package org.apache.spark.sql.acl;

import org.apache.carbondata.core.util.CarbonProperties;
import org.apache.carbondata.events.Event;
import org.apache.carbondata.events.IndexServerEvent;
import org.apache.carbondata.events.OperationContext;
import org.apache.carbondata.events.OperationEventListener;
import org.apache.carbondata.events.exception.PreEventException;
import org.apache.spark.sql.SparkSession;
import org.apache.spark.sql.hive.CarbonInternalMetaUtil$;
import org.apache.spark.sql.hive.acl.ACLInterface;
import org.apache.spark.sql.hive.acl.ObjectType$;
import org.apache.spark.sql.hive.acl.PrivObject;
import org.apache.spark.sql.hive.acl.PrivType$;
import scala.Enumeration;
import scala.Predef$;
import scala.StringContext;
import scala.collection.immutable.Set;
import scala.collection.immutable.Set$;

/* compiled from: ACLIndexServerEventListener.scala */
/* loaded from: input_file:org/apache/spark/sql/acl/ACLIndexServerEventListener$.class */
public final class ACLIndexServerEventListener$ extends OperationEventListener {
    public static final ACLIndexServerEventListener$ MODULE$ = null;

    static {
        new ACLIndexServerEventListener$();
    }

    public void onEvent(Event event, OperationContext operationContext) {
        IndexServerEvent indexServerEvent = (IndexServerEvent) event;
        if (ACLFileUtils$.MODULE$.isSecureModeEnabled()) {
            String databaseName = indexServerEvent.carbonTable().getDatabaseName();
            indexServerEvent.carbonTable().isIndexTable();
            String parentTableName = indexServerEvent.carbonTable().isIndexTable() ? indexServerEvent.carbonTable().getParentTableName() : indexServerEvent.carbonTable().getTableName();
            SparkSession newSession = indexServerEvent.sparkSession().newSession();
            String clientRole = indexServerEvent.clientRole();
            if (clientRole == null || indexServerEvent.username() == null) {
                throw new IllegalArgumentException("Something went wrong while ACL check for the current table.");
            }
            ACLInterface clientUser = CarbonInternalMetaUtil$.MODULE$.setClientUser(newSession, indexServerEvent.username(), clientRole);
            if (validateIfUserIsASuperUser(indexServerEvent.username())) {
                return;
            }
            String privObject = indexServerEvent.privObject();
            Set$ Set = Predef$.MODULE$.Set();
            Predef$ predef$ = Predef$.MODULE$;
            PrivObject[] privObjectArr = new PrivObject[1];
            privObjectArr[0] = new PrivObject(ObjectType$.MODULE$.TABLE(), databaseName, parentTableName, (String) null, privObject == null ? (Set) Predef$.MODULE$.Set().apply(Predef$.MODULE$.wrapRefArray(new Enumeration.Value[]{PrivType$.MODULE$.SELECT_NOGRANT()})) : Predef$.MODULE$.Set().apply(Predef$.MODULE$.wrapRefArray(new Enumeration.Value[]{PrivType$.MODULE$.withName(indexServerEvent.privObject())})));
            Set apply = Set.apply(predef$.wrapRefArray(privObjectArr));
            if (!clientUser.checkPrivilege(apply.toSet(), false)) {
                throw new PreEventException(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"User ", " does not have ", " permission for table ", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{indexServerEvent.username(), ((PrivObject) apply.head()).privs().head(), parentTableName})), false);
            }
        }
    }

    private boolean validateIfUserIsASuperUser(String str) {
        String property = CarbonProperties.getInstance().getProperty("carbon.indexserver.superusers");
        if (property == null) {
            throw new RuntimeException("List of super users not found for validation. Please use carbon.indexserver.superusers to define the users that are valid superusers");
        }
        return property.contains(str);
    }

    private ACLIndexServerEventListener$() {
        MODULE$ = this;
    }
}
