package org.apache.hadoop.ozone.om.request;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import java.io.IOException;
import java.net.InetAddress;
import java.nio.file.InvalidPathException;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.annotation.Nonnull;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.ipc.ProtobufRpcEngine;
import org.apache.hadoop.ozone.OmUtils;
import org.apache.hadoop.ozone.audit.AuditAction;
import org.apache.hadoop.ozone.audit.AuditEventStatus;
import org.apache.hadoop.ozone.audit.AuditLogger;
import org.apache.hadoop.ozone.audit.AuditMessage;
import org.apache.hadoop.ozone.om.IOmMetadataReader;
import org.apache.hadoop.ozone.om.OmMetadataReader;
import org.apache.hadoop.ozone.om.OzoneAclUtils;
import org.apache.hadoop.ozone.om.OzoneManager;
import org.apache.hadoop.ozone.om.OzonePrefixPathImpl;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.om.helpers.BucketLayout;
import org.apache.hadoop.ozone.om.lock.OMLockDetails;
import org.apache.hadoop.ozone.om.protocolPB.grpc.GrpcClientConstants;
import org.apache.hadoop.ozone.om.ratis.utils.OzoneManagerRatisUtils;
import org.apache.hadoop.ozone.om.response.OMClientResponse;
import org.apache.hadoop.ozone.om.snapshot.ReferenceCounted;
import org.apache.hadoop.ozone.om.snapshot.SnapshotCache;
import org.apache.hadoop.ozone.om.upgrade.BelongsToLayoutVersion;
import org.apache.hadoop.ozone.om.upgrade.OMLayoutFeatureAspect;
import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos;
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.security.acl.RequestContext;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/ozone/om/request/OMClientRequest.class */
public abstract class OMClientRequest implements RequestAuditor {
    private static final Logger LOG;
    private OzoneManagerProtocolProtos.OMRequest omRequest;
    private UserGroupInformation userGroupInformation;
    private InetAddress inetAddress;
    private final ThreadLocal<OMLockDetails> omLockDetails = ThreadLocal.withInitial(OMLockDetails::new);
    private static /* synthetic */ JoinPoint.StaticPart ajc$tjp_0;

    /* loaded from: input_file:org/apache/hadoop/ozone/om/request/OMClientRequest$Result.class */
    public enum Result {
        SUCCESS,
        FAILURE;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static Result[] valuesCustom() {
            Result[] valuesCustom = values();
            int length = valuesCustom.length;
            Result[] resultArr = new Result[length];
            System.arraycopy(valuesCustom, 0, resultArr, 0, length);
            return resultArr;
        }
    }

    static {
        ajc$preClinit();
        LOG = LoggerFactory.getLogger(OMClientRequest.class);
    }

    public OMClientRequest(OzoneManagerProtocolProtos.OMRequest oMRequest) {
        Preconditions.checkNotNull(oMRequest);
        this.omRequest = oMRequest;
        this.omLockDetails.get().clear();
    }

    public OzoneManagerProtocolProtos.OMRequest preExecute(OzoneManager ozoneManager) throws IOException {
        if (this != null && getClass().isAnnotationPresent(BelongsToLayoutVersion.class)) {
            OMLayoutFeatureAspect.aspectOf().beforeRequestApplyTxn(Factory.makeJP(ajc$tjp_0, this, this, ozoneManager));
        }
        this.omRequest = getOmRequest().toBuilder().setUserInfo(getUserIfNotExists(ozoneManager)).setLayoutVersion(OzoneManagerProtocolProtos.LayoutVersion.newBuilder().setVersion(ozoneManager.getVersionManager().getMetadataLayoutVersion()).build()).build();
        return this.omRequest;
    }

    public void handleRequestFailure(OzoneManager ozoneManager) {
    }

    public abstract OMClientResponse validateAndUpdateCache(OzoneManager ozoneManager, long j);

    @VisibleForTesting
    public OzoneManagerProtocolProtos.OMRequest getOmRequest() {
        return this.omRequest;
    }

    public OzoneManagerProtocolProtos.UserInfo getUserInfo() throws IOException {
        UserGroupInformation remoteUser = ProtobufRpcEngine.Server.getRemoteUser();
        InetAddress remoteIp = ProtobufRpcEngine.Server.getRemoteIp();
        OzoneManagerProtocolProtos.UserInfo.Builder newBuilder = OzoneManagerProtocolProtos.UserInfo.newBuilder();
        if (this.omRequest.hasS3Authentication()) {
            newBuilder.setUserName(OzoneAclUtils.accessIdToUserPrincipal(this.omRequest.getS3Authentication().getAccessId()));
        } else if (remoteUser != null) {
            newBuilder.setUserName(remoteUser.getUserName());
        }
        if (remoteUser == null && this.omRequest.hasUserInfo()) {
            newBuilder.setUserName(this.omRequest.getUserInfo().getUserName());
        }
        String str = (String) GrpcClientConstants.CLIENT_IP_ADDRESS_CTX_KEY.get();
        String str2 = (String) GrpcClientConstants.CLIENT_HOSTNAME_CTX_KEY.get();
        if (remoteIp != null) {
            newBuilder.setHostName(remoteIp.getHostName());
            newBuilder.setRemoteAddress(remoteIp.getHostAddress()).build();
        } else if (str2 != null && str != null) {
            newBuilder.setHostName(str2);
            newBuilder.setRemoteAddress(str);
        }
        return newBuilder.build();
    }

    public OzoneManagerProtocolProtos.UserInfo getUserIfNotExists(OzoneManager ozoneManager) throws IOException {
        OzoneManagerProtocolProtos.UserInfo userInfo = getUserInfo();
        if (userInfo.hasRemoteAddress() && userInfo.hasUserName()) {
            return getUserInfo();
        }
        OzoneManagerProtocolProtos.UserInfo.Builder newBuilder = OzoneManagerProtocolProtos.UserInfo.newBuilder();
        try {
            UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
            InetAddress address = ozoneManager.getOmRpcServerAddr().getAddress();
            newBuilder.setUserName(currentUser.getUserName());
            newBuilder.setHostName(address.getHostName());
            newBuilder.setRemoteAddress(address.getHostAddress());
            return newBuilder.build();
        } catch (Exception e) {
            LOG.debug("Couldn't get om Rpc server address", e);
            return getUserInfo();
        }
    }

    public void checkAcls(OzoneManager ozoneManager, OzoneObj.ResourceType resourceType, OzoneObj.StoreType storeType, IAccessAuthorizer.ACLType aCLType, String str, String str2, String str3) throws IOException {
        checkAcls(ozoneManager, resourceType, storeType, aCLType, str, str2, str3, ozoneManager.getVolumeOwner(str, aCLType, resourceType), ozoneManager.getBucketOwner(str, str2, aCLType, resourceType));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkACLsWithFSO(OzoneManager ozoneManager, String str, String str2, String str3, IAccessAuthorizer.ACLType aCLType) throws IOException {
        OzonePrefixPathImpl ozonePrefixPathImpl = new OzonePrefixPathImpl(str, str2, str3, ozoneManager.getKeyManager());
        OzoneObj build = OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.KEY).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(str).setBucketName(str2).setKeyName(str3).setOzonePrefixPath(ozonePrefixPathImpl).build();
        RequestContext.Builder recursiveAccessCheck = RequestContext.newBuilder().setAclRights(aCLType).setRecursiveAccessCheck(ozonePrefixPathImpl.isCheckRecursiveAccess());
        if (ozoneManager.getAclsEnabled()) {
            String volumeOwner = ozoneManager.getVolumeOwner(build.getVolumeName(), recursiveAccessCheck.getAclRights(), build.getResourceType());
            String bucketOwner = ozoneManager.getBucketOwner(build.getVolumeName(), build.getBucketName(), recursiveAccessCheck.getAclRights(), build.getResourceType());
            UserGroupInformation createUGIForApi = createUGIForApi();
            recursiveAccessCheck.setClientUgi(createUGIForApi);
            recursiveAccessCheck.setIp(getRemoteAddress());
            recursiveAccessCheck.setHost(getHostName());
            recursiveAccessCheck.setAclType(IAccessAuthorizer.ACLIdentityType.USER);
            if (isOwner(createUGIForApi, volumeOwner)) {
                recursiveAccessCheck.setOwnerName(volumeOwner);
            } else {
                recursiveAccessCheck.setOwnerName(bucketOwner);
            }
            Throwable th = null;
            try {
                ReferenceCounted<IOmMetadataReader, SnapshotCache> omMetadataReader = ozoneManager.getOmMetadataReader();
                try {
                    ((OmMetadataReader) omMetadataReader.get()).checkAcls(build, recursiveAccessCheck.build(), true);
                    if (omMetadataReader != null) {
                        omMetadataReader.close();
                    }
                } catch (Throwable th2) {
                    if (omMetadataReader != null) {
                        omMetadataReader.close();
                    }
                    throw th2;
                }
            } catch (Throwable th3) {
                if (0 == 0) {
                    th = th3;
                } else if (null != th3) {
                    th.addSuppressed(th3);
                }
                throw th;
            }
        }
    }

    private boolean isOwner(UserGroupInformation userGroupInformation, String str) {
        if (str == null) {
            return false;
        }
        return userGroupInformation.getUserName().equals(str) || userGroupInformation.getShortUserName().equals(str);
    }

    public void checkAcls(OzoneManager ozoneManager, OzoneObj.ResourceType resourceType, OzoneObj.StoreType storeType, IAccessAuthorizer.ACLType aCLType, String str, String str2, String str3, String str4) throws IOException {
        ozoneManager.checkAcls(resourceType, storeType, aCLType, str, str2, str3, createUGIForApi(), getRemoteAddress(), getHostName(), true, str4);
    }

    public void checkAcls(OzoneManager ozoneManager, OzoneObj.ResourceType resourceType, OzoneObj.StoreType storeType, IAccessAuthorizer.ACLType aCLType, String str, String str2, String str3, String str4, String str5) throws IOException {
        Throwable th = null;
        try {
            ReferenceCounted<IOmMetadataReader, SnapshotCache> omMetadataReader = ozoneManager.getOmMetadataReader();
            try {
                OzoneAclUtils.checkAllAcls((OmMetadataReader) omMetadataReader.get(), resourceType, storeType, aCLType, str, str2, str3, str4, str5, createUGIForApi(), getRemoteAddress(), getHostName());
                if (omMetadataReader != null) {
                    omMetadataReader.close();
                }
            } catch (Throwable th2) {
                if (omMetadataReader != null) {
                    omMetadataReader.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    @VisibleForTesting
    public UserGroupInformation createUGI() throws AuthenticationException {
        if (this.userGroupInformation != null) {
            return this.userGroupInformation;
        }
        if (!this.omRequest.hasUserInfo() || StringUtils.isBlank(this.omRequest.getUserInfo().getUserName())) {
            throw new AuthenticationException("User info is not set. Please check client auth credentials");
        }
        this.userGroupInformation = UserGroupInformation.createRemoteUser(this.omRequest.getUserInfo().getUserName());
        return this.userGroupInformation;
    }

    public UserGroupInformation createUGIForApi() throws OMException {
        try {
            return createUGI();
        } catch (AuthenticationException e) {
            throw new OMException(e, OMException.ResultCodes.UNAUTHORIZED);
        }
    }

    @VisibleForTesting
    public InetAddress getRemoteAddress() throws IOException {
        if (this.inetAddress != null) {
            return this.inetAddress;
        }
        if (!this.omRequest.hasUserInfo()) {
            return null;
        }
        this.inetAddress = InetAddress.getByName(this.omRequest.getUserInfo().getRemoteAddress());
        return this.inetAddress;
    }

    @VisibleForTesting
    public String getHostName() {
        if (this.omRequest.hasUserInfo()) {
            return this.omRequest.getUserInfo().getHostName();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OzoneManagerProtocolProtos.OMResponse createErrorOMResponse(@Nonnull OzoneManagerProtocolProtos.OMResponse.Builder builder, @Nonnull Exception exc) {
        builder.setSuccess(false);
        String exceptionErrorMessage = exceptionErrorMessage(exc);
        if (exceptionErrorMessage != null) {
            builder.setMessage(exceptionErrorMessage);
        }
        builder.setStatus(OzoneManagerRatisUtils.exceptionToResponseStatus(exc));
        return builder.build();
    }

    private String exceptionErrorMessage(Exception exc) {
        return ((exc instanceof OMException) || (exc instanceof InvalidPathException)) ? exc.getMessage() : org.apache.hadoop.util.StringUtils.stringifyException(exc);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void auditLog(AuditLogger auditLogger, AuditMessage auditMessage) {
        auditLogger.logWrite(auditMessage);
    }

    @Override // org.apache.hadoop.ozone.om.request.RequestAuditor
    public AuditMessage buildAuditMessage(AuditAction auditAction, Map<String, String> map, Throwable th, OzoneManagerProtocolProtos.UserInfo userInfo) {
        return new AuditMessage.Builder().setUser(userInfo != null ? userInfo.getUserName() : null).atIp(userInfo != null ? userInfo.getRemoteAddress() : null).forOperation(auditAction).withParams(map).withResult(th != null ? AuditEventStatus.FAILURE : AuditEventStatus.SUCCESS).withException(th).build();
    }

    @Override // org.apache.hadoop.ozone.om.request.RequestAuditor
    public Map<String, String> buildVolumeAuditMap(String str) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("volume", str);
        return linkedHashMap;
    }

    public static String validateAndNormalizeKey(boolean z, String str) throws OMException {
        return z ? validateAndNormalizeKey(str) : str;
    }

    public static String validateAndNormalizeKey(boolean z, String str, BucketLayout bucketLayout) throws OMException {
        LOG.debug("Bucket Layout: {}", bucketLayout);
        if (bucketLayout.shouldNormalizePaths(z)) {
            str = validateAndNormalizeKey(true, str);
            if (str.endsWith("/")) {
                throw new OMException("Invalid KeyPath, key names with trailing / are not allowed." + str, OMException.ResultCodes.INVALID_KEY_NAME);
            }
        }
        return str;
    }

    public static String validateAndNormalizeKey(String str) throws OMException {
        return isValidKeyPath(OmUtils.normalizeKey(str, false));
    }

    public static String isValidKeyPath(String str) throws OMException {
        boolean z = true;
        if (str.length() == 0) {
            throw new OMException("Invalid KeyPath, empty keyName" + str, OMException.ResultCodes.INVALID_KEY_NAME);
        }
        if (str.startsWith("/")) {
            z = false;
        } else {
            String[] split = StringUtils.split(str, '/');
            for (int i = 0; i < split.length; i++) {
                String str2 = split[i];
                if (str2.equals(".") || str2.contains(":") || str2.contains("/") || str2.equals("..")) {
                    z = false;
                    break;
                }
                if (str2.isEmpty() && i != split.length - 1) {
                    z = false;
                }
            }
        }
        if (z) {
            return str;
        }
        throw new OMException("Invalid KeyPath " + str, OMException.ResultCodes.INVALID_KEY_NAME);
    }

    public OMLockDetails getOmLockDetails() {
        return this.omLockDetails.get();
    }

    public void mergeOmLockDetails(OMLockDetails oMLockDetails) {
        this.omLockDetails.get().merge(oMLockDetails);
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("OMClientRequest.java", OMClientRequest.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "preExecute", "org.apache.hadoop.ozone.om.request.OMClientRequest", "org.apache.hadoop.ozone.om.OzoneManager", "ozoneManager", "java.io.IOException", "org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos$OMRequest"), 109);
    }
}
