/privilege_id";
    protected static final String PERMISSION_NAME = "PrivilegeInfo/permission_name";
    protected static final String PERMISSION_LABEL = "PrivilegeInfo/permission_label";
    protected static final String PRINCIPAL_NAME = "PrivilegeInfo/principal_name";
    protected static final String PRINCIPAL_TYPE = "PrivilegeInfo/principal_type";
    protected static final String VIEW_NAME = "PrivilegeInfo/view_name";
    protected static final String VIEW_VERSION = "PrivilegeInfo/version";
    protected static final String INSTANCE_NAME = "PrivilegeInfo/instance_name";
    protected static final String TYPE = "PrivilegeInfo/type";

    @Inject
    protected static ClusterDAO clusterDAO;

    @Inject
    protected static GroupDAO groupDAO;

    @Inject
    protected static ViewInstanceDAO viewInstanceDAO;

    @Inject
    protected static Users users;
    protected static final String CLUSTER_NAME = "PrivilegeInfo/cluster_name";
    protected static final String GROUP_NAME = "PrivilegeInfo/group_name";
    private static Set<String> propertyIds = Sets.newHashSet(new String[]{"PrivilegeInfo/privilege_id", "PrivilegeInfo/permission_name", "PrivilegeInfo/permission_label", "PrivilegeInfo/principal_name", "PrivilegeInfo/principal_type", "PrivilegeInfo/view_name", "PrivilegeInfo/version", "PrivilegeInfo/instance_name", CLUSTER_NAME, "PrivilegeInfo/type", GROUP_NAME});
    private static Set<String> pkPropertyIds = new HashSet<String>() { // from class: org.apache.ambari.server.controller.internal.GroupPrivilegeResourceProvider.1
        {
            add("PrivilegeInfo/privilege_id");
        }
    };
    private static Map<Resource.Type, String> keyPropertyIds = ImmutableMap.builder().put(Resource.Type.Group, GROUP_NAME).put(Resource.Type.GroupPrivilege, "PrivilegeInfo/privilege_id").build();

    public static void init(ClusterDAO clusterDAO2, GroupDAO groupDAO2, ViewInstanceDAO viewInstanceDAO2, Users users2) {
        clusterDAO = clusterDAO2;
        groupDAO = groupDAO2;
        viewInstanceDAO = viewInstanceDAO2;
        users = users2;
    }

    public GroupPrivilegeResourceProvider() {
        super(Resource.Type.GroupPrivilege, propertyIds, keyPropertyIds, null);
        EnumSet of = EnumSet.of(RoleAuthorization.AMBARI_ASSIGN_ROLES);
        setRequiredCreateAuthorizations(of);
        setRequiredDeleteAuthorizations(of);
        setRequiredGetAuthorizations(of);
        setRequiredUpdateAuthorizations(of);
    }

    @Override // org.apache.ambari.server.controller.internal.AbstractResourceProvider
    protected Set<String> getPKPropertyIds() {
        return pkPropertyIds;
    }

    @Override // org.apache.ambari.server.controller.internal.ReadOnlyResourceProvider, org.apache.ambari.server.controller.internal.AbstractAuthorizedResourceProvider, org.apache.ambari.server.controller.spi.ResourceProvider
    public Set<Resource> getResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        HashSet hashSet = new HashSet();
        Set<String> requestPropertyIds = getRequestPropertyIds(request, predicate);
        if (!AuthorizationHelper.isAuthorized(ResourceType.AMBARI, (Long) null, RoleAuthorization.AMBARI_MANAGE_GROUPS)) {
            throw new AuthorizationException();
        }
        Iterator<Map<String, Object>> it = getPropertyMaps(predicate).iterator();
        while (it.hasNext()) {
            String str = (String) it.next().get(GROUP_NAME);
            if (str != null) {
                GroupEntity findGroupByName = groupDAO.findGroupByName(str);
                if (findGroupByName == null) {
                    throw new SystemException("Group " + str + " was not found");
                }
                Iterator<PrivilegeEntity> it2 = users.getGroupPrivileges(findGroupByName).iterator();
                while (it2.hasNext()) {
                    hashSet.add(toResource(getResponse(it2.next(), str), requestPropertyIds));
                }
            }
        }
        return hashSet;
    }

    protected GroupPrivilegeResponse getResponse(PrivilegeEntity privilegeEntity, String str) {
        String permissionLabel = privilegeEntity.getPermission().getPermissionLabel();
        String permissionName = privilegeEntity.getPermission().getPermissionName();
        String name = privilegeEntity.getPrincipal().getPrincipalType().getName();
        GroupPrivilegeResponse groupPrivilegeResponse = new GroupPrivilegeResponse(str, permissionLabel, permissionName, privilegeEntity.getId(), PrincipalTypeEntity.PrincipalType.valueOf(name));
        if (name.equals(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE_NAME)) {
            groupPrivilegeResponse.setPrincipalName(groupDAO.findGroupByPrincipal(privilegeEntity.getPrincipal()).getGroupName());
        }
        ResourceType translate = ResourceType.translate(privilegeEntity.getResource().getResourceType().getName());
        if (translate != null) {
            switch (translate) {
                case CLUSTER:
                    groupPrivilegeResponse.setClusterName(clusterDAO.findByResourceId(privilegeEntity.getResource().getId().longValue()).getClusterName());
                    break;
                case VIEW:
                    ViewInstanceEntity findByResourceId = viewInstanceDAO.findByResourceId(privilegeEntity.getResource().getId().longValue());
                    ViewEntity viewEntity = findByResourceId.getViewEntity();
                    groupPrivilegeResponse.setViewName(viewEntity.getCommonName());
                    groupPrivilegeResponse.setVersion(viewEntity.getVersion());
                    groupPrivilegeResponse.setInstanceName(findByResourceId.getName());
                    break;
            }
            groupPrivilegeResponse.setType(translate);
        }
        return groupPrivilegeResponse;
    }

    protected Resource toResource(GroupPrivilegeResponse groupPrivilegeResponse, Set<String> set) {
        ResourceImpl resourceImpl = new ResourceImpl(Resource.Type.GroupPrivilege);
        setResourceProperty(resourceImpl, GROUP_NAME, groupPrivilegeResponse.getGroupName(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/privilege_id", groupPrivilegeResponse.getPrivilegeId(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/permission_name", groupPrivilegeResponse.getPermissionName(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/permission_label", groupPrivilegeResponse.getPermissionLabel(), set);
        setResourceProperty(resourceImpl, "PrivilegeInfo/principal_type", groupPrivilegeResponse.getPrincipalType().name(), set);
        if (groupPrivilegeResponse.getPrincipalName() != null) {
            setResourceProperty(resourceImpl, "PrivilegeInfo/principal_name", groupPrivilegeResponse.getPrincipalName(), set);
        }
        if (groupPrivilegeResponse.getType() != null) {
            setResourceProperty(resourceImpl, "PrivilegeInfo/type", groupPrivilegeResponse.getType().name(), set);
            switch (groupPrivilegeResponse.getType()) {
                case CLUSTER:
                    setResourceProperty(resourceImpl, CLUSTER_NAME, groupPrivilegeResponse.getClusterName(), set);
                    break;
                case VIEW:
                    setResourceProperty(resourceImpl, "PrivilegeInfo/view_name", groupPrivilegeResponse.getViewName(), set);
                    setResourceProperty(resourceImpl, "PrivilegeInfo/version", groupPrivilegeResponse.getVersion(), set);
                    setResourceProperty(resourceImpl, "PrivilegeInfo/instance_name", groupPrivilegeResponse.getInstanceName(), set);
                    break;
            }
        }
        return resourceImpl;
    }
}
