package org.apache.sentry.provider.db.log.util;

import com.google.common.annotations.VisibleForTesting;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
import org.apache.sentry.service.thrift.ServiceConstants;
import org.datanucleus.util.StringUtils;

/* loaded from: input_file:lib/sentry-provider-db-1.7.0.jar:org/apache/sentry/provider/db/log/util/CommandUtil.class */
public class CommandUtil {
    public static String createCmdForCreateOrDropRole(String str, boolean z) {
        return z ? "CREATE ROLE " + str : "DROP ROLE " + str;
    }

    public static String createCmdForRoleAddGroup(String str, String str2) {
        return createCmdForRoleAddOrDeleteGroup(str, str2, true);
    }

    public static String createCmdForRoleDeleteGroup(String str, String str2) {
        return createCmdForRoleAddOrDeleteGroup(str, str2, false);
    }

    private static String createCmdForRoleAddOrDeleteGroup(String str, String str2, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("GRANT ROLE ");
        } else {
            sb.append("REVOKE ROLE ");
        }
        sb.append(str);
        if (z) {
            sb.append(" TO ");
        } else {
            sb.append(" FROM ");
        }
        if (StringUtils.isEmpty(str2)) {
            sb = new StringBuilder("Missing group information.");
        } else {
            sb.append("GROUP ").append(str2);
        }
        return sb.toString();
    }

    public static String createCmdForGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tAlterSentryRoleGrantPrivilegeRequest) {
        return createCmdForGrantOrRevokePrivileges(tAlterSentryRoleGrantPrivilegeRequest.getRoleName(), tAlterSentryRoleGrantPrivilegeRequest.getPrivileges(), true);
    }

    public static String createCmdForRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tAlterSentryRoleRevokePrivilegeRequest) {
        return createCmdForGrantOrRevokePrivileges(tAlterSentryRoleRevokePrivilegeRequest.getRoleName(), tAlterSentryRoleRevokePrivilegeRequest.getPrivileges(), false);
    }

    private static String createCmdForGrantOrRevokePrivileges(String str, Set<TSentryPrivilege> set, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (set != null) {
            Iterator<TSentryPrivilege> it = set.iterator();
            while (it.hasNext()) {
                sb.append(createCmdForGrantOrRevokePrivilege(str, it.next(), z));
            }
        }
        return sb.toString();
    }

    private static String createCmdForGrantOrRevokePrivilege(String str, TSentryPrivilege tSentryPrivilege, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("GRANT ");
        } else {
            sb.append("REVOKE ");
        }
        String action = tSentryPrivilege.getAction();
        String privilegeScope = tSentryPrivilege.getPrivilegeScope();
        if ("*".equalsIgnoreCase(action)) {
            sb.append("ALL");
        } else {
            if (action != null) {
                action = action.toUpperCase();
            }
            sb.append(action);
        }
        sb.append(" ON ").append(tSentryPrivilege.getPrivilegeScope()).append(" ");
        if (ServiceConstants.PrivilegeScope.DATABASE.name().equalsIgnoreCase(privilegeScope)) {
            sb.append(tSentryPrivilege.getDbName());
        } else if (ServiceConstants.PrivilegeScope.TABLE.name().equalsIgnoreCase(privilegeScope)) {
            sb.append(tSentryPrivilege.getTableName());
        } else if (ServiceConstants.PrivilegeScope.SERVER.name().equalsIgnoreCase(privilegeScope)) {
            sb.append(tSentryPrivilege.getServerName());
        } else if (ServiceConstants.PrivilegeScope.URI.name().equalsIgnoreCase(privilegeScope)) {
            sb.append(tSentryPrivilege.getURI());
        }
        if (z) {
            sb.append(" TO ROLE ");
        } else {
            sb.append(" FROM ROLE ");
        }
        sb.append(str);
        if (tSentryPrivilege.getGrantOption() == TSentryGrantOption.TRUE) {
            sb.append(" WITH GRANT OPTION");
        }
        return sb.toString();
    }

    public static String createCmdForGrantGMPrivilege(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest tAlterSentryRoleGrantPrivilegeRequest) {
        return createCmdForGrantOrRevokeGMPrivilege(tAlterSentryRoleGrantPrivilegeRequest.getRoleName(), tAlterSentryRoleGrantPrivilegeRequest.getPrivilege(), true);
    }

    public static String createCmdForRevokeGMPrivilege(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest tAlterSentryRoleRevokePrivilegeRequest) {
        return createCmdForGrantOrRevokeGMPrivilege(tAlterSentryRoleRevokePrivilegeRequest.getRoleName(), tAlterSentryRoleRevokePrivilegeRequest.getPrivilege(), false);
    }

    private static String createCmdForGrantOrRevokeGMPrivilege(String str, org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege tSentryPrivilege, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("GRANT ");
        } else {
            sb.append("REVOKE ");
        }
        String action = tSentryPrivilege.getAction();
        if ("*".equalsIgnoreCase(action)) {
            sb.append("ALL");
        } else {
            if (action != null) {
                action = action.toUpperCase();
            }
            sb.append(action);
        }
        sb.append(" ON");
        List<TAuthorizable> authorizables = tSentryPrivilege.getAuthorizables();
        if (authorizables != null) {
            for (TAuthorizable tAuthorizable : authorizables) {
                sb.append(" ").append(tAuthorizable.getType()).append(" ").append(tAuthorizable.getName());
            }
        }
        if (z) {
            sb.append(" TO ROLE ");
        } else {
            sb.append(" FROM ROLE ");
        }
        sb.append(str);
        if (tSentryPrivilege.getGrantOption() == org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE) {
            sb.append(" WITH GRANT OPTION");
        }
        return sb.toString();
    }

    @VisibleForTesting
    public static boolean assertIPInAuditLog(String str) throws Exception {
        if (str == null) {
            return false;
        }
        Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
        while (networkInterfaces.hasMoreElements()) {
            Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
            while (inetAddresses.hasMoreElements()) {
                if (str.indexOf(inetAddresses.nextElement().getHostAddress()) != -1) {
                    return true;
                }
            }
        }
        return false;
    }
}
