package org.apache.ranger.patch;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.hdfs.web.resources.TokenServiceParam;
import org.apache.log4j.Logger;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.biz.ServiceDBStore;
import org.apache.ranger.common.AppConstants;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.ServiceUtil;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXAsset;
import org.apache.ranger.entity.XXGroup;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.entity.XXResource;
import org.apache.ranger.entity.XXServiceConfigDef;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.plugin.util.SearchFilter;
import org.apache.ranger.service.RangerPolicyService;
import org.apache.ranger.service.XPermMapService;
import org.apache.ranger.service.XPolicyService;
import org.apache.ranger.util.CLIUtil;
import org.apache.ranger.view.VXPermMap;
import org.apache.solr.common.params.FacetParams;
import org.apache.xmlbeans.impl.jam.xml.JamXmlElements;
import org.eclipse.persistence.config.ResultSetType;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/patch/PatchMigration_J10002.class */
public class PatchMigration_J10002 extends BaseLoader {

    @Autowired
    RangerDaoManager daoMgr;

    @Autowired
    ServiceDBStore svcDBStore;

    @Autowired
    JSONUtil jsonUtil;

    @Autowired
    RangerPolicyService policyService;

    @Autowired
    StringUtil stringUtil;

    @Autowired
    XPolicyService xPolService;

    @Autowired
    XPermMapService xPermMapService;

    @Autowired
    RangerBizUtil bizUtil;
    private static final Logger logger = Logger.getLogger(PatchMigration_J10002.class);
    private static int policyCounter = 0;
    private static int serviceCounter = 0;
    static Set<String> unsupportedLegacyPermTypes = new HashSet();

    public static void main(String[] strArr) {
        logger.info("main()");
        try {
            PatchMigration_J10002 patchMigration_J10002 = (PatchMigration_J10002) CLIUtil.getBean(PatchMigration_J10002.class);
            patchMigration_J10002.init();
            while (patchMigration_J10002.isMoreToProcess()) {
                patchMigration_J10002.load();
            }
            logger.info("Load complete. Exiting!!!");
            System.exit(0);
        } catch (Exception e) {
            logger.error("Error loading", e);
            System.exit(1);
        }
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void init() throws Exception {
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void execLoad() {
        logger.info("==> MigrationPatch.execLoad()");
        try {
            migrateServicesToNewSchema();
            migratePoliciesToNewSchema();
            updateSequences();
        } catch (Exception e) {
            logger.error("Error whille migrating data.", e);
        }
        logger.info("<== MigrationPatch.execLoad()");
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void printStats() {
        logger.info("Total Number of migrated repositories/services: " + serviceCounter);
        logger.info("Total Number of migrated resources/policies: " + policyCounter);
    }

    public void migrateServicesToNewSchema() throws Exception {
        logger.info("==> MigrationPatch.migrateServicesToNewSchema()");
        try {
            List<XXAsset> all = this.daoMgr.getXXAsset().getAll();
            if (all.isEmpty()) {
                return;
            }
            if (!all.isEmpty()) {
                EmbeddedServiceDefsUtil.instance().init(this.svcDBStore);
            }
            this.svcDBStore.setPopulateExistingBaseFields(true);
            for (XXAsset xXAsset : all) {
                if (xXAsset.getActiveStatus() != 2) {
                    if (this.svcDBStore.getServiceByName(xXAsset.getName()) != null) {
                        logger.info("Repository/Service already exists. Ignoring migration of repo: " + xXAsset.getName());
                    } else {
                        RangerService createService = this.svcDBStore.createService(mapXAssetToService(new RangerService(), xXAsset));
                        serviceCounter++;
                        logger.info("New Service created. ServiceName: " + createService.getName());
                    }
                }
            }
            this.svcDBStore.setPopulateExistingBaseFields(false);
            logger.info("<== MigrationPatch.migrateServicesToNewSchema()");
        } catch (Exception e) {
            throw new Exception("Error while migrating data to new Plugin Schema.", e);
        }
    }

    public void migratePoliciesToNewSchema() throws Exception {
        logger.info("==> MigrationPatch.migratePoliciesToNewSchema()");
        try {
            List<XXResource> all = this.daoMgr.getXXResource().getAll();
            if (all.isEmpty()) {
                return;
            }
            this.svcDBStore.setPopulateExistingBaseFields(true);
            for (XXResource xXResource : all) {
                if (xXResource.getResourceStatus() != 2) {
                    XXAsset byId = this.daoMgr.getXXAsset().getById(xXResource.getAssetId());
                    if (byId == null) {
                        logger.error("No Repository found for policyName: " + xXResource.getPolicyName());
                    } else {
                        RangerService serviceByName = this.svcDBStore.getServiceByName(byId.getName());
                        if (serviceByName == null) {
                            logger.error("No Service found for policy. Ignoring migration of such policy, policyName: " + xXResource.getPolicyName());
                        } else {
                            XXPolicy findByNameAndServiceId = this.daoMgr.getXXPolicy().findByNameAndServiceId(xXResource.getPolicyName(), serviceByName.getId());
                            if (findByNameAndServiceId != null) {
                                logger.info("Policy already exists. Ignoring migration of policy: " + findByNameAndServiceId.getName());
                            } else {
                                RangerPolicy mapXResourceToPolicy = mapXResourceToPolicy(new RangerPolicy(), xXResource, serviceByName);
                                if (mapXResourceToPolicy != null) {
                                    RangerPolicy createPolicy = this.svcDBStore.createPolicy(mapXResourceToPolicy);
                                    policyCounter++;
                                    logger.info("New policy created. policyName: " + createPolicy.getName());
                                }
                            }
                        }
                    }
                }
            }
            this.svcDBStore.setPopulateExistingBaseFields(false);
            logger.info("<== MigrationPatch.migratePoliciesToNewSchema()");
        } catch (Exception e) {
            throw new Exception("Error while migrating data to new Plugin Schema.", e);
        }
    }

    private RangerService mapXAssetToService(RangerService rangerService, XXAsset xXAsset) throws Exception {
        String name = xXAsset.getName();
        String description = xXAsset.getDescription();
        XXServiceDef findByName = this.daoMgr.getXXServiceDef().findByName(AppConstants.getLabelFor_AssetType(xXAsset.getAssetType()).toLowerCase());
        if (findByName == null) {
            throw new Exception("No ServiceDefinition found for repository: " + name);
        }
        String name2 = findByName.getName();
        Map<String, String> jsonToMap = this.jsonUtil.jsonToMap(xXAsset.getConfig());
        for (XXServiceConfigDef xXServiceConfigDef : this.daoMgr.getXXServiceConfigDef().findByServiceDefName(name2)) {
            if (xXServiceConfigDef.getIsMandatory() && this.stringUtil.isEmpty(jsonToMap.get(xXServiceConfigDef.getName()))) {
                String type = xXServiceConfigDef.getType();
                String defaultvalue = xXServiceConfigDef.getDefaultvalue();
                if (this.stringUtil.isEmpty(defaultvalue)) {
                    defaultvalue = getDefaultValueForDataType(type);
                }
                jsonToMap.put(xXServiceConfigDef.getName(), defaultvalue);
            }
        }
        rangerService.setType(name2);
        rangerService.setName(name);
        rangerService.setDescription(description);
        rangerService.setConfigs(jsonToMap);
        rangerService.setCreateTime(xXAsset.getCreateTime());
        rangerService.setUpdateTime(xXAsset.getUpdateTime());
        XXPortalUser byId = this.daoMgr.getXXPortalUser().getById(xXAsset.getAddedByUserId());
        XXPortalUser byId2 = this.daoMgr.getXXPortalUser().getById(xXAsset.getUpdatedByUserId());
        if (byId != null) {
            rangerService.setCreatedBy(byId.getLoginId());
        }
        if (byId2 != null) {
            rangerService.setUpdatedBy(byId2.getLoginId());
        }
        rangerService.setId(xXAsset.getId());
        return rangerService;
    }

    private String getDefaultValueForDataType(String str) {
        String str2 = "";
        boolean z = -1;
        switch (str.hashCode()) {
            case -891985903:
                if (str.equals("string")) {
                    z = true;
                    break;
                }
                break;
            case 104431:
                if (str.equals("int")) {
                    z = false;
                    break;
                }
                break;
            case 3029738:
                if (str.equals("bool")) {
                    z = 2;
                    break;
                }
                break;
            case 3118337:
                if (str.equals(FacetParams.FACET_METHOD_enum)) {
                    z = 3;
                    break;
                }
                break;
            case 1216985755:
                if (str.equals("password")) {
                    z = 4;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str2 = "0";
                break;
            case true:
                str2 = "unknown";
                break;
            case true:
                str2 = "false";
                break;
            case true:
                str2 = "0";
                break;
            case true:
                str2 = "password";
                break;
        }
        return str2;
    }

    private RangerPolicy mapXResourceToPolicy(RangerPolicy rangerPolicy, XXResource xXResource, RangerService rangerService) {
        String name = rangerService.getName();
        String type = rangerService.getType();
        String policyName = xXResource.getPolicyName();
        String description = xXResource.getDescription();
        Boolean bool = true;
        Boolean bool2 = true;
        HashMap hashMap = new HashMap();
        new ArrayList();
        XXServiceDef findByName = this.daoMgr.getXXServiceDef().findByName(type);
        if (findByName == null) {
            logger.error(type + ": service-def not found. Skipping policy '" + policyName + Expression.QUOTE);
            return null;
        }
        if (this.stringUtil.isEmpty(this.daoMgr.getXXAuditMap().findByResourceId(xXResource.getId()))) {
            bool = false;
        }
        if (xXResource.getResourceStatus() == 0) {
            bool2 = false;
        }
        Boolean valueOf = Boolean.valueOf(xXResource.getIsRecursive() == 1);
        Boolean valueOf2 = Boolean.valueOf(xXResource.getTableType() == 1);
        Boolean valueOf3 = Boolean.valueOf(xXResource.getColumnType() == 1);
        if (StringUtils.equalsIgnoreCase(type, "hdfs")) {
            toRangerResourceList(xXResource.getName(), "path", Boolean.FALSE, valueOf, hashMap);
        } else if (StringUtils.equalsIgnoreCase(type, EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_HBASE_NAME)) {
            toRangerResourceList(xXResource.getTables(), "table", valueOf2, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getColumnFamilies(), "column-family", Boolean.FALSE, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getColumns(), JamXmlElements.COLUMN, valueOf3, Boolean.FALSE, hashMap);
        } else if (StringUtils.equalsIgnoreCase(type, "hive")) {
            toRangerResourceList(xXResource.getDatabases(), "database", Boolean.FALSE, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getTables(), "table", valueOf2, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getColumns(), JamXmlElements.COLUMN, valueOf3, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getUdfs(), "udf", Boolean.FALSE, Boolean.FALSE, hashMap);
        } else if (StringUtils.equalsIgnoreCase(type, EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_KNOX_NAME)) {
            toRangerResourceList(xXResource.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, hashMap);
            toRangerResourceList(xXResource.getServices(), TokenServiceParam.NAME, Boolean.FALSE, Boolean.FALSE, hashMap);
        } else if (StringUtils.equalsIgnoreCase(type, EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_STORM_NAME)) {
            toRangerResourceList(xXResource.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, hashMap);
        }
        List<RangerPolicy.RangerPolicyItem> policyItemListForRes = getPolicyItemListForRes(xXResource, findByName);
        rangerPolicy.setService(name);
        rangerPolicy.setName(policyName);
        rangerPolicy.setDescription(description);
        rangerPolicy.setIsAuditEnabled(bool);
        rangerPolicy.setIsEnabled(bool2);
        rangerPolicy.setResources(hashMap);
        rangerPolicy.setPolicyItems(policyItemListForRes);
        rangerPolicy.setCreateTime(xXResource.getCreateTime());
        rangerPolicy.setUpdateTime(xXResource.getUpdateTime());
        XXPortalUser byId = this.daoMgr.getXXPortalUser().getById(xXResource.getAddedByUserId());
        XXPortalUser byId2 = this.daoMgr.getXXPortalUser().getById(xXResource.getUpdatedByUserId());
        if (byId != null) {
            rangerPolicy.setCreatedBy(byId.getLoginId());
        }
        if (byId2 != null) {
            rangerPolicy.setUpdatedBy(byId2.getLoginId());
        }
        rangerPolicy.setId(xXResource.getId());
        return rangerPolicy;
    }

    private Map<String, RangerPolicy.RangerPolicyResource> toRangerResourceList(String str, String str2, Boolean bool, Boolean bool2, Map<String, RangerPolicy.RangerPolicyResource> map) {
        Map<String, RangerPolicy.RangerPolicyResource> hashMap = map == null ? new HashMap<>() : map;
        if (StringUtils.isNotBlank(str)) {
            RangerPolicy.RangerPolicyResource rangerPolicyResource = hashMap.get(str2);
            if (rangerPolicyResource == null) {
                rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
                rangerPolicyResource.setIsExcludes(bool);
                rangerPolicyResource.setIsRecursive(bool2);
                hashMap.put(str2, rangerPolicyResource);
            }
            Collections.addAll(rangerPolicyResource.getValues(), str.split(","));
        }
        return hashMap;
    }

    private List<RangerPolicy.RangerPolicyItem> getPolicyItemListForRes(XXResource xXResource, XXServiceDef xXServiceDef) {
        ArrayList arrayList = new ArrayList();
        SearchCriteria searchCriteria = new SearchCriteria();
        searchCriteria.addParam(SearchFilter.TAG_RESOURCE_ID, xXResource.getId());
        List<VXPermMap> vXPermMaps = this.xPermMapService.searchXPermMaps(searchCriteria).getVXPermMaps();
        HashMap hashMap = new HashMap();
        if (vXPermMaps != null) {
            for (VXPermMap vXPermMap : vXPermMaps) {
                String permGroup = vXPermMap.getPermGroup();
                List list = (List) hashMap.get(permGroup);
                if (list == null) {
                    list = new ArrayList();
                    hashMap.put(permGroup, list);
                }
                list.add(vXPermMap);
            }
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            ArrayList arrayList4 = new ArrayList();
            String str = null;
            RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
            for (VXPermMap vXPermMap2 : (List) entry.getValue()) {
                if (vXPermMap2.getPermFor() == 1) {
                    String userName = getUserName(vXPermMap2);
                    if (!arrayList2.contains(userName)) {
                        arrayList2.add(userName);
                    }
                } else if (vXPermMap2.getPermFor() == 2) {
                    String groupName = getGroupName(vXPermMap2);
                    if (!arrayList3.contains(groupName)) {
                        arrayList3.add(groupName);
                    }
                }
                String accessType = ServiceUtil.toAccessType(vXPermMap2.getPermType());
                if (StringUtils.isBlank(accessType) || unsupportedLegacyPermTypes.contains(accessType)) {
                    logger.info(accessType + ": is not a valid access-type, ignoring accesstype for policy: " + xXResource.getPolicyName());
                } else {
                    if (StringUtils.equalsIgnoreCase(accessType, "Admin")) {
                        rangerPolicyItem.setDelegateAdmin(Boolean.TRUE);
                        if (xXServiceDef.getId().longValue() == EmbeddedServiceDefsUtil.instance().getHBaseServiceDefId()) {
                            addAccessType(accessType, arrayList4);
                        }
                    } else {
                        addAccessType(accessType, arrayList4);
                    }
                    str = vXPermMap2.getIpAddress();
                }
            }
            if (CollectionUtils.isEmpty(arrayList4)) {
                logger.info("no access specified. ignoring policyItem for policy: " + xXResource.getPolicyName());
            } else if (CollectionUtils.isEmpty(arrayList2) && CollectionUtils.isEmpty(arrayList3)) {
                logger.info("no user or group specified. ignoring policyItem for policy: " + xXResource.getPolicyName());
            } else {
                rangerPolicyItem.setUsers(arrayList2);
                rangerPolicyItem.setGroups(arrayList3);
                rangerPolicyItem.setAccesses(arrayList4);
                if (str != null && !str.isEmpty() && this.daoMgr.getXXPolicyConditionDef().findByServiceDefIdAndName(xXServiceDef.getId(), "ip-range") != null) {
                    rangerPolicyItem.getConditions().add(new RangerPolicy.RangerPolicyItemCondition("ip-range", Collections.singletonList(str)));
                }
                arrayList.add(rangerPolicyItem);
            }
        }
        return arrayList;
    }

    private void addAccessType(String str, List<RangerPolicy.RangerPolicyItemAccess> list) {
        boolean z = false;
        Iterator<RangerPolicy.RangerPolicyItemAccess> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (StringUtils.equalsIgnoreCase(str, it.next().getType())) {
                z = true;
                break;
            }
        }
        if (z) {
            return;
        }
        list.add(new RangerPolicy.RangerPolicyItemAccess(str));
    }

    private void updateSequences() {
        this.daoMgr.getXXServiceDef().updateSequence();
        this.daoMgr.getXXService().updateSequence();
        this.daoMgr.getXXPolicy().updateSequence();
    }

    private String getUserName(VXPermMap vXPermMap) {
        Long userId;
        XXUser byId;
        String userName = vXPermMap.getUserName();
        if ((userName == null || userName.isEmpty()) && (userId = vXPermMap.getUserId()) != null && (byId = this.daoMgr.getXXUser().getById(userId)) != null) {
            userName = byId.getName();
        }
        return userName;
    }

    private String getGroupName(VXPermMap vXPermMap) {
        Long groupId;
        XXGroup byId;
        String groupName = vXPermMap.getGroupName();
        if ((groupName == null || groupName.isEmpty()) && (groupId = vXPermMap.getGroupId()) != null && (byId = this.daoMgr.getXXGroup().getById(groupId)) != null) {
            groupName = byId.getName();
        }
        return groupName;
    }

    static {
        unsupportedLegacyPermTypes.add(ResultSetType.Unknown);
        unsupportedLegacyPermTypes.add("Reset");
        unsupportedLegacyPermTypes.add("Obfuscate");
        unsupportedLegacyPermTypes.add("Mask");
    }
}
