package io.trino.jdbc.$internal.com.huawei.hetu.common.security;

import io.trino.jdbc.$internal.airlift.log.Logger;
import io.trino.jdbc.$internal.com.huawei.hetu.common.security.GroupExecutionResult;
import io.trino.jdbc.$internal.guava.cache.Cache;
import io.trino.jdbc.$internal.guava.cache.CacheBuilder;
import io.trino.jdbc.$internal.org.apache.commons.io.FileUtils;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:io/trino/jdbc/$internal/com/huawei/hetu/common/security/UserGroupBasedAccessControl.class */
public class UserGroupBasedAccessControl {
    private static final int USER_GROUPS_CACHE_TIME_MINUTES = 3;
    private static final int USER_GROUPS_CACHE_MAX_SIZE = 100;
    private final Cache<String, List<String>> userGroupCache;
    private final UserGroupHelper userGroupHelper;
    private static final Logger LOG = Logger.get((Class<?>) UserGroupBasedAccessControl.class);
    private static final String BIN_SHELL_PATH = FileUtils.getFile(UserGroupBasedAccessControl.class.getProtectionDomain().getCodeSource().getLocation().getPath()).getParentFile().getParentFile().getPath() + "/bin";

    /* loaded from: input_file:io/trino/jdbc/$internal/com/huawei/hetu/common/security/UserGroupBasedAccessControl$UserGroupType.class */
    public enum UserGroupType {
        GROUP_SUPER("supergroup"),
        GROUP_HETU_USER("hetuuser"),
        GROUP_HETU_ADMIN("hetuadmin");

        private String name;

        UserGroupType(String str) {
            this.name = str;
        }

        public String getName() {
            return this.name;
        }
    }

    public UserGroupBasedAccessControl() {
        this(BIN_SHELL_PATH);
    }

    public UserGroupBasedAccessControl(String str) {
        this.userGroupCache = CacheBuilder.newBuilder().maximumSize(100L).expireAfterWrite(3L, TimeUnit.MINUTES).build();
        this.userGroupHelper = new UserGroupHelper(str);
    }

    public boolean isSuperUser(String str) {
        return getUserGroupsFromCache(str).contains(UserGroupType.GROUP_SUPER.getName());
    }

    public boolean isBasicServiceUser(String str) {
        return getUserGroupsFromCache(str).contains(UserGroupType.GROUP_HETU_USER.getName());
    }

    public boolean isHetuAdminUser(String str) {
        return getUserGroupsFromCache(str).contains(UserGroupType.GROUP_HETU_ADMIN.getName());
    }

    public boolean isHetuAdminOrSuperUser(String str) {
        return isHetuAdminUser(str) || isSuperUser(str);
    }

    public List<String> getUserGroups(String str) {
        return getUserGroupsFromCache(str);
    }

    private List<String> getUserGroupsFromCache(String str) {
        List<String> ifPresent = this.userGroupCache.getIfPresent(str);
        if (ifPresent != null) {
            return ifPresent;
        }
        try {
            GroupExecutionResult groups = this.userGroupHelper.getGroups(str);
            if (groups.getExecutionResult() == GroupExecutionResult.ExecutionResult.SUCCESS) {
                this.userGroupCache.put(str, groups.getGroupList());
                return groups.getGroupList();
            }
            LOG.warn(String.format(Locale.ENGLISH, "refresh user group failed. result is %s", groups.getExecutionResult().toString()));
            return Collections.emptyList();
        } catch (Exception e) {
            LOG.warn(String.format(Locale.ENGLISH, "refresh user group failed. message is %s", e.getMessage()));
            return Collections.emptyList();
        }
    }
}
