package oracle.kv.impl.api.ops;

import java.util.List;
import oracle.kv.UnauthorizedException;
import oracle.kv.impl.api.ops.InternalOperation;
import oracle.kv.impl.api.ops.InternalOperationHandler;
import oracle.kv.impl.api.ops.SingleKeyOperation;
import oracle.kv.impl.api.table.TableImpl;
import oracle.kv.impl.security.AccessCheckUtils;
import oracle.kv.impl.security.ExecutionContext;
import oracle.kv.impl.security.KVStorePrivilege;
import oracle.kv.impl.security.SystemPrivilege;
import oracle.kv.impl.security.TablePrivilege;
import oracle.kv.table.Table;

/* loaded from: input_file:oracle/kv/impl/api/ops/SingleKeyOperationHandler.class */
abstract class SingleKeyOperationHandler<T extends SingleKeyOperation> extends InternalOperationHandler<T> implements InternalOperationHandler.PrivilegedTableAccessor {
    /* JADX INFO: Access modifiers changed from: package-private */
    public SingleKeyOperationHandler(OperationHandler operationHandler, InternalOperation.OpCode opCode, Class<T> cls) {
        super(operationHandler, opCode, cls);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.kv.impl.api.ops.InternalOperationHandler
    public List<? extends KVStorePrivilege> getRequiredPrivileges(T t) {
        switch (InternalOperationHandler.Keyspace.identifyKeyspace(t.getKeyBytes())) {
            case PRIVATE:
                return SystemPrivilege.internalPrivList;
            case SCHEMA:
                return schemaAccessPrivileges();
            case GENERAL:
                return SystemPrivilege.usrviewPrivList;
            default:
                throw new AssertionError();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void verifyDataAccess(T t) throws UnauthorizedException {
        TableImpl tableImpl = null;
        long tableId = t.getTableId();
        if (tableId != 0) {
            tableImpl = getAndCheckTable(tableId);
        }
        ExecutionContext current = ExecutionContext.getCurrent();
        if (current == null || !InternalOperationHandler.Keyspace.isGeneralAccess(t.getKeyBytes())) {
            return;
        }
        if (current.hasAllPrivileges(generalAccessPrivileges())) {
            if (tableId == 0) {
                tableImpl = findTableByKeyBytes(t.getKeyBytes());
            }
            if (tableImpl != null) {
                verifySystemTableAccess(tableImpl);
                return;
            }
            return;
        }
        if (tableId == 0) {
            tableImpl = findTableByKeyBytes(t.getKeyBytes());
        } else if (tableImpl != null) {
            verifyTargetTable(t, tableImpl);
        }
        if (tableImpl == null) {
            throw new UnauthorizedException("Insufficient access rights granted");
        }
        if (AccessCheckUtils.currentUserOwnsResource(tableImpl)) {
            return;
        }
        if (!current.hasAllPrivileges(tableAccessPrivileges(tableImpl.getId()))) {
            throw new UnauthorizedException("Insufficient access rights granted on table, id: " + tableImpl.getId());
        }
        Table parent = tableImpl.getParent();
        while (true) {
            TableImpl tableImpl2 = (TableImpl) parent;
            if (tableImpl2 == null) {
                verifySystemTableAccess(tableImpl);
                return;
            }
            long id = tableImpl2.getId();
            if (!current.hasPrivilege(new TablePrivilege.ReadTable(id)) && !current.hasAllPrivileges(tableAccessPrivileges(id))) {
                throw new UnauthorizedException("Insufficient access rights on parent table, id: " + id);
            }
            parent = tableImpl2.getParent();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reserializeResultValue(SingleKeyOperation singleKeyOperation, ResultValueVersion resultValueVersion) {
        if (singleKeyOperation.getTableId() == 0 || resultValueVersion == null) {
            return;
        }
        resultValueVersion.setValueBytes(this.operationHandler.reserializeToOldValue(singleKeyOperation.getTableId(), singleKeyOperation.getKeyBytes(), resultValueVersion.getValueBytes(), singleKeyOperation.getOpSerialVersion()));
    }

    private void verifyTargetTable(T t, TableImpl tableImpl) {
        TableImpl findTableByKeyBytes = findTableByKeyBytes(t.getKeyBytes());
        if (findTableByKeyBytes == null) {
            throw new UnauthorizedException("Key does not identify a table. Expected to find table id:" + tableImpl.getId() + "(" + tableImpl.getFullName() + ")");
        }
        if (findTableByKeyBytes.getId() != tableImpl.getId()) {
            throw new UnauthorizedException("Request table id:" + tableImpl.getId() + "differs from table id in key:" + findTableByKeyBytes.getId() + "(" + findTableByKeyBytes.getFullName() + ")");
        }
    }

    private void verifySystemTableAccess(TableImpl tableImpl) {
        if (tableImpl.isSystemTable() && !allowAccessSystemTables()) {
            throw new UnauthorizedException("Operation is not permitted on system tables");
        }
    }

    abstract List<? extends KVStorePrivilege> schemaAccessPrivileges();

    abstract List<? extends KVStorePrivilege> generalAccessPrivileges();
}
