package org.apache.ranger;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SortField;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.patch.PatchForKafkaServiceDefUpdate_J10025;
import org.apache.ranger.rest.TagRESTConstants;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/apache/ranger/AccessAuditsService.class */
public class AccessAuditsService {
    protected List<SortField> sortFields = new ArrayList();
    protected List<SearchField> searchFields = new ArrayList();

    @Autowired
    protected RESTErrorUtil restErrorUtil;

    @Autowired
    protected RangerDaoManager daoManager;

    public AccessAuditsService() {
        this.searchFields.add(new SearchField("id", "id", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("accessType", "access", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("aclEnforcer", "enforcer", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("agentId", "agent", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("repoName", "repo", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("sessionId", "sess", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("requestUser", "reqUser", SearchField.DATA_TYPE.STR_LIST, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("excludeUser", "exlUser", SearchField.DATA_TYPE.STR_LIST, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("requestData", "reqData", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
        this.searchFields.add(new SearchField("resourcePath", "resource", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
        this.searchFields.add(new SearchField("clientIP", "cliIP", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("auditType", "logType", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("accessResult", "result", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("policyId", "policy", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("repoType", "repoType", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("-repoType", "-repoType", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("-requestUser", "-reqUser", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("resourceType", "resType", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("reason", "reason", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("action", "action", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("startDate", "evtTime", SearchField.DATA_TYPE.DATE, SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN));
        this.searchFields.add(new SearchField("endDate", "evtTime", SearchField.DATA_TYPE.DATE, SearchField.SEARCH_TYPE.LESS_EQUAL_THAN));
        this.searchFields.add(new SearchField(TagRESTConstants.TAGDEF_NAME_AND_VERSION, TagRESTConstants.TAGDEF_NAME_AND_VERSION, SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
        this.searchFields.add(new SearchField(PatchForKafkaServiceDefUpdate_J10025.CLUSTER_RESOURCE_NAME, PatchForKafkaServiceDefUpdate_J10025.CLUSTER_RESOURCE_NAME, SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("zoneName", "zoneName", SearchField.DATA_TYPE.STR_LIST, SearchField.SEARCH_TYPE.FULL));
        this.searchFields.add(new SearchField("agentHost", "agentHost", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
        this.sortFields.add(new SortField("eventTime", "evtTime", true, SortField.SORT_ORDER.DESC));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void updateUserExclusion(Map<String, Object> map) {
        String str = (String) map.get("excludeServiceUser");
        if (str == null || !Boolean.valueOf(str.trim()).booleanValue()) {
            return;
        }
        List<String> excludeUsersList = getExcludeUsersList();
        if (CollectionUtils.isNotEmpty(excludeUsersList)) {
            Object obj = map.get("-requestUser");
            if (!(obj instanceof Collection) || ((Collection) obj).isEmpty()) {
                map.put("-requestUser", excludeUsersList);
            } else {
                excludeUsersList.addAll((Collection) obj);
                map.put("-requestUser", excludeUsersList);
            }
        }
    }

    private List<String> getExcludeUsersList() {
        ArrayList arrayList = new ArrayList(getServiceUserList());
        String property = PropertiesUtil.getProperty("ranger.accesslogs.exclude.users.list");
        if (StringUtils.isNotBlank(property)) {
            for (String str : new ArrayList(Arrays.asList(StringUtils.split(property, ",")))) {
                if (StringUtils.isNotBlank(str) && !arrayList.contains(str.trim())) {
                    arrayList.add(str);
                }
            }
        }
        return arrayList;
    }

    private List<String> getServiceUserList() {
        ArrayList arrayList = new ArrayList();
        Iterator it = Arrays.asList(StringUtils.split("tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas,nifi,nifi-registry,sqoop,kylin,elasticsearch,presto,ozone,kudu,schema-registry,cdl,obs", ",")).iterator();
        while (it.hasNext()) {
            String property = PropertiesUtil.getProperty("ranger.plugins." + ((String) it.next()) + ".serviceuser");
            if (StringUtils.isNotBlank(property)) {
                arrayList.add(property);
            }
        }
        return arrayList;
    }
}
