package com.mapr.cli;

import com.google.common.collect.ImmutableMap;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import com.google.protobuf.MessageLite;
import com.mapr.baseutils.BitSetBytesHelperUtils;
import com.mapr.baseutils.Errno;
import com.mapr.baseutils.policyserverutils.PolicyServerRpcCommonUtils;
import com.mapr.baseutils.utils.AceHelper;
import com.mapr.baseutils.utils.AceUtil;
import com.mapr.baseutils.utils.GetStringsForAuditOps;
import com.mapr.cli.common.ListCommand;
import com.mapr.cliframework.base.CLICommand;
import com.mapr.cliframework.base.CLIInterface;
import com.mapr.cliframework.base.CLIProcessingException;
import com.mapr.cliframework.base.CLIUsageOnlyCommand;
import com.mapr.cliframework.base.CommandOutput;
import com.mapr.cliframework.base.ProcessedInput;
import com.mapr.cliframework.base.TextCommandOutput;
import com.mapr.cliframework.base.inputparams.BooleanInputParameter;
import com.mapr.cliframework.base.inputparams.FilterInputParameter;
import com.mapr.cliframework.base.inputparams.IntegerInputParameter;
import com.mapr.cliframework.base.inputparams.LongInputParameter;
import com.mapr.cliframework.base.inputparams.TextInputParameter;
import com.mapr.cliframework.util.FieldInfo;
import com.mapr.cliframework.util.FilterUtil;
import com.mapr.fs.Rpc;
import com.mapr.fs.cldb.proto.CLDBProto;
import com.mapr.fs.cli.proto.CLIProto;
import com.mapr.fs.proto.Common;
import com.mapr.fs.proto.PolicyServerProto;
import com.mapr.fs.proto.Security;
import com.mapr.security.MaprSecurityException;
import com.mapr.security.UnixUserGroupHelper;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.BitSet;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Scanner;
import java.util.regex.Pattern;
import org.junit.Assert;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mapr/cli/SecurityPolicyCommands.class */
public class SecurityPolicyCommands extends ListCommand implements CLIInterface {
    private static final int NUM_SECURITY_POLICIES_PER_RPC = 100;
    private static int MAX_SECURITYPOLICYFIELDINFO;
    private boolean export;
    public static final String MULTI_ARG_SEP = ",";
    public static final String FILTER_PARAM = "filter";
    public static final String COLUMNS_PARAM = "columns";
    public static final String SORTBY_PARAM = "sortby";
    public static final String SORTING_ORDER_PARAM = "sortorder";
    public static final String ASCENDING_SORTING_ORDER_PARAM = "asc";
    public static final String DESCENDING_SORTING_ORDER_PARAM = "desc";
    public static final String OUTPUT_PARAM = "output";
    public static final String START_PARAM = "start";
    public static final String LIMIT_PARAM = "limit";
    public static final String SECURITY_POLICY_NAME_PARAM = "name";
    public static final String DESCRIPTION_PARAM = "description";
    public static final String FILE_NAME_PARAM = "filename";
    public static final String SECURITY_EXPORT_POLICY_ID_PARAM = "id";
    public static final String SECURITY_EXPORT_POLICY_VERSION_PARAM = "version";
    public static final String EXPORT_DATA_AUDIT_OPS_VAL_PARAM = "dataauditopsval";
    UnixUserGroupHelper userInfo;
    public static final String AUDIT_ENABLED_PARAM = "auditenabled";
    public static final String WIRE_SECURITY_ENABLED = "wiresecurityenabled";
    public static final String DATA_AUDIT_OPS_PARAM = "dataauditops";
    public static final String DISABLE_DATA_AUDIT_OPS_PARAM = "disabledataauditops";
    public static final String ACE_READFILE_PARAM = "readfileace";
    public static final String ACE_WRITEFILE_PARAM = "writefileace";
    public static final String ACE_EXECUTEFILE_PARAM = "executefileace";
    public static final String ACE_READDIR_PARAM = "readdirace";
    public static final String ACE_ADDCHILD_PARAM = "addchildace";
    public static final String ACE_DELETECHILD_PARAM = "deletechildace";
    public static final String ACE_LOOKUPDIR_PARAM = "lookupdirace";
    public static final String ACE_READDB_PARAM = "readdbace";
    public static final String ACE_WRITEDB_PARAM = "writedbace";
    public static final String ACE_TRAVERSEDB_PARAM = "traversedbace";
    public static final String ACE_UNMASKED_READ_PARAM = "unmaskedreaddbace";
    public static final String ACE_READ_PARAM = "readaces";
    public static final String ACE_WRITE_PARAM = "writeaces";
    public static final String EXPAND_ACES_PARAM = "expandaces";
    public static final String UID_PARAM_NAME = "user";
    public static final String GID_PARAM_NAME = "group";
    public static final String validCharRegEx = "[a-zA-Z0-9\\-_]*";
    public static final String validCharRegExWithSpace = "[a-zA-Z0-9\\-_\\s]*";
    public static final String securityPolicyInfoUsage = "security policy info [ -cluster clusterName] [ -expandaces true/false ] [ -output terse|verbose. Default: verbose ] [ -columns comma separated list of column names. Default: all ] ";
    private final String MAPR_SECURITY_POLICY_IMPORT = "mapr_policyimport";
    static String supportedSortKeys;
    public static String securityPolicyListUsage;
    static final CLICommand securityPolicyCreateCommand;
    static final CLICommand securityPolicyModifyCommand;
    static final CLICommand securityPolicyListCommand;
    static final CLICommand securityPolicyImportCommand;
    static final CLICommand securityPolicyExportCommand;
    static final CLICommand securityPolicyInfoCommand;
    public static CLICommand[] securityPolicyCommandsArray;
    public static CLICommand securityPolicyCommands;
    UnixUserGroupHelper uInfo;
    private static final Logger LOG = LoggerFactory.getLogger(SecurityPolicyCommands.class);
    private static boolean dbAcesUpdated = false;
    private static boolean fileAcesUpdated = false;
    public static final Pattern validNamePattern = Pattern.compile("[a-zA-Z0-9\\-_]*");
    public static final Pattern validDescPattern = Pattern.compile("[a-zA-Z0-9\\-_\\s]*");
    public static String securityPolicyAceParams = "[ -readfileace readfile ACE ] [ -writefileace writefile ACE ] [ -executefileace executefile ACE ] [ -readdirace readdir ACE ] [ -addchildace addchild ACE ] [ -deletechildace deletechild ACE ] [ -lookupdirace lookupdir ACE ] [ -readdbace readdb ACE ] [ -writedbace writedb ACE ] [ -traversedbace traversedb ACE ] [ -unmaskedreaddbace unmaskedreaddb ACE ][ -readaces read ACE ] [ -writeaces write ACE ] ";
    public static final String securityPolicyCreateUsage = "security policy create -name securityPolicyName [ -description description] [ -allowtagging true|false] [-accesscontrol Armed|Disarmed|Denied] [ -cluster clusterName] [ -auditenabled true|false ] [ -dataauditops audit-ops] [ -wiresecurityenabled true|false ] " + securityPolicyAceParams;
    static int SECURITY_POLICY_NAME_MAX_LEN = Common.MapRSharedConfigInfo.getDefaultInstance().getSecurityPolicyNameMaxLen();
    static int SECURITY_POLICY_DESCRIPTION_MAX_LEN = Common.MapRSharedConfigInfo.getDefaultInstance().getSecurityPolicyDescriptionMaxLen();
    public static final String securityPolicyModifyUsage = "security policy modify -name securityPolicyName [ -allowtagging true|false] [-accesscontrol Armed|Disarmed|Denied] [ -description description] [ -cluster clusterName] [ -auditenabled true|false ] [ -dataauditops audit-ops] [ -disabledataauditops audit-ops] [ -wiresecurityenabled true|false ] " + securityPolicyAceParams;
    public static final String SECURITY_EXPORT_POLICY_CTIME_PARAM = "ctime";
    public static final String SECURITY_EXPORT_POLICY_MTIME_PARAM = "mtime";
    public static final String ALLOW_TAGGING_PARAM = "allowtagging";
    public static final String ACCESS_CONTROL_PARAM = "accesscontrol";
    private static Map<PolicyServerProto.SecurityPolicyInfoFields, FieldInfo> fieldTable = new ImmutableMap.Builder().put(PolicyServerProto.SecurityPolicyInfoFields.policyName, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.policyName.getNumber(), VolumeDumpFileCommands.CREATE_NEW_VOLUME, "policyname", String.class, CLDBProto.ListSortKey.SecurityPolicyName)).put(PolicyServerProto.SecurityPolicyInfoFields.policyId, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.policyId.getNumber(), "id", "policyid", Integer.class, CLDBProto.ListSortKey.SecurityPolicyId)).put(PolicyServerProto.SecurityPolicyInfoFields.description, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.description.getNumber(), "desc", "description", String.class)).put(PolicyServerProto.SecurityPolicyInfoFields.ctime, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.ctime.getNumber(), "ct", SECURITY_EXPORT_POLICY_CTIME_PARAM, Long.class, CLDBProto.ListSortKey.SecurityPolicyCtime)).put(PolicyServerProto.SecurityPolicyInfoFields.mtime, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.mtime.getNumber(), "mt", SECURITY_EXPORT_POLICY_MTIME_PARAM, Long.class, CLDBProto.ListSortKey.SecurityPolicyMtime)).put(PolicyServerProto.SecurityPolicyInfoFields.wireSecurityEnabled, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.wireSecurityEnabled.getNumber(), "ws", "wiresecurity", Integer.class, CLDBProto.ListSortKey.SecurityPolicyWireSecurityEnabled)).put(PolicyServerProto.SecurityPolicyInfoFields.auditDataAccess, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.auditDataAccess.getNumber(), "ea", "audited", Integer.class, CLDBProto.ListSortKey.SecurityPolicyAuditDataAccess)).put(PolicyServerProto.SecurityPolicyInfoFields.allowTagging, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.allowTagging.getNumber(), "at", ALLOW_TAGGING_PARAM, Integer.class, CLDBProto.ListSortKey.SecurityPolicyAllowTagging)).put(PolicyServerProto.SecurityPolicyInfoFields.accessControl, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.accessControl.getNumber(), "ac", ACCESS_CONTROL_PARAM, String.class, CLDBProto.ListSortKey.SecurityPolicyAccessControl)).put(PolicyServerProto.SecurityPolicyInfoFields.auditEnableOperations, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.auditEnableOperations.getNumber(), "edao", "enableddataauditoperations", String.class)).put(PolicyServerProto.SecurityPolicyInfoFields.auditDisableOperations, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.auditDisableOperations.getNumber(), "ddao", "disableddataauditoperations", String.class)).put(PolicyServerProto.SecurityPolicyInfoFields.policyAces, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.policyAces.getNumber(), "ace", "aces", String.class)).put(PolicyServerProto.SecurityPolicyInfoFields.policyAcl, new FieldInfo(PolicyServerProto.SecurityPolicyInfoFields.policyAcl.getNumber(), "acl", "acl", String.class)).build();
    static Map<String, CLDBProto.ListSortKey> nameToEnumMap = new HashMap();

    public SecurityPolicyCommands(ProcessedInput processedInput, CLICommand cLICommand) throws CLIProcessingException {
        super(processedInput, cLICommand);
        this.export = false;
        this.MAPR_SECURITY_POLICY_IMPORT = "mapr_policyimport";
        this.uInfo = null;
    }

    void init() throws CLIProcessingException {
        this.uInfo = new UnixUserGroupHelper();
        try {
            if (Rpc.initialize(0, 0, (String) null) < 0) {
                throw new IOException("Error in RPC init");
            }
        } catch (Exception e) {
            LOG.error("Exception while initializing RPC " + e);
        }
    }

    public CommandOutput executeRealCommand() throws CLIProcessingException {
        LOG.debug("Processing::executeRealCommand");
        init();
        this.userInfo = new UnixUserGroupHelper();
        if (this.cliCommand.getCommandName().equalsIgnoreCase("list")) {
            return securityPolicyList();
        }
        if (this.cliCommand.getCommandName().equalsIgnoreCase("create")) {
            try {
                return securityPolicyCreate();
            } catch (Exception e) {
                throw new CLIProcessingException("Send request Exception", e);
            }
        }
        if (this.cliCommand.getCommandName().equalsIgnoreCase(S3DomainCommands.DOMAIN_COMMAND_MODIFY)) {
            try {
                return securityPolicyModify();
            } catch (Exception e2) {
                throw new CLIProcessingException("Send request Exception", e2);
            }
        }
        if (this.cliCommand.getCommandName().equalsIgnoreCase(S3DomainCommands.DOMAIN_COMMAND_INFO)) {
            try {
                return securityPolicyInfo();
            } catch (Exception e3) {
                throw new CLIProcessingException("Send request Exception", e3);
            }
        }
        if (this.cliCommand.getCommandName().equalsIgnoreCase("import")) {
            try {
                importSecurityPolicy();
                return new TextCommandOutput("".getBytes());
            } catch (CLIProcessingException e4) {
                throw new CLIProcessingException("CLIProcessingException", e4);
            } catch (FileNotFoundException e5) {
                return new TextCommandOutput("Invalid filename".getBytes());
            } catch (IOException e6) {
                throw new CLIProcessingException("IOException", e6);
            } catch (Exception e7) {
                throw new CLIProcessingException("Exception", e7);
            }
        }
        if (!this.cliCommand.getCommandName().equalsIgnoreCase(UsageExportCommands.EXPORT_PARAM_NAME)) {
            return new TextCommandOutput("Security policy command failed".getBytes());
        }
        try {
            this.export = true;
            securityPolicyList();
            return new TextCommandOutput("".getBytes());
        } catch (CLIProcessingException e8) {
            throw new CLIProcessingException("CLIProcessingException", e8);
        } catch (Exception e9) {
            throw new CLIProcessingException("FileName Exception", e9);
        }
    }

    private void importSecurityPolicy() throws Exception {
        Scanner scanner = new Scanner(new File(getParamTextValue(FILE_NAME_PARAM, 0).trim()));
        String str = "";
        int i = 0;
        String[] strArr = {"mapr_policyimport=TRUE"};
        while (scanner.hasNext()) {
            String str2 = "";
            Scanner scanner2 = new Scanner(scanner.nextLine());
            scanner2.useDelimiter("\\{|\\}");
            while (scanner2.hasNext()) {
                String next = scanner2.next();
                if (!next.isEmpty()) {
                    str2 = str2 + " -" + next;
                    String[] split = next.split("\\s+");
                    if (split[0].equals("id")) {
                        i = Integer.parseInt(split[1]);
                    }
                    if (split[0].equals("name")) {
                        str = split[1];
                    }
                }
            }
            if (!str2.isEmpty()) {
                PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupById = securityPolicyLookupById(null, getUserCredentials(), i);
                if (securityPolicyLookupById == null) {
                    System.out.println("Error: Unable to reach PolicyServer");
                    return;
                }
                if (securityPolicyLookupById.getStatus() == 2) {
                    Process exec = Runtime.getRuntime().exec(new String[]{"bash", "-c", "maprcli security policy create" + str2}, strArr);
                    if (exec != null) {
                        if (exec.waitFor() == 0) {
                            System.out.println("Importing policy " + str);
                        } else {
                            System.out.println("Error while Importing, policy " + str);
                        }
                    }
                    LOG.info("Policy import successfull: " + "maprcli security policy create" + str2);
                } else if (securityPolicyLookupById.getStatus() != 0) {
                    System.out.println("Error: Importing Security Policy " + str);
                    return;
                } else if (securityPolicyLookupById.getProperties(0).getPolicyName().equals(str)) {
                    Process exec2 = Runtime.getRuntime().exec(new String[]{"bash", "-c", "maprcli security policy modify" + str2}, strArr);
                    if (exec2 != null) {
                        if (exec2.waitFor() == 0) {
                            System.out.println("Importing policy " + str);
                        } else {
                            System.out.println("Error while Importing, policy " + str);
                        }
                    }
                    LOG.info("Policy import successfull: " + "maprcli security policy modify" + str2);
                }
            }
        }
    }

    private void exportSecPol(Common.SecurityPolicyProperties securityPolicyProperties) {
        System.out.print("{");
        if (securityPolicyProperties.hasPolicyId()) {
            System.out.print("{id " + securityPolicyProperties.getPolicyId() + "}");
        }
        if (securityPolicyProperties.hasPolicyName()) {
            System.out.print("{name " + securityPolicyProperties.getPolicyName() + "}");
        }
        if (securityPolicyProperties.hasDescription()) {
            System.out.print("{description \"" + securityPolicyProperties.getDescription() + "\"}");
        }
        if (securityPolicyProperties.hasPolicyVersion()) {
            System.out.print("{version " + securityPolicyProperties.getPolicyVersion() + "}");
        }
        if (securityPolicyProperties.hasCtime()) {
            System.out.print("{ctime " + securityPolicyProperties.getCtime() + "}");
        }
        if (securityPolicyProperties.hasMtime()) {
            System.out.print("{mtime " + securityPolicyProperties.getMtime() + "}");
        }
        if (securityPolicyProperties.hasWireSecurityEnabled()) {
            System.out.print("{wiresecurityenabled " + securityPolicyProperties.getWireSecurityEnabled() + "}");
        }
        if (securityPolicyProperties.hasAuditDataAccess()) {
            System.out.print("{auditenabled " + securityPolicyProperties.getAuditDataAccess() + "}");
        }
        if (securityPolicyProperties.hasFsAuditDisabledOperations()) {
            System.out.print("{dataauditopsval " + securityPolicyProperties.getFsAuditDisabledOperations() + "}");
        }
        if (securityPolicyProperties.hasFileAces()) {
            for (Common.FileACE fileACE : securityPolicyProperties.getFileAces().getAcesList()) {
                Common.FSAccessType accessType = fileACE.getAccessType();
                String str = "";
                if (accessType == Common.FSAccessType.AceRead) {
                    str = ACE_READFILE_PARAM;
                } else if (accessType == Common.FSAccessType.AceWrite) {
                    str = ACE_WRITEFILE_PARAM;
                } else if (accessType == Common.FSAccessType.AceExecute) {
                    str = ACE_EXECUTEFILE_PARAM;
                } else if (accessType == Common.FSAccessType.AceReadDir) {
                    str = ACE_READDIR_PARAM;
                } else if (accessType == Common.FSAccessType.AceAddChild) {
                    str = ACE_ADDCHILD_PARAM;
                } else if (accessType == Common.FSAccessType.AceDeleteChild) {
                    str = ACE_DELETECHILD_PARAM;
                } else if (accessType == Common.FSAccessType.AceLookupDir) {
                    str = ACE_LOOKUPDIR_PARAM;
                }
                if (str.length() > 0) {
                    try {
                        System.out.print("{" + str + " '" + AceHelper.toInfix(fileACE.getBoolExp().toStringUtf8()) + "'}");
                    } catch (Exception e) {
                        System.out.println("Exception while parsing ACE's");
                    }
                } else {
                    Assert.assertNotNull((Object) null);
                }
            }
        }
        if (securityPolicyProperties.getDbStreamAcesCount() > 0) {
            for (Common.DBStreamAceEntry dBStreamAceEntry : securityPolicyProperties.getDbStreamAcesList()) {
                Common.DBStreamAccessType accessType2 = dBStreamAceEntry.getAccessType();
                String str2 = "";
                if (accessType2 == Common.DBStreamAccessType.AceReadDB) {
                    str2 = ACE_READDB_PARAM;
                } else if (accessType2 == Common.DBStreamAccessType.AceWriteDB) {
                    str2 = ACE_WRITEDB_PARAM;
                } else if (accessType2 == Common.DBStreamAccessType.AceTraverse) {
                    str2 = ACE_TRAVERSEDB_PARAM;
                } else if (accessType2 == Common.DBStreamAccessType.AceUnmaskedReadDB) {
                    str2 = ACE_UNMASKED_READ_PARAM;
                }
                if (str2.length() > 0) {
                    try {
                        System.out.print("{" + str2 + " '" + AceHelper.toInfix(dBStreamAceEntry.getExpr().toStringUtf8()) + "'}");
                    } catch (Exception e2) {
                        System.out.println("Exception while parsing ACE's");
                    }
                } else {
                    Assert.assertNotNull((Object) null);
                }
            }
        }
        try {
            if (securityPolicyProperties.hasReadAces()) {
                System.out.print("{readaces '" + AceHelper.toInfix(securityPolicyProperties.getReadAces().toStringUtf8()) + "'}");
            }
            if (securityPolicyProperties.hasWriteAces()) {
                System.out.print("{writeaces '" + AceHelper.toInfix(securityPolicyProperties.getWriteAces().toStringUtf8()) + "'}");
            }
        } catch (Exception e3) {
            System.out.println("Exception while parsing ACE's");
        }
        CLDBProto.SecureObjectType secureObjectType = CLDBProto.SecureObjectType.OBJECT_TYPE_SECURITYPOLICY;
        if (securityPolicyProperties.hasAcl()) {
            boolean z = false;
            boolean z2 = false;
            String str3 = "";
            String str4 = "";
            Iterator it = AclCommands.formatAcl(securityPolicyProperties.getAcl(), secureObjectType, "short", this.userInfo, new ArrayList(), new ArrayList()).getOutputNodes().iterator();
            while (it.hasNext()) {
                Iterator it2 = ((CommandOutput.OutputHierarchy.OutputNode) it.next()).getChildren().iterator();
                while (it2.hasNext()) {
                    String obj = ((CommandOutput.OutputHierarchy.OutputNode) it2.next()).getValue().toString();
                    if (obj.startsWith("User")) {
                        str3 = str3 + " " + obj.substring(5) + ":";
                        z = true;
                    } else if (obj.startsWith("Group")) {
                        str4 = str4 + " " + obj.substring(6) + ":";
                        z2 = true;
                    } else if (z) {
                        str3 = str3 + obj.substring(1, obj.length() - 1).replaceAll("\\s", "");
                        z = false;
                    } else if (z2) {
                        str4 = str4 + obj.substring(1, obj.length() - 1).replaceAll("\\s", "");
                        z2 = false;
                    }
                }
            }
            if (!str3.isEmpty()) {
                System.out.print("{user" + str3 + "}");
            }
            if (!str4.isEmpty()) {
                System.out.print("{group" + str4 + "}");
            }
        }
        if (securityPolicyProperties.hasTaggingAllowed()) {
            System.out.print("{allowtagging " + securityPolicyProperties.getTaggingAllowed() + "}");
        }
        if (securityPolicyProperties.hasAccessControl()) {
            System.out.print("{accesscontrol " + securityPolicyProperties.getAccessControl() + "}");
        }
        System.out.println("}");
    }

    public static PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupById(String str, Security.CredentialsMsg credentialsMsg, int i) throws CLIProcessingException, MaprSecurityException {
        return securityPolicyLookup(str, credentialsMsg, null, i);
    }

    public static PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupByName(String str, Security.CredentialsMsg credentialsMsg, String str2) throws CLIProcessingException, MaprSecurityException {
        return securityPolicyLookup(str, credentialsMsg, str2, 0);
    }

    public static PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookup(String str, Security.CredentialsMsg credentialsMsg, String str2, int i) throws CLIProcessingException, MaprSecurityException {
        byte[] sendRequestToPolicyServer;
        PolicyServerProto.LookupSecurityPolicyRequest.Builder creds = PolicyServerProto.LookupSecurityPolicyRequest.newBuilder().setCreds(credentialsMsg);
        if (str2 != null) {
            if (i != 0) {
                LOG.error("Found both id and name in lookup request, terminating.");
                return PolicyServerProto.LookupSecurityPolicyResponse.newBuilder().setStatus(22).build();
            }
            creds.addPolicyNames(str2);
        }
        if (i != 0) {
            creds.addPolicyIds(i);
        }
        PolicyServerProto.LookupSecurityPolicyRequest build = creds.build();
        try {
            if (str != null) {
                LOG.info("securityPolicyLookup(): Sending request to cluster " + str);
                sendRequestToPolicyServer = PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(str, PolicyServerProto.SecurityPolicyProc.LookupSecurityPolicyProc.getNumber(), build, PolicyServerProto.LookupSecurityPolicyResponse.class);
            } else {
                LOG.info("securityPolicyLookup(): Sending request to current cluster");
                sendRequestToPolicyServer = PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(PolicyServerProto.SecurityPolicyProc.LookupSecurityPolicyProc.getNumber(), build, PolicyServerProto.LookupSecurityPolicyResponse.class);
            }
            if (sendRequestToPolicyServer == null) {
                throw new CLIProcessingException("Exception while processing RPC");
            }
            return PolicyServerProto.LookupSecurityPolicyResponse.parseFrom(sendRequestToPolicyServer);
        } catch (MaprSecurityException e) {
            throw e;
        } catch (Exception e2) {
            throw new CLIProcessingException("Exception doing security policy lookup to PolicyServer, " + e2.getLocalizedMessage());
        }
    }

    CommandOutput securityPolicyCreate() throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
        commandOutput.setOutput(outputHierarchy);
        String str = null;
        if (isParamPresent("cluster")) {
            str = getParamTextValue("cluster", 0);
        }
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing security policy name in the command to create security policy").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        StringBuilder sb = new StringBuilder();
        if (!isValidSecurityPolicyName(trim, sb)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, sb.toString()));
            return commandOutput;
        }
        if ((isParamPresent("id") || isParamPresent(SECURITY_EXPORT_POLICY_VERSION_PARAM) || isParamPresent(SECURITY_EXPORT_POLICY_CTIME_PARAM) || isParamPresent(SECURITY_EXPORT_POLICY_MTIME_PARAM) || isParamPresent(EXPORT_DATA_AUDIT_OPS_VAL_PARAM)) && System.getenv("mapr_policyimport") == null) {
            outputHierarchy.addMessage(getCommandUsage());
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid option"));
            return commandOutput;
        }
        if (isParamPresent(ACE_READ_PARAM) && (isParamPresent(ACE_READFILE_PARAM) || isParamPresent(ACE_EXECUTEFILE_PARAM) || isParamPresent(ACE_READDIR_PARAM) || isParamPresent(ACE_LOOKUPDIR_PARAM) || isParamPresent(ACE_READDB_PARAM) || isParamPresent(ACE_TRAVERSEDB_PARAM))) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The readaces option cannot be specified with any other read ACE options").setField(ACE_READ_PARAM));
            return commandOutput;
        }
        if (isParamPresent(ACE_WRITE_PARAM) && (isParamPresent(ACE_WRITEFILE_PARAM) || isParamPresent(ACE_ADDCHILD_PARAM) || isParamPresent(ACE_DELETECHILD_PARAM) || isParamPresent(ACE_WRITEDB_PARAM))) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The writeaces option cannot be specified with any other write ACE options").setField(ACE_WRITE_PARAM));
            return commandOutput;
        }
        PolicyServerProto.SecurityPolicyCreateRequest.Builder newBuilder = PolicyServerProto.SecurityPolicyCreateRequest.newBuilder();
        Common.SecurityPolicyProperties.Builder policyName = Common.SecurityPolicyProperties.newBuilder().setPolicyName(trim);
        PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupByName = securityPolicyLookupByName(str, getUserCredentials(), trim);
        if (securityPolicyLookupByName.hasStatus() && securityPolicyLookupByName.getStatus() == 0) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(17, "Security policy " + trim + " already exists"));
            return commandOutput;
        }
        if (isParamPresent("id")) {
            policyName.setPolicyId(getParamIntValue("id", 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_VERSION_PARAM)) {
            policyName.setPolicyVersion(getParamIntValue(SECURITY_EXPORT_POLICY_VERSION_PARAM, 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_CTIME_PARAM)) {
            policyName.setCtime(getParamLongValue(SECURITY_EXPORT_POLICY_CTIME_PARAM, 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_MTIME_PARAM)) {
            policyName.setMtime(getParamLongValue(SECURITY_EXPORT_POLICY_MTIME_PARAM, 0));
        }
        if (isParamPresent("description")) {
            String trim2 = getParamTextValue("description", 0).trim();
            StringBuilder sb2 = new StringBuilder();
            if (!isValidSecurityPolicyDescription(trim2, sb2)) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, sb2.toString()));
                return commandOutput;
            }
            policyName.setDescription(getParamTextValue("description", 0));
        }
        if (isParamPresent(ALLOW_TAGGING_PARAM)) {
            policyName.setTaggingAllowed(getParamBooleanValue(ALLOW_TAGGING_PARAM, 0));
        }
        if (isParamPresent(ACCESS_CONTROL_PARAM)) {
            String paramTextValue = getParamTextValue(ACCESS_CONTROL_PARAM, 0);
            if (paramTextValue.equals("Armed")) {
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Armed);
            } else if (paramTextValue.equals("Disarmed")) {
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Disarmed);
            } else {
                if (!paramTextValue.equals("Denied")) {
                    outputHierarchy.addMessage(getCommandUsage());
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid value for accesscontrol"));
                    return commandOutput;
                }
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Denied);
            }
        }
        if (isParamPresent("auditenabled")) {
            policyName.setAuditDataAccess(getParamBooleanValue("auditenabled", 0));
        }
        if (isParamPresent("wiresecurityenabled")) {
            policyName.setWireSecurityEnabled(getParamBooleanValue("wiresecurityenabled", 0));
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if (isParamPresent("dataauditops")) {
            String paramTextValue2 = getParamTextValue("dataauditops", 0);
            if (!VolumeCommands.validateAndAddFsOperations(arrayList, arrayList2, paramTextValue2, true)) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid dataauditops text specified, text = " + paramTextValue2));
                return commandOutput;
            }
        } else if (isParamPresent(EXPORT_DATA_AUDIT_OPS_VAL_PARAM)) {
            policyName.setFsAuditDisabledOperations(getParamLongValue(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, 0));
        }
        if (arrayList.contains(Common.FSAuditOperations.AuditAll) && arrayList.size() > 1) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "When specifying +all,  cannot enable any other operation"));
            return commandOutput;
        }
        if (arrayList2.contains(Common.FSAuditOperations.AuditAll) && arrayList2.size() > 1) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "When specifying -all,  cannot disable any other operation"));
            return commandOutput;
        }
        if (arrayList.size() > 0 && arrayList2.size() > 0) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Cannot mix enable and disable dataaudit ops"));
            return commandOutput;
        }
        newBuilder.addAllFsAuditEnabledOperations(arrayList);
        newBuilder.addAllFsAuditDisabledOperations(arrayList2);
        Common.FileACEs.Builder newBuilder2 = Common.FileACEs.newBuilder();
        ArrayList arrayList3 = new ArrayList();
        if (buildAces(newBuilder2, arrayList3, outputHierarchy) < 0) {
            return commandOutput;
        }
        if (fileAcesUpdated) {
            policyName.setFileAces(newBuilder2);
        }
        if (dbAcesUpdated) {
            policyName.addAllDbStreamAces(arrayList3);
        }
        Security.AccessControlList.Builder newBuilder3 = Security.AccessControlList.newBuilder();
        boolean z = false;
        CLDBProto.SecureObjectType secureObjectType = CLDBProto.SecureObjectType.OBJECT_TYPE_SECURITYPOLICY;
        if (isParamPresent("user")) {
            z = true;
            List<Security.AclEntry> actionsToAcls = AclCommands.actionsToAcls(this.input.getParameterByName("user").getParamValues(), this.userInfo, secureObjectType, true, outputHierarchy);
            if (actionsToAcls == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, "Acl set failed - invalid list of user permissions, valid permissions are: [r, a, fc]").setField("user"));
                commandOutput.setOutput(outputHierarchy);
                return commandOutput;
            }
            newBuilder3.addAllAcl(actionsToAcls);
        }
        if (isParamPresent("group")) {
            z = true;
            List<Security.AclEntry> actionsToAcls2 = AclCommands.actionsToAcls(this.input.getParameterByName("group").getParamValues(), this.userInfo, secureObjectType, false, outputHierarchy);
            if (actionsToAcls2 == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, "Acl set failed - invalid list of group permissions, valid permissions are: [r, a, fc]").setField("group"));
                commandOutput.setOutput(outputHierarchy);
                return commandOutput;
            }
            newBuilder3.addAllAcl(actionsToAcls2);
        }
        if (z) {
            policyName.setAcl(newBuilder3);
        }
        newBuilder.setProperties(AceUtil.compactSecurityPolicyAces(policyName.build()));
        newBuilder.setCreds(getUserCredentials());
        byte[] sendRequestToPolicyServer = isParamPresent("cluster") ? PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(getParamTextValue("cluster", 0), PolicyServerProto.SecurityPolicyProc.SecurityPolicyCreateProc.getNumber(), newBuilder.build(), PolicyServerProto.SecurityPolicyCreateResponse.class) : PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(PolicyServerProto.SecurityPolicyProc.SecurityPolicyCreateProc.getNumber(), newBuilder.build(), PolicyServerProto.SecurityPolicyCreateResponse.class);
        if (sendRequestToPolicyServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the PolicyServer. Check if PolicyServer is up and running."));
            return commandOutput;
        }
        PolicyServerProto.SecurityPolicyCreateResponse parseFrom = PolicyServerProto.SecurityPolicyCreateResponse.parseFrom(sendRequestToPolicyServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully created security policy '" + trim + "'");
        } else {
            String str2 = "Security policy create of " + trim + " failed";
            if (parseFrom.hasErrMsg()) {
                str2 = str2 + ": " + parseFrom.getErrMsg();
            }
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), str2).setField("name").setFieldValue(trim));
        }
        return commandOutput;
    }

    CommandOutput securityPolicyModify() throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
        commandOutput.setOutput(outputHierarchy);
        String paramTextValue = isParamPresent("cluster") ? getParamTextValue("cluster", 0) : null;
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing security policy name in the command to modify security policy").setField("name"));
            return commandOutput;
        }
        String paramTextValue2 = getParamTextValue("name", 0);
        StringBuilder sb = new StringBuilder();
        if (!isValidSecurityPolicyName(paramTextValue2, sb)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, sb.toString()));
            return commandOutput;
        }
        if ((isParamPresent("id") || isParamPresent(SECURITY_EXPORT_POLICY_VERSION_PARAM) || isParamPresent(SECURITY_EXPORT_POLICY_CTIME_PARAM) || isParamPresent(SECURITY_EXPORT_POLICY_MTIME_PARAM) || isParamPresent(EXPORT_DATA_AUDIT_OPS_VAL_PARAM)) && System.getenv("mapr_policyimport") == null) {
            outputHierarchy.addMessage(getCommandUsage());
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid option"));
            return commandOutput;
        }
        if (isParamPresent(ACE_READ_PARAM) && (isParamPresent(ACE_READFILE_PARAM) || isParamPresent(ACE_EXECUTEFILE_PARAM) || isParamPresent(ACE_READDIR_PARAM) || isParamPresent(ACE_LOOKUPDIR_PARAM) || isParamPresent(ACE_READDB_PARAM) || isParamPresent(ACE_TRAVERSEDB_PARAM))) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The readaces option cannot be specified with any other read ACE options").setField(ACE_READ_PARAM));
            return commandOutput;
        }
        if (isParamPresent(ACE_WRITE_PARAM) && (isParamPresent(ACE_WRITEFILE_PARAM) || isParamPresent(ACE_ADDCHILD_PARAM) || isParamPresent(ACE_DELETECHILD_PARAM) || isParamPresent(ACE_WRITEDB_PARAM))) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The writeaces option cannot be specified with any other write ACE options").setField(ACE_WRITE_PARAM));
            return commandOutput;
        }
        PolicyServerProto.SecurityPolicyUpdateRequest.Builder newBuilder = PolicyServerProto.SecurityPolicyUpdateRequest.newBuilder();
        Common.SecurityPolicyProperties.Builder policyName = Common.SecurityPolicyProperties.newBuilder().setPolicyName(paramTextValue2);
        LOG.info("securityPolicyModify(): Verifying that " + paramTextValue2 + " refers to an existing security policy");
        PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupByName = securityPolicyLookupByName(paramTextValue, getUserCredentials(), paramTextValue2);
        if (securityPolicyLookupByName.hasStatus() && securityPolicyLookupByName.getStatus() != 0) {
            if (securityPolicyLookupByName.getStatus() == 2) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(2, "Non-existent security policy"));
            } else {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(securityPolicyLookupByName.getStatus(), securityPolicyLookupByName.getErrMsg()));
            }
            return commandOutput;
        }
        if (isParamPresent("id")) {
            policyName.setPolicyId(getParamIntValue("id", 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_VERSION_PARAM)) {
            policyName.setPolicyVersion(getParamIntValue(SECURITY_EXPORT_POLICY_VERSION_PARAM, 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_CTIME_PARAM)) {
            policyName.setCtime(getParamLongValue(SECURITY_EXPORT_POLICY_CTIME_PARAM, 0));
        }
        if (isParamPresent(SECURITY_EXPORT_POLICY_MTIME_PARAM)) {
            policyName.setMtime(getParamLongValue(SECURITY_EXPORT_POLICY_MTIME_PARAM, 0));
        }
        if (isParamPresent(ALLOW_TAGGING_PARAM)) {
            policyName.setTaggingAllowed(getParamBooleanValue(ALLOW_TAGGING_PARAM, 0));
        }
        if (isParamPresent(ACCESS_CONTROL_PARAM)) {
            String paramTextValue3 = getParamTextValue(ACCESS_CONTROL_PARAM, 0);
            if (paramTextValue3.equals("Armed")) {
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Armed);
            } else if (paramTextValue3.equals("Disarmed")) {
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Disarmed);
            } else {
                if (!paramTextValue3.equals("Denied")) {
                    outputHierarchy.addMessage(getCommandUsage());
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid value for accesscontrol"));
                    return commandOutput;
                }
                policyName.setAccessControl(Common.SecurityPolicyAccessControl.Denied);
            }
        }
        if (isParamPresent("description")) {
            String trim = getParamTextValue("description", 0).trim();
            StringBuilder sb2 = new StringBuilder();
            if (!isValidSecurityPolicyDescription(trim, sb2)) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, sb2.toString()));
                return commandOutput;
            }
            policyName.setDescription(trim);
        }
        if (isParamPresent("auditenabled")) {
            policyName.setAuditDataAccess(getParamBooleanValue("auditenabled", 0));
        }
        if (isParamPresent("wiresecurityenabled")) {
            policyName.setWireSecurityEnabled(getParamBooleanValue("wiresecurityenabled", 0));
        }
        if (isParamPresent("disabledataauditops") && isParamPresent("dataauditops")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "either of dataauditops or disabledataauditops can be used, but not both."));
            return commandOutput;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if (isParamPresent("disabledataauditops")) {
            String paramTextValue4 = getParamTextValue("disabledataauditops", 0);
            newBuilder.setReplaceDisabledAuditOps(true);
            if (paramTextValue4.equals("")) {
                arrayList.add(Common.FSAuditOperations.AuditAll);
            } else if (!VolumeCommands.validateAndAddFsOperations(arrayList, arrayList2, paramTextValue4, false)) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid disabledataauditops text specified, text = " + paramTextValue4));
                return commandOutput;
            }
        } else if (isParamPresent("dataauditops")) {
            String paramTextValue5 = getParamTextValue("dataauditops", 0);
            if (!VolumeCommands.validateAndAddFsOperations(arrayList, arrayList2, paramTextValue5, true)) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid dataauditops text specified, text = " + paramTextValue5));
                return commandOutput;
            }
            if (isParamPresent(EXPORT_DATA_AUDIT_OPS_VAL_PARAM)) {
                policyName.setFsAuditDisabledOperations(getParamLongValue(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, 0));
            }
        }
        if (arrayList.contains(Common.FSAuditOperations.AuditAll) && arrayList.size() > 1) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "When specifying +all,  cannot enable any other operation"));
            return commandOutput;
        }
        if (arrayList2.contains(Common.FSAuditOperations.AuditAll) && arrayList2.size() > 1) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "When specifying -all,  cannot disable any other operation"));
            return commandOutput;
        }
        for (int i = 0; i < arrayList.size(); i++) {
            if (arrayList2.contains(arrayList.get(i))) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Cannot specify an audit operation both for enable and disable"));
                return commandOutput;
            }
        }
        if (arrayList.size() > 0) {
            newBuilder.addAllFsAuditEnabledOperations(arrayList);
        }
        if (arrayList2.size() > 0) {
            newBuilder.addAllFsAuditDisabledOperations(arrayList2);
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            LOG.debug("Enable Op = " + ((Common.FSAuditOperations) it.next()).toString());
        }
        Iterator it2 = arrayList2.iterator();
        while (it2.hasNext()) {
            LOG.debug("Disable Op = " + ((Common.FSAuditOperations) it2.next()).toString());
        }
        Common.FileACEs.Builder newBuilder2 = Common.FileACEs.newBuilder();
        ArrayList arrayList3 = new ArrayList();
        if (buildAces(newBuilder2, arrayList3, outputHierarchy) < 0) {
            return commandOutput;
        }
        if (fileAcesUpdated) {
            policyName.setFileAces(newBuilder2);
        }
        if (dbAcesUpdated) {
            policyName.addAllDbStreamAces(arrayList3);
        }
        Security.AccessControlList.Builder builder = null;
        boolean z = false;
        CLDBProto.SecureObjectType secureObjectType = CLDBProto.SecureObjectType.OBJECT_TYPE_SECURITYPOLICY;
        if (isParamPresent("user")) {
            builder = Security.AccessControlList.newBuilder();
            z = true;
            List<Security.AclEntry> actionsToAcls = AclCommands.actionsToAcls(this.input.getParameterByName("user").getParamValues(), this.userInfo, secureObjectType, true, outputHierarchy);
            if (actionsToAcls == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, "Acl set failed - invalid list of user permissions, valid permissions are: [r, a, fc]").setField("user"));
                commandOutput.setOutput(outputHierarchy);
                return commandOutput;
            }
            builder.addAllAcl(actionsToAcls);
        }
        if (isParamPresent("group")) {
            if (!z) {
                builder = Security.AccessControlList.newBuilder();
                z = true;
            }
            List<Security.AclEntry> actionsToAcls2 = AclCommands.actionsToAcls(this.input.getParameterByName("group").getParamValues(), this.userInfo, secureObjectType, false, outputHierarchy);
            if (actionsToAcls2 == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10003, "Acl set failed - invalid list of group permissions, valid permissions are: [r, a, fc]").setField("group"));
                commandOutput.setOutput(outputHierarchy);
                return commandOutput;
            }
            builder.addAllAcl(actionsToAcls2);
        }
        if (z) {
            policyName.setAcl(builder);
        }
        newBuilder.setProperties(policyName.build());
        newBuilder.setCreds(getUserCredentials());
        byte[] sendRequestToPolicyServer = isParamPresent("cluster") ? PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(getParamTextValue("cluster", 0), PolicyServerProto.SecurityPolicyProc.SecurityPolicyUpdateProc.getNumber(), newBuilder.build(), PolicyServerProto.SecurityPolicyUpdateResponse.class) : PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(PolicyServerProto.SecurityPolicyProc.SecurityPolicyUpdateProc.getNumber(), newBuilder.build(), PolicyServerProto.SecurityPolicyUpdateResponse.class);
        if (sendRequestToPolicyServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Cannot connect to the policy server"));
            return commandOutput;
        }
        PolicyServerProto.SecurityPolicyUpdateResponse parseFrom = PolicyServerProto.SecurityPolicyUpdateResponse.parseFrom(sendRequestToPolicyServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully updated security policy '" + paramTextValue2 + "'");
        } else {
            String str = "Security policy update of " + paramTextValue2 + " failed";
            if (parseFrom.hasErrMsg()) {
                str = str + ": " + parseFrom.getErrMsg();
            }
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), str).setField("name").setFieldValue(paramTextValue2));
        }
        return commandOutput;
    }

    CommandOutput securityPolicyInfo() throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
        commandOutput.setOutput(outputHierarchy);
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing security policy name in the command to create security policy").setField("name"));
            return commandOutput;
        }
        String paramTextValue = getParamTextValue("name", 0);
        if (paramTextValue == null) {
            outputHierarchy.addMessage(getCommandUsage());
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10001, "Security policy name argument missing."));
            return commandOutput;
        }
        String str = null;
        if (isParamPresent("cluster")) {
            str = getParamTextValue("cluster", 0);
        }
        String paramTextValue2 = isParamPresent("output") ? getParamTextValue("output", 0) : "verbose";
        if (!paramTextValue2.equals(AlarmCommands.ALARM_TERSE_NAME_PARAM_NAME) && !paramTextValue2.equals("verbose")) {
            outputHierarchy.addMessage(getCommandUsage());
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The output parameter must be either verbose or terse (default verbose). "));
            return commandOutput;
        }
        LOG.info("securityPolicyInfo: Looking up security policy name " + paramTextValue);
        PolicyServerProto.LookupSecurityPolicyResponse securityPolicyLookupByName = securityPolicyLookupByName(str, getUserCredentials(), paramTextValue);
        if (securityPolicyLookupByName.getStatus() == 0) {
            LOG.info("securityPolicyInfo: Lookup of security policy name " + paramTextValue + " successful");
            outputHierarchy.addNode(formatSecurityPolicyProperties(securityPolicyLookupByName.getProperties(0), paramTextValue2.equals(AlarmCommands.ALARM_TERSE_NAME_PARAM_NAME), getColumns()));
        } else {
            LOG.info("securityPolicyInfo: Lookup of security policy name " + paramTextValue + " failed, status=" + Errno.toString(securityPolicyLookupByName.getStatus()));
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(2, "Security policy lookup of " + paramTextValue + " failed, " + (securityPolicyLookupByName.getStatus() == 2 ? "No such security policy" : securityPolicyLookupByName.getErrMsg())));
        }
        return commandOutput;
    }

    int buildAces(Common.FileACEs.Builder builder, List<Common.DBStreamAceEntry> list, CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        if (isParamPresent(ACE_READ_PARAM)) {
            try {
                String paramTextValue = getParamTextValue(ACE_READ_PARAM, 0);
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceRead).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceLookupDir).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceReadDir).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceExecute).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceReadDB).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceTraverse).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue))).build());
                dbAcesUpdated = true;
                fileAcesUpdated = true;
            } catch (IOException e) {
                LOG.error("Unable to parse security policy readaces arguments");
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Error parsing read security policy ACEs: " + e.getMessage()));
                return -1;
            }
        }
        if (isParamPresent(ACE_WRITE_PARAM)) {
            try {
                String paramTextValue2 = getParamTextValue(ACE_WRITE_PARAM, 0);
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceWrite).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue2))).build());
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceAddChild).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue2))).build());
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceDeleteChild).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue2))).build());
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceWriteDB).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(paramTextValue2))).build());
                dbAcesUpdated = true;
                fileAcesUpdated = true;
            } catch (IOException e2) {
                LOG.error("Unable to parse security policy readaces arguments");
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Error parsing write security policy ACEs: " + e2.getMessage()));
                return -1;
            }
        }
        try {
            if (isParamPresent(ACE_READFILE_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceRead).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_READFILE_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_WRITEFILE_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceWrite).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_WRITEFILE_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_EXECUTEFILE_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceExecute).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_EXECUTEFILE_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_READDIR_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceReadDir).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_READDIR_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_ADDCHILD_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceAddChild).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_ADDCHILD_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_DELETECHILD_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceDeleteChild).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_DELETECHILD_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_LOOKUPDIR_PARAM)) {
                builder.addAces(Common.FileACE.newBuilder().setAccessType(Common.FSAccessType.AceLookupDir).setBoolExp(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_LOOKUPDIR_PARAM, 0)))).build());
                fileAcesUpdated = true;
            }
            if (isParamPresent(ACE_READDB_PARAM)) {
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceReadDB).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_READDB_PARAM, 0)))).build());
                dbAcesUpdated = true;
            }
            if (isParamPresent(ACE_WRITEDB_PARAM)) {
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceWriteDB).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_WRITEDB_PARAM, 0)))).build());
                dbAcesUpdated = true;
            }
            if (isParamPresent(ACE_TRAVERSEDB_PARAM)) {
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceTraverse).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_TRAVERSEDB_PARAM, 0)))).build());
                dbAcesUpdated = true;
            }
            if (isParamPresent(ACE_UNMASKED_READ_PARAM)) {
                list.add(Common.DBStreamAceEntry.newBuilder().setAccessType(Common.DBStreamAccessType.AceUnmaskedReadDB).setExpr(ByteString.copyFromUtf8(AceHelper.toPostfix(getParamTextValue(ACE_UNMASKED_READ_PARAM, 0)))).build());
                dbAcesUpdated = true;
            }
            return 0;
        } catch (IOException e3) {
            LOG.error("Unable to parse security policy ace arguments");
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Error parsing security policy ACEs: " + e3.getMessage()));
            return -1;
        }
    }

    CommandOutput.OutputHierarchy.OutputNode formatSecurityPolicyProperties(Common.SecurityPolicyProperties securityPolicyProperties, boolean z, BitSet bitSet) throws CLIProcessingException {
        LOG.debug("formatSecurityPolicyProperties, formatting security policy " + securityPolicyProperties.getPolicyName());
        CommandOutput.OutputHierarchy.OutputNode outputNode = new CommandOutput.OutputHierarchy.OutputNode();
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.policyName.getNumber())) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.policyName).getName(z), securityPolicyProperties.getPolicyName()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.policyId.getNumber())) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.policyId).getName(z), securityPolicyProperties.getPolicyId()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.description.getNumber()) && securityPolicyProperties.hasDescription()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.description).getName(z), securityPolicyProperties.getDescription()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.mtime.getNumber()) && securityPolicyProperties.hasMtime()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.mtime).getName(z), z ? String.valueOf(securityPolicyProperties.getMtime()) : new Date(securityPolicyProperties.getMtime()).toString()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.ctime.getNumber()) && securityPolicyProperties.hasCtime()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.ctime).getName(z), z ? String.valueOf(securityPolicyProperties.getCtime()) : new Date(securityPolicyProperties.getCtime()).toString()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.wireSecurityEnabled.getNumber()) && securityPolicyProperties.hasWireSecurityEnabled()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.wireSecurityEnabled).getName(z), Boolean.valueOf(securityPolicyProperties.getWireSecurityEnabled())));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.auditDataAccess.getNumber()) && securityPolicyProperties.hasAuditDataAccess()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.auditDataAccess).getName(z), Boolean.valueOf(securityPolicyProperties.getAuditDataAccess())));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.allowTagging.getNumber()) && securityPolicyProperties.hasTaggingAllowed()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.allowTagging).getName(z), Boolean.valueOf(securityPolicyProperties.getTaggingAllowed())));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.accessControl.getNumber()) && securityPolicyProperties.hasAccessControl()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.accessControl).getName(z), securityPolicyProperties.getAccessControl()));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.auditEnableOperations.getNumber()) && securityPolicyProperties.hasFsAuditDisabledOperations()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.auditEnableOperations).getName(z), GetStringsForAuditOps.getEnabledOps(securityPolicyProperties.getFsAuditDisabledOperations())));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.auditDisableOperations.getNumber()) && securityPolicyProperties.hasFsAuditDisabledOperations()) {
            outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.auditDisableOperations).getName(z), GetStringsForAuditOps.getDisabledOps(securityPolicyProperties.getFsAuditDisabledOperations())));
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.policyAcl.getNumber())) {
            CLDBProto.SecureObjectType secureObjectType = CLDBProto.SecureObjectType.OBJECT_TYPE_SECURITYPOLICY;
            if (securityPolicyProperties.hasAcl()) {
                CommandOutput.OutputHierarchy formatAcl = AclCommands.formatAcl(securityPolicyProperties.getAcl(), secureObjectType, "short", this.userInfo, new ArrayList(), new ArrayList());
                Iterator it = formatAcl.getOutputErrors().iterator();
                while (it.hasNext()) {
                    LOG.info("Error in output:" + ((CommandOutput.OutputHierarchy.OutputError) it.next()).toString());
                }
                Iterator it2 = formatAcl.getOutputNodes().iterator();
                while (it2.hasNext()) {
                    outputNode.addNode(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.policyAcl).getName(z), (CommandOutput.OutputHierarchy.OutputNode) it2.next()));
                }
            }
        }
        if (bitSet.get(PolicyServerProto.SecurityPolicyInfoFields.policyAces.getNumber()) && (securityPolicyProperties.hasFileAces() || securityPolicyProperties.getDbStreamAcesCount() > 0 || securityPolicyProperties.hasReadAces() || securityPolicyProperties.hasWriteAces())) {
            if (isParamPresent(EXPAND_ACES_PARAM) && getParamBooleanValue(EXPAND_ACES_PARAM, 0)) {
                securityPolicyProperties = AceUtil.expandSecurityPolicyAces(securityPolicyProperties);
            }
            CommandOutput.OutputHierarchy.OutputNode outputNode2 = new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(PolicyServerProto.SecurityPolicyInfoFields.policyAces).getName(z));
            try {
                if (securityPolicyProperties.hasReadAces()) {
                    outputNode2.addChild(new CommandOutput.OutputHierarchy.OutputNode(ACE_READ_PARAM, AceHelper.toInfix(securityPolicyProperties.getReadAces().toStringUtf8())));
                }
                for (Common.FileACE fileACE : securityPolicyProperties.getFileAces().getAcesList()) {
                    Common.FSAccessType accessType = fileACE.getAccessType();
                    String str = "";
                    if (accessType == Common.FSAccessType.AceRead) {
                        str = ACE_READFILE_PARAM;
                    } else if (accessType == Common.FSAccessType.AceWrite) {
                        str = ACE_WRITEFILE_PARAM;
                    } else if (accessType == Common.FSAccessType.AceExecute) {
                        str = ACE_EXECUTEFILE_PARAM;
                    } else if (accessType == Common.FSAccessType.AceReadDir) {
                        str = ACE_READDIR_PARAM;
                    } else if (accessType == Common.FSAccessType.AceAddChild) {
                        str = ACE_ADDCHILD_PARAM;
                    } else if (accessType == Common.FSAccessType.AceDeleteChild) {
                        str = ACE_DELETECHILD_PARAM;
                    } else if (accessType == Common.FSAccessType.AceLookupDir) {
                        str = ACE_LOOKUPDIR_PARAM;
                    }
                    if (str.length() > 0) {
                        outputNode2.addNode(new CommandOutput.OutputHierarchy.OutputNode(str, AceHelper.toInfix(fileACE.getBoolExp().toStringUtf8())));
                    } else {
                        Assert.assertNotNull((Object) null);
                    }
                }
                for (Common.DBStreamAceEntry dBStreamAceEntry : securityPolicyProperties.getDbStreamAcesList()) {
                    Common.DBStreamAccessType accessType2 = dBStreamAceEntry.getAccessType();
                    String str2 = "";
                    if (accessType2 == Common.DBStreamAccessType.AceReadDB) {
                        str2 = ACE_READDB_PARAM;
                    } else if (accessType2 == Common.DBStreamAccessType.AceWriteDB) {
                        str2 = ACE_WRITEDB_PARAM;
                    } else if (accessType2 == Common.DBStreamAccessType.AceTraverse) {
                        str2 = ACE_TRAVERSEDB_PARAM;
                    } else if (accessType2 == Common.DBStreamAccessType.AceUnmaskedReadDB) {
                        str2 = ACE_UNMASKED_READ_PARAM;
                    }
                    if (str2.length() > 0) {
                        outputNode2.addNode(new CommandOutput.OutputHierarchy.OutputNode(str2, AceHelper.toInfix(dBStreamAceEntry.getExpr().toStringUtf8())));
                    } else {
                        Assert.assertNotNull((Object) null);
                    }
                }
                if (securityPolicyProperties.hasWriteAces()) {
                    outputNode2.addChild(new CommandOutput.OutputHierarchy.OutputNode(ACE_WRITE_PARAM, AceHelper.toInfix(securityPolicyProperties.getWriteAces().toStringUtf8())));
                }
                outputNode.addChild(outputNode2);
            } catch (IOException e) {
                LOG.error("Unable to parse data access ACEs");
                throw new CLIProcessingException("Unable to parse data access ACEs");
            }
        }
        if (outputNode.getChildren().isEmpty()) {
            throw new CLIProcessingException("No columns found in output");
        }
        return outputNode;
    }

    CommandOutput securityPolicyList() throws CLIProcessingException {
        try {
            CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
            CommandOutput commandOutput = new CommandOutput();
            commandOutput.setOutput(outputHierarchy);
            if (isParamPresent("sortby")) {
                String paramTextValue = getParamTextValue("sortby", 0);
                if (nameToEnumMap.get(paramTextValue.toLowerCase()) == null) {
                    LOG.error("failed to list sorted security policies, " + paramTextValue + " is not a valid keyword to sort security policies.");
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid sortkey: " + paramTextValue));
                    return commandOutput;
                }
            }
            if (isParamPresent("sortorder")) {
                if (!isParamPresent("sortby")) {
                    LOG.error("Invalid use of sortorder. Must be used with sortby");
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid use of sortorder. Must be used with sortby"));
                    return commandOutput;
                }
                String paramTextValue2 = getParamTextValue("sortorder", 0);
                if (!paramTextValue2.equalsIgnoreCase("asc") && !paramTextValue2.equalsIgnoreCase("desc")) {
                    LOG.error("Invalid value for sortorder. Valid values are asc and desc");
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid value for sortorder. Valid values are asc and desc"));
                    return commandOutput;
                }
            }
            String paramTextValue3 = isParamPresent("output") ? getParamTextValue("output", 0) : "verbose";
            if (paramTextValue3.equals(AlarmCommands.ALARM_TERSE_NAME_PARAM_NAME) || paramTextValue3.equals("verbose")) {
                list(outputHierarchy);
                return commandOutput;
            }
            outputHierarchy.addMessage(getCommandUsage());
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "The output parameter must be either verbose or terse (default verbose). "));
            return commandOutput;
        } catch (Exception e) {
            throw new CLIProcessingException("Send request exception", e);
        }
    }

    boolean isValidSecurityPolicyName(String str, StringBuilder sb) {
        if (str == null) {
            sb.append("Security Policy Name not found.");
            return false;
        }
        if (str.length() < 0 || str.length() > SECURITY_POLICY_NAME_MAX_LEN) {
            sb.append("Invalid security policy name length " + str.length() + ", valid range is between 0 and " + SECURITY_POLICY_NAME_MAX_LEN);
            return false;
        }
        if (validNamePattern.matcher(str).matches()) {
            return true;
        }
        sb.append("Invalid characters in security policy name '" + str + "'. Only alphanumeric, hyphen(-) and underscore(_) are allowed.");
        return false;
    }

    private BitSet getColumns() throws CLIProcessingException {
        BitSet bitSet = new BitSet(fieldTable.size());
        bitSet.set(0, MAX_SECURITYPOLICYFIELDINFO + 1);
        String paramTextValue = isParamPresent("columns") ? getParamTextValue("columns", 0) : null;
        if (paramTextValue != null && !paramTextValue.equals("all")) {
            bitSet = FilterUtil.getColumns(fieldTable, paramTextValue.trim());
        }
        return bitSet;
    }

    boolean isValidSecurityPolicyDescription(String str, StringBuilder sb) {
        if (str == null) {
            sb.append("Security Policy description not found.");
            return false;
        }
        if (str.length() < 0 || str.length() > SECURITY_POLICY_DESCRIPTION_MAX_LEN) {
            sb.append("Invalid security policy description length " + str.length() + ", valid range is between 0 and " + SECURITY_POLICY_DESCRIPTION_MAX_LEN);
            return false;
        }
        if (validDescPattern.matcher(str).matches()) {
            return true;
        }
        sb.append("Invalid characters in security policy description '" + str + "'. Only alphanumeric, hyphen(-) and underscore(_) are allowed.");
        return false;
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    public void processResponse(CommandOutput.OutputHierarchy outputHierarchy, MessageLite messageLite) throws CLIProcessingException {
        PolicyServerProto.SecurityPolicyListResponse securityPolicyListResponse = (PolicyServerProto.SecurityPolicyListResponse) messageLite;
        boolean equals = getParamTextValue("output", 0).equals(AlarmCommands.ALARM_TERSE_NAME_PARAM_NAME);
        BitSet columns = getColumns();
        if (securityPolicyListResponse.getStatus() != 0) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(securityPolicyListResponse.getStatus(), securityPolicyListResponse.getErrMsg()));
            return;
        }
        for (Common.SecurityPolicyProperties securityPolicyProperties : securityPolicyListResponse.getPropertiesList()) {
            if (this.export) {
                exportSecPol(securityPolicyProperties);
            } else {
                try {
                    outputHierarchy.addNode(formatSecurityPolicyProperties(securityPolicyProperties, equals, columns));
                } catch (CLIProcessingException e) {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, e.getMessage()));
                } catch (Exception e2) {
                    LOG.error("Exception while trying to list security policies", e2);
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Exception while trying to list security policies"));
                }
            }
        }
        if (securityPolicyListResponse.hasTotal()) {
            outputHierarchy.setTotal(securityPolicyListResponse.getTotal());
        }
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    /* renamed from: sendRequest, reason: merged with bridge method [inline-methods] */
    public PolicyServerProto.SecurityPolicyListResponse mo41sendRequest(MessageLite messageLite) throws CLIProcessingException {
        PolicyServerProto.SecurityPolicyListRequest securityPolicyListRequest = (PolicyServerProto.SecurityPolicyListRequest) messageLite;
        try {
            byte[] sendRequestToPolicyServer = isParamPresent("cluster") ? PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(getParamTextValue("cluster", 0), PolicyServerProto.SecurityPolicyProc.SecurityPolicyListProc.getNumber(), securityPolicyListRequest, PolicyServerProto.SecurityPolicyListResponse.class) : PolicyServerRpcCommonUtils.getInstance().sendRequestToPolicyServer(PolicyServerProto.SecurityPolicyProc.SecurityPolicyListProc.getNumber(), securityPolicyListRequest, PolicyServerProto.SecurityPolicyListResponse.class);
            if (sendRequestToPolicyServer == null) {
                LOG.error("RPC Request to list security policies failed. No data returned");
                return null;
            }
            try {
                return PolicyServerProto.SecurityPolicyListResponse.parseFrom(sendRequestToPolicyServer);
            } catch (InvalidProtocolBufferException e) {
                throw new CLIProcessingException("Exception while parsing the RPC response data into SecurityPolicyListResponse proto object.", e);
            }
        } catch (Exception e2) {
            throw new CLIProcessingException(e2);
        }
    }

    private int getLimitParamValue() throws CLIProcessingException {
        return isParamPresent("limit") ? getParamIntValue("limit", 0) : DbCfColCommands.DEFAULT_TTL;
    }

    private int getStartParamValue() throws CLIProcessingException {
        if (isParamPresent("start")) {
            return getParamIntValue("start", 0);
        }
        return 0;
    }

    private PolicyServerProto.SecurityPolicyListRequest.Builder getSecurityPolicyListRequestBuilder() throws CLIProcessingException {
        List<CLIProto.Filter> filters = getFilters(fieldTable, "filter");
        ByteString copyFrom = ByteString.copyFrom(BitSetBytesHelperUtils.toByteArray(getColumns()));
        PolicyServerProto.SecurityPolicyListRequest.Builder newBuilder = PolicyServerProto.SecurityPolicyListRequest.newBuilder();
        if (isParamPresent("sortby")) {
            newBuilder.setSortKey(nameToEnumMap.get(getParamTextValue("sortby", 0).toLowerCase()));
            if (isParamPresent("sortorder")) {
                boolean z = false;
                if (getParamTextValue("sortorder", 0).equalsIgnoreCase("desc")) {
                    z = true;
                }
                newBuilder.setSortDescending(z);
            }
        }
        return newBuilder.setCreds(getUserCredentials()).addAllFilter(filters).setColumnsAdd(copyFrom).setLimiter(getNextLimiter(getStartParamValue(), 0, getStartParamValue(), getLimitParamValue(), 100));
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    /* renamed from: buildNextRequest, reason: merged with bridge method [inline-methods] */
    public PolicyServerProto.SecurityPolicyListRequest mo42buildNextRequest(MessageLite messageLite, MessageLite messageLite2) throws CLIProcessingException {
        PolicyServerProto.SecurityPolicyListRequest.Builder newBuilder = messageLite != null ? PolicyServerProto.SecurityPolicyListRequest.newBuilder((PolicyServerProto.SecurityPolicyListRequest) messageLite) : getSecurityPolicyListRequestBuilder();
        if (messageLite2 != null) {
            newBuilder.setLimiter(getNextLimiter(newBuilder.getLimiter().getStart(), ((PolicyServerProto.SecurityPolicyListResponse) messageLite2).getPropertiesCount(), getStartParamValue(), getLimitParamValue(), 100));
        }
        return newBuilder.build();
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    public boolean hasMore(MessageLite messageLite, MessageLite messageLite2) throws CLIProcessingException {
        return hasMore(getStartParamValue(), getLimitParamValue(), ((PolicyServerProto.SecurityPolicyListRequest) messageLite).getLimiter().getStart(), ((PolicyServerProto.SecurityPolicyListResponse) messageLite2).getPropertiesCount());
    }

    static {
        MAX_SECURITYPOLICYFIELDINFO = 0;
        int i = 0;
        for (PolicyServerProto.SecurityPolicyInfoFields securityPolicyInfoFields : PolicyServerProto.SecurityPolicyInfoFields.values()) {
            if (securityPolicyInfoFields.getNumber() > i) {
                i = securityPolicyInfoFields.getNumber();
            }
        }
        MAX_SECURITYPOLICYFIELDINFO = i;
        StringBuilder sb = new StringBuilder();
        for (CLDBProto.ListSortKey listSortKey : CLDBProto.ListSortKey.values()) {
            if (listSortKey.name().startsWith("SecurityPolicy")) {
                nameToEnumMap.put(listSortKey.name().toLowerCase(), listSortKey);
                if (sb.length() == 0) {
                    sb.append(listSortKey.name().toLowerCase());
                } else {
                    sb.append("|" + listSortKey.name().toLowerCase());
                }
            }
        }
        supportedSortKeys = "<" + sb.toString() + ">";
        for (FieldInfo fieldInfo : fieldTable.values()) {
            CLDBProto.ListSortKey listSortKey2 = fieldInfo.getListSortKey();
            if (listSortKey2 != null) {
                nameToEnumMap.put(fieldInfo.getShortName().toLowerCase(), listSortKey2);
                nameToEnumMap.put(fieldInfo.getLongName().toLowerCase(), listSortKey2);
            }
        }
        securityPolicyListUsage = "security policy list [ -cluster clusterName] [ -expandaces true/false ] [ -output terse|verbose (default:verbose)[ -start start. default: 0 ][ -limit limit (default:2147483647)] [ -filter filters (default:none)] [ -columns comma separated list of column names(default:all)] [ -sortby" + supportedSortKeys + "[ -sortorder asc|desc]";
        securityPolicyCreateCommand = new CLICommand("create", "usage : " + securityPolicyCreateUsage, SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "securityPolicyName", true, (String) null)).put("id", new IntegerInputParameter("id", "securityPolicyId", false, (Integer) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_VERSION_PARAM, new IntegerInputParameter(SECURITY_EXPORT_POLICY_VERSION_PARAM, "securityPolicyVer", false, (Integer) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_CTIME_PARAM, new LongInputParameter(SECURITY_EXPORT_POLICY_CTIME_PARAM, "securityPolicyCtime", false, (Object) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_MTIME_PARAM, new LongInputParameter(SECURITY_EXPORT_POLICY_MTIME_PARAM, "securityPolicyMtime", false, (Object) null).setInvisible(true)).put(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, new LongInputParameter(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, "data audit operations", false, (Object) null).setInvisible(true)).put("description", new TextInputParameter("description", "description", false, (String) null)).put("cluster", new TextInputParameter("cluster", "cluster", false, (String) null)).put(ALLOW_TAGGING_PARAM, new BooleanInputParameter(ALLOW_TAGGING_PARAM, "Allow Tagging true|false, default: false", false, (Boolean) null)).put(ACCESS_CONTROL_PARAM, new TextInputParameter(ACCESS_CONTROL_PARAM, "Access Constrols for policy Armed|Disarmed|Denied, default: Disarmed", false, (String) null)).put("auditenabled", new BooleanInputParameter("auditenabled", "Enable auditing, default: false", false, (Boolean) null)).put("dataauditops", new TextInputParameter("dataauditops", "data audit operations", false, (String) null)).put("wiresecurityenabled", new BooleanInputParameter("wiresecurityenabled", "Enable wire-level encryption, default: true (secure clusters), false (insecure clusters)", false, (Boolean) null)).put(ACE_READFILE_PARAM, new TextInputParameter(ACE_READFILE_PARAM, "ACE controlling who can read from this file", false, (String) null)).put(ACE_WRITEFILE_PARAM, new TextInputParameter(ACE_WRITEFILE_PARAM, "ACE controlling who can write to this file", false, (String) null)).put(ACE_EXECUTEFILE_PARAM, new TextInputParameter(ACE_EXECUTEFILE_PARAM, "ACE controlling who can execute this file", false, (String) null)).put(ACE_READDIR_PARAM, new TextInputParameter(ACE_READDIR_PARAM, "ACE controlling who can read the contents of files in this directory", false, (String) null)).put(ACE_ADDCHILD_PARAM, new TextInputParameter(ACE_ADDCHILD_PARAM, "ACE controlling who can create files and directories in this directory", false, (String) null)).put(ACE_DELETECHILD_PARAM, new TextInputParameter(ACE_DELETECHILD_PARAM, "ACE controlling who can delete files and directories in this directory", false, (String) null)).put(ACE_LOOKUPDIR_PARAM, new TextInputParameter(ACE_LOOKUPDIR_PARAM, "ACE controlling who can list the contents in this directory", false, (String) null)).put(ACE_READDB_PARAM, new TextInputParameter(ACE_READDB_PARAM, "ACE for DB CF reads", false, (String) null)).put(ACE_WRITEDB_PARAM, new TextInputParameter(ACE_WRITEDB_PARAM, "ACE for DB CF writes", false, (String) null)).put(ACE_TRAVERSEDB_PARAM, new TextInputParameter(ACE_TRAVERSEDB_PARAM, "ACE for DB CF travese", false, (String) null)).put(ACE_UNMASKED_READ_PARAM, new TextInputParameter(ACE_UNMASKED_READ_PARAM, "ACE for DB unmasked reads", false, (String) null)).put(ACE_READ_PARAM, new TextInputParameter(ACE_READ_PARAM, "Convenience ACE to set permissions for readfileace, executefileace, readdirace, lookupdirace, readdbace, and traversedbace.", false, (String) null)).put(ACE_WRITE_PARAM, new TextInputParameter(ACE_WRITE_PARAM, "Convenience ACE to set write permissions for writefileace, addchildace, deletechildace, and writedbace.", false, (String) null)).put("user", new TextInputParameter("user", "space separated list of user:permissions,permissions,... to be set", false, (String) null)).put("group", new TextInputParameter("group", "space separated list of group:permissions,permissions,... to be set", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(securityPolicyCreateUsage);
        securityPolicyModifyCommand = new CLICommand(S3DomainCommands.DOMAIN_COMMAND_MODIFY, "usage : " + securityPolicyModifyUsage, SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "securityPolicyName", true, (String) null)).put("id", new IntegerInputParameter("id", "securityPolicyId", false, (Integer) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_VERSION_PARAM, new IntegerInputParameter(SECURITY_EXPORT_POLICY_VERSION_PARAM, "securityPolicyVer", false, (Integer) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_CTIME_PARAM, new LongInputParameter(SECURITY_EXPORT_POLICY_CTIME_PARAM, "securityPolicyCtime", false, (Object) null).setInvisible(true)).put(SECURITY_EXPORT_POLICY_MTIME_PARAM, new LongInputParameter(SECURITY_EXPORT_POLICY_MTIME_PARAM, "securityPolicyMtime", false, (Object) null).setInvisible(true)).put(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, new LongInputParameter(EXPORT_DATA_AUDIT_OPS_VAL_PARAM, "data audit operations", false, (Object) null).setInvisible(true)).put("description", new TextInputParameter("description", "description", false, (String) null)).put("cluster", new TextInputParameter("cluster", "cluster", false, (String) null)).put(ALLOW_TAGGING_PARAM, new BooleanInputParameter(ALLOW_TAGGING_PARAM, "Allow Tagging true|false, default: false", false, (Boolean) null)).put(ACCESS_CONTROL_PARAM, new TextInputParameter(ACCESS_CONTROL_PARAM, "Access Constrols for policy Armed|Disarmed|Denied, default: Disarmed", false, (String) null)).put("auditenabled", new BooleanInputParameter("auditenabled", "Enable auditing", false, (Boolean) null)).put("dataauditops", new TextInputParameter("dataauditops", "data audit operations", false, (String) null)).put("disabledataauditops", new TextInputParameter("disabledataauditops", "disable data audit operations", false, (String) null)).put("wiresecurityenabled", new BooleanInputParameter("wiresecurityenabled", "Enable wire-level encryption, default: true (secure clusters), false (insecure clusters)", false, (Boolean) null)).put(ACE_READFILE_PARAM, new TextInputParameter(ACE_READFILE_PARAM, "ACE controlling who can read from this file", false, (String) null)).put(ACE_WRITEFILE_PARAM, new TextInputParameter(ACE_WRITEFILE_PARAM, "ACE controlling who can write to this file", false, (String) null)).put(ACE_EXECUTEFILE_PARAM, new TextInputParameter(ACE_EXECUTEFILE_PARAM, "ACE controlling who can execute this file", false, (String) null)).put(ACE_READDIR_PARAM, new TextInputParameter(ACE_READDIR_PARAM, "ACE controlling who can read the contents of files in this directory", false, (String) null)).put(ACE_ADDCHILD_PARAM, new TextInputParameter(ACE_ADDCHILD_PARAM, "ACE controlling who can create files and directories in this directory", false, (String) null)).put(ACE_DELETECHILD_PARAM, new TextInputParameter(ACE_DELETECHILD_PARAM, "ACE controlling who can delete files and directories in this directory", false, (String) null)).put(ACE_LOOKUPDIR_PARAM, new TextInputParameter(ACE_LOOKUPDIR_PARAM, "ACE controlling who can list the contents in this directory", false, (String) null)).put(ACE_READDB_PARAM, new TextInputParameter(ACE_READDB_PARAM, "ACE for DB CF reads", false, (String) null)).put(ACE_WRITEDB_PARAM, new TextInputParameter(ACE_WRITEDB_PARAM, "ACE for DB CF writes", false, (String) null)).put(ACE_TRAVERSEDB_PARAM, new TextInputParameter(ACE_TRAVERSEDB_PARAM, "ACE for DB CF travese", false, (String) null)).put(ACE_UNMASKED_READ_PARAM, new TextInputParameter(ACE_UNMASKED_READ_PARAM, "ACE for DB unmasked reads", false, (String) null)).put(ACE_READ_PARAM, new TextInputParameter(ACE_READ_PARAM, "Convenience ACE for readfileace, executefileace, readdirace, lookupdirace, readdbace, and traversedbace.", false, (String) null)).put(ACE_WRITE_PARAM, new TextInputParameter(ACE_WRITE_PARAM, "Convenience ACE for writefileace, addchildace, deletechildace, and writedbace.", false, (String) null)).put("user", new TextInputParameter("user", "space separated list of user:permissions,permissions,... to be set", false, (String) null)).put("group", new TextInputParameter("group", "space separated list of group:permissions,permissions,... to be set", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(securityPolicyModifyUsage);
        securityPolicyListCommand = new CLICommand("list", "usage : " + securityPolicyListUsage, SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("cluster", new TextInputParameter("cluster", "clusterName", false, (String) null)).put(EXPAND_ACES_PARAM, new BooleanInputParameter(EXPAND_ACES_PARAM, "Expand read/write aces into respective fields for display, default: false", false, (Boolean) null)).put("output", new TextInputParameter("output", "verbose", false, "verbose")).put("start", new IntegerInputParameter("start", "start", false, 0)).put("limit", new IntegerInputParameter("limit", "limit", false, Integer.valueOf(DbCfColCommands.DEFAULT_TTL))).put("filter", new FilterInputParameter("filter", "none", false, "none")).put("columns", new TextInputParameter("columns", "all", false, "all")).put("sortorder", new TextInputParameter("sortorder", "<asc|desc>", false, (String) null)).put("sortby", new TextInputParameter("sortby", supportedSortKeys + ", column names of supported fields.", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(securityPolicyListUsage);
        securityPolicyImportCommand = new CLICommand("import", "", SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put(FILE_NAME_PARAM, new TextInputParameter(FILE_NAME_PARAM, VolumeMetricsCommand.FILE_NAME, true, (String) null)).build(), (CLICommand[]) null);
        securityPolicyExportCommand = new CLICommand(UsageExportCommands.EXPORT_PARAM_NAME, "", SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("filter", new FilterInputParameter("filter", "none", false, "none").setInvisible(true)).put("output", new TextInputParameter("output", "verbose", false, "verbose").setInvisible(true)).build(), (CLICommand[]) null);
        securityPolicyInfoCommand = new CLICommand(S3DomainCommands.DOMAIN_COMMAND_INFO, "usage : security policy info [ -cluster clusterName] [ -expandaces true/false ] [ -output terse|verbose. Default: verbose ] [ -columns comma separated list of column names. Default: all ] ", SecurityPolicyCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "securityPolicyName", true, (String) null)).put(EXPAND_ACES_PARAM, new BooleanInputParameter(EXPAND_ACES_PARAM, "Expand read/write aces into respective fields for display, default: false", false, (Boolean) null)).put("cluster", new TextInputParameter("cluster", "cluster", false, (String) null)).put("output", new TextInputParameter("output", "verbose", false, "verbose")).put("columns", new TextInputParameter("columns", "comma separated list of column names", false, "all")).build(), (CLICommand[]) null).setShortUsage(securityPolicyInfoUsage);
        securityPolicyCommandsArray = new CLICommand[]{securityPolicyCreateCommand, securityPolicyModifyCommand, securityPolicyListCommand, securityPolicyInfoCommand, securityPolicyImportCommand, securityPolicyExportCommand};
        securityPolicyCommands = new CLICommand("policy", "policy", CLIUsageOnlyCommand.class, CLICommand.ExecutionTypeEnum.NATIVE, securityPolicyCommandsArray).setShortUsage("security policy [create|modify|info|list|import|export]");
    }
}
