package org.apache.zeppelin.notebook;

import com.google.common.collect.Sets;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.apache.zeppelin.cluster.ClusterManagerServer;
import org.apache.zeppelin.cluster.event.ClusterEvent;
import org.apache.zeppelin.cluster.event.ClusterEventListener;
import org.apache.zeppelin.cluster.event.ClusterMessage;
import org.apache.zeppelin.conf.ZeppelinConfiguration;
import org.apache.zeppelin.storage.ConfigStorage;
import org.apache.zeppelin.user.AuthenticationInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/zeppelin/notebook/AuthorizationService.class */
public class AuthorizationService implements ClusterEventListener {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthorizationService.class);
    private static final Set<String> EMPTY_SET = new HashSet();
    private ZeppelinConfiguration conf;
    private ConfigStorage configStorage;
    private Map<String, Set<String>> userRoles = new HashMap();
    private Map<String, NoteAuth> notesAuth = new HashMap();

    /* renamed from: org.apache.zeppelin.notebook.AuthorizationService$3, reason: invalid class name */
    /* loaded from: input_file:org/apache/zeppelin/notebook/AuthorizationService$3.class */
    static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent = new int[ClusterEvent.values().length];

        static {
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.SET_READERS_PERMISSIONS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.SET_WRITERS_PERMISSIONS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.SET_OWNERS_PERMISSIONS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.SET_RUNNERS_PERMISSIONS.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.SET_ROLES.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[ClusterEvent.CLEAR_PERMISSION.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    @Inject
    public AuthorizationService(NoteManager noteManager, ZeppelinConfiguration zeppelinConfiguration) {
        this.conf = zeppelinConfiguration;
        try {
            this.configStorage = ConfigStorage.getInstance(zeppelinConfiguration);
            NotebookAuthorizationInfoSaving loadNotebookAuthorization = this.configStorage.loadNotebookAuthorization();
            if (loadNotebookAuthorization != null) {
                for (Map.Entry<String, Map<String, Set<String>>> entry : loadNotebookAuthorization.authInfo.entrySet()) {
                    String key = entry.getKey();
                    this.notesAuth.put(key, new NoteAuth(key, entry.getValue()));
                }
            }
            for (String str : noteManager.getNotesInfo().keySet()) {
                if (!this.notesAuth.containsKey(str)) {
                    this.notesAuth.put(str, new NoteAuth(str));
                }
            }
        } catch (IOException e) {
            throw new RuntimeException("Fail to create ConfigStorage", e);
        }
    }

    public void createNoteAuth(String str, AuthenticationInfo authenticationInfo) throws IOException {
        this.notesAuth.put(str, new NoteAuth(str, authenticationInfo));
    }

    public void cloneNoteMeta(String str, String str2, AuthenticationInfo authenticationInfo) throws IOException {
        this.notesAuth.put(str, new NoteAuth(str, authenticationInfo));
    }

    public void saveNoteAuth(String str, AuthenticationInfo authenticationInfo) throws IOException {
        this.configStorage.save(new NotebookAuthorizationInfoSaving(this.notesAuth));
    }

    private Set<String> normalizeUsers(Set<String> set) {
        HashSet hashSet = new HashSet();
        for (String str : set) {
            if (!str.trim().isEmpty()) {
                hashSet.add(str.trim());
            }
        }
        return hashSet;
    }

    public void setOwners(String str, Set<String> set) throws IOException {
        setOwners(str, set, true);
    }

    public void setReaders(String str, Set<String> set) throws IOException {
        setReaders(str, set, true);
    }

    public void setWriters(String str, Set<String> set) throws IOException {
        setWriters(str, set, true);
    }

    public void setRunners(String str, Set<String> set) throws IOException {
        setRunners(str, set, true);
    }

    public void setRoles(String str, Set<String> set) {
        setRoles(str, set, true);
    }

    public void clearPermission(String str) throws IOException {
        clearPermission(str, true);
    }

    public void setOwners(String str, Set<String> set, boolean z) throws IOException {
        Set<String> normalizeUsers = normalizeUsers(set);
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth == null) {
            throw new IOException("No noteAuth found for noteId: " + str);
        }
        noteAuth.setOwners(normalizeUsers);
        if (z) {
            broadcastClusterEvent(ClusterEvent.SET_OWNERS_PERMISSIONS, str, null, normalizeUsers);
        }
    }

    public void setReaders(String str, Set<String> set, boolean z) throws IOException {
        Set<String> normalizeUsers = normalizeUsers(set);
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth == null) {
            throw new IOException("No noteAuth found for noteId: " + str);
        }
        noteAuth.setReaders(normalizeUsers);
        if (z) {
            broadcastClusterEvent(ClusterEvent.SET_READERS_PERMISSIONS, str, null, normalizeUsers);
        }
    }

    public void setRunners(String str, Set<String> set, boolean z) throws IOException {
        Set<String> normalizeUsers = normalizeUsers(set);
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth == null) {
            throw new IOException("No noteAuth found for noteId: " + str);
        }
        noteAuth.setRunners(normalizeUsers);
        if (z) {
            broadcastClusterEvent(ClusterEvent.SET_RUNNERS_PERMISSIONS, str, null, normalizeUsers);
        }
    }

    public void setWriters(String str, Set<String> set, boolean z) throws IOException {
        Set<String> normalizeUsers = normalizeUsers(set);
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth == null) {
            throw new IOException("No noteAuth found for noteId: " + str);
        }
        noteAuth.setWriters(normalizeUsers);
        if (z) {
            broadcastClusterEvent(ClusterEvent.SET_WRITERS_PERMISSIONS, str, null, normalizeUsers);
        }
    }

    public void setRoles(String str, Set<String> set, boolean z) {
        if (StringUtils.isBlank(str)) {
            LOGGER.warn("Setting roles for empty user");
            return;
        }
        Set<String> normalizeUsers = normalizeUsers(set);
        this.userRoles.put(str, normalizeUsers);
        if (z) {
            broadcastClusterEvent(ClusterEvent.SET_ROLES, null, str, normalizeUsers);
        }
    }

    public void clearPermission(String str, boolean z) throws IOException {
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth == null) {
            throw new IOException("No noteAuth found for noteId: " + str);
        }
        noteAuth.setReaders(Sets.newHashSet());
        noteAuth.setRunners(Sets.newHashSet());
        noteAuth.setWriters(Sets.newHashSet());
        noteAuth.setOwners(Sets.newHashSet());
        if (z) {
            broadcastClusterEvent(ClusterEvent.CLEAR_PERMISSION, str, null, null);
        }
    }

    public Set<String> getOwners(String str) {
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth != null) {
            return noteAuth.getOwners();
        }
        LOGGER.warn("No noteAuth found for noteId: {}", str);
        return EMPTY_SET;
    }

    public Set<String> getReaders(String str) {
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth != null) {
            return noteAuth.getReaders();
        }
        LOGGER.warn("No noteAuth found for noteId: {}", str);
        return EMPTY_SET;
    }

    public Set<String> getRunners(String str) {
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth != null) {
            return noteAuth.getRunners();
        }
        LOGGER.warn("No noteAuth found for noteId: {}", str);
        return EMPTY_SET;
    }

    public Set<String> getWriters(String str) {
        NoteAuth noteAuth = this.notesAuth.get(str);
        if (noteAuth != null) {
            return noteAuth.getWriters();
        }
        LOGGER.warn("No noteAuth found for noteId: {}", str);
        return EMPTY_SET;
    }

    public Set<String> getRoles(String str) {
        return this.userRoles.getOrDefault(str, Sets.newHashSet());
    }

    public boolean isOwner(String str, Set<String> set) {
        return isMember(set, getOwners(str)) || isAdmin(set);
    }

    public boolean isWriter(String str, Set<String> set) {
        return isMember(set, getWriters(str)) || isMember(set, getOwners(str)) || isAdmin(set);
    }

    public boolean isReader(String str, Set<String> set) {
        return isMember(set, getReaders(str)) || isMember(set, getOwners(str)) || isMember(set, getWriters(str)) || isMember(set, getRunners(str)) || isAdmin(set);
    }

    public boolean isRunner(String str, Set<String> set) {
        return isMember(set, getRunners(str)) || isMember(set, getWriters(str)) || isMember(set, getOwners(str)) || isAdmin(set);
    }

    private boolean isAdmin(Set<String> set) {
        String string = this.conf.getString(ZeppelinConfiguration.ConfVars.ZEPPELIN_OWNER_ROLE);
        if (StringUtils.isBlank(string)) {
            return false;
        }
        return set.contains(string);
    }

    private boolean isMember(Set<String> set, Set<String> set2) {
        HashSet hashSet = new HashSet(set2);
        hashSet.retainAll(set);
        return set2.isEmpty() || hashSet.size() > 0;
    }

    public boolean isOwner(Set<String> set, String str) {
        if (this.conf.isAnonymousAllowed()) {
            LOGGER.debug("Zeppelin runs in anonymous mode, everybody is owner");
            return true;
        }
        if (set == null) {
            return false;
        }
        return isOwner(str, set);
    }

    public boolean hasWritePermission(Set<String> set, String str) {
        if (this.conf.isAnonymousAllowed()) {
            LOGGER.debug("Zeppelin runs in anonymous mode, everybody is writer");
            return true;
        }
        if (set == null) {
            return false;
        }
        return isWriter(str, set);
    }

    public boolean hasReadPermission(Set<String> set, String str) {
        if (this.conf.isAnonymousAllowed()) {
            LOGGER.debug("Zeppelin runs in anonymous mode, everybody is reader");
            return true;
        }
        if (set == null) {
            return false;
        }
        return isReader(str, set);
    }

    public boolean hasRunPermission(Set<String> set, String str) {
        if (this.conf.isAnonymousAllowed()) {
            LOGGER.debug("Zeppelin runs in anonymous mode, everybody is reader");
            return true;
        }
        if (set == null) {
            return false;
        }
        return isRunner(str, set);
    }

    public boolean isPublic() {
        return this.conf.isNotebookPublic();
    }

    /* JADX WARN: Type inference failed for: r2v0, types: [org.apache.zeppelin.notebook.AuthorizationService$1] */
    public void onClusterEvent(String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("onClusterEvent : {}", str);
        }
        ClusterMessage deserializeMessage = ClusterMessage.deserializeMessage(str);
        String str2 = deserializeMessage.get("noteId");
        String str3 = deserializeMessage.get("user");
        Set<String> set = (Set) new Gson().fromJson(deserializeMessage.get("set"), new TypeToken<Set<String>>() { // from class: org.apache.zeppelin.notebook.AuthorizationService.1
        }.getType());
        try {
            switch (AnonymousClass3.$SwitchMap$org$apache$zeppelin$cluster$event$ClusterEvent[deserializeMessage.clusterEvent.ordinal()]) {
                case 1:
                    setReaders(str2, set, false);
                    break;
                case 2:
                    setWriters(str2, set, false);
                    break;
                case 3:
                    setOwners(str2, set, false);
                    break;
                case 4:
                    setRunners(str2, set, false);
                    break;
                case 5:
                    setRoles(str3, set, false);
                    break;
                case 6:
                    clearPermission(str2, false);
                    break;
                default:
                    LOGGER.error("Unknown clusterEvent:{}, msg:{} ", deserializeMessage.clusterEvent, str);
                    break;
            }
        } catch (IOException e) {
            LOGGER.warn("Fail to broadcast msg", e);
        }
    }

    /* JADX WARN: Type inference failed for: r2v3, types: [org.apache.zeppelin.notebook.AuthorizationService$2] */
    private void broadcastClusterEvent(ClusterEvent clusterEvent, String str, String str2, Set<String> set) {
        if (this.conf.isClusterMode()) {
            ClusterMessage clusterMessage = new ClusterMessage(clusterEvent);
            clusterMessage.put("noteId", str);
            clusterMessage.put("user", str2);
            clusterMessage.put("set", new Gson().toJson(set, new TypeToken<Set<String>>() { // from class: org.apache.zeppelin.notebook.AuthorizationService.2
            }.getType()));
            ClusterManagerServer.getInstance(this.conf).broadcastClusterEvent(ClusterManagerServer.CLUSTER_AUTH_EVENT_TOPIC, ClusterMessage.serializeMessage(clusterMessage));
        }
    }
}
