package com.mapr.cli;

import com.google.common.collect.ImmutableMap;
import com.google.protobuf.InvalidProtocolBufferException;
import com.google.protobuf.MessageLite;
import com.mapr.baseutils.Errno;
import com.mapr.baseutils.iamserverutils.IamServerRpcCommonUtils;
import com.mapr.cli.common.ListCommand;
import com.mapr.cliframework.base.CLICommand;
import com.mapr.cliframework.base.CLIInterface;
import com.mapr.cliframework.base.CLIProcessingException;
import com.mapr.cliframework.base.CLIUsageOnlyCommand;
import com.mapr.cliframework.base.CommandOutput;
import com.mapr.cliframework.base.ProcessedInput;
import com.mapr.cliframework.base.TextCommandOutput;
import com.mapr.cliframework.base.inputparams.IntegerInputParameter;
import com.mapr.cliframework.base.inputparams.TextInputParameter;
import com.mapr.cliframework.util.FieldInfo;
import com.mapr.fs.cldb.proto.CLDBProto;
import com.mapr.fs.policyserver.iam.IamSupportUtils;
import com.mapr.fs.proto.IAMServerProto;
import com.mapr.fs.proto.PolicyServerProto;
import com.mapr.fs.proto.Security;
import com.mapr.security.UnixUserGroupHelper;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/mapr/cli/IamRolesCommands.class */
public class IamRolesCommands extends ListCommand implements CLIInterface {
    private static final String IDENTITY_ROLE_PARAM_NAME = "name";
    private static final String IDENTITY_ROLE_PARAM_DESCRIPTION = "desc";
    private static final String IDENTITY_ROLE_PARAM_ROLE_CONTENT = "content";
    private static final String START_PARAM = "start";
    private static final String LIMIT_PARAM = "limit";
    private static final String IAM_ROLE_NAME_REGEX = "[a-zA-Z0-9\\-_]*";
    private static final String IAM_ROLE_DESCRIPTION_REGEX = "[a-zA-Z0-9\\-_\\s]*";
    Security.CredentialsMsg creds;
    private UnixUserGroupHelper uugh;
    private static final Logger LOG = Logger.getLogger(IamRolesCommands.class);
    private static final Integer MAX_ROLES_PER_PRC = 100;
    private static final Integer KEYCLOACK_CACHE_EXPIRY_IN_MINS = 100;
    private static Map<IAMServerProto.RolesInfoFields, FieldInfo> fieldTable = new ImmutableMap.Builder().put(IAMServerProto.RolesInfoFields.roleName, new FieldInfo(IAMServerProto.RolesInfoFields.roleName.getNumber(), VolumeDumpFileCommands.CREATE_NEW_VOLUME, "Name", String.class, (CLDBProto.ListSortKey) null)).put(IAMServerProto.RolesInfoFields.roleDescription, new FieldInfo(IAMServerProto.RolesInfoFields.roleDescription.getNumber(), "desc", "Description", String.class, (CLDBProto.ListSortKey) null)).put(IAMServerProto.RolesInfoFields.id, new FieldInfo(IAMServerProto.RolesInfoFields.id.getNumber(), "id", "Id", String.class, (CLDBProto.ListSortKey) null)).put(IAMServerProto.RolesInfoFields.identities, new FieldInfo(IAMServerProto.RolesInfoFields.identities.getNumber(), "identities", "Identities", String.class, (CLDBProto.ListSortKey) null)).put(IAMServerProto.RolesInfoFields.users, new FieldInfo(IAMServerProto.RolesInfoFields.users.getNumber(), "u", "Users", String.class, (CLDBProto.ListSortKey) null)).put(IAMServerProto.RolesInfoFields.groups, new FieldInfo(IAMServerProto.RolesInfoFields.groups.getNumber(), "g", "Groups", String.class, (CLDBProto.ListSortKey) null)).build();
    private static final String createCustomRoleUsage = "role create -name <Role Name>[ -desc <Role Description> ][ -cluster <Cluster Name> ]";
    private static final CLICommand createCustomRoleCommand = new CLICommand("create", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put("desc", new TextInputParameter("desc", "<Role Description>", false, (String) null)).put("cluster", new TextInputParameter("cluster", "<Cluster Name>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(createCustomRoleUsage);
    private static final String modifyCustomRoleUsage = "role modify -name <Role Name>-desc <Role Description>[ -cluster <Cluster Name> ]";
    private static final CLICommand modifyCustomRoleCommand = new CLICommand(S3DomainCommands.DOMAIN_COMMAND_MODIFY, "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put("desc", new TextInputParameter("desc", "<Role Description>", true, (String) null)).put("cluster", new TextInputParameter("cluster", "<Cluster Name>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(modifyCustomRoleUsage);
    private static final String infoCustomRoleUsage = "role info -name <Role Name>[ -cluster <Cluster Name> ]";
    private static final CLICommand infoCustomRoleCommand = new CLICommand("info", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put("cluster", new TextInputParameter("cluster", "<Cluster Name>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(infoCustomRoleUsage);
    private static final String listCustomRoleUsage = "role list -name <Role Name>-cluster <Cluster Name>[ -start start (default: 0) ][ -limit limit (default:2147483647)] ";
    private static final CLICommand listCustomRoleCommand = new CLICommand("list", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("cluster", new TextInputParameter("cluster", "<Cluster Name>", false, (String) null)).put("limit", new IntegerInputParameter("limit", "<Limit>", false, Integer.valueOf(DbCfColCommands.DEFAULT_TTL))).put("start", new IntegerInputParameter("start", "<Start>", false, 0)).build(), (CLICommand[]) null).setShortUsage(listCustomRoleUsage);
    private static final String removeCustomRoleUsage = "role remove -name <Role Name>[ -cluster <Cluster Name> ]";
    private static final CLICommand removeCustomRoleCommand = new CLICommand(ClusterGroupCommands.CLUSTERGROUP_COMMAND_REMOVE, "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put("cluster", new TextInputParameter("cluster", "<Cluster Name>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(removeCustomRoleUsage);
    private static final String IDENTITY_ROLE_PARAM_USERS = "users";
    private static final String IDENTITY_ROLE_PARAM_GROUPS = "groups";
    private static final String attachCustomRoleUsage = "role attach -role <Role Name>[ -users <List of Users> ][ -groups <List of Groups> ]";
    private static final CLICommand attachCustomRoleCommand = new CLICommand("attach", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put(IDENTITY_ROLE_PARAM_USERS, new TextInputParameter(IDENTITY_ROLE_PARAM_USERS, "<List of Users>", false, (String) null)).put(IDENTITY_ROLE_PARAM_GROUPS, new TextInputParameter(IDENTITY_ROLE_PARAM_GROUPS, "<List of Groups>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(attachCustomRoleUsage);
    private static final String detachCustomRoleUsage = "role detach -role <Role Name>[ -users <List of Users> ][ -groups <List of Groups> ]";
    private static final CLICommand detachCustomRoleCommand = new CLICommand("detach", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put("name", new TextInputParameter("name", "<Role Name>", true, (String) null)).put(IDENTITY_ROLE_PARAM_USERS, new TextInputParameter(IDENTITY_ROLE_PARAM_USERS, "<List of Users>", false, (String) null)).put(IDENTITY_ROLE_PARAM_GROUPS, new TextInputParameter(IDENTITY_ROLE_PARAM_GROUPS, "<List of Groups>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(detachCustomRoleUsage);
    private static final String getAttachedIdentityRolesUsage = "role mapping ( -users <List of Users> | -groups <List of Groups> )";
    private static final CLICommand getAttachedIdentityRolesCommand = new CLICommand("mapping", "", IamRolesCommands.class, CLICommand.ExecutionTypeEnum.NATIVE, new ImmutableMap.Builder().put(IDENTITY_ROLE_PARAM_USERS, new TextInputParameter(IDENTITY_ROLE_PARAM_USERS, "<List of Users>", false, (String) null)).put(IDENTITY_ROLE_PARAM_GROUPS, new TextInputParameter(IDENTITY_ROLE_PARAM_GROUPS, "<List of Groups>", false, (String) null)).build(), (CLICommand[]) null).setShortUsage(getAttachedIdentityRolesUsage);
    public static final CLICommand IamRolesCommands = new CLICommand("role", "", CLIUsageOnlyCommand.class, CLICommand.ExecutionTypeEnum.NATIVE, new CLICommand[]{createCustomRoleCommand, modifyCustomRoleCommand, removeCustomRoleCommand, infoCustomRoleCommand, listCustomRoleCommand, attachCustomRoleCommand, detachCustomRoleCommand, getAttachedIdentityRolesCommand}).setShortUsage("role [create|remove|modify|info|list|attach|detach|mapping]");

    public IamRolesCommands(ProcessedInput processedInput, CLICommand cLICommand) throws CLIProcessingException {
        super(processedInput, cLICommand);
    }

    void initialize() throws CLIProcessingException {
        this.creds = getUserCredentials();
        this.uugh = new UnixUserGroupHelper();
    }

    public CommandOutput executeRealCommand() throws CLIProcessingException {
        initialize();
        CommandOutput.OutputHierarchy outputHierarchy = new CommandOutput.OutputHierarchy();
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        String commandName = this.cliCommand.getCommandName();
        try {
            if (commandName.equalsIgnoreCase("create")) {
                createRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase(S3DomainCommands.DOMAIN_COMMAND_MODIFY)) {
                modifyRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase("info")) {
                infoRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase("list")) {
                listRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase(ClusterGroupCommands.CLUSTERGROUP_COMMAND_REMOVE)) {
                removeRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase("attach")) {
                attachRole(outputHierarchy);
            } else if (commandName.equalsIgnoreCase("detach")) {
                detachRole(outputHierarchy);
            } else {
                if (!commandName.equalsIgnoreCase("mapping")) {
                    return new TextCommandOutput("IAM Role command failed".getBytes());
                }
                getIamRolesMappings(outputHierarchy);
            }
            return commandOutput;
        } catch (Exception e) {
            throw new CLIProcessingException("Exception sending role command to IAM Server, " + e.getLocalizedMessage());
        }
    }

    private IAMServerProto.RoleLookupResponse roleLookup(String str, String str2, CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        IAMServerProto.RoleLookupRequest.Builder newBuilder = IAMServerProto.RoleLookupRequest.newBuilder();
        newBuilder.setName(str2);
        newBuilder.setCreds(getUserCredentials());
        try {
            byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleInfoProc.getNumber(), newBuilder.build(), outputHierarchy);
            if (sendRequestToIAMServer == null) {
                throw new CLIProcessingException("Exception while processing RPC");
            }
            return IAMServerProto.RoleLookupResponse.parseFrom(sendRequestToIAMServer);
        } catch (Exception e) {
            throw new CLIProcessingException("Exception doing role info to IAM Server, " + e.getLocalizedMessage());
        }
    }

    CommandOutput createRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        String roleDesc = getRoleDesc();
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command to create a role").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        if (!isValidRoleName(trim)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid Role Name: " + trim).setField("name"));
            return commandOutput;
        }
        if (isParamPresent("desc") && !isValidRoleDescription(roleDesc)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid Role Description: " + roleDesc).setField("desc"));
            return commandOutput;
        }
        IAMServerProto.RoleCreateRequest.Builder newBuilder = IAMServerProto.RoleCreateRequest.newBuilder();
        newBuilder.setName(trim);
        if (isParamPresent("desc")) {
            newBuilder.setDescription(roleDesc);
        }
        newBuilder.setCreds(getUserCredentials());
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleCreateProc.getNumber(), newBuilder.build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the IamServer. Check if IamServer is up and running."));
            return commandOutput;
        }
        IAMServerProto.RoleCreateResponse parseFrom = IAMServerProto.RoleCreateResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully created the role '" + trim + "'.");
        } else {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), parseFrom.getErrMsg()).setField("name").setFieldValue(trim));
        }
        return commandOutput;
    }

    CommandOutput modifyRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        String roleDesc = getRoleDesc();
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command to modify a role").setField("name"));
            return commandOutput;
        }
        if (!isParamPresent("desc")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Description is required parameter in role modify. Please provide a vaild Role Description.").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        if (!isValidRoleName(trim)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid Role Name: " + trim).setField("name"));
            return commandOutput;
        }
        if (isParamPresent("desc") && !isValidRoleDescription(roleDesc)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Invalid Role Description: " + roleDesc).setField("desc"));
            return commandOutput;
        }
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleModifyProc.getNumber(), IAMServerProto.RoleModifyRequest.newBuilder().setName(trim).setDescription(roleDesc).setCreds(getUserCredentials()).build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the IamServer. Check if IamServer is up and running."));
            return commandOutput;
        }
        IAMServerProto.RoleModifyResponse parseFrom = IAMServerProto.RoleModifyResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully modified the role '" + trim + "'");
        } else {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), parseFrom.getErrMsg()).setField("name").setFieldValue(trim));
        }
        return commandOutput;
    }

    CommandOutput infoRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        String clusterName = getClusterName();
        String roleName = getRoleName();
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command.").setField("name"));
            return commandOutput;
        }
        LOG.debug("RoleInfo: Looking up Role name " + roleName);
        IAMServerProto.RoleLookupResponse roleLookup = roleLookup(clusterName, roleName, outputHierarchy);
        if (roleLookup.getStatus() == 0) {
            outputHierarchy.addNode(formatRoleProperties(roleLookup.getRoleInfo()));
        } else {
            LOG.info("RoleInfo: Lookup of role name " + roleName + " failed, status=" + Errno.toString(roleLookup.getStatus()));
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(2, "Failed to info '" + roleName + "'." + (roleLookup.getStatus() == 2 ? " No such Role exists" : roleLookup.getErrMsg())));
        }
        return commandOutput;
    }

    CommandOutput listRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        try {
            CommandOutput commandOutput = new CommandOutput();
            commandOutput.setOutput(outputHierarchy);
            list(outputHierarchy);
            return commandOutput;
        } catch (Exception e) {
            throw new CLIProcessingException("Send request exception", e);
        }
    }

    CommandOutput removeRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command.").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        IAMServerProto.RoleRemoveRequest.Builder newBuilder = IAMServerProto.RoleRemoveRequest.newBuilder();
        newBuilder.setName(trim);
        newBuilder.setCreds(getUserCredentials());
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleRemoveProc.getNumber(), newBuilder.build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the IamServer. Check if IamServer is up and running."));
            return commandOutput;
        }
        IAMServerProto.RoleRemoveResponse parseFrom = IAMServerProto.RoleRemoveResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully removed the role '" + trim + "'.");
        } else {
            String str = "Failed to remove '" + trim + "'";
            if (parseFrom.hasErrMsg()) {
                str = str + ": " + parseFrom.getErrMsg();
            }
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), str).setField("name").setFieldValue(trim));
        }
        return commandOutput;
    }

    CommandOutput attachRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        HashSet hashSet = new HashSet();
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command to attach the role.").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        if (!isParamPresent(IDENTITY_ROLE_PARAM_USERS) && !isParamPresent(IDENTITY_ROLE_PARAM_GROUPS)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Atleast one of Users or Groups must be present in role attach command."));
            return commandOutput;
        }
        String usersNames = getUsersNames();
        if (usersNames != null) {
            HashSet<Integer> idsFromNames = getIdsFromNames(PolicyServerProto.IdentityType.User, getListFromInputString(usersNames, ","), outputHierarchy);
            if (idsFromNames == null || idsFromNames.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames, PolicyServerProto.IdentityType.User));
        }
        String groupsNames = getGroupsNames();
        if (groupsNames != null) {
            HashSet<Integer> idsFromNames2 = getIdsFromNames(PolicyServerProto.IdentityType.Group, getListFromInputString(groupsNames, ","), outputHierarchy);
            if (idsFromNames2 == null || idsFromNames2.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames2, PolicyServerProto.IdentityType.Group));
        }
        if (hashSet.isEmpty()) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "No Users or Groups specified"));
            return commandOutput;
        }
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleAttachProc.getNumber(), IAMServerProto.RoleAttachRequest.newBuilder().setName(trim).setCreds(getUserCredentials()).addAllIdentities(hashSet).build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the IamServer. Check if IamServer is up and running."));
            return commandOutput;
        }
        IAMServerProto.RoleAttachResponse parseFrom = IAMServerProto.RoleAttachResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully attached the role '" + trim + "'.");
        } else {
            String str = "Failed to attach '" + trim + "'. ";
            if (parseFrom.hasErrMsg()) {
                str = str + ": " + parseFrom.getErrMsg();
            }
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), str).setField("name").setFieldValue(trim).setField(IDENTITY_ROLE_PARAM_USERS).setFieldValue(usersNames.toString()).setField(IDENTITY_ROLE_PARAM_GROUPS).setFieldValue(groupsNames.toString()));
        }
        return commandOutput;
    }

    CommandOutput detachRole(CommandOutput.OutputHierarchy outputHierarchy) throws Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        HashSet hashSet = new HashSet();
        if (!isParamPresent("name")) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Missing Role name in the command to detach the role.").setField("name"));
            return commandOutput;
        }
        String trim = getParamTextValue("name", 0).trim();
        if (!isParamPresent(IDENTITY_ROLE_PARAM_USERS) && !isParamPresent(IDENTITY_ROLE_PARAM_GROUPS)) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Atleast one of Users or Groups must be present in role detach command."));
            return commandOutput;
        }
        String usersNames = getUsersNames();
        if (usersNames != null) {
            HashSet<Integer> idsFromNames = getIdsFromNames(PolicyServerProto.IdentityType.User, getListFromInputString(usersNames, ","), outputHierarchy);
            if (idsFromNames == null || idsFromNames.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames, PolicyServerProto.IdentityType.User));
        }
        String groupsNames = getGroupsNames();
        if (groupsNames != null) {
            HashSet<Integer> idsFromNames2 = getIdsFromNames(PolicyServerProto.IdentityType.Group, getListFromInputString(groupsNames, ","), outputHierarchy);
            if (idsFromNames2 == null || idsFromNames2.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames2, PolicyServerProto.IdentityType.Group));
        }
        if (hashSet.isEmpty()) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "No Users or Groups specified"));
            return commandOutput;
        }
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleDetachProc.getNumber(), IAMServerProto.RoleDetachRequest.newBuilder().setName(trim).setCreds(getUserCredentials()).addAllIdentities(hashSet).build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Couldn't connect to the IamServer. Check if IamServer is up and running."));
            return commandOutput;
        }
        IAMServerProto.RoleAttachResponse parseFrom = IAMServerProto.RoleAttachResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            outputHierarchy.addMessage("Successfully detached the role '" + trim + "'.");
        } else {
            String str = "Failed to detach '" + trim + "'.";
            if (parseFrom.hasErrMsg()) {
                str = str + ": " + parseFrom.getErrMsg();
            }
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), str).setField("name").setFieldValue(trim).setField(IDENTITY_ROLE_PARAM_USERS).setFieldValue(usersNames.toString()).setField(IDENTITY_ROLE_PARAM_GROUPS).setFieldValue(groupsNames.toString()));
        }
        return commandOutput;
    }

    CommandOutput getIamRolesMappings(CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException, Exception {
        CommandOutput commandOutput = new CommandOutput();
        commandOutput.setOutput(outputHierarchy);
        HashSet hashSet = new HashSet();
        String usersNames = getUsersNames();
        if (usersNames != null) {
            HashSet<Integer> idsFromNames = getIdsFromNames(PolicyServerProto.IdentityType.User, getListFromInputString(usersNames, ","), outputHierarchy);
            if (idsFromNames == null || idsFromNames.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames, PolicyServerProto.IdentityType.User));
        }
        String groupsNames = getGroupsNames();
        if (groupsNames != null) {
            HashSet<Integer> idsFromNames2 = getIdsFromNames(PolicyServerProto.IdentityType.Group, getListFromInputString(groupsNames, ","), outputHierarchy);
            if (idsFromNames2 == null || idsFromNames2.isEmpty()) {
                return commandOutput;
            }
            hashSet.addAll(IamSupportUtils.getIdentities(idsFromNames2, PolicyServerProto.IdentityType.Group));
        }
        if (hashSet.isEmpty()) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "No Users or Groups specified"));
            return commandOutput;
        }
        byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleMappingsProc.getNumber(), IAMServerProto.IamRoleMappingsRequest.newBuilder().setCreds(getUserCredentials()).addAllIdentities(hashSet).build(), outputHierarchy);
        if (sendRequestToIAMServer == null) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(10009, "Failed to send RPC to IAM Sever"));
            return commandOutput;
        }
        IAMServerProto.IamRoleMappingsResponse parseFrom = IAMServerProto.IamRoleMappingsResponse.parseFrom(sendRequestToIAMServer);
        if (parseFrom.getStatus() == 0) {
            Iterator it = parseFrom.getMappingsList().iterator();
            while (it.hasNext()) {
                outputHierarchy.addNode(formatIdentityRolesMapping((IAMServerProto.IdentityToRoles) it.next()));
            }
        } else {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(parseFrom.getStatus(), "Failed to get Identity Role Mappings"));
        }
        return commandOutput;
    }

    private HashSet<String> getListFromInputString(String str, String str2) {
        String[] split = str.split(str2);
        HashSet<String> hashSet = new HashSet<>();
        for (String str3 : split) {
            hashSet.add(str3.trim());
        }
        return hashSet;
    }

    private String getString(HashSet<String> hashSet) {
        return (hashSet == null || hashSet.isEmpty()) ? "" : String.join(",", hashSet);
    }

    private HashSet<Integer> getIdsFromNames(PolicyServerProto.IdentityType identityType, HashSet<String> hashSet, CommandOutput.OutputHierarchy outputHierarchy) {
        HashSet<Integer> hashSet2 = new HashSet<>();
        Iterator<String> it = hashSet.iterator();
        while (it.hasNext()) {
            String next = it.next();
            Integer num = null;
            String identityType2 = IamSupportUtils.getIdentityType(identityType);
            try {
                if (identityType == PolicyServerProto.IdentityType.User) {
                    num = Integer.valueOf(this.uugh.getUserId(next));
                } else if (identityType == PolicyServerProto.IdentityType.Group) {
                    num = Integer.valueOf(this.uugh.getGroupId(next));
                }
            } catch (Exception e) {
                String format = String.format("%s '%s' does not exist", identityType2, next);
                LOG.error(format);
                if (outputHierarchy != null) {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, format));
                    return null;
                }
            }
            if (num == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, String.format("%s '%s' does not exist", identityType2, next)));
                return null;
            }
            hashSet2.add(num);
        }
        return hashSet2;
    }

    private CommandOutput.OutputHierarchy.OutputNode formatIdentityInfoList(HashSet<Integer> hashSet, HashSet<Integer> hashSet2) {
        CommandOutput.OutputHierarchy.OutputNode outputNode = new CommandOutput.OutputHierarchy.OutputNode();
        HashSet<String> hashSet3 = new HashSet<>();
        if (hashSet != null && !hashSet.isEmpty()) {
            hashSet3 = getNamesFromIds(PolicyServerProto.IdentityType.User, hashSet, null);
        }
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.users).getName(false), getString(hashSet3)));
        HashSet<String> hashSet4 = new HashSet<>();
        if (hashSet2 != null && !hashSet2.isEmpty()) {
            hashSet4 = getNamesFromIds(PolicyServerProto.IdentityType.Group, hashSet2, null);
        }
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.groups).getName(false), getString(hashSet4)));
        return outputNode;
    }

    private CommandOutput.OutputHierarchy.OutputNode formatIdentityRolesMapping(IAMServerProto.IdentityToRoles identityToRoles) throws CLIProcessingException {
        CommandOutput.OutputHierarchy.OutputNode outputNode = new CommandOutput.OutputHierarchy.OutputNode();
        HashSet<String> hashSet = new HashSet<>();
        PolicyServerProto.IdentityInfoMsg identity = identityToRoles.getIdentity();
        String nameFromId = getNameFromId(identity.getType(), identity.getId());
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode("IdType", IamSupportUtils.getIdentityType(identity.getType())));
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode("IdName", nameFromId));
        Iterator it = identityToRoles.getRolesList().iterator();
        while (it.hasNext()) {
            hashSet.add(((PolicyServerProto.IdentityInfoMsg) it.next()).getName());
        }
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode("IamRoles", getString(hashSet)));
        return outputNode;
    }

    private String getNameFromId(PolicyServerProto.IdentityType identityType, int i) {
        String str = null;
        if (identityType == PolicyServerProto.IdentityType.User) {
            str = this.uugh.getUsername(i);
        } else if (identityType == PolicyServerProto.IdentityType.Group) {
            str = this.uugh.getGroupname(i);
        }
        return str;
    }

    private HashSet<String> getNamesFromIds(PolicyServerProto.IdentityType identityType, HashSet<Integer> hashSet, CommandOutput.OutputHierarchy outputHierarchy) {
        HashSet<String> hashSet2 = new HashSet<>();
        Iterator<Integer> it = hashSet.iterator();
        while (it.hasNext()) {
            int intValue = it.next().intValue();
            String str = null;
            String identityType2 = IamSupportUtils.getIdentityType(identityType);
            try {
                if (identityType == PolicyServerProto.IdentityType.User) {
                    str = this.uugh.getUsername(intValue);
                } else if (identityType == PolicyServerProto.IdentityType.Group) {
                    str = this.uugh.getGroupname(intValue);
                } else {
                    String format = String.format("getNamesFromIds not supported for %s: '%s'", identityType2, null);
                    LOG.error(format);
                    if (outputHierarchy != null) {
                        outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, format));
                        return null;
                    }
                }
            } catch (Exception e) {
                String format2 = String.format("%s '%d' does not exist", identityType2, Integer.valueOf(intValue));
                LOG.error(format2);
                if (outputHierarchy != null) {
                    outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, format2));
                    return null;
                }
            }
            if (str == null) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, String.format("%s '%d' does not exist", identityType2, Integer.valueOf(intValue))));
                return null;
            }
            hashSet2.add(str);
        }
        return hashSet2;
    }

    private String getClusterName() throws CLIProcessingException {
        if (isParamPresent("cluster")) {
            return getParamTextValue("cluster", 0);
        }
        return null;
    }

    private String getRoleDesc() throws CLIProcessingException {
        if (isParamPresent("desc")) {
            return getParamTextValue("desc", 0);
        }
        return null;
    }

    private String getRoleName() throws CLIProcessingException {
        if (isParamPresent("name")) {
            return getParamTextValue("name", 0);
        }
        return null;
    }

    private String getUsersNames() throws CLIProcessingException {
        if (isParamPresent(IDENTITY_ROLE_PARAM_USERS)) {
            return getParamTextValue(IDENTITY_ROLE_PARAM_USERS, 0);
        }
        return null;
    }

    private String getGroupsNames() throws CLIProcessingException {
        if (isParamPresent(IDENTITY_ROLE_PARAM_GROUPS)) {
            return getParamTextValue(IDENTITY_ROLE_PARAM_GROUPS, 0);
        }
        return null;
    }

    private int getLimitParamValue() throws CLIProcessingException {
        return isParamPresent("limit") ? getParamIntValue("limit", 0) : DbCfColCommands.DEFAULT_TTL;
    }

    private int getStartParamValue() throws CLIProcessingException {
        if (isParamPresent("start")) {
            return getParamIntValue("start", 0);
        }
        return 0;
    }

    private boolean isValidRoleName(String str) {
        return str.matches("[a-zA-Z0-9\\-_]*");
    }

    private boolean isValidRoleDescription(String str) {
        return str.matches("[a-zA-Z0-9\\-_\\s]*");
    }

    private byte[] sendRequestToIAMServer(int i, MessageLite messageLite, CommandOutput.OutputHierarchy outputHierarchy) throws CLIProcessingException {
        Class cls = null;
        switch (i) {
            case 1:
                cls = IAMServerProto.RoleCreateResponse.class;
                break;
            case InstallerCommands.START_ARGS /* 2 */:
                cls = IAMServerProto.RoleRemoveResponse.class;
                break;
            case 3:
                cls = IAMServerProto.RoleListResponse.class;
                break;
            case 4:
                cls = IAMServerProto.RoleLookupResponse.class;
                break;
            case 5:
                cls = IAMServerProto.RoleAttachResponse.class;
                break;
            case 6:
                cls = IAMServerProto.RoleDetachResponse.class;
                break;
            case NodeMetricsCommand.MIN_INTERVAL /* 10 */:
                cls = IAMServerProto.IamRoleMappingsResponse.class;
                break;
        }
        if (cls == null) {
            LOG.error("Unknown procId for send request " + i);
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Unknown procId for send request " + i));
            return null;
        }
        try {
            return isParamPresent("cluster") ? IamServerRpcCommonUtils.getInstance().sendRequestToIamServer(getClusterName(), i, messageLite, cls) : IamServerRpcCommonUtils.getInstance().sendRequestToIamServer(i, messageLite, cls);
        } catch (Exception e) {
            throw new CLIProcessingException(e);
        }
    }

    CommandOutput.OutputHierarchy.OutputNode formatRoleProperties(IAMServerProto.RoleInfo roleInfo) throws CLIProcessingException {
        CommandOutput.OutputHierarchy.OutputNode outputNode = new CommandOutput.OutputHierarchy.OutputNode();
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.roleName).getName(false), roleInfo.getRName()));
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.id).getName(false), roleInfo.getRId()));
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.roleDescription).getName(false), roleInfo.getDescription()));
        outputNode.addChild(new CommandOutput.OutputHierarchy.OutputNode(fieldTable.get(IAMServerProto.RolesInfoFields.identities).getName(false), formatIdentityInfoList(new HashSet<>(roleInfo.getUIdsList()), new HashSet<>(roleInfo.getGIdsList()))));
        return outputNode;
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    public void processResponse(CommandOutput.OutputHierarchy outputHierarchy, MessageLite messageLite) throws CLIProcessingException {
        IAMServerProto.RoleListResponse roleListResponse = (IAMServerProto.RoleListResponse) messageLite;
        if (roleListResponse.getStatus() != 0) {
            outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(roleListResponse.getStatus(), roleListResponse.getErrMsg()));
            return;
        }
        Iterator it = roleListResponse.getRoleInfoList().iterator();
        while (it.hasNext()) {
            try {
                outputHierarchy.addNode(formatRoleProperties((IAMServerProto.RoleInfo) it.next()));
            } catch (Exception e) {
                LOG.error("Exception while trying to list Roles", e);
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, "Exception while trying to list Roles."));
            } catch (CLIProcessingException e2) {
                outputHierarchy.addError(new CommandOutput.OutputHierarchy.OutputError(22, e2.getMessage()));
            }
        }
        if (roleListResponse.hasTotal()) {
            outputHierarchy.setTotal(roleListResponse.getTotal());
        }
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    /* renamed from: sendRequest, reason: merged with bridge method [inline-methods] */
    public IAMServerProto.RoleListResponse mo41sendRequest(MessageLite messageLite) throws CLIProcessingException {
        try {
            byte[] sendRequestToIAMServer = sendRequestToIAMServer(IAMServerProto.IAMRoleProc.RoleListProc.getNumber(), (IAMServerProto.RoleListRequest) messageLite, null);
            if (sendRequestToIAMServer == null) {
                LOG.error("RPC Request to list security policies failed. No data returned");
                return null;
            }
            try {
                return IAMServerProto.RoleListResponse.parseFrom(sendRequestToIAMServer);
            } catch (InvalidProtocolBufferException e) {
                throw new CLIProcessingException("Exception while parsing the RPC response data into RoleListResponse proto object.", e);
            }
        } catch (Exception e2) {
            throw new CLIProcessingException(e2);
        }
    }

    private IAMServerProto.RoleListRequest.Builder getRoleListRequestBuilder() throws CLIProcessingException {
        IAMServerProto.RoleListRequest.Builder newBuilder = IAMServerProto.RoleListRequest.newBuilder();
        return newBuilder.setCreds(getUserCredentials()).setLimiter(getNextLimiter(getStartParamValue(), 0, getStartParamValue(), getLimitParamValue(), MAX_ROLES_PER_PRC.intValue()));
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    /* renamed from: buildNextRequest, reason: merged with bridge method [inline-methods] */
    public IAMServerProto.RoleListRequest mo42buildNextRequest(MessageLite messageLite, MessageLite messageLite2) throws CLIProcessingException {
        IAMServerProto.RoleListRequest.Builder newBuilder = messageLite != null ? IAMServerProto.RoleListRequest.newBuilder((IAMServerProto.RoleListRequest) messageLite) : getRoleListRequestBuilder();
        if (messageLite2 != null) {
            newBuilder.setLimiter(getNextLimiter(newBuilder.getLimiter().getStart(), ((IAMServerProto.RoleListResponse) messageLite2).getRoleInfoCount(), getStartParamValue(), getLimitParamValue(), MAX_ROLES_PER_PRC.intValue()));
        }
        return newBuilder.build();
    }

    @Override // com.mapr.cli.common.ListCommand, com.mapr.cli.common.ListIterator
    public boolean hasMore(MessageLite messageLite, MessageLite messageLite2) throws CLIProcessingException {
        return hasMore(getStartParamValue(), getLimitParamValue(), ((IAMServerProto.RoleListRequest) messageLite).getLimiter().getStart(), ((IAMServerProto.RoleListResponse) messageLite2).getRoleInfoCount());
    }
}
