package org.apache.iotdb.commons.auth.role;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.apache.iotdb.commons.auth.entity.PathPrivilege;
import org.apache.iotdb.commons.auth.entity.Role;
import org.apache.iotdb.commons.conf.IoTDBConstant;
import org.apache.iotdb.commons.file.SystemFileFactory;
import org.apache.iotdb.commons.utils.FileUtils;
import org.apache.iotdb.commons.utils.IOUtils;
import org.apache.iotdb.tsfile.utils.Pair;
import org.apache.thrift.TException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.class */
public class LocalFileRoleAccessor implements IRoleAccessor {
    private static final String TEMP_SUFFIX = ".temp";
    private static final String STRING_ENCODING = "utf-8";
    private final String roleDirPath;
    private final ThreadLocal<ByteBuffer> encodingBufferLocal = new ThreadLocal<>();
    private final ThreadLocal<byte[]> strBufferLocal = new ThreadLocal<>();
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) LocalFileRoleAccessor.class);
    private static final String ROLE_SNAPSHOT_FILE_NAME = IoTDBConstant.SYSTEM_FOLDER_NAME + File.separator + "roles";

    public LocalFileRoleAccessor(String str) {
        this.roleDirPath = str;
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public Role loadRole(String str) throws IOException {
        File file = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + str + IoTDBConstant.PROFILE_SUFFIX);
        if (!file.exists() || !file.isFile()) {
            File file2 = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + str + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX);
            if (!file2.exists() || !file2.isFile()) {
                return null;
            }
            file = file2;
        }
        try {
            try {
                DataInputStream dataInputStream = new DataInputStream(new BufferedInputStream(new FileInputStream(file)));
                try {
                    Role role = new Role();
                    Pair<String, Boolean> readAuthString = IOUtils.readAuthString(dataInputStream, "utf-8", this.strBufferLocal);
                    role.setName(readAuthString.getLeft());
                    if (readAuthString.getRight().booleanValue()) {
                        IOUtils.loadRolePrivilege(role, dataInputStream, "utf-8", this.strBufferLocal);
                        dataInputStream.close();
                        this.strBufferLocal.remove();
                        return role;
                    }
                    role.setSysPrivilegeSet(dataInputStream.readInt());
                    ArrayList arrayList = new ArrayList();
                    int i = 0;
                    while (dataInputStream.available() != 0) {
                        arrayList.add(IOUtils.readPathPrivilege(dataInputStream, "utf-8", this.strBufferLocal, false));
                        i++;
                    }
                    role.setPrivilegeList(arrayList);
                    dataInputStream.close();
                    this.strBufferLocal.remove();
                    return role;
                } catch (Throwable th) {
                    try {
                        dataInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } catch (Exception e) {
                throw new IOException(e);
            }
        } catch (Throwable th3) {
            this.strBufferLocal.remove();
            throw th3;
        }
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public void saveRole(Role role) throws IOException {
        File file = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + role.getName() + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX);
        File file2 = new File(this.roleDirPath);
        if (!file2.exists() && !file2.mkdirs()) {
            LOGGER.error("Failed to create role dir {}", this.roleDirPath);
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fileOutputStream);
        try {
            try {
                byte[] bytes = role.getName().getBytes("utf-8");
                IOUtils.writeInt(bufferedOutputStream, (-1) * bytes.length, this.encodingBufferLocal);
                bufferedOutputStream.write(bytes);
                IOUtils.writeInt(bufferedOutputStream, role.getAllSysPrivileges(), this.encodingBufferLocal);
                int size = role.getPathPrivilegeList().size();
                for (int i = 0; i < size; i++) {
                    IOUtils.writePathPrivilege(bufferedOutputStream, role.getPathPrivilegeList().get(i), "utf-8", this.encodingBufferLocal);
                }
                IOUtils.replaceFile(file, SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + role.getName() + IoTDBConstant.PROFILE_SUFFIX));
            } catch (Exception e) {
                throw new IOException(e);
            }
        } finally {
            bufferedOutputStream.flush();
            fileOutputStream.getFD().sync();
            bufferedOutputStream.close();
            this.encodingBufferLocal.remove();
        }
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public boolean deleteRole(String str) throws IOException {
        File file = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + str + IoTDBConstant.PROFILE_SUFFIX);
        File file2 = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + str + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX);
        if (!file.exists() && !file2.exists()) {
            return false;
        }
        if ((!file.exists() || file.delete()) && (!file2.exists() || file2.delete())) {
            return true;
        }
        throw new IOException(String.format("Cannot delete role file of %s", str));
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public List<String> listAllRoles() {
        String[] list = SystemFileFactory.INSTANCE.getFile(this.roleDirPath).list((file, str) -> {
            return str.endsWith(IoTDBConstant.PROFILE_SUFFIX) || str.endsWith(TEMP_SUFFIX);
        });
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            HashSet hashSet = new HashSet();
            for (String str2 : list) {
                hashSet.add(str2.replace(IoTDBConstant.PROFILE_SUFFIX, "").replace(TEMP_SUFFIX, ""));
            }
            arrayList.addAll(hashSet);
        }
        return arrayList;
    }

    @Override // org.apache.iotdb.commons.snapshot.SnapshotProcessor
    public boolean processTakeSnapshot(File file) throws TException, IOException {
        SystemFileFactory systemFileFactory = SystemFileFactory.INSTANCE;
        File file2 = systemFileFactory.getFile(this.roleDirPath);
        File file3 = systemFileFactory.getFile(file, ROLE_SNAPSHOT_FILE_NAME);
        File file4 = systemFileFactory.getFile(file3.getAbsolutePath() + "-" + UUID.randomUUID());
        try {
            boolean copyDir = FileUtils.copyDir(file2, file4) & file4.renameTo(file3);
            if (file4.exists() && !file4.delete()) {
                FileUtils.deleteDirectory(file4);
            }
            return copyDir;
        } catch (Throwable th) {
            if (file4.exists() && !file4.delete()) {
                FileUtils.deleteDirectory(file4);
            }
            throw th;
        }
    }

    @Override // org.apache.iotdb.commons.snapshot.SnapshotProcessor
    public void processLoadSnapshot(File file) throws TException, IOException {
        SystemFileFactory systemFileFactory = SystemFileFactory.INSTANCE;
        File file2 = systemFileFactory.getFile(this.roleDirPath);
        File file3 = systemFileFactory.getFile(file2.getAbsolutePath() + "-" + UUID.randomUUID());
        File file4 = systemFileFactory.getFile(file, ROLE_SNAPSHOT_FILE_NAME);
        if (!file4.exists()) {
            LOGGER.info("There are no roles to load.");
            return;
        }
        try {
            org.apache.commons.io.FileUtils.moveDirectory(file2, file3);
            if (!FileUtils.copyDir(file4, file2)) {
                LOGGER.error("Failed to load role folder snapshot and rollback.");
                FileUtils.deleteDirectory(file2);
                org.apache.commons.io.FileUtils.moveDirectory(file3, file2);
            }
        } finally {
            FileUtils.deleteDirectory(file3);
        }
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public void reset() {
        if (SystemFileFactory.INSTANCE.getFile(this.roleDirPath).mkdirs()) {
            LOGGER.info("role info dir {} is created", this.roleDirPath);
        } else {
            if (SystemFileFactory.INSTANCE.getFile(this.roleDirPath).exists()) {
                return;
            }
            LOGGER.error("role info dir {} can not be created", this.roleDirPath);
        }
    }

    @Override // org.apache.iotdb.commons.auth.role.IRoleAccessor
    public void cleanRoleFolder() {
        File[] listFiles = SystemFileFactory.INSTANCE.getFile(this.roleDirPath).listFiles();
        if (listFiles != null) {
            for (File file : listFiles) {
                FileUtils.deleteFileIfExist(file);
            }
        }
    }

    public void saveRoleOldVer(Role role) throws IOException {
        File file = SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + role.getName() + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX);
        File file2 = new File(this.roleDirPath);
        if (!file2.exists() && !file2.mkdirs()) {
            LOGGER.error("Failed to create role dir {}", this.roleDirPath);
        }
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(Files.newOutputStream(file.toPath(), new OpenOption[0]));
            try {
                try {
                    IOUtils.writeString(bufferedOutputStream, role.getName(), "utf-8", this.encodingBufferLocal);
                    int size = role.getPathPrivilegeList().size();
                    IOUtils.writeInt(bufferedOutputStream, size, this.encodingBufferLocal);
                    for (int i = 0; i < size; i++) {
                        PathPrivilege pathPrivilege = role.getPathPrivilegeList().get(i);
                        IOUtils.writeString(bufferedOutputStream, pathPrivilege.getPath().getFullPath(), "utf-8", this.encodingBufferLocal);
                        IOUtils.writeInt(bufferedOutputStream, pathPrivilege.getPrivileges().size(), this.encodingBufferLocal);
                        Iterator<Integer> it = pathPrivilege.getPrivileges().iterator();
                        while (it.hasNext()) {
                            IOUtils.writeInt(bufferedOutputStream, it.next().intValue(), this.encodingBufferLocal);
                        }
                    }
                    bufferedOutputStream.flush();
                    bufferedOutputStream.close();
                    IOUtils.replaceFile(file, SystemFileFactory.INSTANCE.getFile(this.roleDirPath + File.separator + role.getName() + IoTDBConstant.PROFILE_SUFFIX));
                } finally {
                }
            } catch (Exception e) {
                throw new IOException(e);
            }
        } finally {
            this.encodingBufferLocal.remove();
        }
    }
}
