package org.apache.hadoop.hive.metastore.multi.operation;

import com.google.common.base.Preconditions;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import javax.jdo.PersistenceManager;
import org.apache.commons.collections.CollectionUtils;
import org.apache.hadoop.hive.metastore.HiveMetaStore;
import org.apache.hadoop.hive.metastore.Warehouse;
import org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege;
import org.apache.hadoop.hive.metastore.api.HiveObjectRef;
import org.apache.hadoop.hive.metastore.api.HiveObjectType;
import org.apache.hadoop.hive.metastore.api.InvalidObjectException;
import org.apache.hadoop.hive.metastore.api.MetaException;
import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.metastore.api.PrivilegeBag;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.api.hive_metastoreConstants;
import org.apache.hadoop.hive.metastore.model.MDBPrivilege;
import org.apache.hadoop.hive.metastore.model.MDatabase;
import org.apache.hadoop.hive.metastore.model.MGlobalPrivilege;
import org.apache.hadoop.hive.metastore.model.MPartition;
import org.apache.hadoop.hive.metastore.model.MPartitionColumnPrivilege;
import org.apache.hadoop.hive.metastore.model.MPartitionPrivilege;
import org.apache.hadoop.hive.metastore.model.MTable;
import org.apache.hadoop.hive.metastore.model.MTableColumnPrivilege;
import org.apache.hadoop.hive.metastore.model.MTablePrivilege;
import org.apache.hadoop.hive.metastore.multi.JdoManager;
import org.apache.hadoop.hive.metastore.multi.MultiObjectStore;
import org.apache.hadoop.hive.metastore.multi.Transaction;
import org.apache.hadoop.hive.metastore.multi.util.Converter;
import org.apache.hadoop.hive.metastore.utils.MetaStoreUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hive/metastore/multi/operation/GrantRevokePrivilegeHandler.class */
public class GrantRevokePrivilegeHandler extends IHandler {
    private static final Logger LOG = LoggerFactory.getLogger(GrantRevokePrivilegeHandler.class);
    private JdoManager jdoManager;
    private Transaction transaction;

    /* loaded from: input_file:org/apache/hadoop/hive/metastore/multi/operation/GrantRevokePrivilegeHandler$PrivilegeWithoutCreateTimeComparator.class */
    class PrivilegeWithoutCreateTimeComparator implements Comparator<HiveObjectPrivilege> {
        PrivilegeWithoutCreateTimeComparator() {
        }

        @Override // java.util.Comparator
        public int compare(HiveObjectPrivilege hiveObjectPrivilege, HiveObjectPrivilege hiveObjectPrivilege2) {
            int createTime = hiveObjectPrivilege.getGrantInfo().getCreateTime();
            int createTime2 = hiveObjectPrivilege2.getGrantInfo().getCreateTime();
            hiveObjectPrivilege.getGrantInfo().setCreateTime(0);
            hiveObjectPrivilege2.getGrantInfo().setCreateTime(0);
            int compareTo = hiveObjectPrivilege.compareTo(hiveObjectPrivilege2);
            hiveObjectPrivilege.getGrantInfo().setCreateTime(createTime);
            hiveObjectPrivilege2.getGrantInfo().setCreateTime(createTime2);
            return compareTo;
        }
    }

    public GrantRevokePrivilegeHandler(MultiObjectStore multiObjectStore) {
        super(multiObjectStore);
    }

    @Override // org.apache.hadoop.hive.metastore.multi.operation.IHandler
    public void initialize() {
        this.jdoManager = this.mStore.getJdoManager();
        this.transaction = this.mStore.getTransaction();
    }

    public boolean grantPrivileges(PrivilegeBag privilegeBag) throws InvalidObjectException, MetaException, NoSuchObjectException {
        return grantPrivileges(privilegeBag, false);
    }

    public boolean grantPrivileges(PrivilegeBag privilegeBag, boolean z) throws InvalidObjectException, MetaException, NoSuchObjectException {
        int currentTimeMillis = (int) (System.currentTimeMillis() / 1000);
        try {
            this.transaction.openTransactionAll();
            List<HiveObjectPrivilege> privileges = privilegeBag.getPrivileges();
            if (z) {
                HiveMetaStore.HMSHandler.getMultiMDBPrivileges().clear();
                HiveMetaStore.HMSHandler.getMultiTableOption().clear();
                HiveMetaStore.HMSHandler.getMultiTablePrivilege().clear();
            }
            if (CollectionUtils.isNotEmpty(privileges)) {
                for (HiveObjectPrivilege hiveObjectPrivilege : privileges) {
                    HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
                    String principalName = hiveObjectPrivilege.getPrincipalName();
                    PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
                    if (!hiveObject.isSetCatName()) {
                        hiveObject.setCatName(MetaStoreUtils.getDefaultCatalog(this.mStore.getConf()));
                    }
                    if (isRdbTable(hiveObject)) {
                        throw new MetaException("Grant privilege on RDB table is not permitted.");
                    }
                    if (principalType == PrincipalType.ROLE) {
                        this.mStore.getRoleHandler().validateRole(principalName);
                    }
                    if (hiveObject.getObjectType() == HiveObjectType.GLOBAL) {
                        grantGlobal(hiveObjectPrivilege, currentTimeMillis);
                    } else if (hiveObject.getObjectType() == HiveObjectType.DATABASE) {
                        grantDatabase(hiveObjectPrivilege, z);
                    } else if (hiveObject.getObjectType() == HiveObjectType.TABLE) {
                        grantTable(hiveObjectPrivilege, currentTimeMillis);
                    } else if (hiveObject.getObjectType() == HiveObjectType.PARTITION) {
                        grantPartitions(hiveObjectPrivilege, currentTimeMillis);
                    } else if (hiveObject.getObjectType() == HiveObjectType.COLUMN) {
                        grantColumns(hiveObjectPrivilege, currentTimeMillis);
                    }
                }
            }
            boolean commitTransactionAll = this.transaction.commitTransactionAll();
            if (!commitTransactionAll) {
                this.transaction.rollbackTransactionAll();
            }
            return commitTransactionAll;
        } catch (Throwable th) {
            if (0 == 0) {
                this.transaction.rollbackTransactionAll();
            }
            throw th;
        }
    }

    public boolean revokePrivileges(PrivilegeBag privilegeBag, boolean z) throws InvalidObjectException, MetaException, NoSuchObjectException {
        boolean z2 = false;
        try {
            this.mStore.openTransaction();
            List<HiveObjectPrivilege> privileges = privilegeBag.getPrivileges();
            if (CollectionUtils.isNotEmpty(privileges)) {
                for (HiveObjectPrivilege hiveObjectPrivilege : privileges) {
                    HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
                    String privilege = hiveObjectPrivilege.getGrantInfo().getPrivilege();
                    if (privilege != null && !privilege.trim().isEmpty()) {
                        String[] split = privilege.split(",");
                        String principalName = hiveObjectPrivilege.getPrincipalName();
                        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
                        String catName = hiveObject.isSetCatName() ? hiveObject.getCatName() : MetaStoreUtils.getDefaultCatalog(this.mStore.getConf());
                        if (hiveObject.getObjectType() == HiveObjectType.GLOBAL) {
                            revokeGlobalGrant(z, split, principalName, principalType);
                        } else if (hiveObject.getObjectType() == HiveObjectType.DATABASE) {
                            Iterator<PersistenceManager> it = this.jdoManager.getAllPM().iterator();
                            while (it.hasNext()) {
                                revokeDatabaseGrant(it.next(), z, hiveObject, split, principalName, principalType, catName);
                            }
                        } else if (hiveObject.getObjectType() == HiveObjectType.TABLE) {
                            revokeTableGrant(z, hiveObject, split, principalName, principalType, catName);
                        } else if (hiveObject.getObjectType() == HiveObjectType.PARTITION) {
                            revokePartitionGrant(z, hiveObject, split, principalName, principalType, catName);
                        } else if (hiveObject.getObjectType() == HiveObjectType.COLUMN) {
                            revokeTableColumnsGrant(z, hiveObject, split, principalName, principalType, catName);
                        }
                    }
                }
            }
            z2 = this.mStore.commitTransaction();
            if (!z2) {
                this.mStore.rollbackTransaction();
            }
            return z2;
        } catch (Throwable th) {
            if (!z2) {
                this.mStore.rollbackTransaction();
            }
            throw th;
        }
    }

    public boolean refreshPrivileges(HiveObjectRef hiveObjectRef, String str, PrivilegeBag privilegeBag) throws InvalidObjectException, MetaException, NoSuchObjectException {
        List<HiveObjectPrivilege> convertTableColsPrivileges;
        String dbName = hiveObjectRef.getDbName();
        String objectName = hiveObjectRef.getObjectName();
        try {
            this.transaction.openTransactionAll();
            TreeSet treeSet = new TreeSet(new PrivilegeWithoutCreateTimeComparator());
            TreeSet treeSet2 = new TreeSet(new PrivilegeWithoutCreateTimeComparator());
            String catName = hiveObjectRef.isSetCatName() ? hiveObjectRef.getCatName() : MetaStoreUtils.getDefaultCatalog(this.mStore.getConf());
            switch (hiveObjectRef.getObjectType()) {
                case DATABASE:
                    convertTableColsPrivileges = this.mStore.getDatabasePrivilegeHandler().listDBGrantsAll(this.jdoManager.getMasterPM(), catName, dbName, str);
                    break;
                case TABLE:
                    convertTableColsPrivileges = this.mStore.getTablePrivilegeHandler().listTableGrantsAll(this.mStore.getTableHandler().getTablePm(catName, dbName, objectName), catName, dbName, objectName, str);
                    break;
                case COLUMN:
                    PersistenceManager tablePm = this.mStore.getTableHandler().getTablePm(catName, dbName, objectName);
                    Preconditions.checkArgument(hiveObjectRef.getColumnName() == null, "columnName must be null");
                    convertTableColsPrivileges = Converter.convertTableColsPrivileges(this.mStore.getTablePrivilegeHandler().listTableAllColumnGrants(tablePm, catName, dbName, objectName, str));
                    break;
                default:
                    throw new MetaException("Unexpected object type " + hiveObjectRef.getObjectType());
            }
            if (convertTableColsPrivileges != null) {
                Iterator<HiveObjectPrivilege> it = convertTableColsPrivileges.iterator();
                while (it.hasNext()) {
                    treeSet.add(it.next());
                }
            }
            if (privilegeBag.getPrivileges() != null) {
                for (HiveObjectPrivilege hiveObjectPrivilege : privilegeBag.getPrivileges()) {
                    if (treeSet.contains(hiveObjectPrivilege)) {
                        treeSet.remove(hiveObjectPrivilege);
                    } else {
                        treeSet2.add(hiveObjectPrivilege);
                    }
                }
            }
            if (!treeSet.isEmpty()) {
                PrivilegeBag privilegeBag2 = new PrivilegeBag();
                Iterator it2 = treeSet.iterator();
                while (it2.hasNext()) {
                    privilegeBag2.addToPrivileges((HiveObjectPrivilege) it2.next());
                }
                revokePrivileges(privilegeBag2, false);
            }
            if (!treeSet2.isEmpty()) {
                PrivilegeBag privilegeBag3 = new PrivilegeBag();
                Iterator it3 = treeSet2.iterator();
                while (it3.hasNext()) {
                    privilegeBag3.addToPrivileges((HiveObjectPrivilege) it3.next());
                }
                grantPrivileges(privilegeBag3);
            }
            boolean commitTransactionAll = this.transaction.commitTransactionAll();
            if (!commitTransactionAll) {
                this.transaction.rollbackTransactionAll();
            }
            return commitTransactionAll;
        } catch (Throwable th) {
            if (0 == 0) {
                this.transaction.rollbackTransactionAll();
            }
            throw th;
        }
    }

    private void revokeTableColumnsGrant(boolean z, HiveObjectRef hiveObjectRef, String[] strArr, String str, PrincipalType principalType, String str2) throws MetaException, InvalidObjectException {
        ArrayList arrayList = new ArrayList();
        String dbName = hiveObjectRef.getDbName();
        String objectName = hiveObjectRef.getObjectName();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(str2, dbName, objectName));
        Table table = this.mStore.getTableHandler().getTable(pm, str2, dbName, objectName);
        String makePartName = hiveObjectRef.getPartValues() != null ? Warehouse.makePartName(table.getPartitionKeys(), hiveObjectRef.getPartValues()) : null;
        if (makePartName != null) {
            List<MPartitionColumnPrivilege> listPrincipalMPartitionColumnGrants = this.mStore.getPartitionPrivilegeHandler().listPrincipalMPartitionColumnGrants(pm, str, principalType, str2, dbName, objectName, makePartName, hiveObjectRef.getColumnName());
            boolean z2 = false;
            if (listPrincipalMPartitionColumnGrants == null) {
                return;
            }
            for (String str3 : strArr) {
                Iterator<MPartitionColumnPrivilege> it = listPrincipalMPartitionColumnGrants.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    MPartitionColumnPrivilege next = it.next();
                    if (next.getPrivilege().equalsIgnoreCase(str3)) {
                        z2 = true;
                        if (z) {
                            if (!next.getGrantOption()) {
                                throw new MetaException("User " + str + " does not have grant option with privilege " + str3);
                            }
                            next.setGrantOption(false);
                        }
                        arrayList.add(next);
                    }
                }
                if (!z2) {
                    throw new InvalidObjectException("No grant (" + str3 + ") found  on table " + table.getTableName() + ", partition is " + makePartName + ", column name = " + hiveObjectRef.getColumnName() + ", database is " + table.getDbName());
                }
            }
        } else {
            List<MTableColumnPrivilege> listPrincipalMTableColumnGrants = this.mStore.getTablePrivilegeHandler().listPrincipalMTableColumnGrants(pm, str, principalType, str2, dbName, objectName, hiveObjectRef.getColumnName());
            boolean z3 = false;
            if (listPrincipalMTableColumnGrants == null) {
                return;
            }
            for (String str4 : strArr) {
                Iterator<MTableColumnPrivilege> it2 = listPrincipalMTableColumnGrants.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    MTableColumnPrivilege next2 = it2.next();
                    if (next2.getPrivilege().equalsIgnoreCase(str4)) {
                        z3 = true;
                        if (z) {
                            if (!next2.getGrantOption()) {
                                throw new MetaException("User " + str + " does not have grant option with privilege " + str4);
                            }
                            next2.setGrantOption(false);
                        }
                        arrayList.add(next2);
                    }
                }
                if (!z3) {
                    throw new InvalidObjectException("No grant (" + str4 + ") found  on table " + table.getTableName() + ", column name = " + hiveObjectRef.getColumnName() + ", database is " + table.getDbName());
                }
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        pm.deletePersistentAll(arrayList);
    }

    private void revokePartitionGrant(boolean z, HiveObjectRef hiveObjectRef, String[] strArr, String str, PrincipalType principalType, String str2) throws MetaException, InvalidObjectException {
        ArrayList arrayList = new ArrayList();
        boolean z2 = false;
        String dbName = hiveObjectRef.getDbName();
        String objectName = hiveObjectRef.getObjectName();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(str2, dbName, objectName));
        Table table = this.mStore.getTableHandler().getTable(pm, str2, dbName, objectName);
        String makePartName = hiveObjectRef.getPartValues() != null ? Warehouse.makePartName(table.getPartitionKeys(), hiveObjectRef.getPartValues()) : null;
        List<MPartitionPrivilege> listPrincipalMPartitionGrants = this.mStore.getPartitionPrivilegeHandler().listPrincipalMPartitionGrants(pm, str, principalType, str2, dbName, objectName, makePartName);
        for (String str3 : strArr) {
            Iterator<MPartitionPrivilege> it = listPrincipalMPartitionGrants.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                MPartitionPrivilege next = it.next();
                if (next.getPrivilege().equalsIgnoreCase(str3)) {
                    z2 = true;
                    if (z) {
                        if (!next.getGrantOption()) {
                            throw new MetaException("User " + str + " does not have grant option with privilege " + str3);
                        }
                        next.setGrantOption(false);
                    }
                    arrayList.add(next);
                }
            }
            if (!z2) {
                throw new InvalidObjectException("No grant (" + str3 + ") found  on table " + table.getTableName() + ", partition is " + makePartName + ", database is " + dbName);
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        pm.deletePersistentAll(arrayList);
    }

    private void revokeTableGrant(boolean z, HiveObjectRef hiveObjectRef, String[] strArr, String str, PrincipalType principalType, String str2) throws MetaException, InvalidObjectException {
        ArrayList arrayList = new ArrayList();
        boolean z2 = false;
        String dbName = hiveObjectRef.getDbName();
        String objectName = hiveObjectRef.getObjectName();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(str2, dbName, objectName));
        List<MTablePrivilege> listAllMTableGrants = this.mStore.getTablePrivilegeHandler().listAllMTableGrants(pm, str, principalType, str2, dbName, objectName);
        for (String str3 : strArr) {
            Iterator<MTablePrivilege> it = listAllMTableGrants.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                MTablePrivilege next = it.next();
                if (str3.equalsIgnoreCase(next.getPrivilege())) {
                    z2 = true;
                    if (z) {
                        if (!next.getGrantOption()) {
                            throw new MetaException("User " + str + " does not have grant option with privilege " + str3);
                        }
                        next.setGrantOption(false);
                    }
                    arrayList.add(next);
                }
            }
            if (!z2) {
                throw new InvalidObjectException("No grant (" + str3 + ") found  on table " + objectName + ", database is " + dbName);
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        pm.deletePersistentAll(arrayList);
    }

    private void revokeDatabaseGrant(PersistenceManager persistenceManager, boolean z, HiveObjectRef hiveObjectRef, String[] strArr, String str, PrincipalType principalType, String str2) throws MetaException, InvalidObjectException, NoSuchObjectException {
        List<MTablePrivilege> listAllMTableGrants;
        ArrayList arrayList = new ArrayList();
        MDatabase mDatabase = this.mStore.getDatabaseHandler().getMDatabase(persistenceManager, str2, hiveObjectRef.getDbName());
        if (mDatabase != null) {
            String dbName = hiveObjectRef.getDbName();
            boolean z2 = false;
            List<MDBPrivilege> listPrincipalMDBGrants = this.mStore.getDatabasePrivilegeHandler().listPrincipalMDBGrants(persistenceManager, str, principalType, str2, dbName);
            for (String str3 : strArr) {
                Iterator<MDBPrivilege> it = listPrincipalMDBGrants.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    MDBPrivilege next = it.next();
                    if (str3.equals(next.getPrivilege())) {
                        z2 = true;
                        if (z) {
                            if (!next.getGrantOption()) {
                                throw new MetaException("User " + str + " does not have grant option with privilege " + str3);
                            }
                            next.setGrantOption(false);
                        }
                        arrayList.add(next);
                    }
                }
                if (!z2) {
                    throw new InvalidObjectException("No database grant found for privileges " + str3 + " on database " + dbName);
                }
            }
            for (String str4 : strArr) {
                if (isPrivilegesToAllTable(str4)) {
                    for (String str5 : this.mStore.getTableHandler().getTables(persistenceManager, mDatabase.getCatalogName(), mDatabase.getName(), (String) null)) {
                        if (this.mStore.getTableHandler().getMTable(persistenceManager, mDatabase.getCatalogName(), mDatabase.getName(), str5) != null && (listAllMTableGrants = this.mStore.getTablePrivilegeHandler().listAllMTableGrants(persistenceManager, str, principalType, str2, hiveObjectRef.getDbName(), str5)) != null) {
                            for (MTablePrivilege mTablePrivilege : listAllMTableGrants) {
                                if (str4.equals(mTablePrivilege.getPrivilege())) {
                                    if (z && mTablePrivilege.getGrantOption()) {
                                        mTablePrivilege.setGrantOption(false);
                                    }
                                    arrayList.add(mTablePrivilege);
                                }
                            }
                        }
                    }
                }
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        persistenceManager.deletePersistentAll(arrayList);
    }

    private void revokeGlobalGrant(boolean z, String[] strArr, String str, PrincipalType principalType) throws MetaException, InvalidObjectException {
        PersistenceManager masterPM = this.jdoManager.getMasterPM();
        ArrayList arrayList = new ArrayList();
        List<MGlobalPrivilege> listPrincipalMGlobalGrants = this.mStore.getGlobalPrivilegeHandler().listPrincipalMGlobalGrants(masterPM, str, principalType);
        boolean z2 = false;
        if (listPrincipalMGlobalGrants == null) {
            return;
        }
        for (String str2 : strArr) {
            Iterator<MGlobalPrivilege> it = listPrincipalMGlobalGrants.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                MGlobalPrivilege next = it.next();
                if (str2.equals(next.getPrivilege())) {
                    z2 = true;
                    if (z) {
                        if (!next.getGrantOption()) {
                            throw new MetaException("User " + str + " does not have grant option with privilege " + str2);
                        }
                        next.setGrantOption(false);
                    }
                    arrayList.add(next);
                }
            }
            if (!z2) {
                throw new InvalidObjectException("No user grant found for privileges " + str2);
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        masterPM.deletePersistentAll(arrayList);
    }

    private void grantGlobal(HiveObjectPrivilege hiveObjectPrivilege, int i) throws InvalidObjectException {
        HashSet hashSet = new HashSet();
        String[] split = hiveObjectPrivilege.getGrantInfo().getPrivilege().split(",");
        String principalName = hiveObjectPrivilege.getPrincipalName();
        String authorizer = hiveObjectPrivilege.getAuthorizer();
        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
        String grantor = hiveObjectPrivilege.getGrantInfo().getGrantor();
        String principalType2 = hiveObjectPrivilege.getGrantInfo().getGrantorType().toString();
        boolean isGrantOption = hiveObjectPrivilege.getGrantInfo().isGrantOption();
        PersistenceManager masterPM = this.jdoManager.getMasterPM();
        List<MGlobalPrivilege> listPrincipalMGlobalGrants = this.mStore.getGlobalPrivilegeHandler().listPrincipalMGlobalGrants(masterPM, principalName, principalType, authorizer);
        ArrayList arrayList = new ArrayList();
        if (listPrincipalMGlobalGrants != null) {
            for (MGlobalPrivilege mGlobalPrivilege : listPrincipalMGlobalGrants) {
                if (mGlobalPrivilege.getGrantor().equalsIgnoreCase(grantor)) {
                    hashSet.add(mGlobalPrivilege.getPrivilege());
                }
            }
        }
        for (String str : split) {
            if (hashSet.contains(str)) {
                throw new InvalidObjectException(str + " is already granted by " + grantor);
            }
            arrayList.add(new MGlobalPrivilege(principalName, principalType.toString(), str, i, grantor, principalType2, isGrantOption, authorizer));
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            masterPM.makePersistentAll(arrayList);
        }
    }

    private void grantDatabase(HiveObjectPrivilege hiveObjectPrivilege, boolean z) throws NoSuchObjectException, InvalidObjectException, MetaException {
        HashSet hashSet = new HashSet();
        String[] split = hiveObjectPrivilege.getGrantInfo().getPrivilege().split(",");
        HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
        String principalName = hiveObjectPrivilege.getPrincipalName();
        String catName = hiveObject.getCatName();
        String authorizer = hiveObjectPrivilege.getAuthorizer();
        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
        String grantor = hiveObjectPrivilege.getGrantInfo().getGrantor();
        String principalType2 = hiveObjectPrivilege.getGrantInfo().getGrantorType().toString();
        boolean isGrantOption = hiveObjectPrivilege.getGrantInfo().isGrantOption();
        for (PersistenceManager persistenceManager : this.jdoManager.getAllPM()) {
            ArrayList arrayList = new ArrayList();
            if (z) {
                grantDBPrivsWithRollback(persistenceManager, arrayList, hashSet, hiveObject, split, principalName, authorizer, principalType, grantor, principalType2, isGrantOption, catName);
            } else {
                grantDBPrivs(persistenceManager, arrayList, hashSet, hiveObject, split, principalName, authorizer, principalType, grantor, principalType2, isGrantOption, catName);
            }
            if (CollectionUtils.isNotEmpty(arrayList)) {
                persistenceManager.makePersistentAll(arrayList);
            }
        }
    }

    private void grantTable(HiveObjectPrivilege hiveObjectPrivilege, int i) throws InvalidObjectException {
        HashSet hashSet = new HashSet();
        String[] split = hiveObjectPrivilege.getGrantInfo().getPrivilege().split(",");
        HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
        String principalName = hiveObjectPrivilege.getPrincipalName();
        String catName = hiveObject.getCatName();
        String dbName = hiveObject.getDbName();
        String objectName = hiveObject.getObjectName();
        String authorizer = hiveObjectPrivilege.getAuthorizer();
        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
        String grantor = hiveObjectPrivilege.getGrantInfo().getGrantor();
        String principalType2 = hiveObjectPrivilege.getGrantInfo().getGrantorType().toString();
        boolean isGrantOption = hiveObjectPrivilege.getGrantInfo().isGrantOption();
        ArrayList arrayList = new ArrayList();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(catName, dbName, objectName));
        MTable mTable = this.mStore.getTableHandler().getMTable(pm, catName, dbName, objectName);
        if (mTable != null) {
            List<MTablePrivilege> listAllMTableGrants = this.mStore.getTablePrivilegeHandler().listAllMTableGrants(pm, principalName, principalType, catName, dbName, objectName, authorizer);
            if (listAllMTableGrants != null) {
                for (MTablePrivilege mTablePrivilege : listAllMTableGrants) {
                    if (mTablePrivilege.getGrantor() != null && mTablePrivilege.getGrantor().equalsIgnoreCase(grantor)) {
                        hashSet.add(mTablePrivilege.getPrivilege());
                    }
                }
            }
            for (String str : split) {
                if (hashSet.contains(str)) {
                    throw new InvalidObjectException(str + " is already granted on table [" + dbName + "," + objectName + "] by " + grantor);
                }
                arrayList.add(new MTablePrivilege(principalName, principalType.toString(), mTable, str, i, grantor, principalType2, isGrantOption, authorizer));
            }
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            pm.makePersistentAll(arrayList);
        }
    }

    private void grantPartitions(HiveObjectPrivilege hiveObjectPrivilege, int i) throws InvalidObjectException, MetaException {
        HashSet hashSet = new HashSet();
        String[] split = hiveObjectPrivilege.getGrantInfo().getPrivilege().split(",");
        HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
        String principalName = hiveObjectPrivilege.getPrincipalName();
        String catName = hiveObject.getCatName();
        String dbName = hiveObject.getDbName();
        String objectName = hiveObject.getObjectName();
        String authorizer = hiveObjectPrivilege.getAuthorizer();
        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
        String grantor = hiveObjectPrivilege.getGrantInfo().getGrantor();
        String principalType2 = hiveObjectPrivilege.getGrantInfo().getGrantorType().toString();
        boolean isGrantOption = hiveObjectPrivilege.getGrantInfo().isGrantOption();
        ArrayList arrayList = new ArrayList();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(catName, dbName, objectName));
        MPartition mPartition = this.mStore.getQueryPartitionHandler().getMPartition(pm, catName, dbName, objectName, hiveObject.getPartValues());
        if (mPartition != null) {
            String partitionName = mPartition.getPartitionName();
            List<MPartitionPrivilege> listPrincipalMPartitionGrants = this.mStore.getPartitionPrivilegeHandler().listPrincipalMPartitionGrants(pm, principalName, principalType, catName, dbName, objectName, partitionName, authorizer);
            if (listPrincipalMPartitionGrants != null) {
                for (MPartitionPrivilege mPartitionPrivilege : listPrincipalMPartitionGrants) {
                    if (mPartitionPrivilege.getGrantor().equalsIgnoreCase(grantor)) {
                        hashSet.add(mPartitionPrivilege.getPrivilege());
                    }
                }
            }
            for (String str : split) {
                if (hashSet.contains(str)) {
                    throw new InvalidObjectException(str + " is already granted on partition [" + hiveObject.getDbName() + "," + hiveObject.getObjectName() + "," + partitionName + "] by " + grantor);
                }
                arrayList.add(new MPartitionPrivilege(principalName, principalType.toString(), mPartition, str, i, grantor, principalType2, isGrantOption, authorizer));
            }
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            pm.makePersistentAll(arrayList);
        }
    }

    private void grantColumns(HiveObjectPrivilege hiveObjectPrivilege, int i) throws InvalidObjectException, MetaException {
        HashSet hashSet = new HashSet();
        String[] split = hiveObjectPrivilege.getGrantInfo().getPrivilege().split(",");
        HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
        String principalName = hiveObjectPrivilege.getPrincipalName();
        String catName = hiveObject.getCatName();
        String dbName = hiveObject.getDbName();
        String objectName = hiveObject.getObjectName();
        String columnName = hiveObject.getColumnName();
        String authorizer = hiveObjectPrivilege.getAuthorizer();
        PrincipalType principalType = hiveObjectPrivilege.getPrincipalType();
        String grantor = hiveObjectPrivilege.getGrantInfo().getGrantor();
        String principalType2 = hiveObjectPrivilege.getGrantInfo().getGrantorType().toString();
        boolean isGrantOption = hiveObjectPrivilege.getGrantInfo().isGrantOption();
        ArrayList arrayList = new ArrayList();
        PersistenceManager pm = this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(catName, dbName, objectName));
        MTable mTable = this.mStore.getTableHandler().getMTable(pm, catName, hiveObject.getDbName(), objectName);
        if (mTable != null) {
            if (hiveObject.getPartValues() != null) {
                MPartition mPartition = this.mStore.getQueryPartitionHandler().getMPartition(pm, catName, dbName, objectName, hiveObject.getPartValues());
                if (mPartition == null) {
                    return;
                }
                List<MPartitionColumnPrivilege> listPrincipalMPartitionColumnGrants = this.mStore.getPartitionPrivilegeHandler().listPrincipalMPartitionColumnGrants(pm, principalName, principalType, catName, dbName, objectName, mPartition.getPartitionName(), columnName, authorizer);
                if (listPrincipalMPartitionColumnGrants != null) {
                    for (MPartitionColumnPrivilege mPartitionColumnPrivilege : listPrincipalMPartitionColumnGrants) {
                        if (mPartitionColumnPrivilege.getGrantor().equalsIgnoreCase(grantor)) {
                            hashSet.add(mPartitionColumnPrivilege.getPrivilege());
                        }
                    }
                }
                for (String str : split) {
                    if (hashSet.contains(str)) {
                        throw new InvalidObjectException(str + " is already granted on column " + columnName + " [" + dbName + "," + objectName + "," + mPartition.getPartitionName() + "] by " + grantor);
                    }
                    arrayList.add(new MPartitionColumnPrivilege(principalName, principalType.toString(), mPartition, columnName, str, i, grantor, principalType2, isGrantOption, authorizer));
                }
            } else {
                List<MTableColumnPrivilege> listPrincipalMTableColumnGrants = this.mStore.getTablePrivilegeHandler().listPrincipalMTableColumnGrants(pm, principalName, principalType, catName, dbName, objectName, columnName, authorizer);
                if (listPrincipalMTableColumnGrants != null) {
                    for (MTableColumnPrivilege mTableColumnPrivilege : listPrincipalMTableColumnGrants) {
                        if (mTableColumnPrivilege.getGrantor().equalsIgnoreCase(grantor)) {
                            hashSet.add(mTableColumnPrivilege.getPrivilege());
                        }
                    }
                }
                for (String str2 : split) {
                    if (hashSet.contains(str2)) {
                        throw new InvalidObjectException(str2 + " is already granted on column " + columnName + " [" + dbName + "," + objectName + "] by " + grantor);
                    }
                    arrayList.add(new MTableColumnPrivilege(principalName, principalType.toString(), mTable, columnName, str2, i, grantor, principalType2, isGrantOption, authorizer));
                }
            }
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            pm.makePersistentAll(arrayList);
        }
    }

    private void grantDBPrivsWithRollback(PersistenceManager persistenceManager, List<Object> list, Set<String> set, HiveObjectRef hiveObjectRef, String[] strArr, String str, String str2, PrincipalType principalType, String str3, String str4, boolean z, String str5) throws NoSuchObjectException, InvalidObjectException {
        int currentTimeMillis = (int) (System.currentTimeMillis() / 1000);
        String urlKey = this.jdoManager.getUrlKey(persistenceManager);
        String dbName = hiveObjectRef.getDbName();
        MDatabase mDatabase = this.mStore.getDatabaseHandler().getMDatabase(persistenceManager, str5, dbName);
        if (mDatabase == null) {
            return;
        }
        List<MDBPrivilege> listPrincipalMDBGrants = this.mStore.getDatabasePrivilegeHandler().listPrincipalMDBGrants(persistenceManager, str, principalType, str5, dbName, str2);
        Map<String, List<MTable>> mTables = HiveMetaStore.HMSHandler.getMTables();
        List<MTable> mTablesByDBNameFromOneRDB = this.mStore.getTableHandler().getMTablesByDBNameFromOneRDB(persistenceManager, str5, dbName);
        if (mTables.containsKey(hiveObjectRef.getDbName())) {
            mTables.get(hiveObjectRef.getDbName()).addAll(mTablesByDBNameFromOneRDB);
        } else {
            mTables.put(hiveObjectRef.getDbName(), mTablesByDBNameFromOneRDB);
        }
        HashMap hashMap = new HashMap();
        if (listPrincipalMDBGrants != null) {
            for (MDBPrivilege mDBPrivilege : listPrincipalMDBGrants) {
                if (mDBPrivilege.getGrantor().equalsIgnoreCase(str3)) {
                    set.add(mDBPrivilege.getPrivilege());
                    hashMap.put(mDBPrivilege.getPrivilege(), mDBPrivilege);
                }
            }
        }
        for (String str6 : strArr) {
            MDBPrivilege mDBPrivilege2 = null;
            if (set.contains(str6)) {
                mDBPrivilege2 = (MDBPrivilege) hashMap.get(str6);
                if (mDBPrivilege2 != null && z == mDBPrivilege2.getGrantOption()) {
                    throw new InvalidObjectException(str6 + " is already granted on database " + dbName + " by " + str3);
                }
                if (mDBPrivilege2 != null && z) {
                    mDBPrivilege2.setGrantOption(true);
                }
            }
            if (mDBPrivilege2 == null) {
                mDBPrivilege2 = new MDBPrivilege(str, principalType.toString(), mDatabase, str6, currentTimeMillis, str3, str4, z, str2);
            }
            if (HiveMetaStore.HMSHandler.getMultiMDBPrivileges().containsKey(urlKey)) {
                HiveMetaStore.HMSHandler.getMultiMDBPrivileges().get(urlKey).add(mDBPrivilege2);
            } else {
                ArrayList arrayList = new ArrayList();
                arrayList.add(mDBPrivilege2);
                HiveMetaStore.HMSHandler.getMultiMDBPrivileges().put(urlKey, arrayList);
            }
            if (isPrivilegesToAllTable(str6)) {
                for (MTable mTable : mTablesByDBNameFromOneRDB) {
                    if (mTable != null) {
                        set.clear();
                        boolean z2 = false;
                        List<MTablePrivilege> listAllMTableGrants = this.mStore.getTablePrivilegeHandler().listAllMTableGrants(persistenceManager, str, principalType, str5, dbName, mTable.getTableName());
                        MTablePrivilege mTablePrivilege = null;
                        if (listAllMTableGrants != null) {
                            for (MTablePrivilege mTablePrivilege2 : listAllMTableGrants) {
                                if (mTablePrivilege2.getGrantor() != null && mTablePrivilege2.getGrantor().equalsIgnoreCase(str3) && str6.equals(mTablePrivilege2.getPrivilege())) {
                                    if (mTablePrivilege2.getGrantOption() == z) {
                                        set.add(mTablePrivilege2.getPrivilege());
                                    } else if (z) {
                                        z2 = true;
                                        mTablePrivilege2.setGrantOption(z);
                                        mTablePrivilege = mTablePrivilege2;
                                    }
                                }
                            }
                        }
                        if (set.contains(str6)) {
                            LOG.debug(str6 + " is already granted on table [" + dbName + "," + mTable.getTableName() + "] by " + str3);
                        } else {
                            if (mTablePrivilege == null) {
                                mTablePrivilege = new MTablePrivilege(str, principalType.toString(), mTable, str6, currentTimeMillis, str3, str4, z, "SQL");
                            }
                            list.add(mTablePrivilege);
                            if (z2) {
                                addMapList(HiveMetaStore.HMSHandler.getMultiTableOption(), urlKey, mTablePrivilege);
                            } else {
                                addMapList(HiveMetaStore.HMSHandler.getMultiTablePrivilege(), urlKey, mTablePrivilege);
                            }
                        }
                    }
                }
            }
        }
    }

    private void addMapList(Map<String, List<MTablePrivilege>> map, String str, MTablePrivilege mTablePrivilege) {
        if (map.containsKey(str)) {
            map.get(str).add(mTablePrivilege);
            return;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(mTablePrivilege);
        map.put(str, arrayList);
    }

    private boolean isPrivilegesToAllTable(String str) {
        if (null == str && str.isEmpty()) {
            return false;
        }
        return "select".equalsIgnoreCase(str) || "insert".equalsIgnoreCase(str) || "delete".equalsIgnoreCase(str);
    }

    private boolean isRdbTable(MTable mTable) {
        String str;
        return (mTable == null || (str = mTable.getParameters().get(hive_metastoreConstants.META_TABLE_STORAGE)) == null || !str.contains("JdbcStorageHandler")) ? false : true;
    }

    private boolean isRdbTable(HiveObjectRef hiveObjectRef) {
        HiveObjectType objectType = hiveObjectRef.getObjectType();
        if (!objectType.equals(HiveObjectType.TABLE) && !objectType.equals(HiveObjectType.COLUMN)) {
            return false;
        }
        String catName = hiveObjectRef.getCatName();
        String dbName = hiveObjectRef.getDbName();
        String objectName = hiveObjectRef.getObjectName();
        return isRdbTable(this.mStore.getTableHandler().getMTable(this.jdoManager.getPM(this.mStore.getMappingCache().getRdbKey(catName, dbName, objectName)), catName, dbName, objectName));
    }

    private void grantDBPrivs(PersistenceManager persistenceManager, List<Object> list, Set<String> set, HiveObjectRef hiveObjectRef, String[] strArr, String str, String str2, PrincipalType principalType, String str3, String str4, boolean z, String str5) throws NoSuchObjectException, InvalidObjectException, MetaException {
        int currentTimeMillis = (int) (System.currentTimeMillis() / 1000);
        MDatabase mDatabase = this.mStore.getDatabaseHandler().getMDatabase(persistenceManager, str5, hiveObjectRef.getDbName());
        if (mDatabase == null) {
            return;
        }
        List<MDBPrivilege> listPrincipalMDBGrants = this.mStore.getDatabasePrivilegeHandler().listPrincipalMDBGrants(persistenceManager, str, principalType, str5, hiveObjectRef.getDbName(), str2);
        HashMap hashMap = new HashMap();
        if (listPrincipalMDBGrants != null) {
            for (MDBPrivilege mDBPrivilege : listPrincipalMDBGrants) {
                if (mDBPrivilege.getGrantor().equalsIgnoreCase(str3)) {
                    set.add(mDBPrivilege.getPrivilege());
                    hashMap.put(mDBPrivilege.getPrivilege(), mDBPrivilege);
                }
            }
        }
        MDBPrivilege mDBPrivilege2 = null;
        for (String str6 : strArr) {
            if (set.contains(str6)) {
                mDBPrivilege2 = (MDBPrivilege) hashMap.get(str6);
                if (mDBPrivilege2 != null && z == mDBPrivilege2.getGrantOption()) {
                    throw new InvalidObjectException(str6 + " is already granted on database " + hiveObjectRef.getDbName() + " by " + str3);
                }
                if (mDBPrivilege2 != null && z) {
                    mDBPrivilege2.setGrantOption(true);
                }
            }
            if (mDBPrivilege2 == null) {
                mDBPrivilege2 = new MDBPrivilege(str, principalType.toString(), mDatabase, str6, currentTimeMillis, str3, str4, z, str2);
            }
            list.add(mDBPrivilege2);
            if (isPrivilegesToAllTable(str6)) {
                for (String str7 : this.mStore.getAllTables(str5, mDatabase.getName())) {
                    MTable mTable = this.mStore.getTableHandler().getMTable(persistenceManager, str5, mDatabase.getName(), str7);
                    if (mTable != null) {
                        set.clear();
                        List<MTablePrivilege> listAllMTableGrants = this.mStore.getTablePrivilegeHandler().listAllMTableGrants(persistenceManager, str, principalType, str5, hiveObjectRef.getDbName(), str7);
                        MTablePrivilege mTablePrivilege = null;
                        if (listAllMTableGrants != null) {
                            for (MTablePrivilege mTablePrivilege2 : listAllMTableGrants) {
                                if (mTablePrivilege2.getGrantor() != null && mTablePrivilege2.getGrantor().equalsIgnoreCase(str3) && str6.equals(mTablePrivilege2.getPrivilege())) {
                                    if (mTablePrivilege2.getGrantOption() == z) {
                                        set.add(mTablePrivilege2.getPrivilege());
                                    } else if (z) {
                                        mTablePrivilege2.setGrantOption(z);
                                        mTablePrivilege = mTablePrivilege2;
                                    }
                                }
                            }
                        }
                        if (set.contains(str6)) {
                            LOG.debug(str6 + " is already granted on table [" + hiveObjectRef.getDbName() + "," + str7 + "] by " + str3);
                        } else {
                            if (mTablePrivilege == null) {
                                mTablePrivilege = new MTablePrivilege(str, principalType.toString(), mTable, str6, currentTimeMillis, str3, str4, z, "SQL");
                            }
                            list.add(mTablePrivilege);
                        }
                    }
                }
            }
        }
    }
}
