package org.apache.iotdb.confignode.manager;

import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.iotdb.common.rpc.thrift.TDataNodeConfiguration;
import org.apache.iotdb.common.rpc.thrift.TSStatus;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.confignode.client.DataNodeRequestType;
import org.apache.iotdb.confignode.client.sync.SyncDataNodeClientPool;
import org.apache.iotdb.confignode.consensus.request.ConfigPhysicalPlanType;
import org.apache.iotdb.confignode.consensus.request.auth.AuthorPlan;
import org.apache.iotdb.confignode.consensus.response.auth.PermissionInfoResp;
import org.apache.iotdb.confignode.manager.consensus.ConsensusManager;
import org.apache.iotdb.confignode.persistence.AuthorInfo;
import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
import org.apache.iotdb.consensus.exception.ConsensusException;
import org.apache.iotdb.mpp.rpc.thrift.TInvalidatePermissionCacheReq;
import org.apache.iotdb.rpc.RpcUtils;
import org.apache.iotdb.rpc.TSStatusCode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/iotdb/confignode/manager/PermissionManager.class */
public class PermissionManager {
    private static final Logger LOGGER = LoggerFactory.getLogger(PermissionManager.class);
    private final ConfigManager configManager;
    private final AuthorInfo authorInfo;

    public PermissionManager(ConfigManager configManager, AuthorInfo authorInfo) {
        this.configManager = configManager;
        this.authorInfo = authorInfo;
    }

    public TSStatus operatePermission(AuthorPlan authorPlan) {
        TSStatus write;
        try {
            if (authorPlan.getAuthorType() == ConfigPhysicalPlanType.CreateUser || authorPlan.getAuthorType() == ConfigPhysicalPlanType.CreateRole) {
                write = getConsensusManager().write(authorPlan);
            } else {
                write = invalidateCache(authorPlan.getUserName(), authorPlan.getRoleName());
                if (write.getCode() == TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
                    write = getConsensusManager().write(authorPlan);
                }
            }
            return write;
        } catch (ConsensusException e) {
            LOGGER.warn("Failed in the write API executing the consensus layer due to: ", e);
            TSStatus tSStatus = new TSStatus(TSStatusCode.EXECUTE_STATEMENT_ERROR.getStatusCode());
            tSStatus.setMessage(e.getMessage());
            return tSStatus;
        }
    }

    public PermissionInfoResp queryPermission(AuthorPlan authorPlan) {
        try {
            return (PermissionInfoResp) getConsensusManager().read(authorPlan);
        } catch (ConsensusException e) {
            LOGGER.warn("Failed in the read API executing the consensus layer due to: ", e);
            TSStatus tSStatus = new TSStatus(TSStatusCode.EXECUTE_STATEMENT_ERROR.getStatusCode());
            tSStatus.setMessage(e.getMessage());
            return new PermissionInfoResp(tSStatus, Collections.emptyMap());
        }
    }

    private ConsensusManager getConsensusManager() {
        return this.configManager.getConsensusManager();
    }

    public TPermissionInfoResp login(String str, String str2) {
        return this.authorInfo.login(str, str2);
    }

    public TPermissionInfoResp checkUserPrivileges(String str, List<PartialPath> list, int i) {
        return this.authorInfo.checkUserPrivileges(str, list, i);
    }

    public TSStatus invalidateCache(String str, String str2) {
        List<TDataNodeConfiguration> registeredDataNodes = this.configManager.getNodeManager().getRegisteredDataNodes();
        TInvalidatePermissionCacheReq tInvalidatePermissionCacheReq = new TInvalidatePermissionCacheReq();
        tInvalidatePermissionCacheReq.setUsername(str);
        tInvalidatePermissionCacheReq.setRoleName(str2);
        Iterator<TDataNodeConfiguration> it = registeredDataNodes.iterator();
        while (it.hasNext()) {
            TSStatus sendSyncRequestToDataNodeWithRetry = SyncDataNodeClientPool.getInstance().sendSyncRequestToDataNodeWithRetry(it.next().getLocation().getInternalEndPoint(), tInvalidatePermissionCacheReq, DataNodeRequestType.INVALIDATE_PERMISSION_CACHE);
            if (sendSyncRequestToDataNodeWithRetry.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
                return sendSyncRequestToDataNodeWithRetry;
            }
        }
        return RpcUtils.getStatus(TSStatusCode.SUCCESS_STATUS);
    }
}
