package oracle.kv.impl.security.metadata;

import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
import oracle.kv.impl.metadata.Metadata;
import oracle.kv.impl.security.KVStoreUserPrincipal;
import oracle.kv.impl.security.RoleInstance;
import oracle.kv.impl.security.metadata.KVStoreUser;
import oracle.kv.impl.security.metadata.SecurityMDChange;
import oracle.kv.impl.topo.StorageNodeId;
import oracle.kv.impl.util.SerializationUtil;

/* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata.class */
public class SecurityMetadata implements Metadata<SecurityMetadataInfo>, Serializable {
    private static final long serialVersionUID = 1;
    private final String id;
    private final KVStoreUserMap kvstoreUserMap;
    private KVStoreRoleMap kvstoreRoleMap;
    private KerberosInstanceMap krbInstanceMap;
    private final String kvstoreName;
    private final LinkedList<SecurityMDChange> changeList;
    private int sequenceNumber;
    private static final TreeMap<String, RoleInstance.RoleDescription> builtInRoleInfoMap = new TreeMap<>();

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$ElementMap.class */
    public static abstract class ElementMap<T extends SecurityElement> implements Serializable {
        private static final long serialVersionUID = 1;
        private final SecurityMetadata securityMD;
        private final HashMap<String, T> elementMap = new HashMap<>();
        int idSequence;
        static final /* synthetic */ boolean $assertionsDisabled;

        public ElementMap(SecurityMetadata securityMetadata) {
            this.securityMD = securityMetadata;
        }

        T get(String str) {
            return this.elementMap.get(str);
        }

        Collection<T> getAll() {
            return this.elementMap.values();
        }

        T add(T t) {
            return add(nextId(), t);
        }

        T add(String str, T t) {
            t.setElementId(str);
            T put = this.elementMap.put(str, t);
            this.securityMD.logChange(new SecurityMDChange.Add(t));
            if (put != null) {
                throw new IllegalStateException("Element " + put + " was been overwritten by " + t);
            }
            return t;
        }

        T update(String str, T t) {
            if (this.elementMap.get(str) == null) {
                throw new IllegalArgumentException("Element " + str + " absent from security metadata.");
            }
            t.setElementId(str);
            T put = this.elementMap.put(str, t);
            if (!$assertionsDisabled && put == null) {
                throw new AssertionError();
            }
            this.securityMD.logChange(new SecurityMDChange.Update(t));
            return t;
        }

        T remove(String str) {
            T remove = this.elementMap.remove(str);
            if (remove == null) {
                throw new IllegalArgumentException("Element " + str + "was not found.");
            }
            this.securityMD.logChange(new SecurityMDChange.Remove(str, getElementType(), remove));
            return remove;
        }

        /* JADX WARN: Multi-variable type inference failed */
        void apply(SecurityMDChange securityMDChange) {
            SecurityMDChange.SecurityMDChangeType changeType = securityMDChange.getChangeType();
            String elementId = securityMDChange.getElementId();
            switch (changeType) {
                case REMOVE:
                    remove(elementId);
                    break;
                case ADD:
                    String nextId = nextId();
                    if (!nextId.equals(elementId)) {
                        throw new IllegalStateException("Element sequence out of sync; expected: " + nextId + " replayId: " + elementId);
                    }
                    add(nextId, securityMDChange.getElement());
                    break;
                case UPDATE:
                    update(elementId, securityMDChange.getElement());
                    break;
                default:
                    throw new IllegalStateException("Unknown change type: " + changeType);
            }
            if (this.securityMD.getSequenceNumber() != securityMDChange.getSeqNum()) {
                throw new IllegalStateException("Mismatched security metadata change sequence: log# " + securityMDChange.getSeqNum() + ", replay# " + this.securityMD.getSequenceNumber());
            }
        }

        public int hashCode() {
            return ((527 + this.elementMap.hashCode()) * 31) + this.idSequence;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            ElementMap elementMap = (ElementMap) obj;
            return this.idSequence == elementMap.idSequence && this.elementMap.equals(elementMap.elementMap);
        }

        abstract String nextId();

        abstract SecurityElementType getElementType();

        static {
            $assertionsDisabled = !SecurityMetadata.class.desiredAssertionStatus();
        }
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$KVStoreRoleMap.class */
    public static class KVStoreRoleMap extends ElementMap<RoleInstance> {
        private static final long serialVersionUID = 1;
        private int currentId;

        public KVStoreRoleMap(SecurityMetadata securityMetadata) {
            super(securityMetadata);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        String nextId() {
            return "r" + getNextId();
        }

        void setId(int i) {
            this.idSequence = i;
        }

        private int getNextId() {
            if (this.idSequence < Integer.MAX_VALUE) {
                int i = this.idSequence;
                this.idSequence = i + 1;
                this.currentId = i;
                return this.idSequence;
            }
            this.currentId = 1;
            while (this.currentId < this.idSequence) {
                if (get("r" + this.currentId) == null) {
                    return this.currentId;
                }
                this.currentId++;
            }
            throw new IllegalStateException("Could not add role, the number of roles exceeds the limit");
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        SecurityElementType getElementType() {
            return SecurityElementType.KVSTOREROLE;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ boolean equals(Object obj) {
            return super.equals(obj);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ int hashCode() {
            return super.hashCode();
        }
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$KVStoreUserMap.class */
    public static class KVStoreUserMap extends ElementMap<KVStoreUser> {
        private static final long serialVersionUID = 1;

        public KVStoreUserMap(SecurityMetadata securityMetadata) {
            super(securityMetadata);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        String nextId() {
            StringBuilder append = new StringBuilder().append("u");
            int i = this.idSequence + 1;
            this.idSequence = i;
            return append.append(i).toString();
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        SecurityElementType getElementType() {
            return SecurityElementType.KVSTOREUSER;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ boolean equals(Object obj) {
            return super.equals(obj);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ int hashCode() {
            return super.hashCode();
        }
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$KerberosInstance.class */
    public static class KerberosInstance extends SecurityElement {
        private static final long serialVersionUID = 1;
        private final String instanceName;
        private final StorageNodeId snId;

        public KerberosInstance(String str, StorageNodeId storageNodeId) {
            this.instanceName = str;
            this.snId = storageNodeId;
        }

        protected KerberosInstance(KerberosInstance kerberosInstance) {
            super(kerberosInstance);
            this.snId = kerberosInstance.snId;
            this.instanceName = kerberosInstance.instanceName;
        }

        public StorageNodeId getStorageNodeId() {
            return this.snId;
        }

        public String getInstanceName() {
            return this.instanceName;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.SecurityElement
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj != null && getClass() == obj.getClass() && super.equals(obj)) {
                return this.snId.equals(((KerberosInstance) obj).snId);
            }
            return false;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.SecurityElement
        public int hashCode() {
            return this.snId.hashCode();
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.SecurityElement
        /* renamed from: clone, reason: merged with bridge method [inline-methods] */
        public SecurityElement mo670clone() {
            return new KerberosInstance(this);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.SecurityElement
        public SecurityElementType getElementType() {
            return SecurityElementType.KRBPRINCIPAL;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$KerberosInstanceMap.class */
    public static class KerberosInstanceMap extends ElementMap<KerberosInstance> {
        private static final long serialVersionUID = 1;

        public KerberosInstanceMap(SecurityMetadata securityMetadata) {
            super(securityMetadata);
        }

        public KerberosInstance addInstanceName(String str, StorageNodeId storageNodeId) throws IllegalStateException {
            if (storageNodeId.getStorageNodeId() == 0) {
                return null;
            }
            Iterator<KerberosInstance> it = getAll().iterator();
            while (it.hasNext()) {
                if (it.next().getStorageNodeId().equals(storageNodeId)) {
                    return null;
                }
            }
            return add(new KerberosInstance(str, storageNodeId));
        }

        public KerberosInstance removeInstanceName(StorageNodeId storageNodeId) {
            for (KerberosInstance kerberosInstance : getAll()) {
                if (kerberosInstance.getStorageNodeId().equals(storageNodeId)) {
                    return remove(kerberosInstance.getElementId());
                }
            }
            return null;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        SecurityElementType getElementType() {
            return SecurityElementType.KRBPRINCIPAL;
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        String nextId() {
            StringBuilder append = new StringBuilder().append("k");
            int i = this.idSequence + 1;
            this.idSequence = i;
            return append.append(i).toString();
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ boolean equals(Object obj) {
            return super.equals(obj);
        }

        @Override // oracle.kv.impl.security.metadata.SecurityMetadata.ElementMap
        public /* bridge */ /* synthetic */ int hashCode() {
            return super.hashCode();
        }
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$SecurityElement.class */
    public static abstract class SecurityElement implements Serializable, Cloneable {
        private static final long serialVersionUID = 1;
        private String elementId;

        /* JADX INFO: Access modifiers changed from: protected */
        public SecurityElement() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public SecurityElement(SecurityElement securityElement) {
            this.elementId = securityElement.elementId;
        }

        public void setElementId(String str) {
            this.elementId = str;
        }

        public String getElementId() {
            return this.elementId;
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof SecurityElement)) {
                return false;
            }
            if (this == obj) {
                return true;
            }
            SecurityElement securityElement = (SecurityElement) obj;
            return this.elementId == securityElement.elementId || (this.elementId != null && this.elementId.equals(securityElement.elementId));
        }

        public abstract int hashCode();

        @Override // 
        /* renamed from: clone */
        public abstract SecurityElement mo670clone();

        public abstract SecurityElementType getElementType();
    }

    /* loaded from: input_file:oracle/kv/impl/security/metadata/SecurityMetadata$SecurityElementType.class */
    public enum SecurityElementType {
        KVSTOREUSER,
        KVSTOREROLE,
        KRBPRINCIPAL
    }

    public SecurityMetadata(String str) {
        this(str, "SecurityMD-" + System.currentTimeMillis());
    }

    public SecurityMetadata(String str, String str2) {
        this.kvstoreUserMap = new KVStoreUserMap(this);
        this.kvstoreRoleMap = new KVStoreRoleMap(this);
        this.krbInstanceMap = new KerberosInstanceMap(this);
        this.changeList = new LinkedList<>();
        this.sequenceNumber = 0;
        this.kvstoreName = str;
        this.id = str2;
    }

    public String getKVStoreName() {
        return this.kvstoreName;
    }

    public String getId() {
        return this.id;
    }

    public KVStoreUser getUser(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        for (KVStoreUser kVStoreUser : this.kvstoreUserMap.getAll()) {
            if (str.equals(kVStoreUser.getName())) {
                return kVStoreUser;
            }
        }
        return null;
    }

    public RoleInstance getRole(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        for (RoleInstance roleInstance : this.kvstoreRoleMap.getAll()) {
            if (str.equalsIgnoreCase(roleInstance.name())) {
                return roleInstance;
            }
        }
        return null;
    }

    public KerberosInstance getKrbInstance(StorageNodeId storageNodeId) {
        if (storageNodeId == null || storageNodeId.getStorageNodeId() == 0) {
            return null;
        }
        for (KerberosInstance kerberosInstance : this.krbInstanceMap.getAll()) {
            if (storageNodeId.equals(kerberosInstance.getStorageNodeId())) {
                return kerberosInstance;
            }
        }
        return null;
    }

    public KVStoreUser getUserById(String str) {
        return this.kvstoreUserMap.get(str);
    }

    public RoleInstance getRoleById(String str) {
        return this.kvstoreRoleMap.get(str);
    }

    public KerberosInstance getKrbInstanceById(String str) {
        return this.krbInstanceMap.get(str);
    }

    public Collection<KVStoreUser> getAllUsers() {
        return this.kvstoreUserMap.getAll();
    }

    public Collection<KerberosInstance> getAllKrbInstanceNames() {
        return this.krbInstanceMap.getAll();
    }

    public Collection<RoleInstance> getAllRoles() {
        return this.kvstoreRoleMap.getAll();
    }

    public KVStoreUserMap getKVStoreUserMap() {
        return this.kvstoreUserMap;
    }

    public KVStoreRoleMap getRoleInstanceMap() {
        return this.kvstoreRoleMap;
    }

    public KerberosInstanceMap getKerberosInstanceMap() {
        return this.krbInstanceMap;
    }

    public KVStoreUser addUser(KVStoreUser kVStoreUser) {
        return this.kvstoreUserMap.add(kVStoreUser);
    }

    public RoleInstance addRole(RoleInstance roleInstance) {
        return this.kvstoreRoleMap.add(roleInstance);
    }

    public KerberosInstance addKerberosInstanceName(String str, StorageNodeId storageNodeId) {
        return this.krbInstanceMap.addInstanceName(str, storageNodeId);
    }

    public KVStoreUser removeUser(String str) {
        return this.kvstoreUserMap.remove(str);
    }

    public RoleInstance removeRole(String str) {
        return this.kvstoreRoleMap.remove(str);
    }

    public KerberosInstance removeKrbInstanceName(StorageNodeId storageNodeId) {
        return this.krbInstanceMap.removeInstanceName(storageNodeId);
    }

    public KVStoreUser updateUser(String str, KVStoreUser kVStoreUser) {
        return this.kvstoreUserMap.update(str, kVStoreUser);
    }

    public RoleInstance updateRole(String str, RoleInstance roleInstance) {
        return this.kvstoreRoleMap.update(str, roleInstance);
    }

    public boolean verifyUserPassword(String str, char[] cArr) {
        KVStoreUser user = getUser(str);
        if (user == null) {
            return false;
        }
        return user.verifyPassword(cArr);
    }

    public SortedMap<String, KVStoreUser.UserDescription> getUsersDescription() {
        Collection<KVStoreUser> allUsers = getAllUsers();
        TreeMap treeMap = new TreeMap();
        for (KVStoreUser kVStoreUser : allUsers) {
            treeMap.put(kVStoreUser.getName(), kVStoreUser.getDescription());
        }
        return treeMap;
    }

    public SortedMap<String, RoleInstance.RoleDescription> getRolesDescription() {
        TreeMap treeMap = new TreeMap((SortedMap) builtInRoleInfoMap);
        for (RoleInstance roleInstance : this.kvstoreRoleMap.getAll()) {
            treeMap.put(roleInstance.name(), roleInstance.getDescription());
        }
        return treeMap;
    }

    public Map<String, KVStoreUser.UserDescription> getCurrentUserDescription() {
        KVStoreUser kVStoreUser;
        KVStoreUserPrincipal currentUser = KVStoreUserPrincipal.getCurrentUser();
        if (currentUser == null || (kVStoreUser = this.kvstoreUserMap.get(currentUser.getUserId())) == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        hashMap.put(kVStoreUser.getName(), kVStoreUser.getDescription());
        return hashMap;
    }

    public boolean isLastSysadminUser(String str) {
        KVStoreUser user = getUser(str);
        if (user == null || !user.isAdmin()) {
            return false;
        }
        for (KVStoreUser kVStoreUser : getAllUsers()) {
            if (!kVStoreUser.getName().equals(str) && kVStoreUser.isEnabled() && kVStoreUser.isAdmin()) {
                return false;
            }
        }
        return true;
    }

    public boolean apply(List<SecurityMDChange> list) {
        if (list == null || list.isEmpty()) {
            return false;
        }
        if (list.get(0).getSeqNum() > getSequenceNumber() + 1) {
            throw new IllegalStateException("Unexpected gap in security metadata sequence. Current sequence = " + getSequenceNumber() + ", first change =" + list.get(0).getSeqNum());
        }
        int i = 0;
        for (SecurityMDChange securityMDChange : list) {
            if (securityMDChange.getSeqNum() > getSequenceNumber()) {
                if (securityMDChange.getElementType() == SecurityElementType.KVSTOREUSER) {
                    this.kvstoreUserMap.apply(securityMDChange);
                    i++;
                } else if (securityMDChange.getElementType() == SecurityElementType.KVSTOREROLE) {
                    this.kvstoreRoleMap.apply(securityMDChange);
                    i++;
                } else {
                    if (securityMDChange.getElementType() != SecurityElementType.KRBPRINCIPAL) {
                        throw new IllegalArgumentException("Unknown security element type: " + securityMDChange.getElementType());
                    }
                    this.krbInstanceMap.apply(securityMDChange);
                    i++;
                }
            }
        }
        return i > 0;
    }

    @Override // oracle.kv.impl.metadata.Metadata
    public Metadata.MetadataType getType() {
        return Metadata.MetadataType.SECURITY;
    }

    @Override // oracle.kv.impl.metadata.Metadata
    public int getSequenceNumber() {
        return this.sequenceNumber;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // oracle.kv.impl.metadata.Metadata
    public SecurityMetadataInfo getChangeInfo(int i) {
        return new SecurityMetadataInfo(this, getChanges(i));
    }

    @Override // oracle.kv.impl.metadata.Metadata
    /* renamed from: pruneChanges, reason: merged with bridge method [inline-methods] */
    public Metadata<SecurityMetadataInfo> pruneChanges2(int i, int i2) {
        int min;
        int firstChangeSeqNum = getFirstChangeSeqNum();
        if (firstChangeSeqNum >= 0 && (min = Math.min((getSequenceNumber() - i2) + 1, i)) > firstChangeSeqNum) {
            Iterator<SecurityMDChange> it = this.changeList.iterator();
            while (it.hasNext() && it.next().getSeqNum() < min) {
                it.remove();
            }
            return this;
        }
        return this;
    }

    public int getFirstChangeSeqNum() {
        if (this.changeList.isEmpty()) {
            return -1;
        }
        return this.changeList.getFirst().getSeqNum();
    }

    public List<SecurityMDChange> getChanges(int i) {
        if (this.changeList.isEmpty() || i < getFirstChangeSeqNum() || i > this.changeList.getLast().getSeqNum()) {
            return null;
        }
        LinkedList linkedList = new LinkedList();
        Iterator<SecurityMDChange> it = this.changeList.iterator();
        while (it.hasNext()) {
            SecurityMDChange next = it.next();
            if (next.getSeqNum() >= i) {
                linkedList.add(next.mo692clone());
            }
        }
        return linkedList;
    }

    public List<SecurityMDChange> getChanges() {
        return getChanges(this.changeList.size() == 0 ? 0 : this.changeList.getFirst().seqNum);
    }

    public SecurityMDChange getLatestChange() {
        return this.changeList.getLast();
    }

    public SecurityMetadata getCopy() {
        return (SecurityMetadata) SerializationUtil.getObject(SerializationUtil.getBytes(this), getClass());
    }

    public String toString() {
        return String.format("SecurityMetadata id=%s seq# %d", this.id, Integer.valueOf(this.sequenceNumber));
    }

    public void logChange(SecurityMDChange securityMDChange) {
        this.sequenceNumber++;
        securityMDChange.setSeqNum(this.sequenceNumber);
        this.changeList.add(securityMDChange);
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        if (this.kvstoreRoleMap == null) {
            this.kvstoreRoleMap = new KVStoreRoleMap(this);
        }
        if (this.krbInstanceMap == null) {
            this.krbInstanceMap = new KerberosInstanceMap(this);
        }
    }

    public static Map<String, RoleInstance.RoleDescription> getBuiltInRoleInfo() {
        return Collections.unmodifiableMap(builtInRoleInfoMap);
    }

    public void setRoleMapId(int i) {
        this.kvstoreRoleMap.setId(i);
    }

    static {
        builtInRoleInfoMap.put(RoleInstance.DBADMIN_NAME, RoleInstance.DBADMIN.getDescription());
        builtInRoleInfoMap.put(RoleInstance.READONLY_NAME, RoleInstance.READONLY.getDescription());
        builtInRoleInfoMap.put(RoleInstance.READWRITE_NAME, RoleInstance.READWRITE.getDescription());
        builtInRoleInfoMap.put(RoleInstance.SYSADMIN_NAME, RoleInstance.SYSADMIN.getDescription());
        builtInRoleInfoMap.put(RoleInstance.WRITEONLY_NAME, RoleInstance.WRITEONLY.getDescription());
        builtInRoleInfoMap.put(RoleInstance.PUBLIC_NAME, RoleInstance.PUBLIC.getDescription());
    }
}
