package com.mapr.baseutils.utils;

import com.mapr.baseutils.acls.SecurityCommandHelper;
import com.mapr.fs.cldb.proto.CLDBProto;
import com.mapr.fs.proto.Security;
import com.mapr.security.UnixUserGroupHelper;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/mapr/baseutils/utils/AclUtil.class */
public class AclUtil {
    public static Security.AccessControlList.Builder mergeAcls(Security.AccessControlList accessControlList, Security.AccessControlList accessControlList2) {
        Security.AccessControlList.Builder newBuilder = Security.AccessControlList.newBuilder(accessControlList);
        List<Security.AclEntry> aclList = accessControlList.getAclList();
        for (Security.AclEntry aclEntry : accessControlList2.getAclList()) {
            boolean z = false;
            int i = 0;
            Iterator<Security.AclEntry> it = aclList.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Security.AclEntry next = it.next();
                if (aclEntry.hasPrincipal() && next.hasPrincipal() && aclEntry.getPrincipal().getPrincId() == next.getPrincipal().getPrincId()) {
                    z = true;
                    newBuilder.setAcl(i, Security.AclEntry.newBuilder(aclList.get(i)).setAllow(aclEntry.getAllow()).m78387build());
                    break;
                }
                i++;
            }
            if (!z) {
                newBuilder.addAcl(aclEntry);
            }
        }
        return newBuilder;
    }

    public static String buildAclString(Security.AccessControlList accessControlList, UnixUserGroupHelper unixUserGroupHelper) {
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (Security.AclEntry aclEntry : accessControlList.getAclList()) {
            int princId = aclEntry.getPrincipal().getPrincId();
            if (!z) {
                sb.append(",");
            }
            z = false;
            if (ACL.isUid(princId)) {
                try {
                    sb.append(unixUserGroupHelper.getUsername(princId) + ":");
                } catch (SecurityException e) {
                    sb.append(princId + ":");
                }
            } else {
                try {
                    sb.append(unixUserGroupHelper.getGroupname(ACL.getGid(princId)) + ":");
                } catch (SecurityException e2) {
                    sb.append(ACL.getGid(princId) + ":");
                }
            }
            boolean z2 = true;
            for (String str : SecurityCommandHelper.formatActionMask(aclEntry.getAllow(), CLDBProto.SecureObjectType.OBJECT_TYPE_CLUSTER, true)) {
                if (!z2) {
                    sb.append(",");
                }
                z2 = false;
                sb.append(str);
            }
        }
        return sb.toString();
    }

    public static Security.AccessControlList.Builder purgeEmptyAclEntries(Security.AccessControlList.Builder builder) {
        Security.AccessControlList.Builder newBuilder = Security.AccessControlList.newBuilder();
        for (Security.AclEntry aclEntry : builder.getAclList()) {
            if (!isAclEntryEmpty(aclEntry)) {
                newBuilder.addAcl(aclEntry);
            }
        }
        return newBuilder;
    }

    public static boolean hasEmptyAcls(Security.AccessControlList accessControlList) {
        if (accessControlList == null) {
            return false;
        }
        Iterator<Security.AclEntry> it = accessControlList.getAclList().iterator();
        while (it.hasNext()) {
            if (isAclEntryEmpty(it.next())) {
                return true;
            }
        }
        return false;
    }

    private static boolean isAclEntryEmpty(Security.AclEntry aclEntry) {
        return aclEntry.getAllow() == 0 && aclEntry.getDeny() == 0;
    }
}
