package org.apache.hadoop.ozone.om;

import java.io.IOException;
import java.net.InetAddress;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.security.UserGroupInformation;

/* loaded from: input_file:org/apache/hadoop/ozone/om/OzoneAclUtils.class */
public final class OzoneAclUtils {
    private static OMMultiTenantManager multiTenantManager;
    private static volatile /* synthetic */ int[] $SWITCH_TABLE$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType;

    /* renamed from: org.apache.hadoop.ozone.om.OzoneAclUtils$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/hadoop/ozone/om/OzoneAclUtils$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType = new int[OzoneObj.ResourceType.values().length];

        static {
            try {
                $SwitchMap$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType[OzoneObj.ResourceType.VOLUME.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType[OzoneObj.ResourceType.BUCKET.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType[OzoneObj.ResourceType.KEY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType[OzoneObj.ResourceType.PREFIX.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    private OzoneAclUtils() {
    }

    public static void setOMMultiTenantManager(OMMultiTenantManager oMMultiTenantManager) {
        multiTenantManager = oMMultiTenantManager;
    }

    public static String accessIdToUserPrincipal(String str) {
        if (multiTenantManager == null) {
            return str;
        }
        String userNameGivenAccessId = multiTenantManager.getUserNameGivenAccessId(str);
        if (userNameGivenAccessId == null) {
            userNameGivenAccessId = str;
        }
        return userNameGivenAccessId;
    }

    public static void checkAllAcls(OmMetadataReader omMetadataReader, OzoneObj.ResourceType resourceType, OzoneObj.StoreType storeType, IAccessAuthorizer.ACLType aCLType, String str, String str2, String str3, String str4, String str5, UserGroupInformation userGroupInformation, InetAddress inetAddress, String str6) throws IOException {
        boolean isOwner = isOwner(userGroupInformation, str4);
        switch ($SWITCH_TABLE$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType()[resourceType.ordinal()]) {
            case 1:
                omMetadataReader.checkAcls(resourceType, storeType, aCLType, str, str2, str3, userGroupInformation, inetAddress, str6, true, str4);
                return;
            case 2:
            case 3:
            case 4:
                if (isOwner) {
                    omMetadataReader.checkAcls(resourceType, storeType, aCLType, str, str2, str3, userGroupInformation, inetAddress, str6, true, str4);
                    return;
                }
                IAccessAuthorizer.ACLType aCLType2 = IAccessAuthorizer.ACLType.READ;
                if (omMetadataReader.isNativeAuthorizerEnabled() && resourceType == OzoneObj.ResourceType.BUCKET) {
                    aCLType2 = getParentNativeAcl(aCLType, resourceType);
                }
                omMetadataReader.checkAcls(OzoneObj.ResourceType.VOLUME, storeType, aCLType2, str, str2, str3, userGroupInformation, inetAddress, str6, true, str4);
                omMetadataReader.checkAcls(resourceType, storeType, aCLType, str, str2, str3, userGroupInformation, inetAddress, str6, true, str5);
                return;
            default:
                throw new OMException("Unexpected object type:" + resourceType, OMException.ResultCodes.INVALID_REQUEST);
        }
    }

    public static IAccessAuthorizer.ACLType getParentNativeAcl(IAccessAuthorizer.ACLType aCLType, OzoneObj.ResourceType resourceType) {
        if (resourceType == OzoneObj.ResourceType.VOLUME) {
            return IAccessAuthorizer.ACLType.NONE;
        }
        if (resourceType == OzoneObj.ResourceType.BUCKET) {
            return aCLType == IAccessAuthorizer.ACLType.CREATE ? IAccessAuthorizer.ACLType.WRITE : IAccessAuthorizer.ACLType.READ;
        }
        IAccessAuthorizer.ACLType aCLType2 = aCLType;
        if (aCLType == IAccessAuthorizer.ACLType.CREATE) {
            aCLType2 = IAccessAuthorizer.ACLType.WRITE;
        } else if (aCLType == IAccessAuthorizer.ACLType.READ_ACL || aCLType == IAccessAuthorizer.ACLType.LIST || aCLType == IAccessAuthorizer.ACLType.WRITE_ACL || aCLType == IAccessAuthorizer.ACLType.DELETE) {
            aCLType2 = IAccessAuthorizer.ACLType.READ;
        }
        return aCLType2;
    }

    private static boolean isOwner(UserGroupInformation userGroupInformation, String str) {
        return str != null && userGroupInformation.getShortUserName().equals(str);
    }

    static /* synthetic */ int[] $SWITCH_TABLE$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType() {
        int[] iArr = $SWITCH_TABLE$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[OzoneObj.ResourceType.values().length];
        try {
            iArr2[OzoneObj.ResourceType.BUCKET.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[OzoneObj.ResourceType.KEY.ordinal()] = 3;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[OzoneObj.ResourceType.PREFIX.ordinal()] = 4;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[OzoneObj.ResourceType.VOLUME.ordinal()] = 1;
        } catch (NoSuchFieldError unused4) {
        }
        $SWITCH_TABLE$org$apache$hadoop$ozone$security$acl$OzoneObj$ResourceType = iArr2;
        return iArr2;
    }
}
