package org.apache.ranger.services.hive;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ranger.authorization.hive.constants.RangerHiveConstants;
import org.apache.ranger.plugin.client.HadoopException;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.services.hive.client.HiveResourceMgr;

/* loaded from: input_file:org/apache/ranger/services/hive/RangerServiceHive.class */
public class RangerServiceHive extends RangerBaseService {
    private static final Log LOG = LogFactory.getLog(RangerServiceHive.class);
    public static final String RESOURCE_DATABASE = "database";
    public static final String RESOURCE_TABLE = "table";
    public static final String RESOURCE_UDF = "udf";
    public static final String RESOURCE_COLUMN = "column";
    public static final String ACCESS_TYPE_CREATE = "create";
    public static final String ACCESS_TYPE_SELECT = "select";
    public static final String ACCESS_TYPE_READ = "read";
    public static final String ACCESS_TYPE_ALL = "all";
    public static final String WILDCARD_ASTERISK = "*";
    public static final String HIVE_DB_DEFAULT = "default";
    public static final String HIVE_DB_INFOMATION_SCHEMA = "information_schema";
    public static final String DEFAULT_DB_POLICYNAME = "default database tables columns";
    public static final String INFORMATION_SCHEMA_DB_POLICYNAME = "Information_schema database tables columns";

    public void init(RangerServiceDef rangerServiceDef, RangerService rangerService) {
        super.init(rangerServiceDef, rangerService);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Map<String, Object> validateConfig() throws Exception {
        Map hashMap = new HashMap();
        String serviceName = getServiceName();
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHive.validateConfig Service: (" + serviceName + " )");
        }
        if (this.configs != null) {
            try {
                hashMap = HiveResourceMgr.connectionTest(serviceName, this.configs);
            } catch (HadoopException e) {
                LOG.error("<== RangerServiceHive.validateConfig Error:" + e);
                throw e;
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHive.validateConfig Response : (" + hashMap + " )");
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public List<String> lookupResource(ResourceLookupContext resourceLookupContext) throws Exception {
        List arrayList = new ArrayList();
        String serviceName = getServiceName();
        String serviceType = getServiceType();
        Map configs = getConfigs();
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHive.lookupResource Context: (" + resourceLookupContext + ")");
        }
        if (resourceLookupContext != null) {
            try {
                arrayList = HiveResourceMgr.getHiveResources(serviceName, serviceType, configs, resourceLookupContext);
            } catch (Exception e) {
                LOG.error("<==RangerServiceHive.lookupResource Error : " + e);
                throw e;
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHive.lookupResource Response: (" + arrayList + ")");
        }
        return arrayList;
    }

    public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHive.getDefaultRangerPolicies()");
        }
        List<RangerPolicy> defaultRangerPolicies = super.getDefaultRangerPolicies();
        for (RangerPolicy rangerPolicy : defaultRangerPolicies) {
            Map<String, RangerPolicy.RangerPolicyResource> resources = rangerPolicy.getResources();
            if (rangerPolicy.getName().contains(ACCESS_TYPE_ALL) && StringUtils.isNotBlank(this.lookUpUser)) {
                RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
                ArrayList arrayList = new ArrayList();
                arrayList.add(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_READ));
                arrayList.add(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_SELECT));
                rangerPolicyItem.setUsers(Collections.singletonList(this.lookUpUser));
                rangerPolicyItem.setAccesses(arrayList);
                rangerPolicyItem.setDelegateAdmin(false);
                rangerPolicy.getPolicyItems().add(rangerPolicyItem);
            }
            if (resources.size() == 1 && hasWildcardAsteriskResource(resources, "database")) {
                RangerPolicy.RangerPolicyItem rangerPolicyItem2 = new RangerPolicy.RangerPolicyItem();
                rangerPolicyItem2.setGroups(Collections.singletonList(RangerHiveConstants.PUBLIC_ACCESS_ROLE));
                rangerPolicyItem2.setAccesses(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_CREATE)));
                RangerPolicy.RangerPolicyItem rangerPolicyItem3 = new RangerPolicy.RangerPolicyItem();
                rangerPolicyItem3.setUsers(Collections.singletonList("{OWNER}"));
                rangerPolicyItem3.setAccesses(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_ALL)));
                rangerPolicyItem3.setDelegateAdmin(true);
                rangerPolicy.getPolicyItems().add(rangerPolicyItem2);
                rangerPolicy.getPolicyItems().add(rangerPolicyItem3);
            } else if ((resources.size() == 2 && hasWildcardAsteriskResource(resources, "database", "table")) || (resources.size() == 3 && hasWildcardAsteriskResource(resources, "database", "table", "column"))) {
                RangerPolicy.RangerPolicyItem rangerPolicyItem4 = new RangerPolicy.RangerPolicyItem();
                rangerPolicyItem4.setUsers(Collections.singletonList("{OWNER}"));
                rangerPolicyItem4.setAccesses(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_ALL)));
                rangerPolicyItem4.setDelegateAdmin(true);
                rangerPolicy.getPolicyItems().add(rangerPolicyItem4);
            }
        }
        defaultRangerPolicies.add(createDefaultDBPolicy());
        defaultRangerPolicies.add(createInformationSchemaPolicy());
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHive.getDefaultRangerPolicies()");
        }
        return defaultRangerPolicies;
    }

    private boolean hasWildcardAsteriskResource(Map<String, RangerPolicy.RangerPolicyResource> map, String... strArr) {
        for (String str : strArr) {
            RangerPolicy.RangerPolicyResource rangerPolicyResource = map.get(str);
            List values = rangerPolicyResource != null ? rangerPolicyResource.getValues() : null;
            if (values == null || !values.contains("*")) {
                return false;
            }
        }
        return true;
    }

    private RangerPolicy createDefaultDBPolicy() {
        RangerPolicy rangerPolicy = new RangerPolicy();
        rangerPolicy.setName(DEFAULT_DB_POLICYNAME);
        rangerPolicy.setService(this.serviceName);
        rangerPolicy.setResources(createDefaultDBPolicyResource());
        rangerPolicy.setPolicyItems(createDefaultDBPolicyItem());
        rangerPolicy.setIsDefaultPolicy(true);
        return rangerPolicy;
    }

    private Map<String, RangerPolicy.RangerPolicyResource> createDefaultDBPolicyResource() {
        HashMap hashMap = new HashMap();
        hashMap.put("database", new RangerPolicy.RangerPolicyResource(Arrays.asList(HIVE_DB_DEFAULT), false, false));
        hashMap.put("table", new RangerPolicy.RangerPolicyResource("*"));
        hashMap.put("column", new RangerPolicy.RangerPolicyResource("*"));
        return hashMap;
    }

    private List<RangerPolicy.RangerPolicyItem> createDefaultDBPolicyItem() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new RangerPolicy.RangerPolicyItem(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_CREATE)), (List) null, Arrays.asList(RangerHiveConstants.PUBLIC_ACCESS_ROLE), (List) null, (List) null, false));
        if (StringUtils.isNotBlank(this.lookUpUser)) {
            arrayList.add(new RangerPolicy.RangerPolicyItem(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_READ)), Collections.singletonList(this.lookUpUser), (List) null, (List) null, (List) null, false));
        }
        List userList = getUserList();
        userList.add("{OWNER}");
        arrayList.add(new RangerPolicy.RangerPolicyItem(Collections.singletonList(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_ALL)), userList, (List) null, (List) null, (List) null, true));
        return arrayList;
    }

    private RangerPolicy createInformationSchemaPolicy() {
        RangerPolicy rangerPolicy = new RangerPolicy();
        rangerPolicy.setName(INFORMATION_SCHEMA_DB_POLICYNAME);
        rangerPolicy.setService(this.serviceName);
        rangerPolicy.setResources(createInformationSchemaPolicyResource());
        rangerPolicy.setPolicyItems(createInformationSchemaPolicyItem());
        rangerPolicy.setIsDefaultPolicy(true);
        return rangerPolicy;
    }

    private Map<String, RangerPolicy.RangerPolicyResource> createInformationSchemaPolicyResource() {
        HashMap hashMap = new HashMap();
        hashMap.put("database", new RangerPolicy.RangerPolicyResource(Arrays.asList(HIVE_DB_INFOMATION_SCHEMA), false, false));
        hashMap.put("table", new RangerPolicy.RangerPolicyResource("*"));
        hashMap.put("column", new RangerPolicy.RangerPolicyResource("*"));
        return hashMap;
    }

    private List<RangerPolicy.RangerPolicyItem> createInformationSchemaPolicyItem() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new RangerPolicy.RangerPolicyItemAccess(ACCESS_TYPE_SELECT));
        return Collections.singletonList(new RangerPolicy.RangerPolicyItem(arrayList, (List) null, Arrays.asList(RangerHiveConstants.PUBLIC_ACCESS_ROLE), (List) null, (List) null, false));
    }
}
