package org.apache.nifi.admin;

import java.io.File;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Iterator;
import java.util.UUID;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.authorization.Authority;
import org.apache.nifi.user.NiFiUser;
import org.apache.nifi.util.NiFiProperties;
import org.h2.jdbcx.JdbcConnectionPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.FactoryBean;

/* loaded from: input_file:org/apache/nifi/admin/UserDataSourceFactoryBean.class */
public class UserDataSourceFactoryBean implements FactoryBean {
    private static final String NF_USERNAME_PASSWORD = "nf";
    private static final int MAX_CONNECTIONS = 5;
    private static final String AUDIT_DATABASE_FILE_NAME = "nifi-users";
    private static final String CREATE_USER_TABLE = "CREATE TABLE USER (ID VARCHAR2(100) NOT NULL PRIMARY KEY, IDENTITY VARCHAR2(4096) NOT NULL UNIQUE, USER_NAME VARCHAR2(4096) NOT NULL, USER_GROUP VARCHAR2(100), CREATION TIMESTAMP NOT NULL, LAST_ACCESSED TIMESTAMP, LAST_VERIFIED TIMESTAMP, JUSTIFICATION VARCHAR2(500) NOT NULL, STATUS VARCHAR2(10) NOT NULL)";
    private static final String CREATE_AUTHORITY_TABLE = "CREATE TABLE AUTHORITY (ID INT NOT NULL PRIMARY KEY AUTO_INCREMENT, USER_ID VARCHAR2(100) NOT NULL, ROLE VARCHAR2(50) NOT NULL, FOREIGN KEY (USER_ID) REFERENCES USER (ID), CONSTRAINT USER_ROLE_UNIQUE_CONSTRAINT UNIQUE (USER_ID, ROLE))";
    private static final String INSERT_ANONYMOUS_AUTHORITY = "INSERT INTO AUTHORITY (USER_ID, ROLE) VALUES ((SELECT ID FROM USER WHERE IDENTITY = 'anonymous'), '%s')";
    private static final String DELETE_ANONYMOUS_AUTHORITIES = "DELETE FROM AUTHORITY WHERE USER_ID = (SELECT ID FROM USER WHERE IDENTITY = 'anonymous')";
    private static final String RENAME_DN_COLUMN = "ALTER TABLE USER ALTER COLUMN DN RENAME TO IDENTITY";
    private static final String RESIZE_IDENTITY_COLUMN = "ALTER TABLE USER MODIFY IDENTITY VARCHAR(4096)";
    private static final String RESIZE_USER_NAME_COLUMN = "ALTER TABLE USER MODIFY USER_NAME VARCHAR(4096)";
    private static final String CREATE_KEY_TABLE = "CREATE TABLE KEY (ID INT NOT NULL PRIMARY KEY AUTO_INCREMENT, IDENTITY VARCHAR2(4096) NOT NULL UNIQUE, KEY VARCHAR2(100) NOT NULL)";
    private JdbcConnectionPool connectionPool;
    private NiFiProperties properties;
    private static final Logger logger = LoggerFactory.getLogger(UserDataSourceFactoryBean.class);
    private static final String INSERT_ANONYMOUS_USER = "INSERT INTO USER (ID, IDENTITY, USER_NAME, CREATION, LAST_VERIFIED, JUSTIFICATION, STATUS) VALUES ('" + UUID.randomUUID().toString() + "', '" + NiFiUser.ANONYMOUS_USER_IDENTITY + "', '" + NiFiUser.ANONYMOUS_USER_IDENTITY + "', NOW(), NOW(), 'Anonymous user needs no justification', 'ACTIVE')";

    public Object getObject() throws Exception {
        if (this.connectionPool == null) {
            String property = this.properties.getProperty("nifi.database.directory");
            if (property == null) {
                throw new NullPointerException("Database directory must be specified.");
            }
            HashSet hashSet = new HashSet(this.properties.getAnonymousAuthorities());
            EnumSet convertRawAuthorities = Authority.convertRawAuthorities(hashSet);
            if (hashSet.size() != convertRawAuthorities.size()) {
                hashSet.removeAll(Authority.convertAuthorities(convertRawAuthorities));
                throw new IllegalStateException(String.format("Invalid authorities specified for anonymous access: [%s]. Valid values are: [%s].", StringUtils.join(hashSet, ", "), StringUtils.join(Authority.values(), ", ")));
            }
            String databaseUrl = getDatabaseUrl(new File(new File(property), AUDIT_DATABASE_FILE_NAME));
            this.connectionPool = JdbcConnectionPool.create(databaseUrl, NF_USERNAME_PASSWORD, NF_USERNAME_PASSWORD);
            this.connectionPool.setMaxConnections(MAX_CONNECTIONS);
            Connection connection = null;
            ResultSet resultSet = null;
            Statement statement = null;
            try {
                try {
                    connection = this.connectionPool.getConnection();
                    connection.setAutoCommit(false);
                    statement = connection.createStatement();
                    ResultSet tables = connection.getMetaData().getTables(null, null, "USER", null);
                    if (tables.next()) {
                        logger.info("Existing database found and connected to at: " + databaseUrl);
                        RepositoryUtils.closeQuietly(tables);
                        tables = connection.getMetaData().getColumns(null, null, "USER", "DN");
                        if (tables.next()) {
                            statement.execute(RENAME_DN_COLUMN);
                            statement.execute(RESIZE_IDENTITY_COLUMN);
                            statement.execute(RESIZE_USER_NAME_COLUMN);
                        }
                        statement.execute(DELETE_ANONYMOUS_AUTHORITIES);
                    } else {
                        logger.info("Database not built for repository: " + databaseUrl + ".  Building now...");
                        statement.execute(CREATE_USER_TABLE);
                        statement.execute(CREATE_AUTHORITY_TABLE);
                        statement.execute(INSERT_ANONYMOUS_USER);
                    }
                    Iterator it = convertRawAuthorities.iterator();
                    while (it.hasNext()) {
                        statement.execute(String.format(INSERT_ANONYMOUS_AUTHORITY, ((Authority) it.next()).name()));
                    }
                    RepositoryUtils.closeQuietly(tables);
                    resultSet = connection.getMetaData().getTables(null, null, "KEY", null);
                    if (!resultSet.next()) {
                        statement.execute(CREATE_KEY_TABLE);
                    }
                    connection.commit();
                    RepositoryUtils.closeQuietly(resultSet);
                    RepositoryUtils.closeQuietly(statement);
                    RepositoryUtils.closeQuietly(connection);
                } catch (SQLException e) {
                    RepositoryUtils.rollback(connection, logger);
                    throw e;
                }
            } catch (Throwable th) {
                RepositoryUtils.closeQuietly(resultSet);
                RepositoryUtils.closeQuietly(statement);
                RepositoryUtils.closeQuietly(connection);
                throw th;
            }
        }
        return this.connectionPool;
    }

    private String getDatabaseUrl(File file) {
        String str = "jdbc:h2:" + file + ";AUTOCOMMIT=OFF;DB_CLOSE_ON_EXIT=FALSE;LOCK_MODE=3";
        String property = this.properties.getProperty("nifi.h2.url.append");
        if (StringUtils.isNotBlank(property)) {
            str = str + property;
        }
        return str;
    }

    public Class getObjectType() {
        return JdbcConnectionPool.class;
    }

    public boolean isSingleton() {
        return true;
    }

    public void setProperties(NiFiProperties niFiProperties) {
        this.properties = niFiProperties;
    }

    public void shutdown() {
        if (this.connectionPool != null) {
            try {
                this.connectionPool.dispose();
            } catch (Exception e) {
                logger.warn("Unable to dispose of connection pool: " + e.getMessage());
                if (logger.isDebugEnabled()) {
                    logger.warn("", e);
                }
            }
        }
    }
}
