package org.apache.iotdb.commons.utils;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.iotdb.commons.auth.AuthException;
import org.apache.iotdb.commons.auth.entity.PathPrivilege;
import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.client.property.ThriftClientProperty;
import org.apache.iotdb.commons.conf.CommonDescriptor;
import org.apache.iotdb.commons.exception.IllegalPathException;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.commons.security.encrypt.AsymmetricEncryptFactory;
import org.apache.iotdb.commons.sync.utils.SyncConstant;
import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
import org.apache.iotdb.confignode.rpc.thrift.TRoleResp;
import org.apache.iotdb.confignode.rpc.thrift.TUserResp;
import org.apache.iotdb.rpc.TSStatusCode;

/* loaded from: input_file:org/apache/iotdb/commons/utils/AuthUtils.class */
public class AuthUtils {
    private static final String ROOT_PREFIX = "root";
    public static final String ROOT_PATH_PRIVILEGE = "root.**";
    private static final int MIN_PASSWORD_LENGTH = 8;
    private static final int MIN_USERNAME_LENGTH = 4;
    private static final int MIN_ROLENAME_LENGTH = 4;

    /* renamed from: org.apache.iotdb.commons.utils.AuthUtils$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/iotdb/commons/utils/AuthUtils$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType = new int[PrivilegeType.values().length];

        static {
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.READ_TIMESERIES.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.CREATE_DATABASE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.DELETE_DATABASE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.CREATE_TIMESERIES.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.DELETE_TIMESERIES.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.INSERT_TIMESERIES.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.ALTER_TIMESERIES.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.CREATE_TRIGGER.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.DROP_TRIGGER.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.START_TRIGGER.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.STOP_TRIGGER.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.APPLY_TEMPLATE.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.FLUSH_DATA.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.MERGE_DATA.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[PrivilegeType.FULL_MERGE_DATA.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
        }
    }

    private AuthUtils() {
    }

    public static void validatePassword(String str) throws AuthException {
        if (str.length() < 8) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password's size must be greater than or equal to 8");
        }
        if (str.contains(" ")) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password cannot contain spaces");
        }
    }

    public static boolean validatePassword(String str, String str2) {
        return AsymmetricEncryptFactory.getEncryptProvider(CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(), CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter()).validate(str, str2);
    }

    public static void validateUsername(String str) throws AuthException {
        if (str.length() < 4) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username's size must be greater than or equal to 4");
        }
        if (str.contains(" ")) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username cannot contain spaces");
        }
    }

    public static void validateRolename(String str) throws AuthException {
        if (str.length() < 4) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name's size must be greater than or equal to 4");
        }
        if (str.contains(" ")) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name cannot contain spaces");
        }
    }

    public static void validatePrivilege(int i) throws AuthException {
        if (i < 0 || i >= PrivilegeType.values().length) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, String.format("Invalid privilegeId %d", Integer.valueOf(i)));
        }
    }

    public static void validatePath(String str) throws AuthException {
        if (!str.startsWith("root")) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, String.format("Illegal seriesPath %s, seriesPath should start with \"%s\"", str, "root"));
        }
    }

    public static void validatePrivilegeOnPath(String str, int i) throws AuthException {
        validatePrivilege(i);
        PrivilegeType privilegeType = PrivilegeType.values()[i];
        if (str.equals(ROOT_PATH_PRIVILEGE)) {
            switch (AnonymousClass1.$SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[privilegeType.ordinal()]) {
                case ThriftClientProperty.DefaultProperty.SELECTOR_NUM_OF_ASYNC_CLIENT_MANAGER /* 1 */:
                case SyncConstant.PIPE_MESSAGE_TYPE /* 2 */:
                case 3:
                case BasicStructureSerDeUtil.INT_LEN /* 4 */:
                case 5:
                case 6:
                case 7:
                case 13:
                case 14:
                case 15:
                    validatePath(str);
                    return;
                case 8:
                case 9:
                case 10:
                case 11:
                case 12:
                default:
                    return;
            }
        } else {
            validatePath(str);
            switch (AnonymousClass1.$SwitchMap$org$apache$iotdb$commons$auth$entity$PrivilegeType[privilegeType.ordinal()]) {
                case ThriftClientProperty.DefaultProperty.SELECTOR_NUM_OF_ASYNC_CLIENT_MANAGER /* 1 */:
                case SyncConstant.PIPE_MESSAGE_TYPE /* 2 */:
                case 3:
                case BasicStructureSerDeUtil.INT_LEN /* 4 */:
                case 5:
                case 6:
                case 7:
                case 8:
                case 9:
                case 10:
                case 11:
                case 12:
                case 13:
                case 14:
                case 15:
                    return;
                default:
                    throw new AuthException(TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, String.format("Illegal privilege %s on seriesPath %s", privilegeType, str));
            }
        }
    }

    public static String encryptPassword(String str) {
        return AsymmetricEncryptFactory.getEncryptProvider(CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(), CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter()).encrypt(str);
    }

    public static boolean pathBelongsTo(String str, String str2) throws AuthException {
        try {
            return new PartialPath(str2).matchFullPath(new PartialPath(str));
        } catch (IllegalPathException e) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, e);
        }
    }

    public static boolean checkPrivilege(String str, int i, List<PathPrivilege> list) throws AuthException {
        if (list == null) {
            return false;
        }
        for (PathPrivilege pathPrivilege : list) {
            if (str != null) {
                if (pathPrivilege.getPath() != null && pathBelongsTo(str, pathPrivilege.getPath()) && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                    return true;
                }
            } else if (pathPrivilege.getPath() == null && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                return true;
            }
        }
        return false;
    }

    public static Set<Integer> getPrivileges(String str, List<PathPrivilege> list) throws AuthException {
        if (list == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (PathPrivilege pathPrivilege : list) {
            if (str != null) {
                if (pathPrivilege.getPath() != null && pathBelongsTo(str, pathPrivilege.getPath())) {
                    hashSet.addAll(pathPrivilege.getPrivileges());
                }
            } else if (pathPrivilege.getPath() == null) {
                hashSet.addAll(pathPrivilege.getPrivileges());
            }
        }
        return hashSet;
    }

    public static boolean hasPrivilege(String str, int i, List<PathPrivilege> list) {
        for (PathPrivilege pathPrivilege : list) {
            if (pathPrivilege.getPath().equals(str) && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                pathPrivilege.getReferenceCnt().incrementAndGet();
                return true;
            }
        }
        return false;
    }

    public static void addPrivilege(String str, int i, List<PathPrivilege> list) {
        PathPrivilege pathPrivilege = null;
        Iterator<PathPrivilege> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            PathPrivilege next = it.next();
            if (next.getPath().equals(str)) {
                pathPrivilege = next;
                break;
            }
        }
        if (pathPrivilege == null) {
            pathPrivilege = new PathPrivilege(str);
            list.add(pathPrivilege);
        }
        if (i != PrivilegeType.ALL.ordinal()) {
            pathPrivilege.getPrivileges().add(Integer.valueOf(i));
            return;
        }
        for (PrivilegeType privilegeType : PrivilegeType.values()) {
            pathPrivilege.getPrivileges().add(Integer.valueOf(privilegeType.ordinal()));
        }
    }

    public static void removePrivilege(String str, int i, List<PathPrivilege> list) {
        PathPrivilege pathPrivilege = null;
        Iterator<PathPrivilege> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            PathPrivilege next = it.next();
            if (next.getPath().equals(str)) {
                pathPrivilege = next;
                break;
            }
        }
        if (pathPrivilege != null) {
            if (i == PrivilegeType.ALL.ordinal()) {
                list.remove(pathPrivilege);
                return;
            }
            pathPrivilege.getPrivileges().remove(Integer.valueOf(i));
            if (pathPrivilege.getPrivileges().isEmpty()) {
                list.remove(pathPrivilege);
            }
        }
    }

    public static TPermissionInfoResp generateEmptyPermissionInfoResp() {
        TPermissionInfoResp tPermissionInfoResp = new TPermissionInfoResp();
        tPermissionInfoResp.setUserInfo(new TUserResp("", "", new ArrayList(), new ArrayList(), false));
        HashMap hashMap = new HashMap();
        hashMap.put("", new TRoleResp("", new ArrayList()));
        tPermissionInfoResp.setRoleInfo(hashMap);
        return tPermissionInfoResp;
    }

    public static Set<Integer> strToPermissions(String[] strArr) throws AuthException {
        HashSet hashSet = new HashSet();
        if (strArr == null) {
            return hashSet;
        }
        PrivilegeType[] values = PrivilegeType.values();
        int length = strArr.length;
        for (int i = 0; i < length; i++) {
            String str = strArr[i];
            boolean z = false;
            if ("SET_STORAGE_GROUP".equalsIgnoreCase(str)) {
                str = PrivilegeType.CREATE_DATABASE.name();
            }
            if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(str)) {
                str = PrivilegeType.DELETE_DATABASE.name();
            }
            int length2 = values.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                PrivilegeType privilegeType = values[i2];
                if (str.equalsIgnoreCase(privilegeType.name())) {
                    hashSet.add(Integer.valueOf(privilegeType.ordinal()));
                    z = true;
                    break;
                }
                i2++;
            }
            if (!z) {
                throw new AuthException(TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, "No such privilege " + str);
            }
        }
        return hashSet;
    }
}
