package org.apache.accumulo.core.client.impl;

import com.google.common.base.Preconditions;
import java.nio.ByteBuffer;
import java.util.Set;
import org.apache.accumulo.core.client.AccumuloException;
import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.client.admin.DelegationTokenConfig;
import org.apache.accumulo.core.client.admin.SecurityOperations;
import org.apache.accumulo.core.client.impl.thrift.ClientService;
import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
import org.apache.accumulo.core.client.impl.thrift.TableOperationExceptionType;
import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
import org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.client.security.tokens.DelegationToken;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.apache.accumulo.core.master.thrift.MasterClientService;
import org.apache.accumulo.core.security.Authorizations;
import org.apache.accumulo.core.security.NamespacePermission;
import org.apache.accumulo.core.security.SystemPermission;
import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.core.security.thrift.TDelegationToken;
import org.apache.accumulo.core.security.thrift.TDelegationTokenConfig;
import org.apache.accumulo.core.trace.Tracer;
import org.apache.accumulo.core.util.ByteBufferUtil;

/* loaded from: input_file:org/apache/accumulo/core/client/impl/SecurityOperationsImpl.class */
public class SecurityOperationsImpl implements SecurityOperations {
    private final ClientContext context;

    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable, org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException] */
    /* JADX WARN: Type inference failed for: r8v1, types: [java.lang.Throwable, org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException] */
    private void executeVoid(ClientExec<ClientService.Client> clientExec) throws AccumuloException, AccumuloSecurityException {
        try {
            ServerClient.executeRawVoid(this.context, clientExec);
        } catch (AccumuloException e) {
            throw e;
        } catch (Exception e2) {
            throw new AccumuloException(e2);
        } catch (ThriftSecurityException e3) {
            throw new AccumuloSecurityException(e3.user, e3.code, (Throwable) e3);
        } catch (ThriftTableOperationException e4) {
            if (e4.getType() == TableOperationExceptionType.NOTFOUND) {
                throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
            }
            if (e4.getType() != TableOperationExceptionType.NAMESPACE_NOTFOUND) {
                throw new AccumuloException((Throwable) e4);
            }
            throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
        }
    }

    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable, org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException] */
    /* JADX WARN: Type inference failed for: r8v1, types: [java.lang.Throwable, org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException] */
    private <T> T execute(ClientExecReturn<T, ClientService.Client> clientExecReturn) throws AccumuloException, AccumuloSecurityException {
        try {
            return (T) ServerClient.executeRaw(this.context, clientExecReturn);
        } catch (AccumuloException e) {
            throw e;
        } catch (Exception e2) {
            throw new AccumuloException(e2);
        } catch (ThriftSecurityException e3) {
            throw new AccumuloSecurityException(e3.user, e3.code, (Throwable) e3);
        } catch (ThriftTableOperationException e4) {
            if (e4.getType() == TableOperationExceptionType.NOTFOUND) {
                throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
            }
            if (e4.getType() == TableOperationExceptionType.NAMESPACE_NOTFOUND) {
                throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
            }
            throw new AccumuloException((Throwable) e4);
        }
    }

    public SecurityOperationsImpl(ClientContext clientContext) {
        Preconditions.checkArgument(clientContext != null, "context is null");
        this.context = clientContext;
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    @Deprecated
    public void createUser(String str, byte[] bArr, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
        createLocalUser(str, new PasswordToken(bArr));
        changeUserAuthorizations(str, authorizations);
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void createLocalUser(final String str, final PasswordToken passwordToken) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        if (null == this.context.getSaslParams()) {
            Preconditions.checkArgument(passwordToken != null, "password is null");
        }
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.1
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                if (null == SecurityOperationsImpl.this.context.getSaslParams()) {
                    client.createLocalUser(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, ByteBuffer.wrap(passwordToken.getPassword()));
                } else {
                    client.createLocalUser(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, ByteBuffer.wrap(new byte[0]));
                }
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    @Deprecated
    public void dropUser(String str) throws AccumuloException, AccumuloSecurityException {
        dropLocalUser(str);
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void dropLocalUser(final String str) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.2
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.dropLocalUser(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str);
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    @Deprecated
    public boolean authenticateUser(String str, byte[] bArr) throws AccumuloException, AccumuloSecurityException {
        return authenticateUser(str, new PasswordToken(bArr));
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public boolean authenticateUser(String str, AuthenticationToken authenticationToken) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(authenticationToken != null, "token is null");
        final Credentials credentials = new Credentials(str, authenticationToken);
        return ((Boolean) execute(new ClientExecReturn<Boolean, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.3
            @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
            public Boolean execute(ClientService.Client client) throws Exception {
                return Boolean.valueOf(client.authenticateUser(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), credentials.toThrift(SecurityOperationsImpl.this.context.getInstance())));
            }
        })).booleanValue();
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    @Deprecated
    public void changeUserPassword(String str, byte[] bArr) throws AccumuloException, AccumuloSecurityException {
        changeLocalUserPassword(str, new PasswordToken(bArr));
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void changeLocalUserPassword(final String str, final PasswordToken passwordToken) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(passwordToken != null, "token is null");
        Credentials credentials = new Credentials(str, passwordToken);
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.4
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.changeLocalUserPassword(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, ByteBuffer.wrap(passwordToken.getPassword()));
            }
        });
        if (this.context.getCredentials().getPrincipal().equals(str)) {
            this.context.setCredentials(credentials);
        }
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void changeUserAuthorizations(final String str, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(authorizations != null, "authorizations is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.5
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.changeAuthorizations(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public Authorizations getUserAuthorizations(final String str) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        return (Authorizations) execute(new ClientExecReturn<Authorizations, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.6
            @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
            public Authorizations execute(ClientService.Client client) throws Exception {
                return new Authorizations(client.getUserAuthorizations(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str));
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public boolean hasSystemPermission(final String str, final SystemPermission systemPermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(systemPermission != null, "perm is null");
        return ((Boolean) execute(new ClientExecReturn<Boolean, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.7
            @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
            public Boolean execute(ClientService.Client client) throws Exception {
                return Boolean.valueOf(client.hasSystemPermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, systemPermission.getId()));
            }
        })).booleanValue();
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public boolean hasTablePermission(final String str, final String str2, final TablePermission tablePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "table is null");
        Preconditions.checkArgument(tablePermission != null, "perm is null");
        try {
            return ((Boolean) execute(new ClientExecReturn<Boolean, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.8
                @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
                public Boolean execute(ClientService.Client client) throws Exception {
                    return Boolean.valueOf(client.hasTablePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, tablePermission.getId()));
                }
            })).booleanValue();
        } catch (AccumuloSecurityException e) {
            if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST) {
                throw new AccumuloSecurityException((String) null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
            }
            throw e;
        }
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public boolean hasNamespacePermission(final String str, final String str2, final NamespacePermission namespacePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "namespace is null");
        Preconditions.checkArgument(namespacePermission != null, "permission is null");
        return ((Boolean) execute(new ClientExecReturn<Boolean, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.9
            @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
            public Boolean execute(ClientService.Client client) throws Exception {
                return Boolean.valueOf(client.hasNamespacePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, namespacePermission.getId()));
            }
        })).booleanValue();
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void grantSystemPermission(final String str, final SystemPermission systemPermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(systemPermission != null, "permission is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.10
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.grantSystemPermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, systemPermission.getId());
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void grantTablePermission(final String str, final String str2, final TablePermission tablePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "table is null");
        Preconditions.checkArgument(tablePermission != null, "permission is null");
        try {
            executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.11
                @Override // org.apache.accumulo.core.client.impl.ClientExec
                public void execute(ClientService.Client client) throws Exception {
                    client.grantTablePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, tablePermission.getId());
                }
            });
        } catch (AccumuloSecurityException e) {
            if (e.getSecurityErrorCode() != org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST) {
                throw e;
            }
            throw new AccumuloSecurityException((String) null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
        }
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void grantNamespacePermission(final String str, final String str2, final NamespacePermission namespacePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "namespace is null");
        Preconditions.checkArgument(namespacePermission != null, "permission is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.12
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.grantNamespacePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, namespacePermission.getId());
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void revokeSystemPermission(final String str, final SystemPermission systemPermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(systemPermission != null, "permission is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.13
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.revokeSystemPermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, systemPermission.getId());
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void revokeTablePermission(final String str, final String str2, final TablePermission tablePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "table is null");
        Preconditions.checkArgument(tablePermission != null, "permission is null");
        try {
            executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.14
                @Override // org.apache.accumulo.core.client.impl.ClientExec
                public void execute(ClientService.Client client) throws Exception {
                    client.revokeTablePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, tablePermission.getId());
                }
            });
        } catch (AccumuloSecurityException e) {
            if (e.getSecurityErrorCode() != org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST) {
                throw e;
            }
            throw new AccumuloSecurityException((String) null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
        }
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public void revokeNamespacePermission(final String str, final String str2, final NamespacePermission namespacePermission) throws AccumuloException, AccumuloSecurityException {
        Preconditions.checkArgument(str != null, "principal is null");
        Preconditions.checkArgument(str2 != null, "namespace is null");
        Preconditions.checkArgument(namespacePermission != null, "permission is null");
        executeVoid(new ClientExec<ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.15
            @Override // org.apache.accumulo.core.client.impl.ClientExec
            public void execute(ClientService.Client client) throws Exception {
                client.revokeNamespacePermission(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), str, str2, namespacePermission.getId());
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    @Deprecated
    public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException {
        return listLocalUsers();
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public Set<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException {
        return (Set) execute(new ClientExecReturn<Set<String>, ClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.16
            @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
            public Set<String> execute(ClientService.Client client) throws Exception {
                return client.listLocalUsers(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds());
            }
        });
    }

    @Override // org.apache.accumulo.core.client.admin.SecurityOperations
    public DelegationToken getDelegationToken(DelegationTokenConfig delegationTokenConfig) throws AccumuloException, AccumuloSecurityException {
        try {
            final TDelegationTokenConfig serialize = null != delegationTokenConfig ? DelegationTokenConfigSerializer.serialize(delegationTokenConfig) : new TDelegationTokenConfig();
            TDelegationToken tDelegationToken = (TDelegationToken) MasterClient.execute(this.context, new ClientExecReturn<TDelegationToken, MasterClientService.Client>() { // from class: org.apache.accumulo.core.client.impl.SecurityOperationsImpl.17
                @Override // org.apache.accumulo.core.client.impl.ClientExecReturn
                public TDelegationToken execute(MasterClientService.Client client) throws Exception {
                    return client.getDelegationToken(Tracer.traceInfo(), SecurityOperationsImpl.this.context.rpcCreds(), serialize);
                }
            });
            return new DelegationTokenImpl(tDelegationToken.getPassword(), new AuthenticationTokenIdentifier(tDelegationToken.getIdentifier()));
        } catch (TableNotFoundException e) {
            throw new AssertionError("Received TableNotFoundException on method which should not throw that exception", e);
        }
    }
}
