package com.mapr.cli;

import com.google.common.collect.ImmutableMap;
import com.google.protobuf.ByteString;
import com.mapr.baseutils.utils.AceHelper;
import com.mapr.cli.common.FileclientRun;
import com.mapr.cli.table.RecentTablesListManager;
import com.mapr.cli.table.RecentTablesListManagers;
import com.mapr.cliframework.base.CLIBaseClass;
import com.mapr.cliframework.base.CLICommand;
import com.mapr.cliframework.base.CLIInterface;
import com.mapr.cliframework.base.CLIProcessingException;
import com.mapr.cliframework.base.CLIUsageOnlyCommand;
import com.mapr.cliframework.base.CommandOutput;
import com.mapr.cliframework.base.ProcessedInput;
import com.mapr.cliframework.base.inputparams.TextInputParameter;
import com.mapr.fs.MapRFileSystem;
import com.mapr.fs.MapRFsUtil;
import com.mapr.fs.proto.Dbserver;
import com.mapr.fs.tables.TableProperties;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/mapr/cli/DbCfColumnSecurityPolicyCommands.class */
public class DbCfColumnSecurityPolicyCommands extends CLIBaseClass implements CLIInterface, AceHelper.DBPermission {
    private static final String PATH_PARAM_NAME = "path";
    private static final String COLNAME_PARAM_NAME = "name";
    private static final String SECURITY_POLICY_PARAM_NAME = "securitypolicy";
    private static final String OUTPUT_PARAM_NAME = "output";
    private List<String> securityPolicyTagList;
    private TableProperties tableProp;
    private static final Logger LOG = Logger.getLogger(DbCfColumnSecurityPolicyCommands.class);
    private static final String dbCfColumnSecurityPolicyAddUsage = "table cf column securitypolicy add -path <path> -cfname <column family name> -name <column name> -securitypolicy <policy1,policy2,...> ";
    private static final String CFNAME_PARAM_NAME = "cfname";
    private static final CLICommand dbCfColumnSecurityPolicyAddCommand = new CLICommand(GlobalNSCommands.GLOBALNS_COMMAND_ADD, dbCfColumnSecurityPolicyAddUsage, DbCfColumnSecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("path", new TextInputParameter("path", "path", true, (String) null)).put(CFNAME_PARAM_NAME, new TextInputParameter(CFNAME_PARAM_NAME, "column family name", true, (String) null)).put("name", new TextInputParameter("name", "column name", true, (String) null)).put("securitypolicy", new TextInputParameter("securitypolicy", "Comma-separated list of security policy tags", true, (String) null)).build(), (CLICommand[]) null).setShortUsage(dbCfColumnSecurityPolicyAddUsage);
    private static final String dbCfColumnSecurityPolicySetUsage = "table cf column securitypolicy set -path <path> -cfname <column family name> -name <column name> -securitypolicy <policy1,policy2,...> ";
    private static final CLICommand dbCfColumnSecurityPolicySetCommand = new CLICommand("set", dbCfColumnSecurityPolicySetUsage, DbCfColumnSecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("path", new TextInputParameter("path", "path", true, (String) null)).put(CFNAME_PARAM_NAME, new TextInputParameter(CFNAME_PARAM_NAME, "column family name", true, (String) null)).put("name", new TextInputParameter("name", "column name", true, (String) null)).put("securitypolicy", new TextInputParameter("securitypolicy", "Comma-separated list of security policy tags", true, (String) null)).build(), (CLICommand[]) null).setShortUsage(dbCfColumnSecurityPolicySetUsage);
    private static final String dbCfColumnSecurityPolicyRemoveUsage = "table cf column securitypolicy remove -path <path> -cfname <column family name> -name <column name> -securitypolicy <policy1,policy2,...> ";
    private static final CLICommand dbCfColumnSecurityPolicyRemoveCommand = new CLICommand(GlobalNSCommands.GLOBALNS_COMMAND_REMOVE, dbCfColumnSecurityPolicyRemoveUsage, DbCfColumnSecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("path", new TextInputParameter("path", "path", true, (String) null)).put(CFNAME_PARAM_NAME, new TextInputParameter(CFNAME_PARAM_NAME, "column family name", true, (String) null)).put("name", new TextInputParameter("name", "column name", true, (String) null)).put("securitypolicy", new TextInputParameter("securitypolicy", "Comma-separated list of security policy tags", true, (String) null)).build(), (CLICommand[]) null).setShortUsage(dbCfColumnSecurityPolicyRemoveUsage);
    private static final String dbCfColumnSecurityPolicyListUsage = "table cf column securitypolicy list -path <path> -cfname <column family name> -name <column name> -output verbose|terse ";
    private static final CLICommand dbCfColumnSecurityPolicyListCommand = new CLICommand("list", dbCfColumnSecurityPolicyListUsage, DbCfColumnSecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("path", new TextInputParameter("path", "path", true, (String) null)).put(CFNAME_PARAM_NAME, new TextInputParameter(CFNAME_PARAM_NAME, "column family name", true, (String) null)).put("name", new TextInputParameter("name", "column name", false, (String) null)).put("output", new TextInputParameter("output", "verbose|terse", false, "verbose").setInvisible(true)).build(), (CLICommand[]) null).setShortUsage(dbCfColumnSecurityPolicyListUsage);
    public static final CLICommand DbCfColumnSecurityPolicyCommands = new CLICommand("securitypolicy", "securitypolicy", CLIUsageOnlyCommand.class, CLICommand.ExecutionTypeEnum.NATIVE, new CLICommand[]{dbCfColumnSecurityPolicyAddCommand, dbCfColumnSecurityPolicySetCommand, dbCfColumnSecurityPolicyRemoveCommand, dbCfColumnSecurityPolicyListCommand}).setShortUsage("securitypolicy [add|set|remove|list]");
    private static final Map<String, String> verboseToTerseMap = new ImmutableMap.Builder().put("path", "p").put(CFNAME_PARAM_NAME, "cfn").put("name", VolumeDumpFileCommands.CREATE_NEW_VOLUME).put("securitypolicy", "sp").build();

    public DbCfColumnSecurityPolicyCommands(ProcessedInput processedInput, CLICommand cLICommand) {
        super(processedInput, cLICommand);
        this.securityPolicyTagList = new ArrayList();
    }

    public CommandOutput executeRealCommand() throws CLIProcessingException {
        CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        if (!super.validateInput()) {
            return commandOutput;
        }
        if (this.cliCommand.getCommandName().equalsIgnoreCase(dbCfColumnSecurityPolicyAddCommand.getCommandName())) {
            addDbCfColumnSecurityPolicy(outputHierarchy);
        } else if (this.cliCommand.getCommandName().equalsIgnoreCase(dbCfColumnSecurityPolicySetCommand.getCommandName())) {
            setDbCfColumnSecurityPolicy(outputHierarchy);
        } else if (this.cliCommand.getCommandName().equalsIgnoreCase(dbCfColumnSecurityPolicyRemoveCommand.getCommandName())) {
            removeDbCfColumnSecurityPolicy(outputHierarchy);
        } else if (this.cliCommand.getCommandName().equalsIgnoreCase(dbCfColumnSecurityPolicyListCommand.getCommandName())) {
            listDbCfColumnSecurityPolicy(outputHierarchy);
        }
        return commandOutput;
    }

    private void addDbCfColumnSecurityPolicy(CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        _setDbCfColumnSecurityPolicy(outputHierarchy, Dbserver.SecurityPolicyOperation.SPOP_ADD, false);
    }

    private void setDbCfColumnSecurityPolicy(CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        _setDbCfColumnSecurityPolicy(outputHierarchy, Dbserver.SecurityPolicyOperation.SPOP_SET, true);
    }

    private void removeDbCfColumnSecurityPolicy(CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        _setDbCfColumnSecurityPolicy(outputHierarchy, Dbserver.SecurityPolicyOperation.SPOP_REMOVE, false);
    }

    private void listDbCfColumnSecurityPolicy(CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        final String transformedPath = DbCommands.getTransformedPath(getParamTextValue("path", 0), getUserLoginId());
        String paramTextValue = getParamTextValue(CFNAME_PARAM_NAME, 0);
        final ArrayList arrayList = new ArrayList();
        try {
            new FileclientRun(getUserLoginId()) { // from class: com.mapr.cli.DbCfColumnSecurityPolicyCommands.1
                @Override // com.mapr.cli.common.FileclientRun
                public void runAsProxyUser() throws IOException, CLIProcessingException {
                    MapRFileSystem mapRFileSystem = MapRCliUtil.getMapRFileSystem();
                    RecentTablesListManager recentTablesListManagerForUser = RecentTablesListManagers.getRecentTablesListManagerForUser(DbCfColumnSecurityPolicyCommands.this.getUserLoginId());
                    try {
                        arrayList.add(mapRFileSystem.getTableProperties(new Path(transformedPath)));
                        recentTablesListManagerForUser.moveToTop(transformedPath);
                    } catch (IOException e) {
                        recentTablesListManagerForUser.deleteIfNotExist(transformedPath, mapRFileSystem);
                        throw e;
                    }
                }
            };
            try {
                ByteString byteString = null;
                boolean json = ((TableProperties) arrayList.get(0)).getAttr().getJson();
                Dbserver.ColumnFamilyAttr columnFamily = getColumnFamily(transformedPath, paramTextValue);
                if (columnFamily.getSchFamily() == null) {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10005, "Column family '" + paramTextValue + "' is not defined for table '" + transformedPath + "'."));
                    return;
                }
                boolean z = json && !paramTextValue.equals(ServerCommands.DEFAULT_LABEL);
                if (isParamPresent("name")) {
                    String paramTextValue2 = getParamTextValue("name", 0);
                    byteString = z ? ByteString.copyFromUtf8(MapRFsUtil.getPrefixedColName(paramTextValue2)) : ByteString.copyFromUtf8(paramTextValue2);
                }
                for (int i = 0; i < columnFamily.getColumnAttrCount(); i++) {
                    Dbserver.ColumnAttr columnAttr = columnFamily.getColumnAttr(i);
                    if (byteString == null || byteString.equals(columnAttr.getQualifier())) {
                        CommandOutput.OutputHierarchy.OutputNode outputNode = new CommandOutput.OutputHierarchy.OutputNode();
                        String unPrefixedColName = z ? MapRFsUtil.getUnPrefixedColName(columnAttr.getQualifier().toStringUtf8()) : columnAttr.getQualifier().toStringUtf8();
                        ArrayList arrayList2 = new ArrayList();
                        if (columnAttr != null && columnAttr.hasSecurityPolicyIds()) {
                            MapRFileSystem mapRFileSystem = MapRCliUtil.getMapRFileSystem();
                            Dbserver.SecurityPolicyIds securityPolicyIds = columnAttr.getSecurityPolicyIds();
                            for (int i2 = 0; i2 < securityPolicyIds.getIdsCount(); i2++) {
                                String securityPolicyName = mapRFileSystem.getSecurityPolicyName(securityPolicyIds.getIds(i2));
                                if (securityPolicyName != null) {
                                    arrayList2.add(securityPolicyName);
                                }
                            }
                        }
                        if (!arrayList2.isEmpty()) {
                            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(getOutputFieldName("name"), unPrefixedColName));
                            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(getOutputFieldName("securitypolicy"), arrayList2));
                            outputHierarchy.addNode(outputNode);
                        }
                    }
                }
            } catch (IOException e) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, e.getMessage()));
            }
        } catch (IOException e2) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, e2.getMessage()));
        } catch (CLIProcessingException e3) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, e3.getMessage()));
        }
    }

    private void _setDbCfColumnSecurityPolicy(CommandOutput.OutputHierarchy outputHierarchy, final Dbserver.SecurityPolicyOperation securityPolicyOperation, boolean z) throws CLIProcessingException {
        MapRFileSystem mapRFileSystem = MapRCliUtil.getMapRFileSystem();
        try {
            final String transformedPath = getTransformedPath(getParamTextValue("path", 0), getUserLoginId());
            String paramTextValue = getParamTextValue(CFNAME_PARAM_NAME, 0);
            getTableProps(new Path(transformedPath));
            boolean isJsonTable = isJsonTable(transformedPath);
            ByteString copyFromUtf8 = ByteString.copyFromUtf8((!isJsonTable || paramTextValue.equals(ServerCommands.DEFAULT_LABEL)) ? getParamTextValue("name", 0) : MapRFsUtil.getPrefixedColName(getParamTextValue("name", 0)));
            Dbserver.ColumnFamilyAttr columnFamily = getColumnFamily(transformedPath, paramTextValue);
            if (columnFamily == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10005, "Column family '" + paramTextValue + "' is not defined for table '" + transformedPath + "'."));
                return;
            }
            final Dbserver.SchemaFamily schFamily = columnFamily.getSchFamily();
            if (schFamily == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Column family " + paramTextValue + " not found under table " + transformedPath));
                return;
            }
            String userLoginId = getUserLoginId();
            if (!isParamPresent("securitypolicy")) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The -securitypolicy parameter is required").setField("securitypolicy"));
                return;
            }
            if (!validateAndAddSecurityPolicyTags(this.securityPolicyTagList, getParamTextValue("securitypolicy", 0), z)) {
                if (securityPolicyOperation == Dbserver.SecurityPolicyOperation.SPOP_SET) {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid security policy tag. Specify empty string or comma-separated tags").setField("securitypolicy"));
                    return;
                } else {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid security policy tag. Specify non-null comma-separated tags").setField("securitypolicy"));
                    return;
                }
            }
            if (!isJsonTable) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Security policy tags are supported for JSON DB tables only").setField("securitypolicy"));
                return;
            }
            List securityPolicyIds = mapRFileSystem.getSecurityPolicyIds(this.securityPolicyTagList);
            Dbserver.SecurityPolicyIds.Builder newBuilder = Dbserver.SecurityPolicyIds.newBuilder();
            newBuilder.addAllIds(securityPolicyIds);
            Dbserver.ColumnAttr.Builder newBuilder2 = Dbserver.ColumnAttr.newBuilder();
            newBuilder2.setQualifier(copyFromUtf8);
            newBuilder2.setSecurityPolicyIds(newBuilder.build());
            Dbserver.ColumnFamilyAttr.Builder builder = columnFamily.toBuilder();
            if (builder.getColumnAttrCount() > 0) {
                builder.clearColumnAttr();
            }
            final Dbserver.ColumnFamilyAttr build = builder.clearAces().clearSchFamily().clearJsonFamilyPath().addColumnAttr(newBuilder2.build()).build();
            new FileclientRun(userLoginId) { // from class: com.mapr.cli.DbCfColumnSecurityPolicyCommands.2
                @Override // com.mapr.cli.common.FileclientRun
                public void runAsProxyUser() throws IOException, CLIProcessingException {
                    MapRCliUtil.getMapRFileSystem().modifyColumnFamily(new Path(transformedPath), schFamily.getName(), build, securityPolicyOperation, this);
                }
            };
        } catch (CLIProcessingException e) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, e.getMessage()));
        } catch (IOException e2) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, e2.getMessage()));
        }
    }

    private void getTableProps(final Path path) throws IOException, CLIProcessingException {
        new FileclientRun(getUserLoginId()) { // from class: com.mapr.cli.DbCfColumnSecurityPolicyCommands.3
            @Override // com.mapr.cli.common.FileclientRun
            public void runAsProxyUser() throws IOException, CLIProcessingException {
                DbCfColumnSecurityPolicyCommands.this.setTableProps(MapRCliUtil.getMapRFileSystem().getTableProperties(path));
            }
        };
    }

    private void setTableProps(TableProperties tableProperties) {
        this.tableProp = tableProperties;
    }

    private Dbserver.TableAttr getTableAttr(String str) throws CLIProcessingException {
        try {
            return MapRCliUtil.getMapRFileSystem().getTableProperties(new Path(str)).getAttr();
        } catch (IOException | IllegalArgumentException e) {
            throw new CLIProcessingException(e);
        }
    }

    private boolean isJsonTable(String str) throws CLIProcessingException {
        try {
            return getTableAttr(str).getJson();
        } catch (IllegalArgumentException e) {
            throw new CLIProcessingException(e);
        }
    }

    public static String getTransformedPath(String str, String str2) {
        if (str.contains("\\")) {
            str = str.replace('\\', '/');
        }
        if (!str.startsWith("/")) {
            str = "/user/" + str2 + "/" + str;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Query path: " + str + ", User: " + str2);
        }
        return str;
    }

    private UserGroupInformation getProxyUser() throws IOException {
        UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
        return loginUser.getUserName().equals(getUserLoginId()) ? loginUser : UserGroupInformation.createProxyUser(getUserLoginId(), loginUser);
    }

    boolean validateAndAddSecurityPolicyTags(List<String> list, String str, boolean z) {
        if (z && (str == null || str.length() == 0)) {
            return true;
        }
        for (String str2 : str.split("[,]")) {
            if (str2.length() == 0) {
                return false;
            }
            list.add(str2);
        }
        return true;
    }

    private static Dbserver.ColumnFamilyAttr getColumnFamily(String str, String str2) throws IOException, CLIProcessingException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Searching for column family " + str2);
        }
        for (Dbserver.ColumnFamilyAttr columnFamilyAttr : MapRCliUtil.getMapRFileSystem().listColumnFamily(new Path(str), true)) {
            if (columnFamilyAttr.getSchFamily().getName().equals(str2)) {
                return columnFamilyAttr;
            }
        }
        return null;
    }

    private String getOutputFieldName(String str) throws CLIProcessingException {
        return AlarmCommands.ALARM_TERSE_NAME_PARAM_NAME.equals(getParamTextValue("output", 0)) ? verboseToTerseMap.get(str) : str;
    }

    public String getCliParam(String str) throws IOException {
        String str2 = null;
        try {
            if (isParamPresent(str)) {
                str2 = getParamTextValue(str, 0);
                if (str2 != null) {
                    str2 = str2.trim();
                }
            }
            return str2;
        } catch (CLIProcessingException e) {
            throw new IOException((Throwable) e);
        }
    }
}
