package oracle.kv.impl.admin.plan;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import oracle.kv.UnauthorizedException;
import oracle.kv.impl.admin.plan.task.NamespacePlanGenerator;
import oracle.kv.impl.admin.plan.task.RemoveNamespace;
import oracle.kv.impl.admin.plan.task.RemoveTablePrivileges;
import oracle.kv.impl.admin.plan.task.RemoveTableV2;
import oracle.kv.impl.admin.plan.task.RemoveUserV2;
import oracle.kv.impl.admin.plan.task.RevokeNamespacePrivileges;
import oracle.kv.impl.api.table.TableImpl;
import oracle.kv.impl.api.table.TableMetadata;
import oracle.kv.impl.fault.ClientAccessException;
import oracle.kv.impl.metadata.Metadata;
import oracle.kv.impl.security.ExecutionContext;
import oracle.kv.impl.security.KVStorePrivilege;
import oracle.kv.impl.security.NamespacePrivilege;
import oracle.kv.impl.security.SystemPrivilege;
import oracle.kv.impl.security.TablePrivilege;

/* loaded from: input_file:oracle/kv/impl/admin/plan/RemoveUserPlanV2.class */
public class RemoveUserPlanV2 extends MultiMetadataPlan {
    private static final long serialVersionUID = 1;

    public RemoveUserPlanV2(String str, Planner planner, String str2, boolean z) {
        super(str, planner);
        List<TableImpl> ownedTables = TablePlanGenerator.getOwnedTables(getTableMetadata(), getSecurityMetadata(), str2);
        if (!ownedTables.isEmpty()) {
            if (!z) {
                RemoveUserPlan.ownsTableWarning(ownedTables);
            }
            ExecutionContext current = ExecutionContext.getCurrent();
            if (!current.hasPrivilege(SystemPrivilege.DROP_ANY_TABLE) || !current.hasPrivilege(SystemPrivilege.DROP_ANY_INDEX)) {
                throw new ClientAccessException(new UnauthorizedException("DROP_ANY_TABLE and DROP_ANY_INDEX privileges are required in order to drop user with cascade."));
            }
        }
        for (TableImpl tableImpl : ownedTables) {
            TablePlanGenerator.addRemoveIndexTasks(this, tableImpl.getInternalNamespace(), tableImpl.getFullName(), planner.getAdmin());
            addTask(RemoveTableV2.newInstance(this, tableImpl.getInternalNamespace(), tableImpl.getFullName(), true, false));
            Iterator<String> it = TablePlanGenerator.getInvolvedRoles(tableImpl.getId(), getSecurityMetadata()).iterator();
            while (it.hasNext()) {
                addTask(new RemoveTablePrivileges(this, it.next(), TablePrivilege.getAllTablePrivileges(tableImpl.getInternalNamespace(), tableImpl.getId(), tableImpl.getFullName())));
            }
        }
        Set<TableMetadata.NamespaceImpl> ownedNamespaces = NamespacePlanGenerator.getOwnedNamespaces(getTableMetadata(), getSecurityMetadata(), str2);
        if (!ownedNamespaces.isEmpty()) {
            if (!z) {
                RemoveUserPlan.ownsNamespaceWarning(ownedNamespaces);
            }
            if (!ExecutionContext.getCurrent().hasPrivilege(SystemPrivilege.DROP_ANY_NAMESPACE)) {
                throw new ClientAccessException(new UnauthorizedException("DROP_ANY_NAMESPACE privilege is required in order to drop user with cascade."));
            }
        }
        for (TableMetadata.NamespaceImpl namespaceImpl : ownedNamespaces) {
            addTask(new RemoveNamespace(this, namespaceImpl.getNamespace(), z));
            Iterator<String> it2 = NamespacePlanGenerator.getInvolvedRoles(namespaceImpl.getNamespace(), getSecurityMetadata()).iterator();
            while (it2.hasNext()) {
                addTask(new RevokeNamespacePrivileges(this, it2.next(), namespaceImpl.getNamespace(), NamespacePrivilege.getAllNamespacePrivileges(namespaceImpl.getNamespace())));
            }
        }
        addTask(RemoveUserV2.newInstance(this, str2));
    }

    @Override // oracle.kv.impl.admin.plan.Plan
    public List<? extends KVStorePrivilege> getRequiredPrivileges() {
        return SystemPrivilege.sysoperPrivList;
    }

    @Override // oracle.kv.impl.admin.plan.MultiMetadataPlan
    protected Set<Metadata.MetadataType> getMetadataTypes() {
        return TABLE_SECURITY_TYPES;
    }
}
