package org.apache.hadoop.hive.ql.security.authorization.command;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.hadoop.hive.metastore.TableType;
import org.apache.hadoop.hive.metastore.api.Database;
import org.apache.hadoop.hive.ql.exec.FunctionInfo;
import org.apache.hadoop.hive.ql.exec.FunctionUtils;
import org.apache.hadoop.hive.ql.hooks.Entity;
import org.apache.hadoop.hive.ql.hooks.ReadEntity;
import org.apache.hadoop.hive.ql.hooks.WriteEntity;
import org.apache.hadoop.hive.ql.metadata.HiveException;
import org.apache.hadoop.hive.ql.metadata.Table;
import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
import org.apache.hadoop.hive.ql.security.authorization.AuthorizationUtils;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveOperationType;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
import org.apache.hadoop.hive.ql.session.SessionState;

/* loaded from: input_file:org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2.class */
final class CommandAuthorizerV2 {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.hadoop.hive.ql.security.authorization.command.CommandAuthorizerV2$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/hadoop/hive/ql/security/authorization/command/CommandAuthorizerV2$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type = new int[Entity.Type.values().length];

        static {
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.DATABASE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.TABLE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.DFS_DIR.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.LOCAL_DIR.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.FUNCTION.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.DUMMYPARTITION.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.PARTITION.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[Entity.Type.SERVICE_NAME.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
        }
    }

    private CommandAuthorizerV2() {
        throw new UnsupportedOperationException("CommandAuthorizerV2 should not be instantiated");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void doAuthorization(HiveOperation hiveOperation, BaseSemanticAnalyzer baseSemanticAnalyzer, SessionState sessionState, Set<ReadEntity> set, Set<WriteEntity> set2, String str) throws HiveException {
        HiveOperationType valueOf = HiveOperationType.valueOf(hiveOperation.name());
        Map<String, List<String>> tableToColumnAccessMap = baseSemanticAnalyzer.getColumnAccessInfo() != null ? baseSemanticAnalyzer.getColumnAccessInfo().getTableToColumnAccessMap() : null;
        Map<String, List<String>> tableToColumnAccessMap2 = baseSemanticAnalyzer.getUpdateColumnAccessInfo() != null ? baseSemanticAnalyzer.getUpdateColumnAccessInfo().getTableToColumnAccessMap() : null;
        ArrayList arrayList = new ArrayList(set);
        ArrayList arrayList2 = new ArrayList(set2);
        addPermanentFunctionEntities(sessionState, arrayList);
        List<HivePrivilegeObject> hivePrivObjects = getHivePrivObjects(arrayList, tableToColumnAccessMap);
        List<HivePrivilegeObject> hivePrivObjects2 = getHivePrivObjects(arrayList2, tableToColumnAccessMap2);
        HiveAuthzContext.Builder builder = new HiveAuthzContext.Builder();
        builder.setUserIpAddress(sessionState.getUserIpAddress());
        builder.setForwardedAddresses(sessionState.getForwardedAddresses());
        builder.setCommandString(str);
        sessionState.getAuthorizerV2().checkPrivileges(valueOf, hivePrivObjects, hivePrivObjects2, builder.build());
    }

    private static void addPermanentFunctionEntities(SessionState sessionState, List<ReadEntity> list) throws HiveException {
        for (Map.Entry entry : sessionState.getCurrentFunctionsInUse().entrySet()) {
            if (((FunctionInfo) entry.getValue()).getFunctionType() == FunctionInfo.FunctionType.PERSISTENT) {
                String[] qualifiedFunctionNameParts = FunctionUtils.getQualifiedFunctionNameParts((String) entry.getKey());
                list.add(new ReadEntity(new Database(qualifiedFunctionNameParts[0], "", "", (Map) null), qualifiedFunctionNameParts[1], ((FunctionInfo) entry.getValue()).getClassName(), Entity.Type.FUNCTION));
            }
        }
    }

    private static List<HivePrivilegeObject> getHivePrivObjects(List<? extends Entity> list, Map<String, List<String>> map) {
        ArrayList arrayList = new ArrayList();
        if (list == null) {
            return arrayList;
        }
        for (Entity entity : list) {
            if (!entity.isDummy()) {
                if ((entity instanceof ReadEntity) && !((ReadEntity) entity).isDirect()) {
                    ReadEntity readEntity = (ReadEntity) entity;
                    Boolean bool = false;
                    if (readEntity.getParents() != null && readEntity.getParents().size() > 0) {
                        for (ReadEntity readEntity2 : readEntity.getParents()) {
                            if (readEntity2.getTyp() == Entity.Type.TABLE && readEntity2.getTable() != null && isDeferredAuthView(readEntity2.getTable())) {
                                bool = true;
                            }
                        }
                    }
                    if (!bool.booleanValue()) {
                    }
                }
                if (!(entity instanceof WriteEntity) || !((WriteEntity) entity).isTempURI()) {
                    if (entity.getTyp() != Entity.Type.TABLE || (entity.getT() != null && !entity.getT().isTemporary())) {
                        addHivePrivObject(entity, map, arrayList);
                    }
                }
            }
        }
        return arrayList;
    }

    private static boolean isDeferredAuthView(Table table) {
        Map<String, String> parameters;
        String tableType = table.getTTable().getTableType();
        boolean z = false;
        if (TableType.MATERIALIZED_VIEW.name().equals(tableType) || TableType.VIRTUAL_VIEW.name().equals(tableType)) {
            z = true;
        }
        return z && (parameters = table.getParameters()) != null && parameters.containsKey("Authorized") && "false".equalsIgnoreCase(parameters.get("Authorized"));
    }

    private static void addHivePrivObject(Entity entity, Map<String, List<String>> map, List<HivePrivilegeObject> list) {
        HivePrivilegeObject hivePrivilegeObject;
        HivePrivilegeObject.HivePrivilegeObjectType hivePrivilegeObjectType = AuthorizationUtils.getHivePrivilegeObjectType(entity.getType());
        HivePrivilegeObject.HivePrivObjectActionType actionType = AuthorizationUtils.getActionType(entity);
        switch (AnonymousClass1.$SwitchMap$org$apache$hadoop$hive$ql$hooks$Entity$Type[entity.getType().ordinal()]) {
            case 1:
                hivePrivilegeObject = new HivePrivilegeObject(hivePrivilegeObjectType, entity.getDatabase().getName(), null, null, null, actionType, null, null);
                break;
            case 2:
                Table table = entity.getTable();
                hivePrivilegeObject = new HivePrivilegeObject(hivePrivilegeObjectType, table.getDbName(), table.getTableName(), null, map == null ? null : map.get(Table.getCompleteName(table.getDbName(), table.getTableName())), actionType, null, null);
                break;
            case 3:
            case 4:
                hivePrivilegeObject = new HivePrivilegeObject(hivePrivilegeObjectType, null, entity.getD().toString(), null, null, actionType, null, null);
                break;
            case 5:
                hivePrivilegeObject = new HivePrivilegeObject(hivePrivilegeObjectType, entity.getDatabase() != null ? entity.getDatabase().getName() : null, entity.getFunctionName(), null, null, actionType, null, entity.getClassName());
                break;
            case 6:
            case 7:
                return;
            case 8:
                hivePrivilegeObject = new HivePrivilegeObject(hivePrivilegeObjectType, null, entity.getServiceName(), null, null, actionType, null, null);
                break;
            default:
                throw new AssertionError("Unexpected object type");
        }
        list.add(hivePrivilegeObject);
    }
}
