package org.apache.hadoop.ozone.security.acl;

import org.apache.hadoop.hdds.conf.ConfigurationSource;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.ozone.om.KeyManager;
import org.apache.hadoop.ozone.om.OzoneManager;
import org.apache.hadoop.ozone.om.PrefixManager;
import org.apache.hadoop.util.ReflectionUtils;

/* loaded from: input_file:org/apache/hadoop/ozone/security/acl/OzoneAuthorizerFactory.class */
public final class OzoneAuthorizerFactory {
    private OzoneAuthorizerFactory() {
    }

    public static IAccessAuthorizer forOM(OzoneManager ozoneManager) {
        return create(ozoneManager, ozoneManager.getKeyManager(), ozoneManager.getPrefixManager());
    }

    public static IAccessAuthorizer forSnapshot(OzoneManager ozoneManager, KeyManager keyManager, PrefixManager prefixManager) {
        return ozoneManager.getAccessAuthorizer().isNative() ? create(ozoneManager, keyManager, prefixManager) : ozoneManager.getAccessAuthorizer();
    }

    private static IAccessAuthorizer create(OzoneManager ozoneManager, KeyManager keyManager, PrefixManager prefixManager) {
        OzoneConfiguration configuration;
        Class<? extends IAccessAuthorizer> authorizerClass;
        if (ozoneManager.getAclsEnabled() && OzoneAccessAuthorizer.class != (authorizerClass = authorizerClass((configuration = ozoneManager.getConfiguration())))) {
            if (OzoneNativeAuthorizer.class == authorizerClass) {
                return configure(new OzoneNativeAuthorizer(), ozoneManager, keyManager, prefixManager);
            }
            IAccessAuthorizer iAccessAuthorizer = (IAccessAuthorizer) ReflectionUtils.newInstance(authorizerClass, configuration);
            return iAccessAuthorizer instanceof OzoneNativeAuthorizer ? configure((OzoneNativeAuthorizer) iAccessAuthorizer, ozoneManager, keyManager, prefixManager) : iAccessAuthorizer;
        }
        return OzoneAccessAuthorizer.get();
    }

    private static IAccessAuthorizer configure(OzoneNativeAuthorizer ozoneNativeAuthorizer, OzoneManager ozoneManager, KeyManager keyManager, PrefixManager prefixManager) {
        ozoneNativeAuthorizer.setVolumeManager(ozoneManager.getVolumeManager());
        ozoneNativeAuthorizer.setBucketManager(ozoneManager.getBucketManager());
        ozoneNativeAuthorizer.setKeyManager(keyManager);
        ozoneNativeAuthorizer.setPrefixManager(prefixManager);
        ozoneManager.getClass();
        ozoneNativeAuthorizer.setAdminCheck(ozoneManager::isAdmin);
        ozoneManager.getClass();
        ozoneNativeAuthorizer.setReadOnlyAdminCheck(ozoneManager::isReadOnlyAdmin);
        ozoneNativeAuthorizer.setAllowListAllVolumes(ozoneManager.getAllowListAllVolumes());
        return ozoneNativeAuthorizer;
    }

    private static Class<? extends IAccessAuthorizer> authorizerClass(ConfigurationSource configurationSource) {
        return configurationSource.getClass("ozone.acl.authorizer.class", OzoneAccessAuthorizer.class, IAccessAuthorizer.class);
    }
}
