package org.apache.iotdb.commons.utils;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.iotdb.commons.auth.AuthException;
import org.apache.iotdb.commons.auth.entity.PathPrivilege;
import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.conf.CommonDescriptor;
import org.apache.iotdb.commons.exception.MetadataException;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.commons.path.PathDeserializeUtil;
import org.apache.iotdb.commons.security.encrypt.AsymmetricEncryptFactory;
import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
import org.apache.iotdb.confignode.rpc.thrift.TRoleResp;
import org.apache.iotdb.confignode.rpc.thrift.TUserResp;
import org.apache.iotdb.rpc.TSStatusCode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/iotdb/commons/utils/AuthUtils.class */
public class AuthUtils {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AuthUtils.class);
    private static final String ROOT_PREFIX = "root";
    public static PartialPath ROOT_PATH_PRIVILEGE_PATH;
    private static final int MIN_PASSWORD_LENGTH = 4;
    private static final int MIN_USERNAME_LENGTH = 4;
    private static final int MIN_ROLENAME_LENGTH = 4;

    private AuthUtils() {
    }

    public static void validatePassword(String str) throws AuthException {
        if (str.length() < 4) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password's size must be greater than or equal to 4");
        }
        if (str.contains(StringUtils.SPACE)) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password cannot contain spaces");
        }
    }

    public static boolean validatePassword(String str, String str2) {
        return AsymmetricEncryptFactory.getEncryptProvider(CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(), CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter()).validate(str, str2);
    }

    public static void validateUsername(String str) throws AuthException {
        if (str.length() < 4) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username's size must be greater than or equal to 4");
        }
        if (str.contains(StringUtils.SPACE)) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username cannot contain spaces");
        }
    }

    public static void validateRolename(String str) throws AuthException {
        if (str.length() < 4) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name's size must be greater than or equal to 4");
        }
        if (str.contains(StringUtils.SPACE)) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name cannot contain spaces");
        }
    }

    public static void validatePrivilege(int i) throws AuthException {
        if (i < 0 || i >= PrivilegeType.values().length) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, String.format("Invalid privilegeId %d", Integer.valueOf(i)));
        }
    }

    public static void validatePath(PartialPath partialPath) throws AuthException {
        if (!partialPath.getFirstNode().equals("root")) {
            throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, String.format("Illegal seriesPath %s, seriesPath should start with \"%s\"", partialPath, "root"));
        }
    }

    public static void validatePrivilegeOnPath(PartialPath partialPath, int i) throws AuthException {
        validatePrivilege(i);
        PrivilegeType privilegeType = PrivilegeType.values()[i];
        if (partialPath.equals(ROOT_PATH_PRIVILEGE_PATH)) {
            switch (privilegeType) {
                case READ_TIMESERIES:
                case CREATE_DATABASE:
                case DELETE_DATABASE:
                case CREATE_TIMESERIES:
                case DELETE_TIMESERIES:
                case INSERT_TIMESERIES:
                case ALTER_TIMESERIES:
                    validatePath(partialPath);
                    return;
                default:
                    return;
            }
        } else {
            validatePath(partialPath);
            switch (privilegeType) {
                case READ_TIMESERIES:
                case CREATE_DATABASE:
                case DELETE_DATABASE:
                case CREATE_TIMESERIES:
                case DELETE_TIMESERIES:
                case INSERT_TIMESERIES:
                case ALTER_TIMESERIES:
                case CREATE_TRIGGER:
                case DROP_TRIGGER:
                case START_TRIGGER:
                case STOP_TRIGGER:
                case APPLY_TEMPLATE:
                    return;
                default:
                    throw new AuthException(TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, String.format("Illegal privilege %s on seriesPath %s", privilegeType, partialPath));
            }
        }
    }

    public static String encryptPassword(String str) {
        return AsymmetricEncryptFactory.getEncryptProvider(CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(), CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter()).encrypt(str);
    }

    public static boolean checkPrivilege(PartialPath partialPath, int i, List<PathPrivilege> list) throws AuthException {
        if (list == null) {
            return false;
        }
        for (PathPrivilege pathPrivilege : list) {
            if (partialPath != null) {
                if (pathPrivilege.getPath() != null && pathPrivilege.getPath().matchFullPath(partialPath) && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                    return true;
                }
            } else if (pathPrivilege.getPath() == null && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                return true;
            }
        }
        return false;
    }

    public static Set<Integer> getPrivileges(PartialPath partialPath, List<PathPrivilege> list) throws AuthException {
        if (list == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (PathPrivilege pathPrivilege : list) {
            if (partialPath != null) {
                if (pathPrivilege.getPath() != null && pathPrivilege.getPath().matchFullPath(partialPath)) {
                    hashSet.addAll(pathPrivilege.getPrivileges());
                }
            } else if (pathPrivilege.getPath() == null) {
                hashSet.addAll(pathPrivilege.getPrivileges());
            }
        }
        return hashSet;
    }

    public static boolean hasPrivilege(PartialPath partialPath, int i, List<PathPrivilege> list) {
        for (PathPrivilege pathPrivilege : list) {
            if (pathPrivilege.getPath().equals(partialPath) && pathPrivilege.getPrivileges().contains(Integer.valueOf(i))) {
                pathPrivilege.getReferenceCnt().incrementAndGet();
                return true;
            }
        }
        return false;
    }

    public static void addPrivilege(PartialPath partialPath, int i, List<PathPrivilege> list) {
        PathPrivilege pathPrivilege = null;
        Iterator<PathPrivilege> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            PathPrivilege next = it.next();
            if (next.getPath().equals(partialPath)) {
                pathPrivilege = next;
                break;
            }
        }
        if (pathPrivilege == null) {
            pathPrivilege = new PathPrivilege(partialPath);
            list.add(pathPrivilege);
        }
        if (i != PrivilegeType.ALL.ordinal()) {
            pathPrivilege.getPrivileges().add(Integer.valueOf(i));
            return;
        }
        for (PrivilegeType privilegeType : PrivilegeType.values()) {
            pathPrivilege.getPrivileges().add(Integer.valueOf(privilegeType.ordinal()));
        }
    }

    public static void removePrivilege(PartialPath partialPath, int i, List<PathPrivilege> list) {
        PathPrivilege pathPrivilege = null;
        Iterator<PathPrivilege> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            PathPrivilege next = it.next();
            if (next.getPath().equals(partialPath)) {
                pathPrivilege = next;
                break;
            }
        }
        if (pathPrivilege != null) {
            if (i == PrivilegeType.ALL.ordinal()) {
                list.remove(pathPrivilege);
                return;
            }
            pathPrivilege.getPrivileges().remove(Integer.valueOf(i));
            if (pathPrivilege.getPrivileges().isEmpty()) {
                list.remove(pathPrivilege);
            }
        }
    }

    public static TPermissionInfoResp generateEmptyPermissionInfoResp() {
        TPermissionInfoResp tPermissionInfoResp = new TPermissionInfoResp();
        tPermissionInfoResp.setUserInfo(new TUserResp("", "", new ArrayList(), new ArrayList(), false));
        HashMap hashMap = new HashMap();
        hashMap.put("", new TRoleResp("", new ArrayList()));
        tPermissionInfoResp.setRoleInfo(hashMap);
        return tPermissionInfoResp;
    }

    public static Set<Integer> strToPermissions(String[] strArr) throws AuthException {
        HashSet hashSet = new HashSet();
        if (strArr == null) {
            return hashSet;
        }
        PrivilegeType[] values = PrivilegeType.values();
        int length = strArr.length;
        for (int i = 0; i < length; i++) {
            String str = strArr[i];
            boolean z = false;
            if ("SET_STORAGE_GROUP".equalsIgnoreCase(str)) {
                str = PrivilegeType.CREATE_DATABASE.name();
            }
            if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(str)) {
                str = PrivilegeType.DELETE_DATABASE.name();
            }
            int length2 = values.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                PrivilegeType privilegeType = values[i2];
                if (str.equalsIgnoreCase(privilegeType.name())) {
                    hashSet.add(Integer.valueOf(privilegeType.ordinal()));
                    z = true;
                    break;
                }
                i2++;
            }
            if (!z) {
                throw new AuthException(TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, "No such privilege " + str);
            }
        }
        return hashSet;
    }

    public static ByteBuffer serializePartialPathList(List<PartialPath> list) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        try {
            dataOutputStream.writeInt(list.size());
            Iterator<PartialPath> it = list.iterator();
            while (it.hasNext()) {
                it.next().serialize(dataOutputStream);
            }
        } catch (IOException e) {
            logger.error("Failed to serialize PartialPath list", (Throwable) e);
        }
        return ByteBuffer.wrap(byteArrayOutputStream.toByteArray());
    }

    public static List<PartialPath> deserializePartialPathList(ByteBuffer byteBuffer) {
        int i = byteBuffer.getInt();
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 < i; i2++) {
            arrayList.add((PartialPath) PathDeserializeUtil.deserialize(byteBuffer));
        }
        return arrayList;
    }

    static {
        try {
            ROOT_PATH_PRIVILEGE_PATH = new PartialPath("root.**");
        } catch (MetadataException e) {
        }
    }
}
