package com.alibaba.druid.wall;

import com.alibaba.druid.sql.dialect.oracle.parser.OracleTokenType;
import com.alibaba.druid.sql.parser.Lexer;
import com.alibaba.druid.sql.parser.NotAllowCommentException;
import com.alibaba.druid.sql.parser.ParserException;
import com.alibaba.druid.sql.parser.SQLStatementParser;
import com.alibaba.druid.sql.parser.Token;
import com.alibaba.druid.sql.visitor.ExportParameterVisitor;
import com.alibaba.druid.util.LRUCache;
import com.alibaba.druid.wall.spi.WallVisitorUtils;
import com.alibaba.druid.wall.violation.ErrorCode;
import com.alibaba.druid.wall.violation.IllegalSQLObjectViolation;
import com.alibaba.druid.wall.violation.SyntaxErrorViolation;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: input_file:com/alibaba/druid/wall/WallProvider.class */
public abstract class WallProvider {
    private LRUCache<String, WallSqlStat> whiteList;
    private int MAX_SQL_LENGTH;
    private int whiteSqlMaxSize;
    private LRUCache<String, WallSqlStat> blackList;
    private int blackSqlMaxSize;
    protected final WallConfig config;
    private final ReentrantReadWriteLock lock;
    private final ConcurrentMap<String, WallFunctionStat> functionStats;
    private final ConcurrentMap<String, WallTableStat> tableStats;
    public final WallDenyStat commentDeniedStat;
    protected String dbType;
    protected final AtomicLong checkCount;
    protected final AtomicLong hardCheckCount;
    protected final AtomicLong whiteListHitCount;
    protected final AtomicLong blackListHitCount;
    protected final AtomicLong syntaxErrrorCount;
    protected final AtomicLong violationCount;
    protected final AtomicLong violationEffectRowCount;
    private static final ThreadLocal<Boolean> privileged = new ThreadLocal<>();
    private static final ThreadLocal<Object> tenantValueLocal = new ThreadLocal<>();

    /* renamed from: com.alibaba.druid.wall.WallProvider$1, reason: invalid class name */
    /* loaded from: input_file:com/alibaba/druid/wall/WallProvider$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alibaba$druid$sql$parser$Token = new int[Token.values().length];

        static {
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.SELECT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.INSERT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.DELETE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.UPDATE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.TRUNCATE.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.SET.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.CREATE.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.ALTER.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.DROP.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.SHOW.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$com$alibaba$druid$sql$parser$Token[Token.REPLACE.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
        }
    }

    /* loaded from: input_file:com/alibaba/druid/wall/WallProvider$WallCommentHandler.class */
    public static class WallCommentHandler implements Lexer.CommentHandler {
        public static final WallCommentHandler instance = new WallCommentHandler();

        @Override // com.alibaba.druid.sql.parser.Lexer.CommentHandler
        public boolean handle(Token token, String str) {
            if (token == null) {
                return false;
            }
            switch (AnonymousClass1.$SwitchMap$com$alibaba$druid$sql$parser$Token[token.ordinal()]) {
                case 1:
                case 2:
                case 3:
                case 4:
                case OracleTokenType.Punctuation /* 5 */:
                case OracleTokenType.Char /* 6 */:
                case OracleTokenType.NChar /* 7 */:
                case 8:
                case OracleTokenType.Float /* 9 */:
                case 10:
                case OracleTokenType.Decimal /* 11 */:
                    return true;
                default:
                    WallContext current = WallContext.current();
                    if (current == null) {
                        return false;
                    }
                    current.incrementCommentCount();
                    return false;
            }
        }
    }

    public WallProvider(WallConfig wallConfig) {
        this.MAX_SQL_LENGTH = 2048;
        this.whiteSqlMaxSize = 500;
        this.blackSqlMaxSize = 100;
        this.lock = new ReentrantReadWriteLock();
        this.functionStats = new ConcurrentHashMap();
        this.tableStats = new ConcurrentHashMap();
        this.commentDeniedStat = new WallDenyStat();
        this.dbType = null;
        this.checkCount = new AtomicLong();
        this.hardCheckCount = new AtomicLong();
        this.whiteListHitCount = new AtomicLong();
        this.blackListHitCount = new AtomicLong();
        this.syntaxErrrorCount = new AtomicLong();
        this.violationCount = new AtomicLong();
        this.violationEffectRowCount = new AtomicLong();
        this.config = wallConfig;
    }

    public WallProvider(WallConfig wallConfig, String str) {
        this.MAX_SQL_LENGTH = 2048;
        this.whiteSqlMaxSize = 500;
        this.blackSqlMaxSize = 100;
        this.lock = new ReentrantReadWriteLock();
        this.functionStats = new ConcurrentHashMap();
        this.tableStats = new ConcurrentHashMap();
        this.commentDeniedStat = new WallDenyStat();
        this.dbType = null;
        this.checkCount = new AtomicLong();
        this.hardCheckCount = new AtomicLong();
        this.whiteListHitCount = new AtomicLong();
        this.blackListHitCount = new AtomicLong();
        this.syntaxErrrorCount = new AtomicLong();
        this.violationCount = new AtomicLong();
        this.violationEffectRowCount = new AtomicLong();
        this.config = wallConfig;
        this.dbType = str;
    }

    public void reset() {
        this.checkCount.set(0L);
        this.hardCheckCount.set(0L);
        this.violationCount.set(0L);
        this.whiteListHitCount.set(0L);
        this.blackListHitCount.set(0L);
        clearWhiteList();
        clearBlackList();
        this.functionStats.clear();
        this.tableStats.clear();
    }

    public ConcurrentMap<String, WallTableStat> getTableStats() {
        return this.tableStats;
    }

    public ConcurrentMap<String, WallFunctionStat> getFunctionStats() {
        return this.functionStats;
    }

    public WallTableStat getTableStat(String str) {
        String lowerCase = str.toLowerCase();
        if (lowerCase.startsWith("`") && lowerCase.endsWith("`")) {
            lowerCase = lowerCase.substring(1, lowerCase.length() - 1);
        }
        return getTableStatWithLowerName(lowerCase);
    }

    public WallTableStat getTableStatWithLowerName(String str) {
        WallTableStat wallTableStat = this.tableStats.get(str);
        if (wallTableStat == null) {
            if (this.tableStats.size() > 10000) {
                return null;
            }
            this.tableStats.putIfAbsent(str, new WallTableStat());
            wallTableStat = this.tableStats.get(str);
        }
        return wallTableStat;
    }

    public WallFunctionStat getFunctionStat(String str) {
        return getFunctionStatWithLowerName(str.toLowerCase());
    }

    public WallFunctionStat getFunctionStatWithLowerName(String str) {
        WallFunctionStat wallFunctionStat = this.functionStats.get(str);
        if (wallFunctionStat == null) {
            if (this.functionStats.size() > 10000) {
                return null;
            }
            this.functionStats.putIfAbsent(str, new WallFunctionStat());
            wallFunctionStat = this.functionStats.get(str);
        }
        return wallFunctionStat;
    }

    public WallConfig getConfig() {
        return this.config;
    }

    public WallSqlStat addWhiteSql(String str, Map<String, WallSqlTableStat> map, Map<String, WallSqlFunctionStat> map2, boolean z) {
        this.lock.writeLock().lock();
        try {
            if (this.whiteList == null) {
                this.whiteList = new LRUCache<>(this.whiteSqlMaxSize);
            }
            WallSqlStat wallSqlStat = this.whiteList.get(str);
            if (wallSqlStat == null) {
                wallSqlStat = new WallSqlStat(map, map2, z);
                wallSqlStat.incrementAndGetExecuteCount();
                this.whiteList.put(str, wallSqlStat);
            }
            return wallSqlStat;
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public WallSqlStat addBlackSql(String str, Map<String, WallSqlTableStat> map, Map<String, WallSqlFunctionStat> map2, List<Violation> list, boolean z) {
        this.lock.writeLock().lock();
        try {
            if (this.blackList == null) {
                this.blackList = new LRUCache<>(this.blackSqlMaxSize);
            }
            WallSqlStat wallSqlStat = this.blackList.get(str);
            if (wallSqlStat == null) {
                wallSqlStat = new WallSqlStat(map, map2, list, z);
                wallSqlStat.incrementAndGetExecuteCount();
                this.blackList.put(str, wallSqlStat);
            }
            return wallSqlStat;
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public Set<String> getWhiteList() {
        HashSet hashSet = new HashSet();
        this.lock.readLock().lock();
        try {
            if (this.whiteList != null) {
                hashSet.addAll(this.whiteList.keySet());
            }
            return Collections.unmodifiableSet(hashSet);
        } finally {
            this.lock.readLock().unlock();
        }
    }

    public Set<String> getBlackList() {
        HashSet hashSet = new HashSet();
        this.lock.readLock().lock();
        try {
            if (this.blackList != null) {
                hashSet.addAll(this.blackList.keySet());
            }
            return Collections.unmodifiableSet(hashSet);
        } finally {
            this.lock.readLock().unlock();
        }
    }

    public List<Map<String, Object>> getBlackListStat() {
        ArrayList arrayList = new ArrayList();
        this.lock.readLock().lock();
        try {
            if (this.blackList != null) {
                for (Map.Entry<String, WallSqlStat> entry : this.blackList.entrySet()) {
                    WallSqlStat value = entry.getValue();
                    LinkedHashMap linkedHashMap = new LinkedHashMap();
                    linkedHashMap.put("sql", entry.getKey());
                    linkedHashMap.put("executeCount", Long.valueOf(value.getExecuteCount()));
                    linkedHashMap.put("effectRowCount", Long.valueOf(value.getEffectRowCount()));
                    List<Violation> violations = value.getViolations();
                    if (violations.size() > 0) {
                        linkedHashMap.put("violationMessage", violations.get(0).getMessage());
                    }
                    arrayList.add(linkedHashMap);
                }
            }
            return arrayList;
        } finally {
            this.lock.readLock().unlock();
        }
    }

    public void clearCache() {
        clearWhiteList();
    }

    public void clearWhiteList() {
        this.lock.writeLock().lock();
        try {
            if (this.whiteList != null) {
                this.whiteList = null;
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public void clearBlackList() {
        this.lock.writeLock().lock();
        try {
            if (this.blackList != null) {
                this.blackList = null;
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public WallSqlStat getWhiteSql(String str) {
        this.lock.readLock().lock();
        try {
            if (this.whiteList == null) {
                return null;
            }
            WallSqlStat wallSqlStat = this.whiteList.get(str);
            this.lock.readLock().unlock();
            return wallSqlStat;
        } finally {
            this.lock.readLock().unlock();
        }
    }

    public WallSqlStat getBlackSql(String str) {
        this.lock.readLock().lock();
        try {
            if (this.blackList == null) {
                return null;
            }
            WallSqlStat wallSqlStat = this.blackList.get(str);
            this.lock.readLock().unlock();
            return wallSqlStat;
        } finally {
            this.lock.readLock().unlock();
        }
    }

    public boolean whiteContains(String str) {
        return getWhiteSql(str) != null;
    }

    public abstract SQLStatementParser createParser(String str);

    public abstract WallVisitor createWallVisitor();

    public abstract ExportParameterVisitor createExportParameterVisitor();

    public boolean checkValid(String str) {
        WallContext current = WallContext.current();
        try {
            WallContext.create(this.dbType);
            boolean isEmpty = checkInternal(str).getViolations().isEmpty();
            if (current == null) {
                WallContext.clearContext();
            }
            return isEmpty;
        } catch (Throwable th) {
            if (current == null) {
                WallContext.clearContext();
            }
            throw th;
        }
    }

    public void incrementCommentDeniedCount() {
        this.commentDeniedStat.incrementAndGetDenyCount();
    }

    public boolean checkDenyFunction(String str) {
        if (str == null) {
            return true;
        }
        return !getConfig().getDenyFunctions().contains(str.toLowerCase());
    }

    public boolean checkDenySchema(String str) {
        if (str != null && this.config.isSchemaCheck()) {
            return !getConfig().getDenySchemas().contains(str.toLowerCase());
        }
        return true;
    }

    public boolean checkDenyTable(String str) {
        if (str == null) {
            return true;
        }
        return !getConfig().getDenyTables().contains(WallVisitorUtils.form(str));
    }

    public boolean checkReadOnlyTable(String str) {
        if (str == null) {
            return true;
        }
        return !getConfig().isReadOnly(WallVisitorUtils.form(str));
    }

    public WallDenyStat getCommentDenyStat() {
        return this.commentDeniedStat;
    }

    public WallCheckResult check(String str) {
        WallContext current = WallContext.current();
        try {
            WallContext.createIfNotExists(this.dbType);
            WallCheckResult checkInternal = checkInternal(str);
            if (current == null) {
                WallContext.clearContext();
            }
            return checkInternal;
        } catch (Throwable th) {
            if (current == null) {
                WallContext.clearContext();
            }
            throw th;
        }
    }

    private WallCheckResult checkInternal(String str) {
        WallCheckResult checkWhiteAndBlackList;
        this.checkCount.incrementAndGet();
        WallContext current = WallContext.current();
        if (this.config.isDoPrivilegedAllow() && ispPivileged()) {
            return new WallCheckResult();
        }
        if (!(this.config.getTenantTablePattern() != null && this.config.getTenantTablePattern().length() > 0) && (checkWhiteAndBlackList = checkWhiteAndBlackList(str)) != null) {
            return checkWhiteAndBlackList;
        }
        this.hardCheckCount.incrementAndGet();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        boolean z = false;
        try {
            SQLStatementParser createParser = createParser(str);
            createParser.getLexer().setCommentHandler(WallCommentHandler.instance);
            if (!this.config.isCommentAllow()) {
                createParser.getLexer().setAllowComment(false);
            }
            createParser.parseStatementList(arrayList2);
            Token token = createParser.getLexer().token();
            if (token != Token.EOF) {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.SYNTAX_ERROR, "not terminal sql, token " + token, str));
            }
        } catch (NotAllowCommentException e) {
            arrayList.add(new SyntaxErrorViolation(e, str));
            incrementCommentDeniedCount();
        } catch (ParserException e2) {
            this.syntaxErrrorCount.incrementAndGet();
            z = true;
            if (this.config.isStrictSyntaxCheck()) {
                arrayList.add(new SyntaxErrorViolation(e2, str));
            }
        } catch (Exception e3) {
            arrayList.add(new SyntaxErrorViolation(e3, str));
        }
        if (arrayList2.size() > 1 && !this.config.isMultiStatementAllow()) {
            arrayList.add(new IllegalSQLObjectViolation(2201, "multi-statement not allow", str));
        }
        WallVisitor createWallVisitor = createWallVisitor();
        if (arrayList2.size() > 0) {
            try {
                arrayList2.get(0).accept(createWallVisitor);
            } catch (ParserException e4) {
                arrayList.add(new SyntaxErrorViolation(e4, str));
            }
        }
        if (createWallVisitor.getViolations().size() > 0) {
            arrayList.addAll(createWallVisitor.getViolations());
        }
        if (createWallVisitor.getViolations().size() == 0 && current != null && current.getWarnnings() >= 2) {
            if (current.getDeleteNoneConditionWarnnings() > 0) {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.NONE_CONDITION, "delete none condition", str));
            } else if (current.getUpdateNoneConditionWarnnings() > 0) {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.NONE_CONDITION, "update none condition", str));
            } else if (current.getCommentCount() > 0) {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.COMMIT_NOT_ALLOW, "comment not allow", str));
            } else if (current.getLikeNumberWarnnings() > 0) {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.COMMIT_NOT_ALLOW, "like number", str));
            } else {
                arrayList.add(new IllegalSQLObjectViolation(ErrorCode.COMPOUND, "multi-warnnings", str));
            }
        }
        WallSqlStat wallSqlStat = null;
        if (arrayList.size() > 0) {
            this.violationCount.incrementAndGet();
            if (str.length() < this.MAX_SQL_LENGTH) {
                wallSqlStat = addBlackSql(str, current.getTableStats(), current.getFunctionStats(), arrayList, z);
            }
        } else if (str.length() < this.MAX_SQL_LENGTH) {
            wallSqlStat = addWhiteSql(str, current.getTableStats(), current.getFunctionStats(), z);
        }
        Map<String, WallSqlTableStat> map = null;
        Map<String, WallSqlFunctionStat> map2 = null;
        if (current != null) {
            map = current.getTableStats();
            map2 = current.getFunctionStats();
            recordStats(map, map2);
        }
        if (wallSqlStat == null) {
            return new WallCheckResult(wallSqlStat, arrayList, map, map2, arrayList2, z);
        }
        current.setSqlStat(wallSqlStat);
        return new WallCheckResult(wallSqlStat, arrayList2);
    }

    private WallCheckResult checkWhiteAndBlackList(String str) {
        WallSqlStat whiteSql = getWhiteSql(str);
        if (whiteSql != null) {
            this.whiteListHitCount.incrementAndGet();
            whiteSql.incrementAndGetExecuteCount();
            if (whiteSql.isSyntaxError()) {
                this.syntaxErrrorCount.incrementAndGet();
            }
            recordStats(whiteSql.getTableStats(), whiteSql.getFunctionStats());
            WallContext current = WallContext.current();
            if (current != null) {
                current.setSqlStat(whiteSql);
            }
            return new WallCheckResult(whiteSql);
        }
        WallSqlStat blackSql = getBlackSql(str);
        if (blackSql == null) {
            return null;
        }
        this.blackListHitCount.incrementAndGet();
        this.violationCount.incrementAndGet();
        if (blackSql.isSyntaxError()) {
            this.syntaxErrrorCount.incrementAndGet();
        }
        blackSql.incrementAndGetExecuteCount();
        recordStats(blackSql.getTableStats(), blackSql.getFunctionStats());
        return new WallCheckResult(blackSql);
    }

    void recordStats(Map<String, WallSqlTableStat> map, Map<String, WallSqlFunctionStat> map2) {
        if (map != null) {
            for (Map.Entry<String, WallSqlTableStat> entry : map.entrySet()) {
                String key = entry.getKey();
                WallSqlTableStat value = entry.getValue();
                WallTableStat tableStat = getTableStat(key);
                if (tableStat != null) {
                    tableStat.addSqlTableStat(value);
                }
            }
        }
        if (map2 != null) {
            for (Map.Entry<String, WallSqlFunctionStat> entry2 : map2.entrySet()) {
                String key2 = entry2.getKey();
                WallSqlFunctionStat value2 = entry2.getValue();
                WallFunctionStat functionStatWithLowerName = getFunctionStatWithLowerName(key2);
                if (functionStatWithLowerName != null) {
                    functionStatWithLowerName.addSqlFunctionStat(value2);
                }
            }
        }
    }

    public static boolean ispPivileged() {
        Boolean bool = privileged.get();
        if (bool == null) {
            return false;
        }
        return bool.booleanValue();
    }

    public static <T> T doPrivileged(PrivilegedAction<T> privilegedAction) {
        privileged.set(Boolean.TRUE);
        try {
            T run = privilegedAction.run();
            privileged.set(null);
            return run;
        } catch (Throwable th) {
            privileged.set(null);
            throw th;
        }
    }

    public static void setTenantValue(Object obj) {
        tenantValueLocal.set(obj);
    }

    public static Object getTenantValue() {
        return tenantValueLocal.get();
    }

    public long getWhiteListHitCount() {
        return this.whiteListHitCount.get();
    }

    public long getBlackListHitCount() {
        return this.blackListHitCount.get();
    }

    public long getSyntaxErrorCount() {
        return this.syntaxErrrorCount.get();
    }

    public long getCheckCount() {
        return this.checkCount.get();
    }

    public long getViolationCount() {
        return this.violationCount.get();
    }

    public long getHardCheckCount() {
        return this.hardCheckCount.get();
    }

    public long getViolationEffectRowCount() {
        return this.violationEffectRowCount.get();
    }

    public void addViolationEffectRowCount(long j) {
        this.violationEffectRowCount.addAndGet(j);
    }

    public Map<String, Object> getStatsMap() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("checkCount", Long.valueOf(getCheckCount()));
        linkedHashMap.put("hardCheckCount", Long.valueOf(getHardCheckCount()));
        linkedHashMap.put("violationCount", Long.valueOf(getViolationCount()));
        linkedHashMap.put("violationEffectRowCount", Long.valueOf(getViolationEffectRowCount()));
        linkedHashMap.put("blackListHitCount", Long.valueOf(getBlackListHitCount()));
        linkedHashMap.put("blackListSize", Integer.valueOf(getBlackList().size()));
        linkedHashMap.put("whiteListHitCount", Long.valueOf(getWhiteListHitCount()));
        linkedHashMap.put("whiteListSize", Integer.valueOf(getWhiteList().size()));
        linkedHashMap.put("syntaxErrrorCount", Long.valueOf(getSyntaxErrorCount()));
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, WallTableStat> entry : this.tableStats.entrySet()) {
            Map<String, Object> map = entry.getValue().toMap();
            map.put("name", entry.getKey());
            arrayList.add(map);
        }
        linkedHashMap.put("tables", arrayList);
        ArrayList arrayList2 = new ArrayList();
        for (Map.Entry<String, WallFunctionStat> entry2 : this.functionStats.entrySet()) {
            Map<String, Object> map2 = entry2.getValue().toMap();
            map2.put("name", entry2.getKey());
            arrayList2.add(map2);
        }
        linkedHashMap.put("functions", arrayList2);
        linkedHashMap.put("blackList", getBlackListStat());
        return linkedHashMap;
    }
}
