package io.prestosql.plugin.hive.security;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.huawei.hetu.spi.connector.Userlist;
import io.prestosql.plugin.hive.HiveConfig;
import io.prestosql.plugin.hive.HiveTransactionHandle;
import io.prestosql.plugin.hive.HiveUtil;
import io.prestosql.plugin.hive.authentication.HiveIdentity;
import io.prestosql.plugin.hive.metastore.SemiTransactionalHiveMetastore;
import io.prestosql.plugin.hive.metastore.Table;
import io.prestosql.spi.connector.ColumnMetadata;
import io.prestosql.spi.connector.ConnectorAccessControl;
import io.prestosql.spi.connector.ConnectorTransactionHandle;
import io.prestosql.spi.connector.SchemaTableName;
import io.prestosql.spi.security.AccessDeniedException;
import io.prestosql.spi.security.ConnectorIdentity;
import io.prestosql.spi.security.Identity;
import io.prestosql.spi.security.PrestoPrincipal;
import io.prestosql.spi.security.Privilege;
import io.prestosql.spi.security.ViewExpression;
import io.prestosql.spi.type.Type;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.function.Function;
import javax.inject.Inject;

/* loaded from: input_file:io/prestosql/plugin/hive/security/LegacyAccessControl.class */
public class LegacyAccessControl implements ConnectorAccessControl {
    private final Function<HiveTransactionHandle, SemiTransactionalHiveMetastore> metastoreProvider;
    private final boolean allowDropTable;
    private final boolean allowRenameTable;
    private final boolean allowCommentTable;
    private final boolean allowAddColumn;
    private final boolean allowDropColumn;
    private final boolean allowRenameColumn;
    private Optional<Map<String, Userlist>> userlistMap;

    @Inject
    public LegacyAccessControl(Function<HiveTransactionHandle, SemiTransactionalHiveMetastore> function, LegacySecurityConfig legacySecurityConfig, HiveConfig hiveConfig) {
        this.userlistMap = Optional.empty();
        this.metastoreProvider = (Function) Objects.requireNonNull(function, "metastoreProvider is null");
        Objects.requireNonNull(legacySecurityConfig, "securityConfig is null");
        this.allowDropTable = legacySecurityConfig.getAllowDropTable();
        this.allowRenameTable = legacySecurityConfig.getAllowRenameTable();
        this.allowCommentTable = legacySecurityConfig.getAllowCommentTable();
        this.allowAddColumn = legacySecurityConfig.getAllowAddColumn();
        this.allowDropColumn = legacySecurityConfig.getAllowDropColumn();
        this.allowRenameColumn = legacySecurityConfig.getAllowRenameColumn();
        Objects.requireNonNull(hiveConfig, "hiveConfig is null");
        Optional<String> hiveDatasourceUsers = hiveConfig.getHiveDatasourceUsers();
        if (hiveDatasourceUsers.isPresent()) {
            try {
                this.userlistMap = HiveUtil.parseSpecialUserMapping(hiveDatasourceUsers, hiveConfig.getHiveSpecialUserMapping());
            } catch (JsonProcessingException e) {
                e.printStackTrace();
            }
        }
    }

    public void checkCanCreateSchema(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanAlterSchema(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str, String str2) {
    }

    public void checkCanDropSchema(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanAlterColumn(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowRenameColumn) {
            return;
        }
        AccessDeniedException.denyAlterColumn(schemaTableName.toString());
    }

    public void checkCanRenameSchema(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str, String str2) {
    }

    public void checkCanShowSchemas(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity) {
    }

    public Set<String> filterSchemas(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Set<String> set) {
        return set;
    }

    public void checkCanCreateTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanDropTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (!this.allowDropTable) {
            AccessDeniedException.denyDropTable(schemaTableName.toString());
        }
        Optional<Table> table = this.metastoreProvider.apply((HiveTransactionHandle) connectorTransactionHandle).getTable(new HiveIdentity(connectorIdentity), schemaTableName.getSchemaName(), schemaTableName.getTableName());
        if (!table.isPresent()) {
            AccessDeniedException.denyDropTable(schemaTableName.toString(), "Table not found");
        }
        if (HiveUtil.getOwner(connectorIdentity.getUser(), this.userlistMap).orElse(connectorIdentity.getUser()).equals(table.get().getOwner())) {
            return;
        }
        AccessDeniedException.denyDropTable(schemaTableName.toString(), "Owner of the table is different from session user");
    }

    public void checkCanRenameTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName, SchemaTableName schemaTableName2) {
        if (this.allowRenameTable) {
            return;
        }
        AccessDeniedException.denyRenameTable(schemaTableName.toString(), schemaTableName2.toString());
    }

    public void checkCanSetTableComment(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowCommentTable) {
            return;
        }
        AccessDeniedException.denyCommentTable(schemaTableName.toString());
    }

    public void checkCanShowTablesMetadata(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public Set<SchemaTableName> filterTables(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Set<SchemaTableName> set) {
        return set;
    }

    public void checkCanShowColumnsMetadata(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public List<ColumnMetadata> filterColumns(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName, List<ColumnMetadata> list) {
        return list;
    }

    public void checkCanAddColumn(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowAddColumn) {
            return;
        }
        AccessDeniedException.denyAddColumn(schemaTableName.toString());
    }

    public void checkCanDropColumn(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowDropColumn) {
            return;
        }
        AccessDeniedException.denyDropColumn(schemaTableName.toString());
    }

    public void checkCanRenameColumn(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowRenameColumn) {
            return;
        }
        AccessDeniedException.denyRenameColumn(schemaTableName.toString());
    }

    public void checkCanSelectFromColumns(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName, Set<String> set) {
    }

    public void checkCanInsertIntoTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanDeleteFromTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanCreateView(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanDropView(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanCreateViewWithSelectFromColumns(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName, Set<String> set) {
    }

    public void checkCanSetCatalogSessionProperty(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanGrantTablePrivilege(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Privilege privilege, SchemaTableName schemaTableName, PrestoPrincipal prestoPrincipal, boolean z) {
    }

    public void checkCanRevokeTablePrivilege(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Privilege privilege, SchemaTableName schemaTableName, PrestoPrincipal prestoPrincipal, boolean z) {
    }

    public void checkCanCreateRole(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str, Optional<PrestoPrincipal> optional) {
    }

    public void checkCanDropRole(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanGrantRoles(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Set<String> set, Set<PrestoPrincipal> set2, boolean z, Optional<PrestoPrincipal> optional, String str) {
    }

    public void checkCanRevokeRoles(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, Set<String> set, Set<PrestoPrincipal> set2, boolean z, Optional<PrestoPrincipal> optional, String str) {
    }

    public void checkCanSetRole(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str, String str2) {
    }

    public void checkCanShowRoles(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanShowCurrentRoles(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanShowRoleGrants(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, String str) {
    }

    public void checkCanUpdateTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public Optional<ViewExpression> getRowFilter(ConnectorTransactionHandle connectorTransactionHandle, Identity identity, SchemaTableName schemaTableName) {
        return Optional.empty();
    }

    public Optional<ViewExpression> getColumnMask(ConnectorTransactionHandle connectorTransactionHandle, Identity identity, SchemaTableName schemaTableName, String str, Type type) {
        return Optional.empty();
    }

    public void checkCanCreateIndex(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanDropIndex(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanRenameIndex(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName, SchemaTableName schemaTableName2) {
    }

    public void checkCanUpdateIndex(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanShowIndex(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }

    public void checkCanAlterTable(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
        if (this.allowRenameTable) {
            return;
        }
        AccessDeniedException.denyAlterTable(schemaTableName.toString());
    }

    public void checkCanAlterView(ConnectorTransactionHandle connectorTransactionHandle, ConnectorIdentity connectorIdentity, SchemaTableName schemaTableName) {
    }
}
