package org.apache.ranger.biz;

import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.io.IOCase;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.GUIDUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.UserSessionBase;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXDBBase;
import org.apache.ranger.entity.XXGroup;
import org.apache.ranger.entity.XXPermMap;
import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.entity.XXResource;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.RangerBaseModelObject;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.view.VXPortalUser;
import org.apache.ranger.view.VXResource;
import org.apache.ranger.view.VXResponse;
import org.apache.ranger.view.VXString;
import org.apache.ranger.view.VXStringList;
import org.apache.ranger.view.VXUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/RangerBizUtil.class */
public class RangerBizUtil {

    @Autowired
    RESTErrorUtil restErrorUtil;

    @Autowired
    RangerDaoManager daoManager;

    @Autowired
    StringUtil stringUtil;

    @Autowired
    UserMgr userMgr;

    @Autowired
    GUIDUtil guidUtil;
    int maxDisplayNameLength;
    private SecureRandom random;
    public static final String AUDIT_STORE_RDBMS = "DB";
    public static final String AUDIT_STORE_SOLR = "solr";
    String auditDBType;
    private static final Logger logger = Logger.getLogger(RangerBizUtil.class);
    private static final String PATH_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst0123456789-_.";
    private static char[] PATH_CHAR_SET = PATH_CHARS.toCharArray();
    private static int PATH_CHAR_SET_LEN = PATH_CHAR_SET.length;
    static String fileSeparator = PropertiesUtil.getProperty("ranger.file.separator", "/");
    private Class<?>[] groupEditableClassesList = new Class[0];
    public final String EMPTY_CONTENT_DISPLAY_NAME = "...";
    private int maxFirstNameLength = Integer.parseInt(PropertiesUtil.getProperty("ranger.user.firstname.maxlength", "16"));
    Set<Class<?>> groupEditableClasses = new HashSet(Arrays.asList(this.groupEditableClassesList));
    boolean enableResourceAccessControl = PropertiesUtil.getBooleanProperty("ranger.resource.accessControl.enabled", true);

    public RangerBizUtil() {
        this.maxDisplayNameLength = 150;
        this.auditDBType = AUDIT_STORE_RDBMS;
        this.maxDisplayNameLength = PropertiesUtil.getIntProperty("ranger.bookmark.name.maxlen", this.maxDisplayNameLength).intValue();
        this.auditDBType = PropertiesUtil.getProperty("ranger.audit.source.type", this.auditDBType).toLowerCase();
        logger.info("java.library.path is " + System.getProperty("java.library.path"));
        logger.info("Audit datasource is " + this.auditDBType);
        this.random = new SecureRandom();
    }

    public void checkSystemAdminAccess() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null || !currentUserSession.isUserAdmin()) {
            throw this.restErrorUtil.create403RESTException("Only System Administrators can add accounts");
        }
    }

    public String generatePublicName(VXPortalUser vXPortalUser, XXPortalUser xXPortalUser) {
        return generatePublicName(vXPortalUser.getFirstName(), vXPortalUser.getLastName());
    }

    public String generatePublicName(String str, String str2) {
        String str3 = null;
        String str4 = str;
        if (str.length() > this.maxFirstNameLength) {
            str4 = str.substring(0, this.maxFirstNameLength - 4) + "...";
        }
        if (str2 != null && str2.length() > 0) {
            str3 = str4 + " " + str2.substring(0, 1) + ".";
        }
        return str3;
    }

    public VXStringList mapStringListToVStringList(List<String> list) {
        if (list == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            VXString vXString = new VXString();
            vXString.setValue(str);
            arrayList.add(vXString);
        }
        return new VXStringList(arrayList);
    }

    public VXResponse hasPermission(VXResource vXResource, int i) {
        VXResponse vXResponse = new VXResponse();
        if (!this.enableResourceAccessControl) {
            logger.debug("Resource Access Control is disabled !!!");
            return vXResponse;
        }
        if (vXResource == null) {
            vXResponse.setStatusCode(1);
            vXResponse.setMsgDesc("Please provide valid policy.");
            return vXResponse;
        }
        String name = vXResource.getName();
        if (this.stringUtil.isEmpty(name)) {
            vXResponse.setStatusCode(1);
            vXResponse.setMsgDesc("Please provide valid policy.");
            return vXResponse;
        }
        if (isAdmin()) {
            return vXResponse;
        }
        Long xUserId = getXUserId();
        Long assetId = vXResource.getAssetId();
        List<XXResource> findByAssetIdAndResourceStatus = this.daoManager.getXXResource().findByAssetIdAndResourceStatus(assetId, 1);
        int assetType = this.daoManager.getXXAsset().getById(assetId).getAssetType();
        vXResponse.setStatusCode(1);
        vXResponse.setMsgDesc("Permission Denied !");
        if (assetType == 3) {
            String[] split = name.split(",");
            if (this.stringUtil.isEmpty(vXResource.getUdfs())) {
                int tableType = vXResource.getTableType();
                int columnType = vXResource.getColumnType();
                for (String str : split) {
                    if (!matchHivePolicy(str, findByAssetIdAndResourceStatus, xUserId, i, tableType, columnType, false)) {
                        vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str);
                        vXResponse.setStatusCode(1);
                        return vXResponse;
                    }
                }
            } else {
                for (String str2 : split) {
                    if (!matchHivePolicy(str2, findByAssetIdAndResourceStatus, xUserId, i)) {
                        vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str2);
                        vXResponse.setStatusCode(1);
                        return vXResponse;
                    }
                }
            }
            vXResponse.setStatusCode(0);
            return vXResponse;
        }
        if (assetType == 2) {
            for (String str3 : name.split(",")) {
                if (!matchHbasePolicy(str3, findByAssetIdAndResourceStatus, vXResponse, xUserId, i)) {
                    vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str3);
                    vXResponse.setStatusCode(1);
                    return vXResponse;
                }
            }
            vXResponse.setStatusCode(0);
            return vXResponse;
        }
        if (assetType == 1) {
            for (String str4 : name.split(",")) {
                if (!matchHdfsPolicy(str4, findByAssetIdAndResourceStatus, xUserId, i)) {
                    vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str4);
                    vXResponse.setStatusCode(1);
                    return vXResponse;
                }
            }
            vXResponse.setStatusCode(0);
            return vXResponse;
        }
        if (assetType == 5) {
            for (String str5 : name.split(",")) {
                if (!matchKnoxPolicy(str5, findByAssetIdAndResourceStatus, xUserId, i)) {
                    vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str5);
                    vXResponse.setStatusCode(1);
                    return vXResponse;
                }
            }
            vXResponse.setStatusCode(0);
            return vXResponse;
        }
        if (assetType != 6) {
            return vXResponse;
        }
        for (String str6 : name.split(",")) {
            if (!matchStormPolicy(str6, findByAssetIdAndResourceStatus, xUserId, i)) {
                vXResponse.setMsgDesc("You're not permitted to perform the action for resource path : " + str6);
                vXResponse.setStatusCode(1);
                return vXResponse;
            }
        }
        vXResponse.setStatusCode(0);
        return vXResponse;
    }

    public boolean isAdmin() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            return currentUserSession.isUserAdmin();
        }
        logger.debug("Unable to find session.");
        return false;
    }

    public boolean isAuditAdmin() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            return currentUserSession.isAuditUserAdmin();
        }
        logger.debug("Unable to find session.");
        return false;
    }

    public String getCurrentUserLoginId() {
        String str = null;
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            str = currentUserSession.getLoginId();
        }
        return str;
    }

    public Long getXUserId() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            logger.debug("Unable to find session.");
            return null;
        }
        XXPortalUser byId = this.daoManager.getXXPortalUser().getById(currentUserSession.getUserId());
        if (byId == null) {
            logger.debug("XXPortalUser not found with logged in user id : " + currentUserSession.getUserId());
            return null;
        }
        XXUser findByUserName = this.daoManager.getXXUser().findByUserName(byId.getLoginId());
        if (findByUserName != null) {
            return findByUserName.getId();
        }
        logger.debug("XXPortalUser not found for user id :" + byId.getId() + " with name " + byId.getFirstName());
        return null;
    }

    private boolean matchHdfsPolicy(String str, List<XXResource> list, Long l, int i) {
        boolean z = false;
        String replaceMetaChars = replaceMetaChars(str);
        for (XXResource xXResource : list) {
            if (xXResource.getResourceStatus() == 1) {
                z = checkUsrPermForPolicy(l, i, xXResource.getId());
                if (z) {
                    z = false;
                    for (String str2 : xXResource.getName().split(",")) {
                        z = comparePathsForExactMatch(replaceMetaChars, str2) ? true : xXResource.getIsRecursive() == 1 ? isRecursiveWildCardMatch(replaceMetaChars, str2) : nonRecursiveWildCardMatch(replaceMetaChars, str2);
                        if (z) {
                            break;
                        }
                    }
                    if (z) {
                        break;
                    }
                } else {
                    continue;
                }
            }
        }
        return z;
    }

    public boolean matchHbasePolicy(String str, List<XXResource> list, VXResponse vXResponse, Long l, int i) {
        if (this.stringUtil.isEmpty(str) || list == null || l == null) {
            return false;
        }
        String[] split = this.stringUtil.split(str, fileSeparator);
        if (split.length < 1 || split.length > 3) {
            logger.debug("Invalid resourceName name : " + str);
            return false;
        }
        String str2 = split.length > 0 ? split[0] : "*";
        String str3 = split.length > 1 ? split[1] : "*";
        String str4 = split.length > 2 ? split[2] : "*";
        boolean z = false;
        Iterator<XXResource> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XXResource next = it.next();
            if (next.getResourceStatus() == 1 && checkUsrPermForPolicy(l, i, next.getId())) {
                String[] split2 = this.stringUtil.isEmpty(next.getTables()) ? null : this.stringUtil.split(next.getTables(), ",");
                boolean z2 = split2 == null || split2.length == 0 || matchPath(str2, split2);
                if (z2) {
                    String[] split3 = this.stringUtil.isEmpty(next.getColumnFamilies()) ? null : this.stringUtil.split(next.getColumnFamilies(), ",");
                    z2 = split3 == null || split3.length == 0 || matchPath(str3, split3);
                    if (z2) {
                        String[] split4 = this.stringUtil.isEmpty(next.getColumns()) ? null : this.stringUtil.split(next.getColumns(), ",");
                        z2 = split4 == null || split4.length == 0 || matchPath(str4, split4);
                    }
                }
                if (z2) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    public boolean matchHivePolicy(String str, List<XXResource> list, Long l, int i) {
        return matchHivePolicy(str, list, l, i, 0, 0, true);
    }

    public boolean matchHivePolicy(String str, List<XXResource> list, Long l, int i, int i2, int i3, boolean z) {
        if (this.stringUtil.isEmpty(str) || list == null || l == null) {
            return false;
        }
        String[] split = this.stringUtil.split(str, fileSeparator);
        if (split.length < 1 || split.length > 3) {
            logger.debug("Invalid resource name : " + str);
            return false;
        }
        String str2 = split.length > 0 ? split[0] : "*";
        String str3 = split.length > 1 ? split[1] : "*";
        String str4 = split.length > 2 ? split[2] : "*";
        boolean z2 = false;
        Iterator<XXResource> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XXResource next = it.next();
            if (next.getResourceStatus() == 1 && checkUsrPermForPolicy(l, i, next.getId())) {
                String[] split2 = this.stringUtil.isEmpty(next.getDatabases()) ? null : this.stringUtil.split(next.getDatabases(), ",");
                if ((split2 == null || split2.length == 0 || matchPath(str2, split2)) && (this.stringUtil.isEmpty(next.getUdfs()) || z)) {
                    if (z) {
                        if (matchPath(str3, this.stringUtil.isEmpty(next.getUdfs()) ? null : this.stringUtil.split(next.getUdfs(), ","))) {
                            z2 = true;
                            break;
                        }
                    } else {
                        String[] split3 = this.stringUtil.isEmpty(next.getTables()) ? null : this.stringUtil.split(next.getTables(), ",");
                        boolean z3 = split3 == null || split3.length == 0 || matchPath(str3, split3);
                        if (next.getTableType() == 1) {
                            z3 = !z3;
                        }
                        if (z3) {
                            String[] split4 = this.stringUtil.isEmpty(next.getColumns()) ? null : this.stringUtil.split(next.getColumns(), ",");
                            boolean z4 = split4 == null || split4.length == 0 || matchPath(str4, split4);
                            if (next.getColumnType() == 1) {
                                z4 = !z4;
                            }
                            if (z4) {
                                z2 = true;
                                break;
                            }
                        } else {
                            continue;
                        }
                    }
                }
            }
        }
        return z2;
    }

    private boolean matchKnoxPolicy(String str, List<XXResource> list, Long l, int i) {
        String[] split = this.stringUtil.split(str, fileSeparator);
        int length = split.length;
        if (length < 1 || length > 3) {
            logger.debug("Invalid policy name : " + str);
            return false;
        }
        boolean z = false;
        Iterator<XXResource> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XXResource next = it.next();
            if (next.getResourceStatus() == 1 && checkUsrPermForPolicy(l, i, next.getId())) {
                String[] split2 = (next.getTopologies() == null || "".equalsIgnoreCase(next.getTopologies())) ? null : this.stringUtil.split(next.getTopologies(), ",");
                String[] split3 = (next.getServices() == null || "".equalsIgnoreCase(next.getServices())) ? null : this.stringUtil.split(next.getServices(), ",");
                boolean z2 = false;
                for (int i2 = 0; i2 < length; i2++) {
                    z2 = false;
                    if (i2 == 0) {
                        if (split2 != null) {
                            for (String str2 : split2) {
                                if (matchPath(split[i2], str2)) {
                                    z2 = true;
                                }
                            }
                        }
                        if (!z2) {
                            break;
                        }
                    } else {
                        if (i2 == 1) {
                            if (split3 != null) {
                                for (String str3 : split3) {
                                    if (matchPath(split[i2], str3)) {
                                        z2 = true;
                                    }
                                }
                            }
                            if (!z2) {
                                break;
                            }
                        } else {
                            continue;
                        }
                    }
                }
                if (z2) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    private boolean matchStormPolicy(String str, List<XXResource> list, Long l, int i) {
        String[] split = this.stringUtil.split(str, fileSeparator);
        int length = split.length;
        if (length < 1 || length > 3) {
            logger.debug("Invalid policy name : " + str);
            return false;
        }
        boolean z = false;
        Iterator<XXResource> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XXResource next = it.next();
            if (next.getResourceStatus() == 1 && checkUsrPermForPolicy(l, i, next.getId())) {
                String[] split2 = (next.getTopologies() == null || "".equalsIgnoreCase(next.getTopologies())) ? null : this.stringUtil.split(next.getTopologies(), ",");
                boolean z2 = false;
                for (int i2 = 0; i2 < length; i2++) {
                    z2 = false;
                    if (i2 == 0 && split2 != null) {
                        for (String str2 : split2) {
                            if (matchPath(split[i2], str2)) {
                                z2 = true;
                            }
                        }
                    }
                }
                if (z2) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    public String replaceMetaChars(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        if (str.contains("*")) {
            str = str.replaceAll("\\*", getRandomString(5, 60));
        }
        if (str.contains("?")) {
            str = str.replaceAll("\\?", getRandomString(1, 1));
        }
        return str;
    }

    private String getRandomString(int i, int i2) {
        StringBuilder sb = new StringBuilder();
        int randomInt = getRandomInt(i, i2);
        for (int i3 = 0; i3 < randomInt; i3++) {
            sb.append(PATH_CHAR_SET[this.random.nextInt(PATH_CHAR_SET_LEN)]);
        }
        return sb.toString();
    }

    private int getRandomInt(int i, int i2) {
        if (i == i2) {
            return i;
        }
        int i3 = i2 - i;
        int nextInt = this.random.nextInt();
        if (nextInt < 0) {
            nextInt = Math.abs(nextInt);
        }
        return (nextInt % i3) + i;
    }

    private boolean checkUsrPermForPolicy(Long l, int i, Long l2) {
        new ArrayList();
        new ArrayList();
        List<XXGroup> findByUserId = this.daoManager.getXXGroup().findByUserId(l);
        List<XXPermMap> findByResourceId = this.daoManager.getXXPermMap().findByResourceId(l2);
        Long publicGroupId = getPublicGroupId();
        boolean z = false;
        for (XXPermMap xXPermMap : findByResourceId) {
            if (xXPermMap.getPermType() == i) {
                if (xXPermMap.getPermFor() == 2) {
                    z = (publicGroupId != null && publicGroupId == xXPermMap.getGroupId()) || isGroupInList(xXPermMap.getGroupId(), findByUserId);
                } else if (xXPermMap.getPermFor() == 1) {
                    z = xXPermMap.getUserId().equals(l);
                }
            }
            if (z) {
                break;
            }
        }
        return z;
    }

    public Long getPublicGroupId() {
        XXGroup findByGroupName = this.daoManager.getXXGroup().findByGroupName("public");
        if (findByGroupName != null) {
            return findByGroupName.getId();
        }
        return null;
    }

    public boolean isGroupInList(Long l, List<XXGroup> list) {
        Iterator<XXGroup> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().getId().equals(l)) {
                return true;
            }
        }
        return false;
    }

    public boolean isRecursiveWildCardMatch(String str, String str2) {
        if (str == null) {
            return false;
        }
        if (str2 != null && str2.equals(fileSeparator)) {
            return true;
        }
        StringBuilder sb = new StringBuilder();
        for (String str3 : str.split(fileSeparator)) {
            sb.append(str3);
            if (FilenameUtils.wildcardMatch(sb.toString(), str2)) {
                return true;
            }
            sb.append(fileSeparator);
        }
        return false;
    }

    public List<Integer> getResorceTypeParentHirearchy(int i, int i2) {
        ArrayList arrayList = new ArrayList();
        if (i2 == 1) {
            arrayList.add(1);
        } else if (i2 == 3) {
            arrayList.add(2);
            if (i == 3) {
                arrayList.add(3);
            } else if (i == 7) {
                arrayList.add(7);
            } else if (i == 5) {
                arrayList.add(3);
                arrayList.add(5);
            }
        } else if (i2 == 2) {
            arrayList.add(3);
            if (i == 4) {
                arrayList.add(4);
            } else if (i == 5) {
                arrayList.add(4);
                arrayList.add(5);
            }
        }
        return arrayList;
    }

    public boolean comparePathsForExactMatch(String str, String str2) {
        String str3 = fileSeparator;
        if (!str.endsWith(str3)) {
            str = str.concat(str3);
        }
        if (!str2.endsWith(str3)) {
            str2 = str2.concat(str3);
        }
        return str.equalsIgnoreCase(str2);
    }

    public boolean nonRecursiveWildCardMatch(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        Collections.addAll(arrayList, str.split(fileSeparator));
        Collections.addAll(arrayList2, str2.split(fileSeparator));
        if (arrayList.size() != arrayList2.size()) {
            return false;
        }
        boolean z = false;
        for (int i = 0; i < arrayList.size(); i++) {
            z = matchPath((String) arrayList.get(i), (String) arrayList2.get(i));
            if (!z) {
                return z;
            }
        }
        return z;
    }

    private boolean matchPath(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        if (!str.contains("*") && !str.contains("?")) {
            return (str2.contains("*") || str2.contains("?")) ? FilenameUtils.wildcardMatch(str, str2, IOCase.SENSITIVE) : str.trim().equals(str2.trim());
        }
        String replaceMetaChars = replaceMetaChars(str);
        if (str2.contains("*") || str2.contains("?")) {
            return FilenameUtils.wildcardMatch(replaceMetaChars, str2, IOCase.SENSITIVE);
        }
        return false;
    }

    private boolean matchPath(String str, String[] strArr) {
        if (str == null || strArr == null) {
            return false;
        }
        for (String str2 : strArr) {
            if (matchPath(str, str2)) {
                return true;
            }
        }
        return false;
    }

    public static boolean areAllEqual(int i, int... iArr) {
        for (int i2 : iArr) {
            if (i2 != i) {
                return false;
            }
        }
        return true;
    }

    public void createTrxLog(List<XXTrxLog> list) {
        if (list == null) {
            return;
        }
        Long sessionId = ContextUtil.getCurrentUserSession() != null ? ContextUtil.getCurrentUserSession().getSessionId() : null;
        if (this.guidUtil != null) {
            Long valueOf = Long.valueOf(this.guidUtil.genLong());
            for (XXTrxLog xXTrxLog : list) {
                if (xXTrxLog != null) {
                    if ("Password".equalsIgnoreCase(StringUtil.trim(xXTrxLog.getAttributeName()))) {
                        if (xXTrxLog.getPreviousValue() != null && !xXTrxLog.getPreviousValue().trim().isEmpty() && !"null".equalsIgnoreCase(xXTrxLog.getPreviousValue().trim())) {
                            xXTrxLog.setPreviousValue("*****");
                        }
                        if (xXTrxLog.getNewValue() != null && !xXTrxLog.getNewValue().trim().isEmpty() && !"null".equalsIgnoreCase(xXTrxLog.getNewValue().trim())) {
                            xXTrxLog.setNewValue("*****");
                        }
                    }
                    xXTrxLog.setTransactionId(valueOf.toString());
                    if (sessionId != null) {
                        xXTrxLog.setSessionId("" + sessionId);
                    }
                    xXTrxLog.setSessionType("Spring Authenticated Session");
                    xXTrxLog.setRequestId(valueOf.toString());
                    this.daoManager.getXXTrxLog().create(xXTrxLog);
                }
            }
        }
    }

    public void createTrxLog(List<XXTrxLog> list, boolean z) {
        if (list == null) {
            return;
        }
        Long sessionId = ContextUtil.getCurrentUserSession() != null ? ContextUtil.getCurrentUserSession().getSessionId() : null;
        if (this.guidUtil != null) {
            Long valueOf = Long.valueOf(this.guidUtil.genLong());
            for (XXTrxLog xXTrxLog : list) {
                if (xXTrxLog != null) {
                    if ("Password".equalsIgnoreCase(StringUtil.trim(xXTrxLog.getAttributeName()))) {
                        if (xXTrxLog.getPreviousValue() != null && !xXTrxLog.getPreviousValue().trim().isEmpty() && !"null".equalsIgnoreCase(xXTrxLog.getPreviousValue().trim())) {
                            xXTrxLog.setPreviousValue("*****");
                        }
                        if (xXTrxLog.getNewValue() != null && !xXTrxLog.getNewValue().trim().isEmpty() && !"null".equalsIgnoreCase(xXTrxLog.getNewValue().trim())) {
                            xXTrxLog.setNewValue("*****");
                        }
                    }
                    xXTrxLog.setTransactionId(valueOf.toString());
                    if (sessionId != null) {
                        xXTrxLog.setSessionId("" + sessionId);
                    }
                    xXTrxLog.setSessionType("Spring Authenticated Session");
                    xXTrxLog.setRequestId(valueOf.toString());
                    this.daoManager.getXXTrxLog().create(xXTrxLog, z);
                }
            }
        }
    }

    public static int getDBFlavor() {
        for (String str : new String[]{"xa.db.flavor", "ranger.jpa.jdbc.dialect", "ranger.jpa.jdbc.url", "ranger.jpa.jdbc.driver"}) {
            String property = PropertiesUtil.getProperty(str);
            if (!StringUtils.isBlank(property)) {
                if (StringUtils.containsIgnoreCase(property, "mysql")) {
                    return 1;
                }
                if (StringUtils.containsIgnoreCase(property, "oracle")) {
                    return 2;
                }
                if (StringUtils.containsIgnoreCase(property, "postgresql")) {
                    return 3;
                }
                if (StringUtils.containsIgnoreCase(property, "sqlserver") || StringUtils.containsIgnoreCase(property, "mssql")) {
                    return 4;
                }
                if (StringUtils.containsIgnoreCase(property, "sqlanywhere") || StringUtils.containsIgnoreCase(property, "sqla")) {
                    return 5;
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("DB Flavor could not be determined from property - " + str + "=" + property);
                }
            }
        }
        logger.error("DB Flavor could not be determined");
        return 0;
    }

    public String getDBVersion() {
        return this.daoManager.getXXUser().getDBVersion();
    }

    public String getAuditDBType() {
        return this.auditDBType;
    }

    public void setAuditDBType(String str) {
        this.auditDBType = str;
    }

    public boolean isKeyAdmin() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            return currentUserSession.isKeyAdmin();
        }
        logger.debug("Unable to find session.");
        return false;
    }

    public boolean isAuditKeyAdmin() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            return currentUserSession.isAuditKeyAdmin();
        }
        logger.debug("Unable to find session.");
        return false;
    }

    public Boolean hasAccess(XXDBBase xXDBBase, RangerBaseModelObject rangerBaseModelObject) {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            logger.info("User session not found, granting access.");
            return true;
        }
        boolean isKeyAdmin = currentUserSession.isKeyAdmin();
        boolean isUserAdmin = currentUserSession.isUserAdmin();
        boolean isAuditUserAdmin = currentUserSession.isAuditUserAdmin();
        boolean isAuditKeyAdmin = currentUserSession.isAuditKeyAdmin();
        boolean z = false;
        if (currentUserSession.getUserRoleList().contains(RangerConstants.ROLE_USER)) {
            z = true;
        }
        if (xXDBBase != null && (xXDBBase instanceof XXServiceDef)) {
            if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(((XXServiceDef) xXDBBase).getImplclassname())) {
                return Boolean.valueOf(isKeyAdmin || isAuditKeyAdmin);
            }
            return Boolean.valueOf(isUserAdmin || z || isAuditUserAdmin);
        }
        if (xXDBBase == null || !(xXDBBase instanceof XXService)) {
            return false;
        }
        if (isUserAdmin || isAuditUserAdmin) {
            return true;
        }
        if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(this.daoManager.getXXServiceDef().getById(((XXService) xXDBBase).getType()).getImplclassname())) {
            return Boolean.valueOf(isKeyAdmin || isAuditKeyAdmin);
        }
        return Boolean.valueOf(z);
    }

    public void hasAdminPermissions(String str) {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            throw this.restErrorUtil.createRESTException("UserSession cannot be null, only Admin can create/update/delete " + str, MessageEnums.OPER_NO_PERMISSION);
        }
        if (!currentUserSession.isKeyAdmin() && !currentUserSession.isUserAdmin()) {
            throw this.restErrorUtil.createRESTException("This user is not allowed this operation. Only users with Admin permission have access to this operation " + str, MessageEnums.OPER_NO_PERMISSION);
        }
    }

    public void hasKMSPermissions(String str, String str2) {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            throw this.restErrorUtil.createRESTException("UserSession cannot be null, only KeyAdmin can create/update/delete " + str, MessageEnums.OPER_NO_PERMISSION);
        }
        if (currentUserSession.isKeyAdmin() && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(str2)) {
            throw this.restErrorUtil.createRESTException("KeyAdmin can create/update/delete only KMS " + str, MessageEnums.OPER_NO_PERMISSION);
        }
        if ("Service-Def".equalsIgnoreCase(str) && currentUserSession.isUserAdmin() && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(str2)) {
            throw this.restErrorUtil.createRESTException("System Admin cannot create/update/delete KMS " + str, MessageEnums.OPER_NO_PERMISSION);
        }
    }

    public boolean checkUserAccessible(VXUser vXUser) {
        boolean z = true;
        Collection<String> rolesByLoginId = this.userMgr.getRolesByLoginId(vXUser.getName());
        if (isKeyAdmin() && (vXUser.getUserRoleList().contains(RangerConstants.ROLE_SYS_ADMIN) || vXUser.getUserRoleList().contains(RangerConstants.ROLE_ADMIN_AUDITOR) || rolesByLoginId.contains(RangerConstants.ROLE_SYS_ADMIN) || rolesByLoginId.contains(RangerConstants.ROLE_ADMIN_AUDITOR))) {
            z = false;
        }
        if (isAdmin() && (vXUser.getUserRoleList().contains(RangerConstants.ROLE_KEY_ADMIN) || vXUser.getUserRoleList().contains(RangerConstants.ROLE_KEY_ADMIN_AUDITOR) || rolesByLoginId.contains(RangerConstants.ROLE_KEY_ADMIN) || rolesByLoginId.contains(RangerConstants.ROLE_KEY_ADMIN_AUDITOR))) {
            z = false;
        }
        if (z) {
            return z;
        }
        throw this.restErrorUtil.createRESTException("Logged in user is not allowed to create/update user", MessageEnums.OPER_NO_PERMISSION);
    }

    public boolean isSSOEnabled() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession != null) {
            return currentUserSession.isSSOEnabled() == null ? PropertiesUtil.getBooleanProperty("ranger.sso.enabled", false) : currentUserSession.isSSOEnabled().booleanValue();
        }
        throw this.restErrorUtil.createRESTException("User session is not created", MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);
    }

    public boolean isUserAllowed(RangerService rangerService, String str) {
        String[] split;
        Map<String, String> configs = rangerService.getConfigs();
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        String loginId = currentUserSession != null ? currentUserSession.getLoginId() : null;
        if (configs == null || !configs.containsKey(str) || (split = configs.get(str).split(",")) == null) {
            return false;
        }
        for (String str2 : split) {
            if ("*".equals(str2)) {
                return true;
            }
            if (loginId != null && str2.equalsIgnoreCase(loginId)) {
                return true;
            }
        }
        return false;
    }

    public boolean isUserAllowedForGrantRevoke(RangerService rangerService, String str, String str2) {
        String[] split;
        Map<String, String> configs = rangerService.getConfigs();
        if (configs == null || !configs.containsKey(str) || (split = configs.get(str).split(",")) == null) {
            return false;
        }
        for (String str3 : split) {
            if ("*".equals(str3)) {
                return true;
            }
            if (str2 != null && str3.equalsIgnoreCase(str2)) {
                return true;
            }
        }
        return false;
    }

    public void blockAuditorRoleUser() {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            VXResponse vXResponse = new VXResponse();
            vXResponse.setStatusCode(401);
            vXResponse.setMsgDesc("Bad Credentials");
            throw this.restErrorUtil.generateRESTException(vXResponse);
        }
        if (currentUserSession.isAuditKeyAdmin() || currentUserSession.isAuditUserAdmin()) {
            VXResponse vXResponse2 = new VXResponse();
            vXResponse2.setStatusCode(401);
            vXResponse2.setMsgDesc("Operation denied. LoggedInUser=" + currentUserSession.getXXPortalUser().getId() + " ,isn't permitted to perform the action.");
            throw this.restErrorUtil.generateRESTException(vXResponse2);
        }
    }

    public boolean hasModuleAccess(String str) {
        UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
        if (currentUserSession == null) {
            return false;
        }
        return currentUserSession.isUserAdmin() || currentUserSession.isAuditUserAdmin() || currentUserSession.getRangerUserPermission().getUserPermissions().contains(str);
    }

    public void removeEmptyStrings(List<String> list) {
        if (CollectionUtils.isEmpty(list)) {
            return;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (next == null || StringUtils.isEmpty(StringUtils.trim(next))) {
                it.remove();
            }
        }
        trimAll(list);
    }

    public void trimAll(List<String> list) {
        if (CollectionUtils.isEmpty(list)) {
            return;
        }
        for (int i = 0; i < list.size(); i++) {
            String str = list.get(i);
            if (str.startsWith(" ") || str.endsWith(" ")) {
                list.set(i, StringUtils.trim(str));
            }
        }
    }
}
