package com.huawei.cloudtable.hbase.rest.filter.token.utils;

import com.huawei.cloudtable.hbase.rest.filter.token.enums.ErrorCode;
import com.huawei.cloudtable.hbase.rest.filter.token.vo.IamRole;
import com.huawei.cloudtable.hbase.rest.filter.token.vo.IamTokenRsp;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:com/huawei/cloudtable/hbase/rest/filter/token/utils/IamRoleAuthenticator.class */
public class IamRoleAuthenticator {
    private static final String TE_ADMIN = "te_admin";
    private static final String OP_SERVICE = "op_service";
    private static final String READ_ONLY = "readonly";
    private static final String SERVER_ADMIN = "server_adm";
    private static final String OP_RESTRICTED = "op_restricted";
    private static final String OP_SUSPENDED = "op_suspended";
    private static final String OP_GATED_DWS = "op_gated_dws";
    private static final List<String> ADMIN_ROLE_LIST = new ArrayList();

    public static boolean isGuest(Set<String> set) {
        return set.contains(READ_ONLY);
    }

    public static boolean isGuestOnly(Set<String> set) {
        return (!set.contains(READ_ONLY) || isServiceAdmin(set) || isOpService(set)) ? false : true;
    }

    private static boolean ifContainsAdminRole(Set<String> set) {
        Iterator<String> it = ADMIN_ROLE_LIST.iterator();
        while (it.hasNext()) {
            if (set.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    public static boolean isServiceAdmin(Set<String> set) {
        if (set.contains(TE_ADMIN)) {
            return true;
        }
        return ifContainsAdminRole(set) && set.contains(SERVER_ADMIN) && set.contains(READ_ONLY);
    }

    public static boolean isOpService(Set<String> set) {
        return set.contains(OP_SERVICE);
    }

    public static Set<String> getRoleSet(IamTokenRsp iamTokenRsp) {
        return isIamTokenRspNull(iamTokenRsp) ? new HashSet() : getRoleSet(iamTokenRsp.getIamToken().getToken().getRoles());
    }

    public static Set<String> getRoleSet(List<IamRole> list) {
        HashSet hashSet = new HashSet();
        Iterator<IamRole> it = list.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getName());
        }
        return hashSet;
    }

    public static boolean isIamTokenRspNull(IamTokenRsp iamTokenRsp) {
        return iamTokenRsp == null || iamTokenRsp.getIamToken() == null || iamTokenRsp.getIamToken().getToken() == null || iamTokenRsp.getIamToken().getToken().getRoles() == null;
    }

    public static boolean isRestricted(Set<String> set) {
        return set.contains(OP_RESTRICTED) && !isOpService(set);
    }

    public static boolean isSuspended(Set<String> set) {
        return set.contains(OP_SUSPENDED) && !isOpService(set);
    }

    public static ErrorCode resonOfUnaccessible(Set<String> set) {
        return (isOpService(set) || !ifContainsAdminRole(set)) ? ErrorCode.ACCOUNT_HAS_NO_PRIV : (set.contains(SERVER_ADMIN) && set.contains(READ_ONLY)) ? ErrorCode.ACCOUNT_HAS_NO_PRIV : ErrorCode.ACCOUNT_ADMIN_PRIV_NOT_COMPLETE;
    }

    public static boolean isOpGatedDws(Set<String> set) {
        return set.contains(OP_GATED_DWS);
    }
}
