package org.apache.ranger.services.hdfs;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ranger.plugin.client.HadoopException;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.model.validation.RangerServiceDefHelper;
import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.services.hdfs.client.HdfsResourceMgr;

/* loaded from: input_file:org/apache/ranger/services/hdfs/RangerServiceHdfs.class */
public class RangerServiceHdfs extends RangerBaseService {
    private static final Log LOG = LogFactory.getLog(RangerServiceHdfs.class);
    private static final String AUDITTOHDFS_KMS_PATH = "/ranger/audit/kms";
    private static final String AUDITTOHDFS_POLICY_NAME = "kms-audit-path";

    public void init(RangerServiceDef rangerServiceDef, RangerService rangerService) {
        super.init(rangerServiceDef, rangerService);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Map<String, Object> validateConfig() throws Exception {
        Map hashMap = new HashMap();
        String serviceName = getServiceName();
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.validateConfig Service: (" + serviceName + " )");
        }
        if (this.configs != null) {
            try {
                hashMap = HdfsResourceMgr.connectionTest(serviceName, this.configs);
            } catch (HadoopException e) {
                LOG.error("<== RangerServiceHdfs.validateConfig Error: " + e.getMessage(), e);
                throw e;
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.validateConfig Response : (" + hashMap + " )");
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public List<String> lookupResource(ResourceLookupContext resourceLookupContext) throws Exception {
        List arrayList = new ArrayList();
        String serviceName = getServiceName();
        String serviceType = getServiceType();
        Map configs = getConfigs();
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.lookupResource Context: (" + resourceLookupContext + ")");
        }
        if (resourceLookupContext != null) {
            try {
                arrayList = HdfsResourceMgr.getHdfsResources(serviceName, serviceType, configs, resourceLookupContext);
            } catch (Exception e) {
                LOG.error("<==RangerServiceHdfs.lookupResource Error : " + e);
                throw e;
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.lookupResource Response: (" + arrayList + ")");
        }
        return arrayList;
    }

    public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHdfs.getDefaultRangerPolicies() ");
        }
        List<RangerPolicy> defaultRangerPolicies = super.getDefaultRangerPolicies();
        for (RangerPolicy rangerPolicy : defaultRangerPolicies) {
            if (rangerPolicy.getName().contains("all")) {
                RangerPolicy.RangerPolicyResource rangerPolicyResource = (RangerPolicy.RangerPolicyResource) rangerPolicy.getResources().get("path");
                if (rangerPolicyResource != null) {
                    RangerServiceDef.RangerResourceDef rangerResourceDef = null;
                    Iterator it = this.serviceDef.getResources().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        RangerServiceDef.RangerResourceDef rangerResourceDef2 = (RangerServiceDef.RangerResourceDef) it.next();
                        if (rangerResourceDef2.getName().equals("path")) {
                            rangerResourceDef = rangerResourceDef2;
                            break;
                        }
                    }
                    if (rangerResourceDef != null) {
                        String str = (String) rangerResourceDef.getMatcherOptions().get("pathSeparatorChar");
                        if (StringUtils.isBlank(str)) {
                            str = Character.toString('/');
                        }
                        rangerPolicyResource.setValue(str + "*");
                    } else {
                        LOG.warn("No resourceDef found in HDFS service-definition for 'path'");
                    }
                } else {
                    LOG.warn("No 'path' found in default policy");
                }
            }
        }
        try {
            Iterator it2 = new RangerServiceDefHelper(this.serviceDef).getResourceHierarchies(0).iterator();
            while (it2.hasNext()) {
                RangerPolicy policyForKMSAudit = getPolicyForKMSAudit((List) it2.next());
                if (policyForKMSAudit != null) {
                    defaultRangerPolicies.add(policyForKMSAudit);
                }
            }
        } catch (Exception e) {
            LOG.error("Error creating policy for keyadmin for audit to HDFS : " + this.service.getName(), e);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.getDefaultRangerPolicies() : " + defaultRangerPolicies);
        }
        return defaultRangerPolicies;
    }

    private RangerPolicy getPolicyForKMSAudit(List<RangerServiceDef.RangerResourceDef> list) throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHdfs.getPolicyForKMSAudit()");
        }
        RangerPolicy rangerPolicy = new RangerPolicy();
        rangerPolicy.setIsEnabled(true);
        rangerPolicy.setVersion(1L);
        rangerPolicy.setName(AUDITTOHDFS_POLICY_NAME);
        rangerPolicy.setService(this.service.getName());
        rangerPolicy.setDescription("Policy for kms-audit-path");
        rangerPolicy.setIsAuditEnabled(true);
        rangerPolicy.setResources(createKMSAuditResource(list));
        ArrayList arrayList = new ArrayList();
        RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("keyadmin");
        rangerPolicyItem.setUsers(arrayList2);
        rangerPolicyItem.setAccesses(getAllowedAccesses(rangerPolicy.getResources()));
        rangerPolicyItem.setDelegateAdmin(false);
        arrayList.add(rangerPolicyItem);
        rangerPolicy.setPolicyItems(arrayList);
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.getPolicyForKMSAudit()" + rangerPolicy);
        }
        return rangerPolicy;
    }

    private Map<String, RangerPolicy.RangerPolicyResource> createKMSAuditResource(List<RangerServiceDef.RangerResourceDef> list) throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> RangerServiceHdfs.createKMSAuditResource()");
        }
        Map<String, RangerPolicy.RangerPolicyResource> createDefaultPolicyResource = super.createDefaultPolicyResource(list);
        RangerPolicy.RangerPolicyResource rangerPolicyResource = createDefaultPolicyResource.get("path");
        if (rangerPolicyResource != null) {
            rangerPolicyResource.setValue(AUDITTOHDFS_KMS_PATH);
        } else {
            LOG.error("Internal error: Could not find RangerPolicyResource corresponding to path in default policy-resource");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== RangerServiceHdfs.createKMSAuditResource():" + createDefaultPolicyResource);
        }
        return createDefaultPolicyResource;
    }
}
