package oracle.kv.impl.admin;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import oracle.kv.impl.admin.DdlHandler;
import oracle.kv.impl.metadata.Metadata;
import oracle.kv.impl.param.ParameterUtils;
import oracle.kv.impl.security.ExecutionContext;
import oracle.kv.impl.security.KVStorePrivilege;
import oracle.kv.impl.security.OperationContext;
import oracle.kv.impl.security.RoleInstance;
import oracle.kv.impl.security.SystemPrivilege;
import oracle.kv.impl.security.metadata.KVStoreUser;
import oracle.kv.impl.security.metadata.SecurityMetadata;

/* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation.class */
public abstract class SecurityDdlOperation implements DdlHandler.DdlOperation {
    final String opName;

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$AlterUser.class */
    public static class AlterUser extends SecurityDdlOperation {
        private final String userName;
        private final Boolean isEnabled;
        private final char[] plainPassword;
        private final boolean retainPassword;
        private final boolean clearRetainedPassword;
        private final Long pwdLifetimeInMillis;

        public AlterUser(String str, Boolean bool, char[] cArr, boolean z, boolean z2, Long l) {
            super("AlterUser");
            this.userName = str;
            this.isEnabled = bool;
            this.plainPassword = cArr == null ? null : Arrays.copyOf(cArr, cArr.length);
            this.retainPassword = z;
            this.clearRetainedPassword = z2;
            this.pwdLifetimeInMillis = l;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.usrviewPrivList;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createChangeUserPlan(this.opName, this.userName, this.isEnabled, this.plainPassword, this.retainPassword, this.clearRetainedPassword, this.pwdLifetimeInMillis));
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$CreateExternalUser.class */
    public static class CreateExternalUser extends SecurityDdlOperation {
        private final String userName;
        private final boolean isEnabled;
        private final boolean isAdmin;

        public CreateExternalUser(String str, boolean z, boolean z2) {
            super("CreateExternalUser");
            this.userName = str;
            this.isAdmin = z2;
            this.isEnabled = z;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createCreateExternalUserPlan(this.opName, this.userName, this.isEnabled, this.isAdmin));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$CreateRole.class */
    public static class CreateRole extends SecurityDdlOperation {
        private final String roleName;

        public CreateRole(String str) {
            super("CreateRole");
            this.roleName = str;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createCreateRolePlan(this.opName, this.roleName));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$CreateUser.class */
    public static class CreateUser extends SecurityDdlOperation {
        private final String userName;
        private final boolean isEnabled;
        private final boolean isAdmin;
        private final char[] plainPassword;
        private final Long pwdLifetimeInMillis;

        public CreateUser(String str, boolean z, boolean z2, char[] cArr, Long l) {
            super("CreateUser");
            this.userName = str;
            this.isAdmin = z2;
            this.isEnabled = z;
            this.plainPassword = Arrays.copyOf(cArr, cArr.length);
            this.pwdLifetimeInMillis = l;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createCreateUserPlan(this.opName, this.userName, this.isEnabled, this.isAdmin, this.plainPassword, this.pwdLifetimeInMillis));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$DropRole.class */
    public static class DropRole extends SecurityDdlOperation {
        private final String roleName;

        public DropRole(String str) {
            super("DropRole");
            this.roleName = str;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createDropRolePlan(this.opName, this.roleName));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$DropUser.class */
    public static class DropUser extends SecurityDdlOperation {
        private final String userName;
        private final boolean cascade;

        public DropUser(String str, boolean z) {
            super("DropUser");
            this.userName = str;
            this.cascade = z;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createDropUserPlan(this.opName, this.userName, this.cascade));
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$GrantNamespacePrivilegesDdlOp.class */
    public static class GrantNamespacePrivilegesDdlOp extends SecurityDdlOperation {
        private final String roleName;
        private final String namespace;
        private final Set<String> privs;

        public GrantNamespacePrivilegesDdlOp(String str, String str2, Set<String> set) {
            super("GrantNamespacePrivileges");
            this.roleName = str;
            this.namespace = str2;
            this.privs = set;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createGrantNamespacePrivilegePlan(this.opName, this.roleName, this.namespace, this.privs));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.usrviewPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$GrantPrivileges.class */
    public static class GrantPrivileges extends SecurityDdlOperation {
        private final String roleName;
        private final String tableName;
        private final String namespace;
        private final Set<String> privs;

        public GrantPrivileges(String str, String str2, String str3, Set<String> set) {
            super("GrantPrivileges");
            this.roleName = str;
            this.tableName = str3;
            this.namespace = str2;
            this.privs = set;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createGrantPrivilegePlan(this.opName, this.roleName, this.namespace, this.tableName, this.privs));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return this.tableName == null ? SystemPrivilege.sysoperPrivList : SystemPrivilege.usrviewPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$GrantRoles.class */
    public static class GrantRoles extends SecurityDdlOperation {
        final String grantee;
        final Set<String> roleNames;

        public GrantRoles(String str, String[] strArr) {
            super("GrantRoles");
            this.grantee = str;
            this.roleNames = new HashSet();
            Collections.addAll(this.roleNames, strArr);
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createGrantPlan(this.opName, this.grantee, this.roleNames));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$GrantRolesToRole.class */
    public static class GrantRolesToRole extends GrantRoles {
        public GrantRolesToRole(String str, String[] strArr) {
            super(str, strArr);
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation.GrantRoles, oracle.kv.impl.admin.SecurityDdlOperation
        public void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createGrantRolesToRolePlan(this.opName, this.grantee, this.roleNames));
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$RevokeNamespacePrivilegesDdlOp.class */
    public static class RevokeNamespacePrivilegesDdlOp extends SecurityDdlOperation {
        private final String roleName;
        private final String namespace;
        private final Set<String> privs;

        public RevokeNamespacePrivilegesDdlOp(String str, String str2, Set<String> set) {
            super("RevokeNamespacePrivileges");
            this.roleName = str;
            this.namespace = str2;
            this.privs = set;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createRevokeNamespacePrivilegePlan(this.opName, this.roleName, this.namespace, this.privs));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.usrviewPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$RevokePrivileges.class */
    public static class RevokePrivileges extends SecurityDdlOperation {
        private final String roleName;
        private final String tableName;
        private final String namespace;
        private final Set<String> privs;

        public RevokePrivileges(String str, String str2, String str3, Set<String> set) {
            super("RevokePrivileges");
            this.roleName = str;
            this.tableName = str3;
            this.namespace = str2;
            this.privs = set;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createRevokePrivilegePlan(this.opName, this.roleName, this.namespace, this.tableName, this.privs));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return this.tableName == null ? SystemPrivilege.sysoperPrivList : SystemPrivilege.usrviewPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$RevokeRoles.class */
    public static class RevokeRoles extends SecurityDdlOperation {
        final String revokee;
        final Set<String> roleNames;

        public RevokeRoles(String str, String[] strArr) {
            super("RevokeRoles");
            this.revokee = str;
            this.roleNames = new HashSet();
            Collections.addAll(this.roleNames, strArr);
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createRevokePlan(this.opName, this.revokee, this.roleNames));
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.sysoperPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$RevokeRolesFromRole.class */
    public static class RevokeRolesFromRole extends RevokeRoles {
        public RevokeRolesFromRole(String str, String[] strArr) {
            super(str, strArr);
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation.RevokeRoles, oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            ddlHandler.approveAndExecute(ddlHandler.getAdmin().getPlanner().createRevokeRolesFromRolePlan(this.opName, this.revokee, this.roleNames));
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$ShowRole.class */
    public static class ShowRole extends SecurityDdlOperation {
        private final String roleName;
        private final boolean asJson;

        public ShowRole(String str, boolean z) {
            super("ShowRole");
            this.roleName = str;
            this.asJson = z;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            String str;
            Map<String, RoleInstance.RoleDescription> roleInfo = getRoleInfo(ddlHandler.getAdmin());
            if (roleInfo == null || roleInfo.isEmpty()) {
                str = this.asJson ? "{}" : "";
            } else {
                if (this.roleName != null && roleInfo.get(RoleInstance.getNormalizedName(this.roleName)) == null) {
                    throw new IllegalCommandException("Role with name of " + this.roleName + " not found");
                }
                str = formatRoleInfo(roleInfo);
            }
            ddlHandler.setResultString(str);
            ddlHandler.operationSucceeds();
        }

        private Map<String, RoleInstance.RoleDescription> getRoleInfo(Admin admin) {
            SecurityMetadata securityMetadata = (SecurityMetadata) admin.getMetadata(SecurityMetadata.class, Metadata.MetadataType.SECURITY);
            return securityMetadata == null ? SecurityMetadata.getBuiltInRoleInfo() : securityMetadata.getRolesDescription();
        }

        private String formatRoleInfo(Map<String, RoleInstance.RoleDescription> map) {
            StringBuilder sb = new StringBuilder();
            if (this.asJson) {
                if (this.roleName != null) {
                    sb.append(map.get(RoleInstance.getNormalizedName(this.roleName)).detailsAsJSON());
                } else {
                    boolean z = true;
                    sb.append("{\"roles\":[");
                    for (RoleInstance.RoleDescription roleDescription : map.values()) {
                        if (!z) {
                            sb.append(ParameterUtils.HELPER_HOST_SEPARATOR);
                        }
                        z = false;
                        sb.append(roleDescription.briefAsJSON());
                    }
                    sb.append("]}");
                }
            } else if (this.roleName != null) {
                sb.append(map.get(RoleInstance.getNormalizedName(this.roleName)).details());
            } else {
                for (RoleInstance.RoleDescription roleDescription2 : map.values()) {
                    sb.append("role:");
                    sb.append(roleDescription2.brief());
                    sb.append("\n");
                }
            }
            return sb.toString();
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.usrviewPrivList;
        }
    }

    /* loaded from: input_file:oracle/kv/impl/admin/SecurityDdlOperation$ShowUser.class */
    public static class ShowUser extends SecurityDdlOperation {
        private final String userName;
        private final boolean asJson;

        public ShowUser(String str, boolean z) {
            super("ShowUser");
            this.userName = str;
            this.asJson = z;
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        void execute(DdlHandler ddlHandler) {
            String str;
            Map<String, KVStoreUser.UserDescription> userInfo = getUserInfo(ddlHandler.getAdmin());
            if (userInfo == null || userInfo.isEmpty()) {
                str = this.asJson ? "{}" : "";
            } else {
                if (this.userName != null && userInfo.get(this.userName) == null) {
                    throw new IllegalCommandException("User with name of " + this.userName + " not found");
                }
                str = formatUserInfo(userInfo);
            }
            ddlHandler.setResultString(str);
            ddlHandler.operationSucceeds();
        }

        private Map<String, KVStoreUser.UserDescription> getUserInfo(Admin admin) {
            SecurityMetadata securityMetadata = (SecurityMetadata) admin.getMetadata(SecurityMetadata.class, Metadata.MetadataType.SECURITY);
            if (securityMetadata == null) {
                return null;
            }
            ExecutionContext current = ExecutionContext.getCurrent();
            return (current == null || current.hasPrivilege(SystemPrivilege.SYSVIEW)) ? securityMetadata.getUsersDescription() : securityMetadata.getCurrentUserDescription();
        }

        private String formatUserInfo(Map<String, KVStoreUser.UserDescription> map) {
            StringBuilder sb = new StringBuilder();
            if (this.asJson) {
                if (this.userName != null) {
                    sb.append(map.get(this.userName).detailsAsJSON());
                } else {
                    boolean z = true;
                    sb.append("{\"users\":[");
                    for (KVStoreUser.UserDescription userDescription : map.values()) {
                        if (!z) {
                            sb.append(ParameterUtils.HELPER_HOST_SEPARATOR);
                        }
                        z = false;
                        sb.append(userDescription.briefAsJSON());
                    }
                    sb.append("]}");
                }
            } else if (this.userName != null) {
                sb.append(map.get(this.userName).details());
            } else {
                for (KVStoreUser.UserDescription userDescription2 : map.values()) {
                    sb.append("user:");
                    sb.append(userDescription2.brief());
                    sb.append("\n");
                }
            }
            return sb.toString();
        }

        @Override // oracle.kv.impl.admin.SecurityDdlOperation
        List<? extends KVStorePrivilege> privilegesToCheck() {
            return SystemPrivilege.usrviewPrivList;
        }
    }

    SecurityDdlOperation(String str) {
        this.opName = str;
    }

    @Override // oracle.kv.impl.admin.DdlHandler.DdlOperation
    public OperationContext getOperationCtx() {
        return new OperationContext() { // from class: oracle.kv.impl.admin.SecurityDdlOperation.1
            @Override // oracle.kv.impl.security.OperationContext
            public String describe() {
                return SecurityDdlOperation.this.opName;
            }

            @Override // oracle.kv.impl.security.OperationContext
            public List<? extends KVStorePrivilege> getRequiredPrivileges() {
                return SecurityDdlOperation.this.privilegesToCheck();
            }
        };
    }

    @Override // oracle.kv.impl.admin.DdlHandler.DdlOperation
    public void perform(DdlHandler ddlHandler) {
        try {
            execute(ddlHandler);
        } catch (IllegalCommandException e) {
            ddlHandler.operationFails(this.opName + " failed for: " + e.getMessage());
        }
    }

    abstract void execute(DdlHandler ddlHandler);

    abstract List<? extends KVStorePrivilege> privilegesToCheck();
}
