package io.prestosql.plugin.hive.security;

import com.google.inject.Binder;
import com.google.inject.Module;
import com.huawei.hetu.plugin.hive.security.DenyFileBasedAccessControlModule;
import com.huawei.hetu.plugin.hive.security.DenyLegacySecurityModule;
import com.huawei.hetu.plugin.hive.security.DenyReadOnlySecurityModule;
import io.airlift.configuration.AbstractConfigurationAwareModule;
import io.airlift.configuration.ConditionalModule;
import io.airlift.configuration.ConfigurationModule;
import io.prestosql.plugin.base.security.FileBasedAccessControlModule;
import io.prestosql.plugin.base.security.ReadOnlySecurityModule;
import java.io.File;

/* loaded from: input_file:io/prestosql/plugin/hive/security/HiveSecurityModule.class */
public class HiveSecurityModule extends AbstractConfigurationAwareModule {
    private static final File ACCESS_CONTROL_CONFIGURATION = new File("etc/access-control.properties");

    /* loaded from: input_file:io/prestosql/plugin/hive/security/HiveSecurityModule$StaticAccessControlMetadataModule.class */
    private static class StaticAccessControlMetadataModule implements Module {
        private StaticAccessControlMetadataModule() {
        }

        public void configure(Binder binder) {
            binder.bind(AccessControlMetadataFactory.class).toInstance(semiTransactionalHiveMetastore -> {
                return new AccessControlMetadata() { // from class: io.prestosql.plugin.hive.security.HiveSecurityModule.StaticAccessControlMetadataModule.1
                };
            });
        }
    }

    protected void setup(Binder binder) {
        if (isAllowNotSqlStardardModel()) {
            bindSecurityModule("legacy", ConfigurationModule.installModules(new Module[]{new LegacySecurityModule(), new StaticAccessControlMetadataModule()}));
            bindSecurityModule("file", ConfigurationModule.installModules(new Module[]{new FileBasedAccessControlModule(), new StaticAccessControlMetadataModule()}));
            bindSecurityModule("read-only", ConfigurationModule.installModules(new Module[]{new ReadOnlySecurityModule(), new StaticAccessControlMetadataModule()}));
        } else {
            bindSecurityModule("legacy", ConfigurationModule.installModules(new Module[]{new DenyLegacySecurityModule(), new StaticAccessControlMetadataModule()}));
            bindSecurityModule("file", ConfigurationModule.installModules(new Module[]{new DenyFileBasedAccessControlModule(), new StaticAccessControlMetadataModule()}));
            bindSecurityModule("read-only", ConfigurationModule.installModules(new Module[]{new DenyReadOnlySecurityModule(), new StaticAccessControlMetadataModule()}));
        }
        bindSecurityModule("sql-standard", new SqlStandardSecurityModule(((SecurityConfig) buildConfigObject(SecurityConfig.class)).getSqlStandardAccessControlImp(), isAllowNotSqlStardardModel()));
    }

    private void bindSecurityModule(String str, Module module) {
        install(ConditionalModule.installModuleIf(SecurityConfig.class, securityConfig -> {
            return str.equalsIgnoreCase(securityConfig.getSecuritySystem());
        }, module));
    }

    private boolean isServerSecurityEnable() {
        String property = System.getProperty("secureEnabled");
        return property == null || !"false".equalsIgnoreCase(property);
    }

    private boolean isRangerSystemAccessControl() {
        return ACCESS_CONTROL_CONFIGURATION.exists();
    }

    private boolean isAllowNotSqlStardardModel() {
        if (isServerSecurityEnable()) {
            return isRangerSystemAccessControl();
        }
        return true;
    }
}
