package org.apache.spark.sql.catalyst.optimizer;

import com.google.common.collect.ImmutableList;
import com.sun.jersey.api.client.ClientResponse;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.ranger.audit.provider.MiscUtil;
import org.apache.ranger.authorization.utils.StringUtil;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.util.RangerRESTClient;
import org.apache.ranger.plugin.util.ServicePolicies;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/spark/sql/catalyst/optimizer/RangerPolicySynchronizer.class */
public class RangerPolicySynchronizer implements PolicySynchronizer {
    private static final Logger log = LoggerFactory.getLogger(RangerPolicySynchronizer.class);
    private RangerRESTClient restClient;
    private Configuration config;
    private String propertyPrefix;
    private String url;
    private String sslConfigFileName;

    public RangerPolicySynchronizer(String str, Configuration configuration) throws IOException {
        this.propertyPrefix = str;
        this.config = configuration;
        this.config.addResource((InputStream) Objects.requireNonNull(Thread.currentThread().getContextClassLoader().getResourceAsStream("hdfs-site.xml")));
        this.config.addResource((InputStream) Objects.requireNonNull(Thread.currentThread().getContextClassLoader().getResourceAsStream("core-site.xml")));
        this.config.addResource((InputStream) Objects.requireNonNull(Thread.currentThread().getContextClassLoader().getResourceAsStream("ranger-spark-audit.xml")));
        this.config.addResource((InputStream) Objects.requireNonNull(Thread.currentThread().getContextClassLoader().getResourceAsStream("ranger-spark-security.xml")));
        this.url = parserUrl(str, this.config);
        this.sslConfigFileName = configuration.get(str + ".policy.rest.ssl.config.file");
        initRestClient();
    }

    private void initRestClient() {
        int i = this.config.getInt(this.propertyPrefix + ".policy.rest.client.connection.timeoutMs", 120000);
        int i2 = this.config.getInt(this.propertyPrefix + ".policy.rest.client.read.timeoutMs", 30000);
        this.restClient = new RangerRESTClient(this.url, this.sslConfigFileName, this.config);
        this.restClient.setRestClientConnTimeOutMs(i);
        this.restClient.setRestClientReadTimeOutMs(i2);
    }

    private String parserUrl(String str, Configuration configuration) {
        String str2 = configuration.get(str + ".policy.rest.url");
        log.info("TmpUrl is" + str2);
        String trim = StringUtil.isEmpty(str2) ? "" : str2.trim();
        if (trim.endsWith("/")) {
            trim = trim.substring(0, trim.length() - 1);
        }
        return trim;
    }

    public List<RangerPolicy> getColumnPolicies(String str, String str2, int i) throws IOException {
        log.info("Begin to getColumnPolicies");
        List<RangerPolicy> list = (List) getAllColumnPolicies().stream().filter(rangerPolicy -> {
            return isSameColumn(str, str2, rangerPolicy);
        }).collect(Collectors.toList());
        log.info("Size of rangerPolicies is {} ", Integer.valueOf(list.size()));
        return i == 1 ? (List) list.stream().filter(rangerPolicy2 -> {
            return !rangerPolicy2.getDataMaskPolicyItems().isEmpty();
        }).collect(Collectors.toList()) : list;
    }

    public List<RangerPolicy> getGivenColumnPolicies(List<RangerPolicy> list, String str, String str2, int i) {
        log.info("Begin to get given policies");
        List<RangerPolicy> list2 = (List) list.stream().filter(rangerPolicy -> {
            return isSameColumn(str, str2, rangerPolicy);
        }).collect(Collectors.toList());
        log.info("Size of rangerPolicies is {} ", Integer.valueOf(list2.size()));
        return i == 1 ? (List) list2.stream().filter(rangerPolicy2 -> {
            return !rangerPolicy2.getDataMaskPolicyItems().isEmpty() && rangerPolicy2.getIsEnabled().booleanValue();
        }).collect(Collectors.toList()) : list2;
    }

    public List<Integer> deleteColumnPolicies(String str, String str2) throws IOException {
        UserGroupInformation loginUser = MiscUtil.getLoginUser();
        List<RangerPolicy> columnPolicies = getColumnPolicies(str, str2, 1);
        HashMap hashMap = new HashMap();
        List<RangerPolicy> list = (List) columnPolicies.stream().filter(rangerPolicy -> {
            return rangerPolicy.getName().startsWith(PolicySynchronizer.AUTO_CREATE_POLICY_TAG);
        }).collect(Collectors.toList());
        if (list.size() > 0) {
            log.info("Begin to delete rangerPolicies");
        }
        ArrayList arrayList = new ArrayList();
        for (RangerPolicy rangerPolicy2 : list) {
            ClientResponse clientResponse = (ClientResponse) loginUser.doAs(() -> {
                try {
                    String str3 = PolicySynchronizer.DELETE_POLICY_RELATIVE_URL + rangerPolicy2.getId();
                    log.info("Deleting url is {} ", str3);
                    return this.restClient.delete(str3, hashMap);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            });
            log.info("clientResponse is {}", Integer.valueOf(clientResponse.getStatus()));
            arrayList.add(Integer.valueOf(clientResponse.getStatusInfo().getStatusCode()));
        }
        return arrayList;
    }

    public List<Integer> deleteGivenColumnPolicies(List<RangerPolicy> list) throws IOException {
        UserGroupInformation loginUser = MiscUtil.getLoginUser();
        HashMap hashMap = new HashMap();
        List<RangerPolicy> list2 = (List) list.stream().filter(rangerPolicy -> {
            return rangerPolicy.getName().startsWith(PolicySynchronizer.AUTO_CREATE_POLICY_TAG);
        }).collect(Collectors.toList());
        if (list2.size() > 0) {
            log.info("Begin to delete ranger policies");
        }
        ArrayList arrayList = new ArrayList();
        for (RangerPolicy rangerPolicy2 : list2) {
            ClientResponse clientResponse = (ClientResponse) loginUser.doAs(() -> {
                try {
                    String str = PolicySynchronizer.DELETE_POLICY_RELATIVE_URL + rangerPolicy2.getId();
                    log.info("Deleting url is {} ", str);
                    return this.restClient.delete(str, hashMap);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            });
            log.info("clientResponse is {}", Integer.valueOf(clientResponse.getStatus()));
            arrayList.add(Integer.valueOf(clientResponse.getStatusInfo().getStatusCode()));
        }
        return arrayList;
    }

    private boolean isSameColumn(String str, String str2, RangerPolicy rangerPolicy) {
        int indexOf = str.indexOf(".");
        String substring = str.substring(0, indexOf);
        String substring2 = str.substring(indexOf + 1);
        ImmutableList of = ImmutableList.of(PolicySynchronizer.DATABASE, PolicySynchronizer.TABLE, PolicySynchronizer.COLUMN);
        ImmutableList of2 = ImmutableList.of(substring, substring2, str2);
        for (int i = 0; i < of.size(); i++) {
            boolean z = false;
            Iterator<String> it = getObjectResourceValue(rangerPolicy, (String) of.get(i)).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (isMatch((String) of2.get(i), it.next())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    private List<String> getObjectResourceValue(RangerPolicy rangerPolicy, String str) {
        RangerPolicy.RangerPolicyResource rangerPolicyResource = (RangerPolicy.RangerPolicyResource) rangerPolicy.getResources().get(str);
        return rangerPolicyResource != null ? rangerPolicyResource.getValues() : ImmutableList.of();
    }

    private boolean isMatch(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        if (str2.equalsIgnoreCase("*") || str.equalsIgnoreCase("*") || str.equalsIgnoreCase(str2)) {
            return true;
        }
        return Pattern.matches(str, str2);
    }

    public List<RangerPolicy> getAllColumnPolicies() throws IOException {
        log.info("Begin to get all column of policies");
        ClientResponse clientResponse = (ClientResponse) MiscUtil.getLoginUser().doAs(() -> {
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("policyType", "1");
                return this.restClient.get(PolicySynchronizer.GET_POLICY_RELATIVE_URL, hashMap);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        });
        log.info("clientResponse of getAllColumnPolicies is:" + clientResponse.getStatusInfo().getStatusCode());
        return ((ServicePolicies) clientResponse.getEntity(ServicePolicies.class)).getPolicies();
    }

    public int addColumnPolicies(RangerPolicy rangerPolicy) throws IOException {
        UserGroupInformation loginUser = MiscUtil.getLoginUser();
        HashMap hashMap = new HashMap();
        ClientResponse clientResponse = (ClientResponse) loginUser.doAs(() -> {
            try {
                log.info("Adding policy is " + rangerPolicy);
                return this.restClient.post(PolicySynchronizer.POST_POLICY_RELATIVE_URL, hashMap, rangerPolicy);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        });
        log.info("clientResponse is {} and entity is {}", Integer.valueOf(clientResponse.getStatus()), clientResponse.getEntity(String.class));
        return clientResponse.getStatusInfo().getStatusCode();
    }

    private RangerPolicy updateRangerPolicyToTargetTable(RangerPolicy rangerPolicy, String str, String str2, String str3, String str4) {
        log.info("Begin to update rangerPolicy to targetTable");
        int indexOf = str3.indexOf(".");
        String substring = str3.substring(indexOf + 1);
        String substring2 = str3.substring(0, indexOf);
        int lastIndexOf = str.lastIndexOf(".");
        String substring3 = str.substring(lastIndexOf + 1);
        String substring4 = str.substring(0, lastIndexOf);
        Map resources = rangerPolicy.getResources();
        HashMap hashMap = new HashMap();
        ImmutableList of = ImmutableList.of(PolicySynchronizer.DATABASE, PolicySynchronizer.TABLE, PolicySynchronizer.COLUMN);
        ImmutableList of2 = ImmutableList.of(substring4, substring3, str2);
        for (int i = 0; i < of.size(); i++) {
            RangerPolicy.RangerPolicyResource rangerPolicyResource = (RangerPolicy.RangerPolicyResource) resources.get(of.get(i));
            if (rangerPolicyResource != null) {
                hashMap.put(of.get(i), new RangerPolicy.RangerPolicyResource(ImmutableList.of(of2.get(i)), rangerPolicyResource.getIsExcludes(), rangerPolicyResource.getIsRecursive()));
            }
        }
        String service = rangerPolicy.getService();
        String format = String.format(Locale.ENGLISH, "%s%s.%s.%s_%s", PolicySynchronizer.AUTO_CREATE_POLICY_TAG, substring2, substring, str4, UUID.randomUUID().toString().substring(0, 8));
        Integer policyType = rangerPolicy.getPolicyType();
        Integer policyPriority = rangerPolicy.getPolicyPriority();
        String description = rangerPolicy.getDescription();
        List policyItems = rangerPolicy.getPolicyItems();
        String resourceSignature = rangerPolicy.getResourceSignature();
        Map options = rangerPolicy.getOptions();
        List validitySchedules = rangerPolicy.getValiditySchedules();
        List policyLabels = rangerPolicy.getPolicyLabels();
        String zoneName = rangerPolicy.getZoneName();
        List conditions = rangerPolicy.getConditions();
        Boolean isDenyAllElse = rangerPolicy.getIsDenyAllElse();
        List dataMaskPolicyItems = rangerPolicy.getDataMaskPolicyItems();
        List rowFilterPolicyItems = rangerPolicy.getRowFilterPolicyItems();
        RangerPolicy rangerPolicy2 = new RangerPolicy(service, format, policyType, policyPriority, description, hashMap, policyItems, resourceSignature, options, validitySchedules, policyLabels, zoneName, conditions, isDenyAllElse);
        rangerPolicy2.setDataMaskPolicyItems(dataMaskPolicyItems);
        rangerPolicy2.setRowFilterPolicyItems(rowFilterPolicyItems);
        return rangerPolicy2;
    }

    public List<Integer> syncMaskPolicies(List<RangerPolicy> list, String str, String str2, String str3, String str4) throws IOException {
        log.info("Begin to sync mask policies");
        ArrayList arrayList = new ArrayList();
        Iterator<RangerPolicy> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(Integer.valueOf(addColumnPolicies(updateRangerPolicyToTargetTable(it.next(), str, str2, str3, str4))));
        }
        return arrayList;
    }

    public List<Integer> resetRangerPolicies(RangerPolicy rangerPolicy, String str, String str2, String str3, String str4, String str5) throws IOException {
        log.info("Begin to reset ranger policies");
        int lastIndexOf = str3.lastIndexOf(".");
        String substring = str3.substring(lastIndexOf + 1);
        String substring2 = str3.substring(0, lastIndexOf);
        Map resources = rangerPolicy.getResources();
        HashMap hashMap = new HashMap();
        ImmutableList of = ImmutableList.of(PolicySynchronizer.DATABASE, PolicySynchronizer.TABLE, PolicySynchronizer.COLUMN);
        ImmutableList of2 = ImmutableList.of(substring2, substring, str2);
        for (int i = 0; i < of.size(); i++) {
            RangerPolicy.RangerPolicyResource rangerPolicyResource = (RangerPolicy.RangerPolicyResource) resources.get(of.get(i));
            if (rangerPolicyResource != null) {
                hashMap.put(of.get(i), new RangerPolicy.RangerPolicyResource(ImmutableList.of(of2.get(i)), rangerPolicyResource.getIsExcludes(), rangerPolicyResource.getIsRecursive()));
            }
        }
        String service = rangerPolicy.getService();
        String format = String.format(Locale.ENGLISH, "%s%s.%s_%s", PolicySynchronizer.AUTO_CREATE_POLICY_TAG, str4, str5, UUID.randomUUID().toString().substring(0, 8));
        Integer policyType = rangerPolicy.getPolicyType();
        Integer policyPriority = rangerPolicy.getPolicyPriority();
        String description = rangerPolicy.getDescription();
        List policyItems = rangerPolicy.getPolicyItems();
        String resourceSignature = rangerPolicy.getResourceSignature();
        Map options = rangerPolicy.getOptions();
        List validitySchedules = rangerPolicy.getValiditySchedules();
        List policyLabels = rangerPolicy.getPolicyLabels();
        String zoneName = rangerPolicy.getZoneName();
        List conditions = rangerPolicy.getConditions();
        Boolean isDenyAllElse = rangerPolicy.getIsDenyAllElse();
        List<RangerPolicy.RangerDataMaskPolicyItem> dataMaskPolicyItems = rangerPolicy.getDataMaskPolicyItems();
        if (str.equals("target")) {
            for (RangerPolicy.RangerDataMaskPolicyItem rangerDataMaskPolicyItem : dataMaskPolicyItems) {
                rangerDataMaskPolicyItem.getDataMaskInfo().setDataMaskType("CUSTOM");
                rangerDataMaskPolicyItem.getDataMaskInfo().setValueExpr("'************'");
            }
        }
        List rowFilterPolicyItems = rangerPolicy.getRowFilterPolicyItems();
        RangerPolicy rangerPolicy2 = new RangerPolicy(service, format, policyType, policyPriority, description, hashMap, policyItems, resourceSignature, options, validitySchedules, policyLabels, zoneName, conditions, isDenyAllElse);
        rangerPolicy2.setDataMaskPolicyItems(dataMaskPolicyItems);
        rangerPolicy2.setRowFilterPolicyItems(rowFilterPolicyItems);
        ArrayList arrayList = new ArrayList();
        if (str.equals("target")) {
            log.info("Delete rangerPolicy firstly");
            UserGroupInformation loginUser = MiscUtil.getLoginUser();
            HashMap hashMap2 = new HashMap();
            ClientResponse clientResponse = (ClientResponse) loginUser.doAs(() -> {
                try {
                    String str6 = PolicySynchronizer.DELETE_POLICY_RELATIVE_URL + rangerPolicy.getId();
                    log.info("delete url is {}", str6);
                    return this.restClient.delete(str6, hashMap2);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            });
            log.info("clientResponse is {}", Integer.valueOf(clientResponse.getStatus()));
            arrayList.add(Integer.valueOf(clientResponse.getStatusInfo().getStatusCode()));
        }
        arrayList.add(Integer.valueOf(addColumnPolicies(rangerPolicy2)));
        return arrayList;
    }
}
