package org.apache.nifi.registry.security.authorization.file;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.nifi.registry.security.authorization.AbstractConfigurableAccessPolicyProvider;
import org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer;
import org.apache.nifi.registry.security.authorization.AccessPolicy;
import org.apache.nifi.registry.security.authorization.AccessPolicyProviderInitializationContext;
import org.apache.nifi.registry.security.authorization.AccessPolicyProviderLookup;
import org.apache.nifi.registry.security.authorization.AuthorizerConfigurationContext;
import org.apache.nifi.registry.security.authorization.AuthorizerInitializationContext;
import org.apache.nifi.registry.security.authorization.Group;
import org.apache.nifi.registry.security.authorization.RequestAction;
import org.apache.nifi.registry.security.authorization.StandardAuthorizerConfigurationContext;
import org.apache.nifi.registry.security.authorization.User;
import org.apache.nifi.registry.security.authorization.UserGroupProviderInitializationContext;
import org.apache.nifi.registry.security.authorization.UserGroupProviderLookup;
import org.apache.nifi.registry.security.authorization.UsersAndAccessPolicies;
import org.apache.nifi.registry.security.authorization.annotation.AuthorizerContext;
import org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException;
import org.apache.nifi.registry.security.authorization.util.AccessPolicyProviderUtils;
import org.apache.nifi.registry.security.authorization.util.UserGroupProviderUtils;
import org.apache.nifi.registry.security.exception.SecurityProviderCreationException;
import org.apache.nifi.registry.security.identity.IdentityMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/nifi-registry-framework-1.15.0.jar:org/apache/nifi/registry/security/authorization/file/FileAuthorizer.class */
public class FileAuthorizer extends AbstractPolicyBasedAuthorizer {
    private static final Logger logger = LoggerFactory.getLogger(FileAuthorizer.class);
    private static final String FILE_USER_GROUP_PROVIDER_ID = "file-user-group-provider";
    private static final String FILE_ACCESS_POLICY_PROVIDER_ID = "file-access-policy-provider";
    static final String PROP_LEGACY_AUTHORIZED_USERS_FILE = "Legacy Authorized Users File";
    private FileUserGroupProvider userGroupProvider = new FileUserGroupProvider();
    private FileAccessPolicyProvider accessPolicyProvider = new FileAccessPolicyProvider();

    public void initialize(AuthorizerInitializationContext authorizerInitializationContext) throws SecurityProviderCreationException {
        this.userGroupProvider.initialize(new UserGroupProviderInitializationContext() { // from class: org.apache.nifi.registry.security.authorization.file.FileAuthorizer.1
            public String getIdentifier() {
                return FileAuthorizer.FILE_USER_GROUP_PROVIDER_ID;
            }

            public UserGroupProviderLookup getUserGroupProviderLookup() {
                return str -> {
                    return null;
                };
            }
        });
        this.accessPolicyProvider.initialize(new AccessPolicyProviderInitializationContext() { // from class: org.apache.nifi.registry.security.authorization.file.FileAuthorizer.2
            public String getIdentifier() {
                return FileAuthorizer.FILE_ACCESS_POLICY_PROVIDER_ID;
            }

            public UserGroupProviderLookup getUserGroupProviderLookup() {
                return str -> {
                    if (FileAuthorizer.FILE_USER_GROUP_PROVIDER_ID.equals(str)) {
                        return FileAuthorizer.this.userGroupProvider;
                    }
                    return null;
                };
            }

            public AccessPolicyProviderLookup getAccessPolicyProviderLookup() {
                return str -> {
                    return null;
                };
            }
        });
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public void doOnConfigured(AuthorizerConfigurationContext authorizerConfigurationContext) throws SecurityProviderCreationException {
        String str;
        Map properties = authorizerConfigurationContext.getProperties();
        HashMap hashMap = new HashMap();
        if (properties.containsKey("Users File")) {
            hashMap.put("Users File", properties.get("Users File"));
        }
        if (properties.containsKey(PROP_LEGACY_AUTHORIZED_USERS_FILE)) {
            hashMap.put(PROP_LEGACY_AUTHORIZED_USERS_FILE, properties.get(PROP_LEGACY_AUTHORIZED_USERS_FILE));
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put(AbstractConfigurableAccessPolicyProvider.PROP_USER_GROUP_PROVIDER, FILE_USER_GROUP_PROVIDER_ID);
        if (properties.containsKey("Authorizations File")) {
            hashMap2.put("Authorizations File", properties.get("Authorizations File"));
        }
        if (properties.containsKey(AccessPolicyProviderUtils.PROP_INITIAL_ADMIN_IDENTITY)) {
            hashMap2.put(AccessPolicyProviderUtils.PROP_INITIAL_ADMIN_IDENTITY, properties.get(AccessPolicyProviderUtils.PROP_INITIAL_ADMIN_IDENTITY));
        }
        if (properties.containsKey(PROP_LEGACY_AUTHORIZED_USERS_FILE)) {
            hashMap2.put(PROP_LEGACY_AUTHORIZED_USERS_FILE, properties.get(PROP_LEGACY_AUTHORIZED_USERS_FILE));
        }
        properties.forEach((str2, str3) -> {
            if (AccessPolicyProviderUtils.NIFI_IDENTITY_PATTERN.matcher(str2).matches()) {
                hashMap2.put(str2, str3);
                hashMap.put(str2.replace(AccessPolicyProviderUtils.PROP_NIFI_IDENTITY_PREFIX, UserGroupProviderUtils.PROP_INITIAL_USER_IDENTITY_PREFIX), str3);
            }
        });
        if (properties.containsKey(AccessPolicyProviderUtils.PROP_INITIAL_ADMIN_IDENTITY)) {
            int i = 0;
            do {
                int i2 = i;
                i++;
                str = UserGroupProviderUtils.PROP_INITIAL_USER_IDENTITY_PREFIX + i2;
            } while (hashMap.containsKey(str));
            hashMap.put(str, properties.get(AccessPolicyProviderUtils.PROP_INITIAL_ADMIN_IDENTITY));
        }
        this.userGroupProvider.onConfigured(new StandardAuthorizerConfigurationContext(FILE_USER_GROUP_PROVIDER_ID, hashMap));
        this.accessPolicyProvider.onConfigured(new StandardAuthorizerConfigurationContext(FILE_USER_GROUP_PROVIDER_ID, hashMap2));
    }

    public void preDestruction() {
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized Group doAddGroup(Group group) throws AuthorizationAccessException {
        return this.userGroupProvider.addGroup(group);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public Group getGroup(String str) throws AuthorizationAccessException {
        return this.userGroupProvider.getGroup(str);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized Group doUpdateGroup(Group group) throws AuthorizationAccessException {
        return this.userGroupProvider.updateGroup(group);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized Group deleteGroup(Group group) throws AuthorizationAccessException {
        return this.userGroupProvider.deleteGroup(group);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public Set<Group> getGroups() throws AuthorizationAccessException {
        return this.userGroupProvider.getGroups();
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized User doAddUser(User user) throws AuthorizationAccessException {
        return this.userGroupProvider.addUser(user);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public User getUser(String str) throws AuthorizationAccessException {
        return this.userGroupProvider.getUser(str);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public User getUserByIdentity(String str) throws AuthorizationAccessException {
        return this.userGroupProvider.getUserByIdentity(str);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized User doUpdateUser(User user) throws AuthorizationAccessException {
        return this.userGroupProvider.updateUser(user);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized User deleteUser(User user) throws AuthorizationAccessException {
        return this.userGroupProvider.deleteUser(user);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public Set<User> getUsers() throws AuthorizationAccessException {
        return this.userGroupProvider.getUsers();
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized AccessPolicy doAddAccessPolicy(AccessPolicy accessPolicy) throws AuthorizationAccessException {
        return this.accessPolicyProvider.addAccessPolicy(accessPolicy);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public AccessPolicy getAccessPolicy(String str) throws AuthorizationAccessException {
        return this.accessPolicyProvider.getAccessPolicy(str);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized AccessPolicy updateAccessPolicy(AccessPolicy accessPolicy) throws AuthorizationAccessException {
        return this.accessPolicyProvider.updateAccessPolicy(accessPolicy);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized AccessPolicy deleteAccessPolicy(AccessPolicy accessPolicy) throws AuthorizationAccessException {
        return this.accessPolicyProvider.deleteAccessPolicy(accessPolicy);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public Set<AccessPolicy> getAccessPolicies() throws AuthorizationAccessException {
        return this.accessPolicyProvider.getAccessPolicies();
    }

    @AuthorizerContext
    public void setIdentityMapper(IdentityMapper identityMapper) {
        this.userGroupProvider.setIdentityMapper(identityMapper);
        this.accessPolicyProvider.setIdentityMapper(identityMapper);
    }

    @Override // org.apache.nifi.registry.security.authorization.AbstractPolicyBasedAuthorizer
    public synchronized UsersAndAccessPolicies getUsersAndAccessPolicies() throws AuthorizationAccessException {
        final AuthorizationsHolder authorizationsHolder = this.accessPolicyProvider.getAuthorizationsHolder();
        final UserGroupHolder userGroupHolder = this.userGroupProvider.getUserGroupHolder();
        return new UsersAndAccessPolicies() { // from class: org.apache.nifi.registry.security.authorization.file.FileAuthorizer.3
            @Override // org.apache.nifi.registry.security.authorization.UsersAndAccessPolicies
            public AccessPolicy getAccessPolicy(String str, RequestAction requestAction) {
                return authorizationsHolder.getAccessPolicy(str, requestAction);
            }

            @Override // org.apache.nifi.registry.security.authorization.UsersAndAccessPolicies
            public User getUser(String str) {
                return userGroupHolder.getUser(str);
            }

            @Override // org.apache.nifi.registry.security.authorization.UsersAndAccessPolicies
            public Set<Group> getGroups(String str) {
                return userGroupHolder.getGroups(str);
            }
        };
    }
}
