package org.apache.ranger.patch;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
import org.apache.ranger.biz.ServiceDBStore;
import org.apache.ranger.common.GUIDUtil;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.RangerValidatorFactory;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.entity.XXResourceDef;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.model.validation.RangerValidator;
import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.service.RangerPolicyService;
import org.apache.ranger.util.CLIUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/apache/ranger/patch/PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.class */
public class PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034 extends BaseLoader {
    private static final String RESOURCE_DEF_ENTITY_LABEL = "all - entity-type, entity-classification, entity, entity-label";
    private static final String RESOURCE_DEF_ENTITY_BUSINESS_METADATA = "all - entity-type, entity-classification, entity, entity-business-metadata";
    private static final String LOGIN_ID_ADMIN = "admin";
    private static final String GROUP_PUBLIC = "public";

    @Autowired
    RangerDaoManager daoMgr;

    @Autowired
    ServiceDBStore svcDBStore;

    @Autowired
    GUIDUtil guidUtil;

    @Autowired
    JSONUtil jsonUtil;

    @Autowired
    StringUtil stringUtil;

    @Autowired
    RangerValidatorFactory validatorFactory;

    @Autowired
    ServiceDBStore svcStore;

    @Autowired
    RangerPolicyService policyService;
    private static final Logger logger = Logger.getLogger(PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.class);
    private static final List<String> ATLAS_RESOURCES = new ArrayList(Arrays.asList("entity-label", "entity-business-metadata"));
    private static final List<String> ATLAS_ACCESS_TYPES = new ArrayList(Arrays.asList("admin-purge", "entity-add-label", "entity-remove-label", "entity-update-business-metadata"));
    private static final List<String> ATLAS_RESOURCE_LABEL = new ArrayList(Arrays.asList("entity-type", "entity-classification", "entity", "entity-label"));
    private static final List<String> ATLAS_RESOURCE_BUSINESS_METADATA = new ArrayList(Arrays.asList("entity-type", "entity-classification", "entity", "entity-business-metadata"));

    public static void main(String[] strArr) {
        logger.info("main()");
        try {
            PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034 patchForAtlasToAddEntityLabelAndBusinessMetadata_J10034 = (PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034) CLIUtil.getBean(PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.class);
            patchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.init();
            while (patchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.isMoreToProcess()) {
                patchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.load();
            }
            logger.info("Load complete. Exiting!!!");
            System.exit(0);
        } catch (Exception e) {
            logger.error("Error loading", e);
            System.exit(1);
        }
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void init() throws Exception {
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void execLoad() {
        logger.info("==> PatchForAtlasToAddEntityLabelAndBusinessMetadata.execLoad()");
        try {
            addResourceEntityLabelAndEntityBusinessMetadataInServiceDef();
            createDefaultPolicyForEntityLabelAndEntityBusinessMetadata();
            logger.info("<== PatchForAtlasToAddEntityLabelAndBusinessMetadata.execLoad()");
        } catch (Exception e) {
            throw new RuntimeException("Error while updating atlas service-def");
        }
    }

    @Override // org.apache.ranger.patch.BaseLoader
    public void printStats() {
        logger.info("PatchForAtlasToAddEntityLabelAndBusinessMetadata Logs");
    }

    private void addResourceEntityLabelAndEntityBusinessMetadataInServiceDef() throws Exception {
        RangerServiceDef embeddedServiceDef = EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef("atlas");
        if (embeddedServiceDef != null) {
            XXServiceDef findByName = this.daoMgr.getXXServiceDef().findByName("atlas");
            if (findByName == null) {
                logger.info(findByName + ": service-def not found. No patching is needed");
                return;
            }
            RangerServiceDef serviceDefByName = this.svcDBStore.getServiceDefByName("atlas");
            List<RangerServiceDef.RangerResourceDef> resources = embeddedServiceDef.getResources();
            List<RangerServiceDef.RangerAccessTypeDef> accessTypes = embeddedServiceDef.getAccessTypes();
            if (checkResourcePresent(resources)) {
                serviceDefByName.setResources(resources);
                if (checkAccessPresent(accessTypes)) {
                    serviceDefByName.setAccessTypes(accessTypes);
                }
            }
            this.validatorFactory.getServiceDefValidator(this.svcStore).validate(serviceDefByName, RangerValidator.Action.UPDATE);
            if (this.svcStore.updateServiceDef(serviceDefByName) == null) {
                logger.error("Error while updating atlas service-def");
                throw new RuntimeException("Error while updating atlas service-def");
            }
        }
    }

    private boolean checkResourcePresent(List<RangerServiceDef.RangerResourceDef> list) {
        boolean z = false;
        Iterator<RangerServiceDef.RangerResourceDef> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (ATLAS_RESOURCES.contains(it.next().getName())) {
                z = true;
                break;
            }
        }
        return z;
    }

    private boolean checkAccessPresent(List<RangerServiceDef.RangerAccessTypeDef> list) {
        boolean z = false;
        Iterator<RangerServiceDef.RangerAccessTypeDef> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (ATLAS_ACCESS_TYPES.contains(it.next().getName())) {
                z = true;
                break;
            }
        }
        return z;
    }

    private void createDefaultPolicyForEntityLabelAndEntityBusinessMetadata() throws Exception {
        logger.info("==> createDefaultPolicyForEntityLabelAndEntityBusinessMetadata ");
        XXServiceDef findByName = this.daoMgr.getXXServiceDef().findByName("atlas");
        if (findByName == null) {
            logger.debug("ServiceDef not found with name :atlas");
            return;
        }
        Long id = findByName.getId();
        for (XXService xXService : this.daoMgr.getXXService().findByServiceDefId(id)) {
            Boolean bool = false;
            Boolean bool2 = false;
            for (XXPolicy xXPolicy : this.daoMgr.getXXPolicy().findByServiceId(xXService.getId())) {
                if (xXPolicy.getName().equalsIgnoreCase(RESOURCE_DEF_ENTITY_LABEL)) {
                    bool = true;
                }
                if (xXPolicy.getName().equalsIgnoreCase(RESOURCE_DEF_ENTITY_BUSINESS_METADATA)) {
                    bool2 = true;
                }
                if (bool.booleanValue() && bool2.booleanValue()) {
                    break;
                }
            }
            if (!bool.booleanValue()) {
                createDefaultRangerPolicy(id, xXService, RESOURCE_DEF_ENTITY_LABEL, Arrays.asList("entity-add-label", "entity-remove-label"), Arrays.asList("entity-read"), ATLAS_RESOURCE_LABEL);
            }
            if (!bool2.booleanValue()) {
                createDefaultRangerPolicy(id, xXService, RESOURCE_DEF_ENTITY_BUSINESS_METADATA, Arrays.asList("entity-update-business-metadata"), Arrays.asList("entity-read"), ATLAS_RESOURCE_BUSINESS_METADATA);
            }
        }
        logger.info("<== createDefaultPolicyForEntityLabelAndEntityBusinessMetadata ");
    }

    private RangerPolicy createDefaultRangerPolicy(Long l, XXService xXService, String str, List<String> list, List<String> list2, List<String> list3) throws Exception {
        RangerPolicy rangerPolicyObject = getRangerPolicyObject(xXService.getName(), str);
        RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
        List<RangerPolicy.RangerPolicyItemAccess> rangerPolicyItemAccessList = getRangerPolicyItemAccessList(list, xXService, rangerPolicyObject.getName());
        rangerPolicyItem.setDelegateAdmin(Boolean.TRUE);
        rangerPolicyItem.setAccesses(rangerPolicyItemAccessList);
        rangerPolicyItem.setUsers(getDefaultPolicyUsers(xXService));
        RangerPolicy.RangerPolicyItem rangerPolicyItem2 = new RangerPolicy.RangerPolicyItem();
        List<RangerPolicy.RangerPolicyItemAccess> rangerPolicyItemAccessList2 = getRangerPolicyItemAccessList(list2, xXService, rangerPolicyObject.getName());
        rangerPolicyItem2.setDelegateAdmin(Boolean.FALSE);
        rangerPolicyItem2.setAccesses(rangerPolicyItemAccessList2);
        ArrayList arrayList = new ArrayList();
        arrayList.add("rangertagsync");
        rangerPolicyItem2.setGroups(Arrays.asList("public"));
        rangerPolicyItem2.setUsers(arrayList);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(rangerPolicyItem);
        arrayList2.add(rangerPolicyItem2);
        rangerPolicyObject.setPolicyItems(arrayList2);
        rangerPolicyObject.setResources(getRangerPolicyResourceMap(list3, l, xXService.getName(), rangerPolicyObject.getName()));
        logger.info("Creating policy for service id : " + xXService.getId());
        RangerPolicy createPolicy = this.svcDBStore.createPolicy(rangerPolicyObject);
        if (createPolicy != null) {
            logger.info("Policy created : " + createPolicy.getName());
        }
        return createPolicy;
    }

    private RangerPolicy getRangerPolicyObject(String str, String str2) {
        RangerPolicy rangerPolicy = new RangerPolicy();
        RangerPolicyResourceSignature rangerPolicyResourceSignature = new RangerPolicyResourceSignature(rangerPolicy);
        rangerPolicy.setName(str2);
        rangerPolicy.setDescription("Policy for " + str2);
        rangerPolicy.setService(str);
        rangerPolicy.setPolicyPriority(0);
        rangerPolicy.setIsAuditEnabled(Boolean.TRUE);
        rangerPolicy.setIsEnabled(Boolean.TRUE);
        rangerPolicy.setPolicyType(0);
        rangerPolicy.setGuid(this.guidUtil.genGUID());
        rangerPolicy.setResourceSignature(rangerPolicyResourceSignature.getSignature());
        rangerPolicy.setZoneName("");
        rangerPolicy.setUpdatedBy(LOGIN_ID_ADMIN);
        return rangerPolicy;
    }

    private List<RangerPolicy.RangerPolicyItemAccess> getRangerPolicyItemAccessList(List<String> list, XXService xXService, String str) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < list.size(); i++) {
            XXAccessTypeDef findByNameAndServiceId = this.daoMgr.getXXAccessTypeDef().findByNameAndServiceId(list.get(i), xXService.getId());
            if (findByNameAndServiceId == null) {
                throw new RuntimeException(list.get(i) + ": is not a valid access-type. policy='" + str + "' service='" + xXService.getName() + "'");
            }
            RangerPolicy.RangerPolicyItemAccess rangerPolicyItemAccess = new RangerPolicy.RangerPolicyItemAccess();
            rangerPolicyItemAccess.setIsAllowed(Boolean.TRUE);
            rangerPolicyItemAccess.setType(findByNameAndServiceId.getName());
            arrayList.add(rangerPolicyItemAccess);
        }
        return arrayList;
    }

    private List<String> getDefaultPolicyUsers(XXService xXService) {
        XXPortalUser byId = this.daoMgr.getXXPortalUser().getById(xXService.getAddedByUserId());
        XXPortalUser findByLoginId = this.daoMgr.getXXPortalUser().findByLoginId(this.daoMgr.getXXServiceConfigMap().findByServiceNameAndConfigKey(xXService.getName(), "username").getConfigvalue());
        ArrayList arrayList = new ArrayList();
        if (byId != null) {
            arrayList.add(byId.getLoginId());
        }
        if (findByLoginId != null) {
            arrayList.add(findByLoginId.getLoginId());
        }
        return arrayList;
    }

    private Map<String, RangerPolicy.RangerPolicyResource> getRangerPolicyResourceMap(List<String> list, Long l, String str, String str2) {
        HashMap hashMap = new HashMap();
        for (int i = 0; i < list.size(); i++) {
            XXResourceDef findByNameAndServiceDefId = this.daoMgr.getXXResourceDef().findByNameAndServiceDefId(list.get(i), l);
            if (findByNameAndServiceDefId == null) {
                throw new RuntimeException(list.get(i) + ": is not a valid resource-type. policy='" + str2 + "' service='" + str + "'");
            }
            RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
            rangerPolicyResource.setIsExcludes(Boolean.FALSE);
            rangerPolicyResource.setIsRecursive(Boolean.FALSE);
            rangerPolicyResource.setValue(StringUtil.WILDCARD_ASTERISK);
            hashMap.put(findByNameAndServiceDefId.getName(), rangerPolicyResource);
        }
        return hashMap;
    }
}
