package alluxio.security.authorization;

import alluxio.Constants;
import alluxio.membership.AlluxioEtcdClient;
import alluxio.security.authorization.AclEntry;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
import com.fasterxml.jackson.databind.ser.std.StdSerializer;
import com.google.common.base.Objects;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.annotation.concurrent.NotThreadSafe;

@JsonSerialize(using = AccessControlListSerializer.class)
@JsonDeserialize(using = AccessControlListDeserializer.class)
@NotThreadSafe
/* loaded from: input_file:alluxio/security/authorization/AccessControlList.class */
public class AccessControlList implements Serializable {
    private static final long serialVersionUID = 106023217076996L;
    public static final AccessControlList EMPTY_ACL = new AccessControlList();
    public static final String OWNER_FIELD = "owner";
    public static final String OWNING_GROUP_FIELD = "owningGroup";
    public static final String STRING_ENTRY_FIELD = "stringEntries";
    public static final String OWNING_USER_KEY = "";
    public static final String OWNING_GROUP_KEY = "";
    protected String mOwningUser = "";
    protected String mOwningGroup = "";
    protected short mMode;
    protected ExtendedACLEntries mExtendedEntries;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: alluxio.security.authorization.AccessControlList$1, reason: invalid class name */
    /* loaded from: input_file:alluxio/security/authorization/AccessControlList$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$alluxio$security$authorization$AclEntryType = new int[AclEntryType.values().length];

        static {
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.NAMED_USER.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.NAMED_GROUP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.MASK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.OWNING_USER.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.OWNING_GROUP.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$alluxio$security$authorization$AclEntryType[AclEntryType.OTHER.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    /* loaded from: input_file:alluxio/security/authorization/AccessControlList$AccessControlListDeserializer.class */
    public static class AccessControlListDeserializer extends StdDeserializer<AccessControlList> {
        private static final long serialVersionUID = 5524283318028333563L;

        public AccessControlListDeserializer() {
            super(AccessControlList.class);
        }

        /* renamed from: deserialize, reason: merged with bridge method [inline-methods] */
        public AccessControlList m194deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException, JsonProcessingException {
            JsonNode readTree = jsonParser.getCodec().readTree(jsonParser);
            String intern = readTree.get(AccessControlList.OWNER_FIELD).asText().intern();
            String intern2 = readTree.get(AccessControlList.OWNING_GROUP_FIELD).asText().intern();
            ArrayList arrayList = new ArrayList();
            Iterator elements = readTree.get(AccessControlList.STRING_ENTRY_FIELD).elements();
            while (elements.hasNext()) {
                arrayList.add(((JsonNode) elements.next()).asText());
            }
            return AccessControlList.fromStringEntries(intern, intern2, arrayList);
        }
    }

    /* loaded from: input_file:alluxio/security/authorization/AccessControlList$AccessControlListSerializer.class */
    public static class AccessControlListSerializer extends StdSerializer<AccessControlList> {
        private static final long serialVersionUID = -8523910728069876504L;

        public AccessControlListSerializer() {
            super(AccessControlList.class);
        }

        public void serialize(AccessControlList accessControlList, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
            jsonGenerator.writeStartObject();
            jsonGenerator.writeStringField(AccessControlList.OWNER_FIELD, accessControlList.getOwningUser());
            jsonGenerator.writeStringField(AccessControlList.OWNING_GROUP_FIELD, accessControlList.getOwningGroup());
            jsonGenerator.writeObjectField(AccessControlList.STRING_ENTRY_FIELD, accessControlList.toStringEntries());
            jsonGenerator.writeEndObject();
        }
    }

    public AccessControlList() {
        clearEntries();
    }

    public void clearEntries() {
        this.mMode = (short) 0;
        this.mExtendedEntries = null;
    }

    public ExtendedACLEntries getExtendedEntries() {
        return this.mExtendedEntries;
    }

    public String getOwningUser() {
        return this.mOwningUser;
    }

    public String getOwningGroup() {
        return this.mOwningGroup;
    }

    public AclActions getOwningUserActions() {
        return Mode.extractOwnerBits(this.mMode).toAclActions();
    }

    public AclActions getOwningGroupActions() {
        return Mode.extractGroupBits(this.mMode).toAclActions();
    }

    public AclActions getOtherActions() {
        return Mode.extractOtherBits(this.mMode).toAclActions();
    }

    public short getMode() {
        return this.mMode;
    }

    public List<AclEntry> getEntries() {
        ImmutableList.Builder builder = new ImmutableList.Builder();
        builder.add(new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(this.mOwningUser).setActions(getOwningUserActions()).build());
        builder.add(new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(this.mOwningGroup).setActions(getOwningGroupActions()).build());
        builder.add(new AclEntry.Builder().setType(AclEntryType.OTHER).setActions(getOtherActions()).build());
        if (hasExtended()) {
            builder.addAll(this.mExtendedEntries.getEntries());
        }
        return builder.build();
    }

    public boolean hasExtended() {
        return this.mExtendedEntries != null && this.mExtendedEntries.hasExtended();
    }

    public void removeEntry(AclEntry aclEntry) {
        switch (AnonymousClass1.$SwitchMap$alluxio$security$authorization$AclEntryType[aclEntry.getType().ordinal()]) {
            case 1:
            case 2:
            case 3:
                if (this.mExtendedEntries != null) {
                    this.mExtendedEntries.removeEntry(aclEntry);
                    return;
                }
                return;
            case Constants.BYTES_IN_INTEGER /* 4 */:
            case AlluxioEtcdClient.RETRY_TIMES /* 5 */:
            case 6:
                throw new IllegalStateException("Deleting base entry is not allowed. entry: " + aclEntry);
            default:
                throw new IllegalStateException("Unknown ACL entry type: " + aclEntry.getType());
        }
    }

    public void removeExtendedEntries() {
        this.mExtendedEntries = null;
    }

    public void setOwningUser(String str) {
        Preconditions.checkNotNull(str);
        this.mOwningUser = str;
    }

    public void setOwningGroup(String str) {
        Preconditions.checkNotNull(str);
        this.mOwningGroup = str;
    }

    public void setMode(short s) {
        this.mMode = s;
    }

    public void updateMask() {
        if (hasExtended()) {
            this.mExtendedEntries.updateMask(getOwningGroupActions());
        }
    }

    public void setEntry(AclEntry aclEntry) {
        switch (AnonymousClass1.$SwitchMap$alluxio$security$authorization$AclEntryType[aclEntry.getType().ordinal()]) {
            case 1:
            case 2:
            case 3:
                if (this.mExtendedEntries == null) {
                    this.mExtendedEntries = new ExtendedACLEntries();
                }
                this.mExtendedEntries.setEntry(aclEntry);
                return;
            case Constants.BYTES_IN_INTEGER /* 4 */:
                Mode mode = new Mode(this.mMode);
                mode.setOwnerBits(aclEntry.getActions().toModeBits());
                this.mMode = mode.toShort();
                return;
            case AlluxioEtcdClient.RETRY_TIMES /* 5 */:
                Mode mode2 = new Mode(this.mMode);
                mode2.setGroupBits(aclEntry.getActions().toModeBits());
                this.mMode = mode2.toShort();
                return;
            case 6:
                Mode mode3 = new Mode(this.mMode);
                mode3.setOtherBits(aclEntry.getActions().toModeBits());
                this.mMode = mode3.toShort();
                return;
            default:
                throw new IllegalStateException("Unknown ACL entry type: " + aclEntry.getType());
        }
    }

    public boolean checkPermission(String str, List<String> list, AclAction aclAction) {
        return getPermission(str, list).contains(aclAction);
    }

    public AclActions getPermission(String str, List<String> list) {
        AclActions namedUser;
        if (str.equals(this.mOwningUser)) {
            return new AclActions(getOwningUserActions());
        }
        if (hasExtended() && (namedUser = this.mExtendedEntries.getNamedUser(str)) != null) {
            AclActions aclActions = new AclActions(namedUser);
            aclActions.mask(this.mExtendedEntries.mMaskActions);
            return aclActions;
        }
        boolean z = false;
        AclActions aclActions2 = new AclActions();
        if (list.contains(this.mOwningGroup)) {
            z = true;
            aclActions2.merge(getOwningGroupActions());
        }
        if (hasExtended()) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                AclActions namedGroup = this.mExtendedEntries.getNamedGroup(it.next());
                if (namedGroup != null) {
                    z = true;
                    aclActions2.merge(namedGroup);
                }
            }
        }
        if (!z) {
            return getOtherActions();
        }
        if (hasExtended()) {
            aclActions2.mask(this.mExtendedEntries.mMaskActions);
        }
        return aclActions2;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        AccessControlList accessControlList = (AccessControlList) obj;
        return this.mOwningUser.equals(accessControlList.mOwningUser) && this.mOwningGroup.equals(accessControlList.mOwningGroup) && this.mMode == accessControlList.mMode && ((this.mExtendedEntries == null && accessControlList.mExtendedEntries == null) || (this.mExtendedEntries != null && (this.mExtendedEntries.equals(accessControlList.mExtendedEntries) || (!this.mExtendedEntries.hasExtended() && accessControlList.mExtendedEntries == null))) || (accessControlList.mExtendedEntries != null && (accessControlList.mExtendedEntries.equals(this.mExtendedEntries) || (!accessControlList.mExtendedEntries.hasExtended() && this.mExtendedEntries == null))));
    }

    public int hashCode() {
        return Objects.hashCode(new Object[]{this.mOwningUser, this.mOwningGroup, Short.valueOf(this.mMode), this.mExtendedEntries});
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v22, types: [alluxio.security.authorization.AccessControlList] */
    public static AccessControlList fromStringEntries(String str, String str2, List<String> list) {
        DefaultAccessControlList defaultAccessControlList = list.size() > 0 ? AclEntry.fromCliString(list.get(0)).isDefault() ? new DefaultAccessControlList() : new AccessControlList() : new DefaultAccessControlList();
        defaultAccessControlList.setOwningUser(str.intern());
        defaultAccessControlList.setOwningGroup(str2.intern());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            defaultAccessControlList.setEntry(AclEntry.fromCliString(it.next()));
        }
        return defaultAccessControlList;
    }

    public List<String> toStringEntries() {
        ArrayList arrayList = new ArrayList();
        Iterator<AclEntry> it = getEntries().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().toCliString());
        }
        return arrayList;
    }

    public String toString() {
        return String.join(",", toStringEntries());
    }
}
