package org.apache.ranger.biz;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.db.XXPolicyRefAccessTypeDao;
import org.apache.ranger.db.XXPolicyRefConditionDao;
import org.apache.ranger.db.XXPolicyRefDataMaskTypeDao;
import org.apache.ranger.db.XXPolicyRefGroupDao;
import org.apache.ranger.db.XXPolicyRefResourceDao;
import org.apache.ranger.db.XXPolicyRefUserDao;
import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXDataMaskTypeDef;
import org.apache.ranger.entity.XXGroup;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPolicyConditionDef;
import org.apache.ranger.entity.XXPolicyRefAccessType;
import org.apache.ranger.entity.XXPolicyRefCondition;
import org.apache.ranger.entity.XXPolicyRefDataMaskType;
import org.apache.ranger.entity.XXPolicyRefGroup;
import org.apache.ranger.entity.XXPolicyRefResource;
import org.apache.ranger.entity.XXPolicyRefUser;
import org.apache.ranger.entity.XXResourceDef;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.service.RangerAuditFields;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/PolicyRefUpdater.class */
public class PolicyRefUpdater {

    @Autowired
    RangerDaoManager daoMgr;

    @Autowired
    RangerAuditFields<?> rangerAuditFields;

    public void createNewPolMappingForRefTable(RangerPolicy rangerPolicy, XXPolicy xXPolicy, XXServiceDef xXServiceDef) throws Exception {
        if (rangerPolicy == null) {
            return;
        }
        cleanupRefTables(rangerPolicy);
        Set<String> keySet = rangerPolicy.getResources().keySet();
        HashSet<String> hashSet = new HashSet();
        HashSet<String> hashSet2 = new HashSet();
        HashSet<String> hashSet3 = new HashSet();
        HashSet<String> hashSet4 = new HashSet();
        HashSet<String> hashSet5 = new HashSet();
        for (List<? extends RangerPolicy.RangerPolicyItem> list : getAllPolicyItems(rangerPolicy)) {
            if (!CollectionUtils.isEmpty(list)) {
                for (RangerPolicy.RangerPolicyItem rangerPolicyItem : list) {
                    hashSet.addAll(rangerPolicyItem.getGroups());
                    hashSet2.addAll(rangerPolicyItem.getUsers());
                    if (CollectionUtils.isNotEmpty(rangerPolicyItem.getAccesses())) {
                        Iterator<RangerPolicy.RangerPolicyItemAccess> it = rangerPolicyItem.getAccesses().iterator();
                        while (it.hasNext()) {
                            hashSet3.add(it.next().getType());
                        }
                    }
                    if (CollectionUtils.isNotEmpty(rangerPolicyItem.getConditions())) {
                        Iterator<RangerPolicy.RangerPolicyItemCondition> it2 = rangerPolicyItem.getConditions().iterator();
                        while (it2.hasNext()) {
                            hashSet4.add(it2.next().getType());
                        }
                    }
                    if (rangerPolicyItem instanceof RangerPolicy.RangerDataMaskPolicyItem) {
                        hashSet5.add(((RangerPolicy.RangerDataMaskPolicyItem) rangerPolicyItem).getDataMaskInfo().getDataMaskType());
                    }
                }
            }
        }
        for (String str : keySet) {
            XXResourceDef findByNameAndPolicyId = this.daoMgr.getXXResourceDef().findByNameAndPolicyId(str, rangerPolicy.getId());
            if (findByNameAndPolicyId == null) {
                throw new Exception(str + ": is not a valid resource-type. policy='" + rangerPolicy.getName() + "' service='" + rangerPolicy.getService() + Expression.QUOTE);
            }
            XXPolicyRefResource xXPolicyRefResource = (XXPolicyRefResource) this.rangerAuditFields.populateAuditFields(new XXPolicyRefResource(), xXPolicy);
            xXPolicyRefResource.setPolicyId(rangerPolicy.getId());
            xXPolicyRefResource.setResourceDefId(findByNameAndPolicyId.getId());
            xXPolicyRefResource.setResourceName(str);
            this.daoMgr.getXXPolicyRefResource().create(xXPolicyRefResource);
        }
        for (String str2 : hashSet) {
            if (!StringUtils.isBlank(str2)) {
                XXGroup findByGroupName = this.daoMgr.getXXGroup().findByGroupName(str2);
                if (findByGroupName == null) {
                    throw new Exception(str2 + ": group does not exist. policy='" + rangerPolicy.getName() + "' service='" + rangerPolicy.getService() + "' group='" + str2 + Expression.QUOTE);
                }
                XXPolicyRefGroup xXPolicyRefGroup = (XXPolicyRefGroup) this.rangerAuditFields.populateAuditFields(new XXPolicyRefGroup(), xXPolicy);
                xXPolicyRefGroup.setPolicyId(rangerPolicy.getId());
                xXPolicyRefGroup.setGroupId(findByGroupName.getId());
                xXPolicyRefGroup.setGroupName(str2);
                this.daoMgr.getXXPolicyRefGroup().create(xXPolicyRefGroup);
            }
        }
        for (String str3 : hashSet2) {
            if (!StringUtils.isBlank(str3)) {
                XXUser findByUserName = this.daoMgr.getXXUser().findByUserName(str3);
                if (findByUserName == null) {
                    throw new Exception(str3 + ": user does not exist. policy='" + rangerPolicy.getName() + "' service='" + rangerPolicy.getService() + "' user='" + str3 + Expression.QUOTE);
                }
                XXPolicyRefUser xXPolicyRefUser = (XXPolicyRefUser) this.rangerAuditFields.populateAuditFields(new XXPolicyRefUser(), xXPolicy);
                xXPolicyRefUser.setPolicyId(rangerPolicy.getId());
                xXPolicyRefUser.setUserId(findByUserName.getId());
                xXPolicyRefUser.setUserName(str3);
                this.daoMgr.getXXPolicyRefUser().create(xXPolicyRefUser);
            }
        }
        for (String str4 : hashSet3) {
            XXAccessTypeDef findByNameAndServiceId = this.daoMgr.getXXAccessTypeDef().findByNameAndServiceId(str4, xXPolicy.getService());
            if (findByNameAndServiceId == null) {
                throw new Exception(str4 + ": is not a valid access-type. policy='" + rangerPolicy.getName() + "' service='" + rangerPolicy.getService() + Expression.QUOTE);
            }
            XXPolicyRefAccessType xXPolicyRefAccessType = (XXPolicyRefAccessType) this.rangerAuditFields.populateAuditFields(new XXPolicyRefAccessType(), xXPolicy);
            xXPolicyRefAccessType.setPolicyId(rangerPolicy.getId());
            xXPolicyRefAccessType.setAccessDefId(findByNameAndServiceId.getId());
            xXPolicyRefAccessType.setAccessTypeName(str4);
            this.daoMgr.getXXPolicyRefAccessType().create(xXPolicyRefAccessType);
        }
        for (String str5 : hashSet4) {
            XXPolicyConditionDef findByServiceDefIdAndName = this.daoMgr.getXXPolicyConditionDef().findByServiceDefIdAndName(xXServiceDef.getId(), str5);
            if (findByServiceDefIdAndName == null) {
                throw new Exception(str5 + ": is not a valid condition-type. policy='" + xXPolicy.getName() + "' service='" + xXPolicy.getService() + Expression.QUOTE);
            }
            XXPolicyRefCondition xXPolicyRefCondition = (XXPolicyRefCondition) this.rangerAuditFields.populateAuditFields(new XXPolicyRefCondition(), xXPolicy);
            xXPolicyRefCondition.setPolicyId(rangerPolicy.getId());
            xXPolicyRefCondition.setConditionDefId(findByServiceDefIdAndName.getId());
            xXPolicyRefCondition.setConditionName(str5);
            this.daoMgr.getXXPolicyRefCondition().create(xXPolicyRefCondition);
        }
        for (String str6 : hashSet5) {
            XXDataMaskTypeDef findByNameAndServiceId2 = this.daoMgr.getXXDataMaskTypeDef().findByNameAndServiceId(str6, xXPolicy.getService());
            if (findByNameAndServiceId2 == null) {
                throw new Exception(str6 + ": is not a valid datamask-type. policy='" + rangerPolicy.getName() + "' service='" + rangerPolicy.getService() + Expression.QUOTE);
            }
            XXPolicyRefDataMaskType xXPolicyRefDataMaskType = new XXPolicyRefDataMaskType();
            xXPolicyRefDataMaskType.setPolicyId(rangerPolicy.getId());
            xXPolicyRefDataMaskType.setDataMaskDefId(findByNameAndServiceId2.getId());
            xXPolicyRefDataMaskType.setDataMaskTypeName(str6);
            this.daoMgr.getXXPolicyRefDataMaskType().create(xXPolicyRefDataMaskType);
        }
    }

    public Boolean cleanupRefTables(RangerPolicy rangerPolicy) {
        Long id = rangerPolicy == null ? null : rangerPolicy.getId();
        if (id == null) {
            return false;
        }
        XXPolicyRefResourceDao xXPolicyRefResource = this.daoMgr.getXXPolicyRefResource();
        XXPolicyRefGroupDao xXPolicyRefGroup = this.daoMgr.getXXPolicyRefGroup();
        XXPolicyRefUserDao xXPolicyRefUser = this.daoMgr.getXXPolicyRefUser();
        XXPolicyRefAccessTypeDao xXPolicyRefAccessType = this.daoMgr.getXXPolicyRefAccessType();
        XXPolicyRefConditionDao xXPolicyRefCondition = this.daoMgr.getXXPolicyRefCondition();
        XXPolicyRefDataMaskTypeDao xXPolicyRefDataMaskType = this.daoMgr.getXXPolicyRefDataMaskType();
        Iterator<XXPolicyRefResource> it = xXPolicyRefResource.findByPolicyId(id).iterator();
        while (it.hasNext()) {
            xXPolicyRefResource.remove((XXPolicyRefResourceDao) it.next());
        }
        Iterator<XXPolicyRefGroup> it2 = xXPolicyRefGroup.findByPolicyId(id).iterator();
        while (it2.hasNext()) {
            xXPolicyRefGroup.remove((XXPolicyRefGroupDao) it2.next());
        }
        Iterator<XXPolicyRefUser> it3 = xXPolicyRefUser.findByPolicyId(id).iterator();
        while (it3.hasNext()) {
            xXPolicyRefUser.remove((XXPolicyRefUserDao) it3.next());
        }
        Iterator<XXPolicyRefAccessType> it4 = xXPolicyRefAccessType.findByPolicyId(id).iterator();
        while (it4.hasNext()) {
            xXPolicyRefAccessType.remove((XXPolicyRefAccessTypeDao) it4.next());
        }
        Iterator<XXPolicyRefCondition> it5 = xXPolicyRefCondition.findByPolicyId(id).iterator();
        while (it5.hasNext()) {
            xXPolicyRefCondition.remove((XXPolicyRefConditionDao) it5.next());
        }
        Iterator<XXPolicyRefDataMaskType> it6 = xXPolicyRefDataMaskType.findByPolicyId(id).iterator();
        while (it6.hasNext()) {
            xXPolicyRefDataMaskType.remove((XXPolicyRefDataMaskTypeDao) it6.next());
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<List<? extends RangerPolicy.RangerPolicyItem>> getAllPolicyItems(RangerPolicy rangerPolicy) {
        ArrayList arrayList = new ArrayList();
        if (CollectionUtils.isNotEmpty(rangerPolicy.getPolicyItems())) {
            arrayList.add(rangerPolicy.getPolicyItems());
        }
        if (CollectionUtils.isNotEmpty(rangerPolicy.getDenyPolicyItems())) {
            arrayList.add(rangerPolicy.getDenyPolicyItems());
        }
        if (CollectionUtils.isNotEmpty(rangerPolicy.getAllowExceptions())) {
            arrayList.add(rangerPolicy.getAllowExceptions());
        }
        if (CollectionUtils.isNotEmpty(rangerPolicy.getDenyExceptions())) {
            arrayList.add(rangerPolicy.getDenyExceptions());
        }
        if (CollectionUtils.isNotEmpty(rangerPolicy.getDataMaskPolicyItems())) {
            arrayList.add(rangerPolicy.getDataMaskPolicyItems());
        }
        if (CollectionUtils.isNotEmpty(rangerPolicy.getRowFilterPolicyItems())) {
            arrayList.add(rangerPolicy.getRowFilterPolicyItems());
        }
        return arrayList;
    }
}
