package org.apache.iotdb.commons.auth.user;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.iotdb.commons.auth.AuthException;
import org.apache.iotdb.commons.auth.entity.User;
import org.apache.iotdb.commons.concurrent.HashLock;
import org.apache.iotdb.commons.conf.CommonDescriptor;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.commons.utils.AuthUtils;
import org.apache.iotdb.rpc.TSStatusCode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/iotdb/commons/auth/user/BasicUserManager.class */
public abstract class BasicUserManager implements IUserManager {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) BasicUserManager.class);
    private static final String NO_SUCH_USER_ERROR = "No such user %s";
    protected IUserAccessor accessor;
    protected Map<String, User> userMap = new HashMap();
    protected HashLock lock = new HashLock();

    /* JADX INFO: Access modifiers changed from: protected */
    public BasicUserManager(IUserAccessor iUserAccessor) throws AuthException {
        this.accessor = iUserAccessor;
        reset();
    }

    private void initAdmin() throws AuthException {
        User user;
        try {
            user = getUser(CommonDescriptor.getInstance().getConfig().getAdminName());
        } catch (AuthException e) {
            logger.warn("Cannot load admin, Creating a new one", (Throwable) e);
            user = null;
        }
        if (user == null) {
            createUser(CommonDescriptor.getInstance().getConfig().getAdminName(), CommonDescriptor.getInstance().getConfig().getAdminPassword());
            setUserUseWaterMark(CommonDescriptor.getInstance().getConfig().getAdminName(), false);
        }
        logger.info("Admin initialized");
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public User getUser(String str) throws AuthException {
        this.lock.readLock(str);
        User user = this.userMap.get(str);
        if (user == null) {
            try {
                try {
                    user = this.accessor.loadUser(str);
                    if (user != null) {
                        this.userMap.put(str, user);
                    }
                } catch (IOException e) {
                    throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
                }
            } finally {
                this.lock.readUnlock(str);
            }
        }
        if (user != null) {
            user.setLastActiveTime(System.currentTimeMillis());
        }
        return user;
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean createUser(String str, String str2) throws AuthException {
        AuthUtils.validateUsername(str);
        AuthUtils.validatePassword(str2);
        if (getUser(str) != null) {
            return false;
        }
        this.lock.writeLock(str);
        try {
            try {
                User user = new User(str, AuthUtils.encryptPassword(str2));
                if (!new File(this.accessor.getDirPath()).exists()) {
                    reset();
                }
                this.accessor.saveUser(user);
                this.userMap.put(str, user);
                this.lock.writeUnlock(str);
                return true;
            } catch (IOException e) {
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } catch (Throwable th) {
            this.lock.writeUnlock(str);
            throw th;
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean deleteUser(String str) throws AuthException {
        this.lock.writeLock(str);
        try {
            try {
                if (!this.accessor.deleteUser(str)) {
                    return false;
                }
                this.userMap.remove(str);
                this.lock.writeUnlock(str);
                return true;
            } catch (IOException e) {
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } finally {
            this.lock.writeUnlock(str);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean grantPrivilegeToUser(String str, PartialPath partialPath, int i) throws AuthException {
        AuthUtils.validatePrivilegeOnPath(partialPath, i);
        this.lock.writeLock(str);
        try {
            User user = getUser(str);
            if (user == null) {
                throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str));
            }
            if (user.hasPrivilege(partialPath, i)) {
                return false;
            }
            HashSet hashSet = new HashSet(user.getPrivileges(partialPath));
            user.addPrivilege(partialPath, i);
            try {
                this.accessor.saveUser(user);
                this.lock.writeUnlock(str);
                return true;
            } catch (IOException e) {
                user.setPrivileges(partialPath, hashSet);
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } finally {
            this.lock.writeUnlock(str);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean revokePrivilegeFromUser(String str, PartialPath partialPath, int i) throws AuthException {
        AuthUtils.validatePrivilegeOnPath(partialPath, i);
        this.lock.writeLock(str);
        try {
            User user = getUser(str);
            if (user == null) {
                throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str));
            }
            if (!user.hasPrivilege(partialPath, i)) {
                return false;
            }
            user.removePrivilege(partialPath, i);
            try {
                this.accessor.saveUser(user);
                this.lock.writeUnlock(str);
                return true;
            } catch (IOException e) {
                user.addPrivilege(partialPath, i);
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } finally {
            this.lock.writeUnlock(str);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean updateUserPassword(String str, String str2) throws AuthException {
        try {
            AuthUtils.validatePassword(str2);
            this.lock.writeLock(str);
            try {
                User user = getUser(str);
                if (user == null) {
                    throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str));
                }
                String password = user.getPassword();
                user.setPassword(AuthUtils.encryptPassword(str2));
                try {
                    this.accessor.saveUser(user);
                    return true;
                } catch (IOException e) {
                    user.setPassword(password);
                    throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
                }
            } finally {
                this.lock.writeUnlock(str);
            }
        } catch (AuthException e2) {
            logger.debug("An illegal password detected ", (Throwable) e2);
            return false;
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean grantRoleToUser(String str, String str2) throws AuthException {
        this.lock.writeLock(str2);
        try {
            User user = getUser(str2);
            if (user == null) {
                throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str2));
            }
            if (user.hasRole(str)) {
                return false;
            }
            user.getRoleList().add(str);
            try {
                this.accessor.saveUser(user);
                this.lock.writeUnlock(str2);
                return true;
            } catch (IOException e) {
                user.getRoleList().remove(str);
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } finally {
            this.lock.writeUnlock(str2);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean revokeRoleFromUser(String str, String str2) throws AuthException {
        this.lock.writeLock(str2);
        try {
            User user = getUser(str2);
            if (user == null) {
                throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str2));
            }
            if (!user.hasRole(str)) {
                return false;
            }
            user.getRoleList().remove(str);
            try {
                this.accessor.saveUser(user);
                this.lock.writeUnlock(str2);
                return true;
            } catch (IOException e) {
                user.getRoleList().add(str);
                throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
            }
        } finally {
            this.lock.writeUnlock(str2);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public void reset() throws AuthException {
        this.accessor.reset();
        this.userMap.clear();
        initAdmin();
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public List<String> listAllUsers() {
        List<String> listAllUsers = this.accessor.listAllUsers();
        listAllUsers.sort(null);
        return listAllUsers;
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public boolean isUserUseWaterMark(String str) throws AuthException {
        User user = getUser(str);
        if (user == null) {
            throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str));
        }
        return user.isUseWaterMark();
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public void setUserUseWaterMark(String str, boolean z) throws AuthException {
        User user = getUser(str);
        if (user == null) {
            throw new AuthException(TSStatusCode.USER_NOT_EXIST, String.format(NO_SUCH_USER_ERROR, str));
        }
        boolean isUseWaterMark = user.isUseWaterMark();
        if (isUseWaterMark == z) {
            return;
        }
        user.setUseWaterMark(z);
        try {
            this.accessor.saveUser(user);
        } catch (IOException e) {
            user.setUseWaterMark(isUseWaterMark);
            throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
        }
    }

    @Override // org.apache.iotdb.commons.auth.user.IUserManager
    public void replaceAllUsers(Map<String, User> map) throws AuthException {
        synchronized (this) {
            reset();
            this.userMap = map;
            Iterator<Map.Entry<String, User>> it = this.userMap.entrySet().iterator();
            while (it.hasNext()) {
                try {
                    this.accessor.saveUser(it.next().getValue());
                } catch (IOException e) {
                    throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e);
                }
            }
        }
    }
}
