package org.apache.hadoop.hive.metastore.listener;

import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FsShell;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclEntryScope;
import org.apache.hadoop.fs.permission.AclEntryType;
import org.apache.hadoop.fs.permission.FsAction;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.metastore.IHMSHandler;
import org.apache.hadoop.hive.metastore.TableType;
import org.apache.hadoop.hive.metastore.TransactionalMetaStoreEventListener;
import org.apache.hadoop.hive.metastore.Warehouse;
import org.apache.hadoop.hive.metastore.api.Database;
import org.apache.hadoop.hive.metastore.api.GrantRevokeType;
import org.apache.hadoop.hive.metastore.api.HiveObjectPrivilege;
import org.apache.hadoop.hive.metastore.api.HiveObjectRef;
import org.apache.hadoop.hive.metastore.api.HiveObjectType;
import org.apache.hadoop.hive.metastore.api.MetaException;
import org.apache.hadoop.hive.metastore.api.Partition;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.metastore.api.PrivilegeBag;
import org.apache.hadoop.hive.metastore.api.PrivilegeGrantInfo;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.conf.MetastoreConf;
import org.apache.hadoop.hive.metastore.events.AddPartitionEvent;
import org.apache.hadoop.hive.metastore.events.AlterDatabaseEvent;
import org.apache.hadoop.hive.metastore.events.AlterPartitionEvent;
import org.apache.hadoop.hive.metastore.events.AlterTableEvent;
import org.apache.hadoop.hive.metastore.events.CreateDatabaseEvent;
import org.apache.hadoop.hive.metastore.events.CreateTableEvent;
import org.apache.hadoop.hive.metastore.events.GrantRevokeEvent;
import org.apache.hadoop.hive.metastore.model.MDBPrivilege;
import org.apache.hadoop.hive.metastore.utils.MetaStoreUtils;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.thrift.TException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hive/metastore/listener/FileAclListener.class */
public class FileAclListener extends TransactionalMetaStoreEventListener {
    public static final Logger LOG = LoggerFactory.getLogger(FileAclListener.class);
    private static final Map<String, FsAction> HDFS_PERMISSION = new HashMap();

    /* renamed from: org.apache.hadoop.hive.metastore.listener.FileAclListener$4, reason: invalid class name */
    /* loaded from: input_file:org/apache/hadoop/hive/metastore/listener/FileAclListener$4.class */
    static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$hadoop$hive$metastore$api$GrantRevokeType = new int[GrantRevokeType.values().length];

        static {
            try {
                $SwitchMap$org$apache$hadoop$hive$metastore$api$GrantRevokeType[GrantRevokeType.GRANT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$metastore$api$GrantRevokeType[GrantRevokeType.REVOKE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/hadoop/hive/metastore/listener/FileAclListener$User.class */
    public static final class User {
        private String name;
        private PrincipalType type;

        public User(String str, PrincipalType principalType) {
            this.name = str;
            this.type = principalType;
        }

        public int hashCode() {
            return (31 * ((31 * 1) + (this.name == null ? 0 : this.name.hashCode()))) + (this.type == null ? 0 : this.type.hashCode());
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            User user = (User) obj;
            if (this.name == null) {
                if (user.name != null) {
                    return false;
                }
            } else if (!this.name.equals(user.name)) {
                return false;
            }
            return this.type == user.type;
        }
    }

    public FileAclListener(Configuration configuration) {
        super(configuration);
    }

    public void onAlterDatabase(AlterDatabaseEvent alterDatabaseEvent) throws MetaException {
        if (PrincipalType.USER.equals(alterDatabaseEvent.getOldDatabase().getOwnerType())) {
            try {
                chDBOwnerOnHDFS(getCatalogName(alterDatabaseEvent.getNewDatabase()), alterDatabaseEvent.getNewDatabase().getName(), alterDatabaseEvent.getNewDatabase().getOwnerName(), alterDatabaseEvent.getOldDatabase().getOwnerName(), alterDatabaseEvent.getIHMSHandler());
            } catch (IOException e) {
                LOG.error("failed to change owner on HDFS .", e);
                throw new MetaException("failed to change owner on HDFS " + e);
            }
        }
    }

    public void onCreateTable(final CreateTableEvent createTableEvent) throws MetaException {
        final Table table = createTableEvent.getTable();
        final String catalogName = getCatalogName(createTableEvent.getTable());
        try {
            final Database database = createTableEvent.getIHMSHandler().getMS().getDatabase(catalogName, table.getDbName());
            UserGroupInformation.getLoginUser().doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hive.metastore.listener.FileAclListener.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    String tableType = table.getTableType();
                    if (null == tableType || "".equals(tableType) || TableType.VIRTUAL_VIEW.equals(TableType.valueOf(tableType))) {
                        return null;
                    }
                    FileAclListener.this.setHdfsAclUsingDBPriv(table, database, catalogName, createTableEvent.getIHMSHandler());
                    return null;
                }
            });
        } catch (Exception e) {
            throw new MetaException("Failed to grant permission on HDFS" + e);
        }
    }

    public void onCreateDatabase(CreateDatabaseEvent createDatabaseEvent) throws MetaException {
        if (createDatabaseEvent.getStatus()) {
            try {
                createDatabaseEvent.getIHMSHandler().getWh().setDatabasePathPermission(new Path(createDatabaseEvent.getDatabase().getLocationUri()));
            } catch (Exception e) {
                throw new MetaException("Failed to set permission on HDFS" + e);
            }
        }
    }

    public void onAddPartition(AddPartitionEvent addPartitionEvent) throws MetaException {
        if (addPartitionEvent.getStatus()) {
            Warehouse wh = addPartitionEvent.getIHMSHandler().getWh();
            String location = addPartitionEvent.getTable().getSd().getLocation();
            Iterator partitionIterator = addPartitionEvent.getPartitionIterator();
            if (partitionIterator != null) {
                while (partitionIterator.hasNext()) {
                    try {
                        wh.copyAcl(new Path(location), new Path(((Partition) partitionIterator.next()).getSd().getLocation()));
                    } catch (Exception e) {
                        LOG.warn("Failed to copy acl from table to partition.", e);
                        return;
                    }
                }
            }
        }
    }

    public void onAlterTable(AlterTableEvent alterTableEvent) throws MetaException {
        copyAcl(alterTableEvent.getIHMSHandler().getWh(), alterTableEvent.getNewTable().getSd().getLocation(), alterTableEvent.getOldTable().getSd().getLocation());
    }

    public void onAlterPartition(AlterPartitionEvent alterPartitionEvent) throws MetaException {
        String location = alterPartitionEvent.getTable().getSd().getLocation();
        String location2 = alterPartitionEvent.getNewPartition().getSd().getLocation();
        String location3 = alterPartitionEvent.getOldPartition().getSd().getLocation();
        Warehouse wh = alterPartitionEvent.getIHMSHandler().getWh();
        if (MetaStoreUtils.isArchived(alterPartitionEvent.getOldPartition())) {
            copyAcl(wh, location2, location);
        } else {
            copyAcl(wh, location2, location3);
        }
    }

    public void onGrantRevoke(final GrantRevokeEvent grantRevokeEvent) throws MetaException {
        boolean equalsIgnoreCase = "KERBEROS".equalsIgnoreCase(MetastoreConf.getVar(getConf(), MetastoreConf.ConfVars.HIVE_SERVER2_AUTHENTICATION));
        if (grantRevokeEvent.getStatus() && equalsIgnoreCase) {
            final boolean z = grantRevokeEvent.getType() == GrantRevokeType.GRANT;
            boolean z2 = true;
            try {
                try {
                    z2 = ((Boolean) UserGroupInformation.getLoginUser().doAs(new PrivilegedExceptionAction<Boolean>() { // from class: org.apache.hadoop.hive.metastore.listener.FileAclListener.2
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedExceptionAction
                        public Boolean run() throws Exception {
                            return Boolean.valueOf(FileAclListener.this.grantPrivielgesOnHDFS(grantRevokeEvent.getPrivileges(), z, grantRevokeEvent.getIHMSHandler()));
                        }
                    })).booleanValue();
                    if (z2) {
                        return;
                    }
                    switch (AnonymousClass4.$SwitchMap$org$apache$hadoop$hive$metastore$api$GrantRevokeType[grantRevokeEvent.getType().ordinal()]) {
                        case 1:
                            LOG.warn("grant privileges successfully in metastore but grant privileges failed on HDFS, start to rollback the grant operation.");
                            return;
                        case 2:
                            LOG.warn("revoke privileges successfully in metastore but revoke privileges failed on HDFS, start to rollback the revoke operation.");
                            return;
                        default:
                            throw new MetaException("Unknown request type " + grantRevokeEvent.getType());
                    }
                } catch (Exception e) {
                    z2 = false;
                    LOG.error("Failed to grant/revoke permission on HDFS.", e);
                    throw new MetaException("Failed to grant/revoke permission on HDFS. " + e);
                }
            } catch (Throwable th) {
                if (!z2) {
                    switch (AnonymousClass4.$SwitchMap$org$apache$hadoop$hive$metastore$api$GrantRevokeType[grantRevokeEvent.getType().ordinal()]) {
                        case 1:
                            LOG.warn("grant privileges successfully in metastore but grant privileges failed on HDFS, start to rollback the grant operation.");
                            break;
                        case 2:
                            LOG.warn("revoke privileges successfully in metastore but revoke privileges failed on HDFS, start to rollback the revoke operation.");
                            break;
                        default:
                            throw new MetaException("Unknown request type " + grantRevokeEvent.getType());
                    }
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setHdfsAclUsingDBPriv(Table table, Database database, String str, IHMSHandler iHMSHandler) throws Exception {
        Map<String, List<String>> groupsAndDbGrantedList = getGroupsAndDbGrantedList(iHMSHandler.getMS().getGroupsDbGrantedTo(str, database, PrincipalType.GROUP.name(), "CREATE"));
        if (groupsAndDbGrantedList != null) {
            for (Map.Entry<String, List<String>> entry : groupsAndDbGrantedList.entrySet()) {
                FsAction fsAction = FsAction.NONE;
                String key = entry.getKey();
                List<String> value = entry.getValue();
                for (int i = 0; i < value.size(); i++) {
                    String str2 = value.get(i);
                    if (str2 != null) {
                        fsAction = fsAction.or(HDFS_PERMISSION.get(str2.toUpperCase()));
                    }
                }
                modifyAcl(iHMSHandler, str, database.getName(), table.getTableName(), new User(key, PrincipalType.GROUP), fsAction);
            }
            addAclForTableOwner(str, database.getName(), table.getTableName(), iHMSHandler);
        }
    }

    private Map<String, List<String>> getGroupsAndDbGrantedList(List<MDBPrivilege> list) {
        if (list == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        for (MDBPrivilege mDBPrivilege : list) {
            String principalName = mDBPrivilege.getPrincipalName();
            String privilege = mDBPrivilege.getPrivilege();
            List list2 = (List) hashMap.get(principalName);
            if (list2 == null) {
                list2 = new ArrayList();
            }
            list2.add(privilege);
            hashMap.put(principalName, list2);
        }
        return hashMap;
    }

    private void copyAcl(Warehouse warehouse, String str, String str2) throws MetaException {
        copyAcl(warehouse, str, str2, false);
    }

    private void copyAcl(Warehouse warehouse, String str, String str2, boolean z) throws MetaException {
        if (null == str || null == str2 || str.equals(str2)) {
            return;
        }
        try {
            warehouse.copyAcl(new Path(str2), new Path(str), z);
        } catch (Exception e) {
            throw new MetaException("Unable to set acl of the new path: " + str + ", " + e.getMessage());
        }
    }

    private FsAction getRequiredPrivielge(List<PrivilegeGrantInfo> list) {
        FsAction fsAction = FsAction.NONE;
        if (null != list) {
            Iterator<PrivilegeGrantInfo> it = list.iterator();
            while (it.hasNext()) {
                fsAction = fsAction.or(HDFS_PERMISSION.get(it.next().getPrivilege()));
            }
        }
        return fsAction;
    }

    private Map<User, List<PrivilegeGrantInfo>> listPrivileges(IHMSHandler iHMSHandler, String str, String str2, String str3, String str4, PrincipalType principalType) throws MetaException, TException {
        ArrayList<HiveObjectPrivilege> arrayList = new ArrayList();
        List<HiveObjectPrivilege> list_table_privileges = list_table_privileges(iHMSHandler, str4, principalType, str, str2, str3);
        if (list_table_privileges != null && !list_table_privileges.isEmpty()) {
            arrayList.addAll(list_table_privileges);
        }
        HashMap hashMap = new HashMap();
        if (null != arrayList && arrayList.size() > 0) {
            for (HiveObjectPrivilege hiveObjectPrivilege : arrayList) {
                User user = new User(hiveObjectPrivilege.getPrincipalName(), hiveObjectPrivilege.getPrincipalType());
                List list = (List) hashMap.get(user);
                if (null == list) {
                    list = new ArrayList();
                }
                list.add(hiveObjectPrivilege.getGrantInfo());
                hashMap.put(user, list);
            }
        }
        return hashMap;
    }

    private List<HiveObjectPrivilege> list_table_privileges(IHMSHandler iHMSHandler, String str, PrincipalType principalType, String str2, String str3, String str4) throws TException {
        try {
            return str3 == null ? iHMSHandler.getMS().listPrincipalTableGrantsAll(str, principalType) : str == null ? iHMSHandler.getMS().listTableGrantsAll(str2, str3, str4) : iHMSHandler.getMS().listAllTableGrants(str, principalType, str2, str3, str4);
        } catch (MetaException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private void modifyAcl(IHMSHandler iHMSHandler, String str, String str2, String str3, User user, FsAction fsAction) throws Exception {
        String str4 = user.name;
        PrincipalType principalType = user.type;
        if (!PrincipalType.USER.equals(principalType) && !PrincipalType.GROUP.equals(principalType)) {
            LOG.debug("Principal type is role, do not need to set acl on HDFS.");
            return;
        }
        String location = iHMSHandler.getMS().getTable(str, str2, str3).getSd().getLocation();
        if (null == location) {
            LOG.debug(str2 + "." + str3 + " is a view, donot need to set acl.");
            return;
        }
        Path path = new Path(location);
        List partitions = iHMSHandler.getMS().getPartitions(str, str2, str3, -1);
        AclEntryType aclEntryType = PrincipalType.USER.equals(principalType) ? AclEntryType.USER : AclEntryType.GROUP;
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setName(str4).setType(aclEntryType).setScope(AclEntryScope.ACCESS).setPermission(fsAction).build());
        iHMSHandler.getWh().modifyAcl(path, arrayList, false);
        setAclFlag(path, iHMSHandler);
        if (null == partitions || partitions.size() <= 0) {
            return;
        }
        Iterator it = partitions.iterator();
        while (it.hasNext()) {
            Path path2 = new Path(((Partition) it.next()).getSd().getLocation());
            if (!iHMSHandler.getWh().isPrePath(path, path2)) {
                LOG.info("modifyAcl for partition path " + path2);
                iHMSHandler.getWh().modifyAcl(path2, arrayList, false);
                setAclFlag(path2, iHMSHandler);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean grantPrivielgesOnHDFS(PrivilegeBag privilegeBag, boolean z, IHMSHandler iHMSHandler) throws Exception {
        String location;
        List<HiveObjectPrivilege> privileges = privilegeBag.getPrivileges();
        boolean z2 = false;
        if (null == privileges || privileges.size() <= 0) {
            return true;
        }
        HashMap hashMap = new HashMap();
        for (HiveObjectPrivilege hiveObjectPrivilege : privileges) {
            HiveObjectRef hiveObject = hiveObjectPrivilege.getHiveObject();
            if (HiveObjectType.DATABASE.equals(hiveObject.getObjectType())) {
                String principalName = hiveObjectPrivilege.getPrincipalName();
                String catalogName = getCatalogName(hiveObject);
                String dbName = hiveObject.getDbName();
                new Path(iHMSHandler.get_database_core(catalogName, dbName).getLocationUri());
                if (isPrivilegesToAllTable(hiveObjectPrivilege.getGrantInfo().getPrivilege()) && !z2) {
                    User user = new User(hiveObjectPrivilege.getPrincipalName(), hiveObjectPrivilege.getPrincipalType());
                    Map<String, String> tablesLocations = getTablesLocations(catalogName, dbName, iHMSHandler);
                    if (null == tablesLocations || tablesLocations.isEmpty()) {
                        LOG.debug(dbName + ". has not table location, donot need to set acl.");
                        return true;
                    }
                    Map allTablesPrivielgesByDBName = iHMSHandler.getMS().getAllTablesPrivielgesByDBName(catalogName, dbName, user.name, user.type.toString());
                    if (null == allTablesPrivielgesByDBName) {
                        LOG.error(dbName + ". get tablePrivileges failed.");
                        return false;
                    }
                    Map<String, FsAction> tableGrantList = getTableGrantList(allTablesPrivielgesByDBName, tablesLocations);
                    AclEntryType aclEntryType = PrincipalType.USER.equals(user.type) ? AclEntryType.USER : AclEntryType.GROUP;
                    for (Map.Entry<String, String> entry : tablesLocations.entrySet()) {
                        if (null != entry.getValue()) {
                            String key = entry.getKey();
                            String value = entry.getValue();
                            if (!value.startsWith("s3") && !isSparkDatasoucesTable(iHMSHandler.getMS().getTable(catalogName, dbName, key))) {
                                Path path = new Path(value);
                                ArrayList arrayList = new ArrayList();
                                arrayList.add(new AclEntry.Builder().setName(user.name).setType(aclEntryType).setScope(AclEntryScope.ACCESS).setPermission(tableGrantList.get(key)).build());
                                iHMSHandler.getWh().modifyAcl(path, arrayList, false);
                                setAclFlag(path, iHMSHandler);
                            }
                        }
                    }
                    boolean z3 = true;
                    int i = 0;
                    do {
                        Map partitionsLocationsByDBName = iHMSHandler.getMS().getPartitionsLocationsByDBName(catalogName, dbName, i);
                        if (partitionsLocationsByDBName.isEmpty()) {
                            z3 = false;
                        } else {
                            for (Map.Entry entry2 : partitionsLocationsByDBName.entrySet()) {
                                String str = (String) entry2.getKey();
                                List<String> list = (List) entry2.getValue();
                                ArrayList arrayList2 = new ArrayList();
                                arrayList2.add(new AclEntry.Builder().setName(user.name).setType(aclEntryType).setScope(AclEntryScope.ACCESS).setPermission(tableGrantList.get(str)).build());
                                for (String str2 : list) {
                                    if (null != str2) {
                                        Path path2 = new Path(tablesLocations.get(str));
                                        Path path3 = new Path(str2);
                                        if (!iHMSHandler.getWh().isPrePath(path2, path3) && !str2.startsWith("s3")) {
                                            LOG.debug("modifyAcl for partition path " + path3);
                                            iHMSHandler.getWh().modifyAcl(path3, arrayList2, false);
                                            setAclFlag(path3, iHMSHandler);
                                        }
                                    }
                                }
                            }
                            i += 100000;
                        }
                    } while (z3);
                    z2 = true;
                }
                if (z) {
                    ArrayList arrayList3 = new ArrayList();
                    ArrayList arrayList4 = new ArrayList();
                    arrayList4.add(principalName);
                    Iterator it = iHMSHandler.getMS().getDBPrivilegeSet(catalogName, dbName, (String) null, arrayList4).getGroupPrivileges().entrySet().iterator();
                    while (it.hasNext()) {
                        arrayList3.addAll((Collection) ((Map.Entry) it.next()).getValue());
                    }
                    new ArrayList().add(new AclEntry.Builder().setName(principalName).setType(PrincipalType.USER.equals(hiveObjectPrivilege.getPrincipalType()) ? AclEntryType.USER : AclEntryType.GROUP).setScope(AclEntryScope.ACCESS).setPermission(getRequiredPrivielge(arrayList3)).build());
                }
            } else if (HiveObjectType.TABLE.equals(hiveObject.getObjectType()) || (HiveObjectType.COLUMN.equals(hiveObject.getObjectType()) && MetastoreConf.getBoolVar(getConf(), MetastoreConf.ConfVars.HIVE_SERVER2_ENABLE_DOAS))) {
                List list2 = (List) hashMap.get(hiveObject);
                if (null == list2) {
                    list2 = new ArrayList();
                }
                list2.add(new User(hiveObjectPrivilege.getPrincipalName(), hiveObjectPrivilege.getPrincipalType()));
                hashMap.put(hiveObject, list2);
            }
        }
        for (Map.Entry entry3 : hashMap.entrySet()) {
            HiveObjectRef hiveObjectRef = (HiveObjectRef) entry3.getKey();
            if (HiveObjectType.TABLE.equals(hiveObjectRef.getObjectType()) || (HiveObjectType.COLUMN.equals(hiveObjectRef.getObjectType()) && MetastoreConf.getBoolVar(getConf(), MetastoreConf.ConfVars.HIVE_SERVER2_ENABLE_DOAS))) {
                String catalogName2 = getCatalogName(hiveObjectRef);
                String dbName2 = hiveObjectRef.getDbName();
                String objectName = hiveObjectRef.getObjectName();
                Table table = iHMSHandler.getMS().getTable(catalogName2, dbName2, objectName);
                if (!TableType.valueOf(table.getTableType()).equals(TableType.VIRTUAL_VIEW) && ((location = table.getSd().getLocation()) == null || !location.startsWith("s3"))) {
                    if (!isSparkDatasoucesTable(table)) {
                        String owner = table.getOwner();
                        List list3 = (List) entry3.getValue();
                        HashSet<User> hashSet = new HashSet();
                        hashSet.addAll(list3);
                        for (User user2 : hashSet) {
                            if (!user2.name.equals(owner) || !user2.type.equals(PrincipalType.USER)) {
                                modifyAcl(iHMSHandler, catalogName2, dbName2, objectName, user2, getRequiredPrivielge(listPrivileges(iHMSHandler, catalogName2, dbName2, objectName, user2.name, user2.type).get(user2)));
                            }
                        }
                        addAclForTableOwner(catalogName2, dbName2, objectName, iHMSHandler);
                    }
                }
            }
        }
        return true;
    }

    private boolean isSparkDatasoucesTable(Table table) {
        String tableType = table.getTableType();
        String str = (String) table.getParameters().get("spark.sql.sources.provider");
        LOG.info("SPARK TABLE SOURCE PROVIDER IS : " + str);
        if (!TableType.valueOf(tableType).equals(TableType.EXTERNAL_TABLE) || str == null || str.isEmpty()) {
            return false;
        }
        return str.equalsIgnoreCase("text") || str.equalsIgnoreCase("csv") || str.equalsIgnoreCase("json") || str.equalsIgnoreCase("parqut") || str.equalsIgnoreCase("orc");
    }

    private void chDBOwnerOnHDFS(final String str, final String str2, final String str3, final String str4, final IHMSHandler iHMSHandler) throws IOException, MetaException {
        if (null == str2 || "".equals(str2.trim()) || null == str3 || "".equals(str3.trim()) || null == str4 || "".equals(str4.trim())) {
            return;
        }
        try {
            UserGroupInformation.getLoginUser().doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hive.metastore.listener.FileAclListener.3
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run, reason: merged with bridge method [inline-methods] */
                public Object run2() throws Exception {
                    FsShell fsShell = new FsShell();
                    fsShell.setConf(FileAclListener.this.getConf());
                    FileAclListener.this.chDBOwnerOnHDFS(fsShell, str, str2, str3, str4, iHMSHandler);
                    return null;
                }
            });
        } catch (InterruptedException e) {
            new MetaException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void chDBOwnerOnHDFS(FsShell fsShell, String str, String str2, String str3, String str4, IHMSHandler iHMSHandler) throws Exception {
        String locationUri = iHMSHandler.getMS().getDatabase(str, str2).getLocationUri();
        String[] strArr = {"-chown", str3, locationUri};
        String[] strArr2 = {"-setfacl", "-m", new AclEntry.Builder().setName(str4).setType(AclEntryType.USER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build().toString(), locationUri};
        LOG.info("change database " + str2 + "'s owner on hdfs ");
        fsShell.run(strArr);
        fsShell.run(strArr2);
    }

    private void addAclForTableOwner(String str, String str2, String str3, IHMSHandler iHMSHandler) throws Exception {
        String owner = iHMSHandler.getMS().getTable(str, str2, str3).getOwner();
        Path path = new Path(iHMSHandler.getMS().getTable(str, str2, str3).getSd().getLocation());
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setName(owner).setType(AclEntryType.USER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build());
        iHMSHandler.getWh().modifyAcl(path, arrayList, false);
    }

    private void setAclFlag(Path path, IHMSHandler iHMSHandler) throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setName(HiveConf.getVar(getConf(), HiveConf.ConfVars.HIVE_SECURITY_ACL_FLAG)).setType(AclEntryType.GROUP).setScope(AclEntryScope.ACCESS).setPermission(FsAction.NONE).build());
        iHMSHandler.getWh().modifyAcl(path, arrayList, false);
    }

    private boolean isPrivilegesToAllTable(String str) {
        if (null == str && str.isEmpty()) {
            return false;
        }
        return "select".equalsIgnoreCase(str) || "insert".equalsIgnoreCase(str) || "delete".equalsIgnoreCase(str);
    }

    private Map<String, String> getTablesLocations(String str, String str2, IHMSHandler iHMSHandler) throws MetaException {
        try {
            return iHMSHandler.getMS().getTablesLocationsByDBName(str, str2);
        } catch (Exception e) {
            if (e instanceof MetaException) {
                throw e;
            }
            throw MetaStoreUtils.newMetaException(e);
        }
    }

    private String getCatalogName(HiveObjectRef hiveObjectRef) {
        return hiveObjectRef.isSetCatName() ? hiveObjectRef.getCatName() : MetaStoreUtils.getDefaultCatalog(getConf());
    }

    private String getCatalogName(Database database) {
        return database.isSetCatalogName() ? database.getCatalogName() : MetaStoreUtils.getDefaultCatalog(getConf());
    }

    private String getCatalogName(Table table) {
        return table.isSetCatName() ? table.getCatName() : MetaStoreUtils.getDefaultCatalog(getConf());
    }

    private static Map<String, FsAction> getTableGrantList(Map<String, List<String>> map, Map<String, String> map2) {
        HashMap hashMap = new HashMap();
        Iterator<Map.Entry<String, String>> it = map2.entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            FsAction fsAction = FsAction.NONE;
            if (null != map.get(key)) {
                Iterator<String> it2 = map.get(key).iterator();
                while (it2.hasNext()) {
                    fsAction = fsAction.or(HDFS_PERMISSION.get(it2.next()));
                }
            }
            hashMap.put(key, fsAction);
        }
        return hashMap;
    }

    static {
        HDFS_PERMISSION.put("SELECT", FsAction.READ_EXECUTE);
        HDFS_PERMISSION.put("INSERT", FsAction.ALL);
        HDFS_PERMISSION.put("DELETE", FsAction.ALL);
        HDFS_PERMISSION.put("UPDATE", FsAction.ALL);
        HDFS_PERMISSION.put("CREATE", FsAction.ALL);
    }
}
