package org.wso2.carbon.cassandra.server;

import java.util.EnumSet;
import java.util.List;
import org.apache.cassandra.auth.Action;
import org.apache.cassandra.auth.AuthenticatedUser;
import org.apache.cassandra.auth.IAuthority;
import org.apache.cassandra.auth.Permission;
import org.apache.cassandra.config.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/cassandra/server/CarbonCassandraAuthority.class */
public class CarbonCassandraAuthority implements IAuthority {
    private static final Log log = LogFactory.getLog(CarbonCassandraAuthority.class);
    private static final String ACTION_WRITE = "write";
    private static final String ACTION_READ = "read";

    /* renamed from: org.wso2.carbon.cassandra.server.CarbonCassandraAuthority$1, reason: invalid class name */
    /* loaded from: input_file:org/wso2/carbon/cassandra/server/CarbonCassandraAuthority$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$cassandra$auth$Action = new int[Action.values().length];

        static {
            try {
                $SwitchMap$org$apache$cassandra$auth$Action[Action.ADD.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$cassandra$auth$Action[Action.UPDATE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$cassandra$auth$Action[Action.READ.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$cassandra$auth$Action[Action.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$cassandra$auth$Action[Action.ALL.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public EnumSet<Permission> authorize(AuthenticatedUser authenticatedUser, List<Object> list, Action action) {
        if (list.size() < 2 || !"cassandra".equals(list.get(0)) || !"keyspaces".equals(list.get(1))) {
            return Permission.NONE;
        }
        String str = "/cassandra/keyspaces";
        if (list.size() != 2) {
            if (list.size() == 3) {
                str = str + "/" + ((String) list.get(2));
            } else {
                if (list.size() != 4) {
                    log.error("Do not currently descend any lower in the hierarchy than the column family");
                    throw new UnsupportedOperationException("Do not currently descend any lower in the hierarchy than the column family");
                }
                str = str + "/" + ((String) list.get(2)) + "/" + ((String) list.get(3));
            }
        }
        try {
            UserRealm realmForTenant = CassandraServerComponentManager.getInstance().getRealmForTenant(authenticatedUser.domainName);
            UserStoreManager userStoreManager = realmForTenant.getUserStoreManager();
            AuthorizationManager authorizationManager = realmForTenant.getAuthorizationManager();
            String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(authenticatedUser.username);
            switch (AnonymousClass1.$SwitchMap$org$apache$cassandra$auth$Action[action.ordinal()]) {
                case 1:
                    return authorizeForAdd(userStoreManager, authorizationManager, tenantAwareUsername, str);
                case 2:
                    return authorizeForWrite(authorizationManager, tenantAwareUsername, str);
                case 3:
                    return authorizeForRead(authorizationManager, tenantAwareUsername, str);
                case 4:
                    return authorizeForWrite(authorizationManager, tenantAwareUsername, str);
                case 5:
                    return authorizeForWrite(authorizationManager, tenantAwareUsername, str);
                default:
                    log.error("Undefined action for resource" + str);
                    return Permission.NONE;
            }
        } catch (UserStoreException e) {
            log.error("Error during authorizing a user for a resource" + str, e);
            return Permission.NONE;
        }
    }

    private EnumSet<Permission> authorizeForWrite(AuthorizationManager authorizationManager, String str, String str2) {
        try {
            EnumSet<Permission> noneOf = EnumSet.noneOf(Permission.class);
            if (authorizationManager.isUserAuthorized(str, str2, ACTION_WRITE)) {
                noneOf.add(Permission.WRITE);
                return noneOf;
            }
        } catch (UserStoreException e) {
            log.error("Authorization failure for user " + str + " for performing write on resource" + str2);
        }
        return Permission.NONE;
    }

    private EnumSet<Permission> authorizeForRead(AuthorizationManager authorizationManager, String str, String str2) {
        try {
            EnumSet<Permission> noneOf = EnumSet.noneOf(Permission.class);
            if (authorizationManager.isUserAuthorized(str, str2, ACTION_READ)) {
                noneOf.add(Permission.READ);
                return noneOf;
            }
        } catch (UserStoreException e) {
            log.error("Authorization failure for user " + str + " for performing read on resource" + str2);
        }
        return Permission.NONE;
    }

    private EnumSet<Permission> authorizeForAdd(UserStoreManager userStoreManager, AuthorizationManager authorizationManager, String str, String str2) {
        try {
            return (authorizationManager.isUserAuthorized(str, str2, ACTION_READ) && authorizationManager.isUserAuthorized(str, str2, ACTION_WRITE)) ? Permission.ALL : Permission.NONE;
        } catch (UserStoreException e) {
            log.error("Authorization failure for user " + str + " for performing add resource" + str2);
            return Permission.NONE;
        }
    }

    public void validateConfiguration() throws ConfigurationException {
    }
}
