package com.mapr.fs.cldb;

import com.mapr.fs.cldb.conf.CLDBConfiguration;
import com.mapr.fs.cldb.conf.CLDBConfigurationHolder;
import com.mapr.fs.cldb.proto.Accesscontrol;
import com.mapr.fs.cldb.proto.CLDBProto;
import com.mapr.fs.cldb.table.Table;
import com.mapr.fs.proto.Common;
import com.mapr.fs.proto.Security;
import java.io.IOException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/mapr/fs/cldb/Cluster.class */
public class Cluster {
    private static final String clusterPropsKey = " ";
    private CLDBProto.ClusterProperties properties;
    private String clusterName;
    private int ownerUid;
    private String ownerName;
    private int[] ownerGids;
    private int adminGid;
    private Common.GuidMsg Uuid;
    private boolean UuidInitialized;
    private ClusterAccessController accessController;
    private CLDBConfiguration conf;
    private Table tableStore;
    private ActiveContainersMap containersMap;
    private static Cluster s_instance;
    private static final Log LOG = LogFactory.getLog(Cluster.class);
    public static int MAX_CLUSTER_PROPS_SIZE = VolumeManager.MAX_VOLUME_ACES_SIZE;

    private Cluster() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void init(CLDBConfiguration cLDBConfiguration, Table table, ActiveContainersMap activeContainersMap) {
        this.accessController = new ClusterAclProcessor(this);
        this.conf = cLDBConfiguration;
        this.tableStore = table;
        this.containersMap = activeContainersMap;
    }

    public static synchronized Cluster getInstance() {
        if (s_instance == null) {
            s_instance = new Cluster();
        }
        return s_instance;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CLDBProto.ClusterProperties getProperties() {
        return this.properties;
    }

    public String getClusterName() {
        return this.clusterName;
    }

    public void setClusterName(String str) {
        this.clusterName = str;
    }

    public int getOwnerUid() {
        return this.ownerUid;
    }

    public void setOwnerUid(int i) {
        this.ownerUid = i;
    }

    public String getOwnerName() {
        return this.ownerName;
    }

    public void setOwnerName(String str) {
        this.ownerName = str;
    }

    public int[] getOwnerGids() {
        return this.ownerGids;
    }

    public void setOwnerGids(int[] iArr) {
        this.ownerGids = iArr;
    }

    public int getAdminGid() {
        return this.adminGid;
    }

    public void setAdminGid(int i) {
        this.adminGid = i;
    }

    public Common.GuidMsg getUuid() {
        return this.Uuid;
    }

    public String getUuidString() {
        return this.Uuid == null ? "0-0" : this.Uuid.getId640() + "-" + this.Uuid.getId641();
    }

    public void setUuid(Common.GuidMsg guidMsg) {
        this.Uuid = guidMsg;
    }

    public boolean isUuidInitialized() {
        return this.UuidInitialized;
    }

    public void setUuidInitialized(boolean z) {
        this.UuidInitialized = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAccessController(ClusterAccessController clusterAccessController) {
        if (clusterAccessController != null) {
            this.accessController = clusterAccessController;
        }
    }

    public int initializeProperties() {
        CLDBProto.ClusterProperties clusterProperties = getClusterProperties();
        if (clusterProperties != null) {
            this.properties = clusterProperties;
            return 0;
        }
        CLDBProto.ClusterProperties.Builder clusterUuid = CLDBProto.ClusterProperties.newBuilder().setName(clusterPropsKey).setClusterUuid(this.Uuid);
        this.accessController.setDefaultControls(clusterUuid, this.ownerUid);
        return addCluster(clusterUuid.build());
    }

    public CLDBProto.ClusterProperties getClusterProperties() {
        CLDBProto.ClusterProperties clusterProperties = null;
        CLDBConfiguration cLDBConfigurationHolder = CLDBConfigurationHolder.getInstance();
        Table table = Table.getInstance();
        if (cLDBConfigurationHolder.getMode() == CLDBConfiguration.CLDBMode.MASTER_READ_WRITE) {
            clusterProperties = this.properties;
        }
        if (clusterProperties == null) {
            clusterProperties = table.getClusterProperty(clusterPropsKey);
        }
        return clusterProperties;
    }

    public synchronized int updateCluster(CLDBProto.ClusterProperties clusterProperties) {
        return updateCluster(clusterProperties, null);
    }

    public synchronized int updateCluster(CLDBProto.ClusterProperties clusterProperties, StringBuilder sb) {
        int serializedSize = clusterProperties.getSerializedSize();
        if (serializedSize >= MAX_CLUSTER_PROPS_SIZE) {
            String str = "cluster property size " + serializedSize + " exceeded threshold " + MAX_CLUSTER_PROPS_SIZE;
            if (sb != null) {
                sb.append(str);
            }
            LOG.error("updateCluster: " + str);
            return 90;
        }
        if (LOG.isTraceEnabled()) {
            LOG.trace("updateCluster: Updating cluster properties, size: " + serializedSize);
        }
        if (getClusterProperties() == null) {
            return addCluster(clusterProperties);
        }
        int insertClusterProperties = Table.getInstance().insertClusterProperties(clusterProperties);
        if (insertClusterProperties == 0) {
            this.properties = clusterProperties;
        }
        return insertClusterProperties;
    }

    private int addCluster(CLDBProto.ClusterProperties clusterProperties) {
        int insertClusterProperties = Table.getInstance().insertClusterProperties(clusterProperties);
        if (insertClusterProperties == 0) {
            this.properties = clusterProperties;
        }
        return insertClusterProperties;
    }

    public boolean hasAdminCredentials(Security.CredentialsMsg credentialsMsg) {
        if (credentialsMsg == null) {
            return false;
        }
        int uid = credentialsMsg.getUid();
        if (uid == 0) {
            if (this.conf.cldbRejectRoot() == 1) {
                if (!LOG.isDebugEnabled()) {
                    return false;
                }
                LOG.debug("hasAdminCredentials: root is not admin since reject root is enabled");
                return false;
            }
            if (this.conf.cldbSquashRoot() == 1) {
                uid = NobodyCredentials.getInstance().getUid();
            }
        }
        return uid == this.ownerUid;
    }

    public boolean canPerformAction(Security.CredentialsMsg credentialsMsg, int i) {
        StringBuilder sb = new StringBuilder();
        boolean canPerformAction = this.accessController.canPerformAction(credentialsMsg, i, sb);
        if (!canPerformAction && LOG.isInfoEnabled()) {
            LOG.info("Cannot perform Cluster Action: " + sb.toString() + "for actionMask: " + i);
        }
        return canPerformAction;
    }

    public synchronized CLDBProto.SecurityModifyAclResponse updateAcl(Security.CredentialsMsg credentialsMsg, CLDBProto.SecurityModifyAclRequest securityModifyAclRequest) {
        if (this.conf.getMode() != CLDBConfiguration.CLDBMode.MASTER_READ_WRITE) {
            return CLDBProto.SecurityModifyAclResponse.newBuilder().setStatus(3).setErrorString("CLDB is not in MASTER_READ_WRITE mode").build();
        }
        CLDBProto.SecurityModifyAclResponse updateAcl = this.accessController.updateAcl(credentialsMsg, securityModifyAclRequest);
        if (updateAcl.getStatus() != 0 && LOG.isInfoEnabled()) {
            LOG.info("[updateAcl error]: " + updateAcl.getErrorString());
        }
        return updateAcl;
    }

    public Security.AccessControlList getAcl(Security.CredentialsMsg credentialsMsg, StringBuilder sb) {
        if (sb == null) {
            sb = new StringBuilder();
        }
        Security.AccessControlList acl = this.accessController.getAcl(credentialsMsg, sb);
        if (acl == null && LOG.isErrorEnabled()) {
            LOG.error("[GetAcl]: " + sb.toString());
        }
        return acl;
    }

    public synchronized Accesscontrol.SetClusterAcesResponse setClusterAces(Accesscontrol.SetClusterAcesRequest setClusterAcesRequest) {
        if (this.conf.getMode() != CLDBConfiguration.CLDBMode.MASTER_READ_WRITE) {
            return Accesscontrol.SetClusterAcesResponse.newBuilder().setStatus(3).setErrorString("CLDB is not in MASTER_READ_WRITE mode").build();
        }
        Accesscontrol.SetClusterAcesResponse updateClusterAces = this.accessController.updateClusterAces(setClusterAcesRequest);
        if (updateClusterAces.getStatus() != 0 && LOG.isInfoEnabled()) {
            LOG.info("[setClusterAces error]: " + updateClusterAces.getErrorString());
        }
        return updateClusterAces;
    }

    public Accesscontrol.GetClusterAcesResponse getClusterAces(Accesscontrol.GetClusterAcesRequest getClusterAcesRequest) {
        if (this.conf.getMode() != CLDBConfiguration.CLDBMode.MASTER_READ_WRITE) {
            return Accesscontrol.GetClusterAcesResponse.newBuilder().setStatus(3).setErrorString("CLDB is not in MASTER_READ_WRITE mode").build();
        }
        Accesscontrol.GetClusterAcesResponse clusterAces = this.accessController.getClusterAces(getClusterAcesRequest);
        if (clusterAces.getStatus() != 0 && LOG.isInfoEnabled()) {
            LOG.info("[getClusterAces error]: " + clusterAces.getErrorString());
        }
        return clusterAces;
    }

    public CLDBProto.ClusterAces getClusterAces() {
        StringBuilder sb = new StringBuilder();
        CLDBProto.ClusterAces clusterAces = this.accessController.getClusterAces(sb);
        if (clusterAces == null && LOG.isErrorEnabled()) {
            LOG.error(sb);
        }
        return clusterAces;
    }

    public void removeEmptyAclEntries() {
        CLDBProto.ClusterProperties clusterProperties = getClusterProperties();
        if (clusterProperties == null) {
            return;
        }
        Security.AccessControlList acl = clusterProperties.getAcl();
        if (clusterProperties.hasAcl() && AclUtil.hasEmptyAcls(acl)) {
            if (updateCluster(CLDBProto.ClusterProperties.newBuilder(clusterProperties).setAcl(AclUtil.purgeEmptyAclEntries(acl.toBuilder())).build()) == 0) {
                if (LOG.isInfoEnabled()) {
                    LOG.info("[removeEmptyAclEntries] Purged Empty Cluster Acls");
                }
            } else if (LOG.isErrorEnabled()) {
                LOG.error("[removeEmptyAclEntries] Unable to Update Cluster Properties");
            }
        }
    }

    public void updateDelegatedAdminAcls() throws IOException {
        if (this.conf.cldbUpgradeFixForDelegatedAdminAclsDone() == 1) {
            return;
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("Updating the delgated admin acls");
        }
        int i = 0;
        CLDBProto.ClusterProperties clusterProperties = getClusterProperties();
        if (clusterProperties != null) {
            Security.AccessControlList acl = clusterProperties.getAcl();
            if (clusterProperties.hasAcl()) {
                Security.AccessControlList.Builder updateClusterAdminAcls = updateClusterAdminAcls(acl.toBuilder());
                if (updateClusterAdminAcls != null) {
                    i = updateCluster(CLDBProto.ClusterProperties.newBuilder(clusterProperties).setAcl(updateClusterAdminAcls).build());
                }
                if (i == 0) {
                    if (LOG.isInfoEnabled()) {
                        LOG.info("updatedDelegatedAdminAclEntries : Updated the admin acls for the cluster.");
                    }
                } else if (LOG.isErrorEnabled()) {
                    LOG.error("updateDelegatedAdminAclEntries : Unable to update cluster properties in table.");
                }
            }
        }
        if (i == 0) {
            updateDelegatedAdminAclsDone();
        }
    }

    private Security.AccessControlList.Builder updateClusterAdminAcls(Security.AccessControlList.Builder builder) {
        Security.AccessControlList.Builder newBuilder = Security.AccessControlList.newBuilder();
        int number = 1 << CLDBProto.ClusterActions.CLUSTER_FULL_CONTROL.getNumber();
        int number2 = 1 << CLDBProto.ClusterActions.CLUSTER_ADMIN.getNumber();
        for (Security.AclEntry aclEntry : builder.getAclList()) {
            int allow = aclEntry.getAllow();
            if ((allow & number) == 0 && (allow & number2) != 0) {
                allow = (allow | number) & (number2 ^ (-1));
            }
            if (aclEntry.getAllow() != allow) {
                return null;
            }
            newBuilder.addAcl(Security.AclEntry.newBuilder(aclEntry).setAllow(allow).build());
        }
        return newBuilder;
    }

    private void updateDelegatedAdminAclsDone() throws IOException {
        CLDBConfiguration cLDBConfiguration = this.conf;
        this.conf.getClass();
        cLDBConfiguration.setIntegerProperty("cldb.upgrade.fix.delegated.admin.acls", 1);
        CLDBProto.CLDBConfigParams.CLDBConfigParam.Builder newBuilder = CLDBProto.CLDBConfigParams.CLDBConfigParam.newBuilder();
        this.conf.getClass();
        int updateConfig = this.tableStore.updateConfig(CLDBProto.CLDBConfigParams.newBuilder().addParams(newBuilder.setKeys("cldb.upgrade.fix.delegated.admin.acls").setValues("1").build()).build());
        if (updateConfig == 0 || !LOG.isErrorEnabled()) {
            return;
        }
        Log log = LOG;
        StringBuilder append = new StringBuilder().append("Could not update config ");
        this.conf.getClass();
        log.error(append.append("cldb.upgrade.fix.empty.acls").append(" in kvstore, error: ").append(updateConfig).toString());
    }

    public boolean doesUuidMatch(Common.GuidMsg guidMsg) {
        return this.Uuid != null && this.Uuid.getId640() == guidMsg.getId640() && this.Uuid.getId641() == guidMsg.getId641();
    }

    public boolean clusterHadUuid() {
        return this.containersMap.isClusterInitialized();
    }
}
