package com.aliyun.odps.security;

import com.aliyun.odps.OdpsException;
import com.aliyun.odps.commons.transport.Headers;
import com.aliyun.odps.rest.JAXBUtils;
import com.aliyun.odps.rest.RestClient;
import com.aliyun.odps.security.CheckPermissionConstants;
import com.aliyun.odps.security.Role;
import com.aliyun.odps.security.User;
import com.aliyun.odps.tunnel.TunnelConstants;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.bind.JAXBException;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;

/* loaded from: input_file:com/aliyun/odps/security/SecurityManager.class */
public class SecurityManager {
    private String project;
    private RestClient client;
    private SecurityConfiguration securityConfigration = null;

    /* JADX INFO: Access modifiers changed from: private */
    @XmlRootElement(name = Headers.AUTHORIZATION)
    /* loaded from: input_file:com/aliyun/odps/security/SecurityManager$AuthorizationQueryRequest.class */
    public static class AuthorizationQueryRequest {

        @XmlElement(name = "Query")
        private String query;

        @XmlElement(name = "ResponseInJsonFormat")
        private boolean responseInJsonFormat;

        public AuthorizationQueryRequest() {
            this.query = "";
            this.responseInJsonFormat = true;
        }

        public AuthorizationQueryRequest(String str, boolean z) {
            this.query = str;
            this.responseInJsonFormat = z;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @XmlRootElement(name = Headers.AUTHORIZATION)
    /* loaded from: input_file:com/aliyun/odps/security/SecurityManager$AuthorizationQueryResponse.class */
    public static class AuthorizationQueryResponse {

        @XmlElement(name = "Result")
        private String result;

        private AuthorizationQueryResponse() {
        }

        public String getResult() {
            return this.result;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @XmlRootElement(name = "Auth")
    /* loaded from: input_file:com/aliyun/odps/security/SecurityManager$CheckPermissionResponse.class */
    public static class CheckPermissionResponse {

        @XmlElement(name = "Result")
        private String result;

        private CheckPermissionResponse() {
        }

        public String getResult() {
            return this.result;
        }
    }

    @XmlRootElement(name = "Roles")
    /* loaded from: input_file:com/aliyun/odps/security/SecurityManager$ListRolesResponse.class */
    private static class ListRolesResponse {

        @XmlElement(name = "Role")
        private List<Role.RoleModel> roles = new ArrayList();

        private ListRolesResponse() {
        }
    }

    @XmlRootElement(name = "Users")
    /* loaded from: input_file:com/aliyun/odps/security/SecurityManager$ListUsersResponse.class */
    private static class ListUsersResponse {

        @XmlElement(name = "User")
        private List<User.UserModel> users = new ArrayList();

        private ListUsersResponse() {
        }
    }

    public SecurityManager(String str, RestClient restClient) {
        this.project = str;
        this.client = restClient;
    }

    public SecurityConfiguration getSecurityConfiguration() {
        if (this.securityConfigration == null) {
            this.securityConfigration = new SecurityConfiguration(this.project, this.client);
        }
        return this.securityConfigration;
    }

    public void setSecurityConfiguration(SecurityConfiguration securityConfiguration) throws OdpsException {
        securityConfiguration.update(null);
    }

    public void setSecurityConfiguration(SecurityConfiguration securityConfiguration, String str) throws OdpsException {
        securityConfiguration.update(str);
    }

    public String getProjectPolicy() throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project);
        HashMap hashMap = new HashMap();
        hashMap.put("policy", null);
        try {
            return new String(this.client.request(sb.toString(), "GET", hashMap, null, null).getBody(), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new OdpsException("Can't parse response!", e);
        }
    }

    public void putProjectPolicy(String str) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project);
        HashMap hashMap = new HashMap();
        hashMap.put("policy", null);
        this.client.stringRequest(sb.toString(), "PUT", hashMap, null, str);
    }

    public String getRolePolicy(String str) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/roles/").append(str);
        HashMap hashMap = new HashMap();
        hashMap.put("policy", null);
        try {
            return new String(this.client.request(sb.toString(), "GET", hashMap, null, null).getBody(), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new OdpsException("Can't parse response!", e);
        }
    }

    public void putRolePolicy(String str, String str2) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/roles/").append(str);
        HashMap hashMap = new HashMap();
        hashMap.put("policy", null);
        this.client.stringRequest(sb.toString(), "PUT", hashMap, null, str2);
    }

    public List<User> listUsers() throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/users");
        ListUsersResponse listUsersResponse = (ListUsersResponse) this.client.request(ListUsersResponse.class, sb.toString(), "GET");
        ArrayList arrayList = new ArrayList();
        Iterator it = listUsersResponse.users.iterator();
        while (it.hasNext()) {
            arrayList.add(new User((User.UserModel) it.next(), this.project, this.client));
        }
        return arrayList;
    }

    public List<Role> listRoles() throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/roles");
        ListRolesResponse listRolesResponse = (ListRolesResponse) this.client.request(ListRolesResponse.class, sb.toString(), "GET");
        ArrayList arrayList = new ArrayList();
        Iterator it = listRolesResponse.roles.iterator();
        while (it.hasNext()) {
            arrayList.add(new Role((Role.RoleModel) it.next(), this.project, this.client));
        }
        return arrayList;
    }

    public List<Role> listRolesForUser(String str) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/users/").append(str);
        HashMap hashMap = new HashMap();
        hashMap.put("roles", null);
        ListRolesResponse listRolesResponse = (ListRolesResponse) this.client.request(ListRolesResponse.class, sb.toString(), "GET", hashMap, (Map<String, String>) null, (byte[]) null);
        ArrayList arrayList = new ArrayList();
        Iterator it = listRolesResponse.roles.iterator();
        while (it.hasNext()) {
            arrayList.add(new Role((Role.RoleModel) it.next(), this.project, this.client));
        }
        return arrayList;
    }

    public List<User> listUsersForRole(String str) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/roles/").append(str);
        HashMap hashMap = new HashMap();
        hashMap.put("users", null);
        ListUsersResponse listUsersResponse = (ListUsersResponse) this.client.request(ListUsersResponse.class, sb.toString(), "GET", hashMap, (Map<String, String>) null, (byte[]) null);
        ArrayList arrayList = new ArrayList();
        Iterator it = listUsersResponse.users.iterator();
        while (it.hasNext()) {
            arrayList.add(new User((User.UserModel) it.next(), this.project, this.client));
        }
        return arrayList;
    }

    public CheckPermissionConstants.CheckPermissionResult checkPermission(CheckPermissionConstants.ObjectType objectType, String str, CheckPermissionConstants.ActionType actionType) throws OdpsException {
        return checkPermission(objectType, str, actionType, this.project);
    }

    public CheckPermissionConstants.CheckPermissionResult checkPermission(CheckPermissionConstants.ObjectType objectType, String str, CheckPermissionConstants.ActionType actionType, String str2) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(str2).append("/auth/");
        HashMap hashMap = new HashMap();
        hashMap.put(TunnelConstants.TYPE, objectType.toString());
        hashMap.put("name", str);
        hashMap.put("grantee", actionType.toString());
        CheckPermissionResponse checkPermissionResponse = (CheckPermissionResponse) this.client.request(CheckPermissionResponse.class, sb.toString(), "GET", hashMap, (Map<String, String>) null, (byte[]) null);
        System.out.println(checkPermissionResponse.getResult());
        return checkPermissionResponse.getResult().toUpperCase().equals("ALLOW") ? CheckPermissionConstants.CheckPermissionResult.Allow : CheckPermissionConstants.CheckPermissionResult.Deny;
    }

    public String runQuery(String str, Boolean bool) throws OdpsException {
        return runQuery(str, bool, null);
    }

    public String runQuery(String str, Boolean bool, String str2) throws OdpsException {
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/authorization");
        try {
            String marshal = JAXBUtils.marshal(new AuthorizationQueryRequest(str, bool.booleanValue()), AuthorizationQueryRequest.class);
            HashMap hashMap = new HashMap();
            if (str2 != null) {
                hashMap.put("odps-x-supervision-token", str2);
            }
            hashMap.put(Headers.CONTENT_TYPE, "application/xml");
            return ((AuthorizationQueryResponse) this.client.stringRequest(AuthorizationQueryResponse.class, sb.toString(), "POST", null, hashMap, marshal)).getResult();
        } catch (JAXBException e) {
            throw new OdpsException(e.getMessage(), (Throwable) e);
        }
    }

    public String generateAuthorizationToken(String str, String str2) throws OdpsException {
        if (!str2.equalsIgnoreCase("Bearer")) {
            throw new OdpsException("Unsupport token type" + str2);
        }
        StringBuilder sb = new StringBuilder();
        sb.append("/projects/").append(this.project).append("/authorization");
        HashMap hashMap = new HashMap();
        hashMap.put(Headers.CONTENT_TYPE, "application/json");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("sign_bearer_token", null);
        return ((AuthorizationQueryResponse) this.client.stringRequest(AuthorizationQueryResponse.class, sb.toString(), "POST", hashMap2, hashMap, str)).getResult();
    }
}
