package org.apache.hive.service.auth.ldap;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import javax.jdo.Constants;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hive.service.auth.ldap.Query;

/* loaded from: input_file:WEB-INF/lib/hive-service-2.3.3-mapr-1808.jar:org/apache/hive/service/auth/ldap/QueryFactory.class */
final class QueryFactory {
    private static final String[] USER_OBJECT_CLASSES = {"person", "user", "inetOrgPerson"};
    private final String guidAttr;
    private final String groupClassAttr;
    private final String groupMembershipAttr;
    private final String userMembershipAttr;

    public QueryFactory(HiveConf hiveConf) {
        this.guidAttr = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_GUIDKEY);
        this.groupClassAttr = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_GROUPCLASS_KEY);
        this.groupMembershipAttr = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_GROUPMEMBERSHIP_KEY);
        this.userMembershipAttr = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_USERMEMBERSHIP_KEY);
    }

    public Query findGroupDnById(String str) {
        return Query.builder().filter("(&(objectClass=<groupClassAttr>)(<guidAttr>=<groupID>))").map("guidAttr", this.guidAttr).map("groupClassAttr", this.groupClassAttr).map("groupID", str).limit(2).build();
    }

    public Query findUserDnByRdn(String str) {
        return Query.builder().filter("(&(|<classes:{ class |(objectClass=<class>)}>)(<userRdn>))").limit(2).map(Constants.INSTANCE_LIFECYCLE_LISTENER_ATTRIBUTE_CLASSES, USER_OBJECT_CLASSES).map("userRdn", str).build();
    }

    public Query findDnByPattern(String str) {
        return Query.builder().filter("(<rdn>)").map("rdn", str).limit(2).build();
    }

    public Query findUserDnByName(String str) {
        return Query.builder().filter("(&(|<classes:{ class |(objectClass=<class>)}>)(|(uid=<userName>)(sAMAccountName=<userName>)))").map(Constants.INSTANCE_LIFECYCLE_LISTENER_ATTRIBUTE_CLASSES, USER_OBJECT_CLASSES).map("userName", str).limit(2).build();
    }

    public Query findGroupsForUser(String str, String str2) {
        return Query.builder().filter("(&(objectClass=<groupClassAttr>)(|(<groupMembershipAttr>=<userDn>)(<groupMembershipAttr>=<userName>)))").map("groupClassAttr", this.groupClassAttr).map("groupMembershipAttr", this.groupMembershipAttr).map("userName", str).map("userDn", str2).build();
    }

    public Query isUserMemberOfGroup(String str, String str2) {
        Preconditions.checkState(!Strings.isNullOrEmpty(this.userMembershipAttr), "hive.server2.authentication.ldap.userMembershipKey is not configured.");
        return Query.builder().filter("(&(|<classes:{ class |(objectClass=<class>)}>)(<userMembershipAttr>=<groupDn>)(<guidAttr>=<userId>))").map(Constants.INSTANCE_LIFECYCLE_LISTENER_ATTRIBUTE_CLASSES, USER_OBJECT_CLASSES).map("guidAttr", this.guidAttr).map("userMembershipAttr", this.userMembershipAttr).map("userId", str).map("groupDn", str2).limit(2).build();
    }

    public Query customQuery(String str) {
        Query.QueryBuilder builder = Query.builder();
        builder.filter(str);
        if (!Strings.isNullOrEmpty(this.groupMembershipAttr)) {
            builder.returnAttribute(this.groupMembershipAttr);
        }
        return builder.build();
    }
}
