package org.apache.sentry.provider.db.audit;

import java.util.Collection;
import java.util.Iterator;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddGroupsRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddGroupsResponse;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddUsersRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddUsersResponse;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteUsersRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteUsersResponse;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
import org.apache.sentry.api.service.thrift.TCreateSentryRoleRequest;
import org.apache.sentry.api.service.thrift.TCreateSentryRoleResponse;
import org.apache.sentry.api.service.thrift.TDropSentryRoleRequest;
import org.apache.sentry.api.service.thrift.TDropSentryRoleResponse;
import org.apache.sentry.api.service.thrift.TSentryAuthorizable;
import org.apache.sentry.api.service.thrift.TSentryPrincipalType;
import org.apache.sentry.provider.db.log.entity.JsonLogEntity;
import org.apache.sentry.provider.db.log.entity.JsonLogEntityFactory;
import org.apache.sentry.provider.db.log.util.Constants;
import org.apache.sentry.service.thrift.TSentryResponseStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/sentry/provider/db/audit/SentryAuditLogger.class */
public class SentryAuditLogger {
    private static final Logger ERROR_LOGGER = LoggerFactory.getLogger(SentryAuditLogger.class);
    private static final Logger AUDIT_LOGGER = LoggerFactory.getLogger(Constants.AUDIT_LOGGER_NAME);
    private static final JsonLogEntityFactory JSON_LOG_ENTITY = JsonLogEntityFactory.getInstance();
    private final Configuration conf;

    public SentryAuditLogger(Configuration configuration) {
        this.conf = configuration;
    }

    public void onCreateRole(TCreateSentryRoleRequest tCreateSentryRoleRequest, TCreateSentryRoleResponse tCreateSentryRoleResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tCreateSentryRoleRequest, tCreateSentryRoleResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for creating a role: " + e.getMessage(), e);
        }
    }

    public void onDropRole(TDropSentryRoleRequest tDropSentryRoleRequest, TDropSentryRoleResponse tDropSentryRoleResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tDropSentryRoleRequest, tDropSentryRoleResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for creating a role: " + e.getMessage(), e);
        }
    }

    public void onGrantRolePrivilege(TAlterSentryRoleGrantPrivilegeRequest tAlterSentryRoleGrantPrivilegeRequest, TAlterSentryRoleGrantPrivilegeResponse tAlterSentryRoleGrantPrivilegeResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntities(tAlterSentryRoleGrantPrivilegeRequest, tAlterSentryRoleGrantPrivilegeResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for grant role privilege: " + e.getMessage(), e);
        }
    }

    public void onGrantOwnerPrivilege(TSentryResponseStatus tSentryResponseStatus, String str, TSentryPrincipalType tSentryPrincipalType, String str2, TSentryAuthorizable tSentryAuthorizable) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(Constants.OPERATION_GRANT_OWNER_PRIVILEGE, Constants.OBJECT_TYPE_PRINCIPAL, str, tSentryResponseStatus, tSentryAuthorizable, tSentryPrincipalType, str2, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for grant owner privilege: " + e.getMessage(), e);
        }
    }

    public void onTransferOwnerPrivilege(TSentryResponseStatus tSentryResponseStatus, String str, TSentryPrincipalType tSentryPrincipalType, String str2, TSentryAuthorizable tSentryAuthorizable) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(Constants.OPERATION_TRANSFER_OWNER_PRIVILEGE, Constants.OBJECT_TYPE_PRINCIPAL, str, tSentryResponseStatus, tSentryAuthorizable, tSentryPrincipalType, str2, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for grant owner privilege: " + e.getMessage(), e);
        }
    }

    public void onRevokeRolePrivilege(TAlterSentryRoleRevokePrivilegeRequest tAlterSentryRoleRevokePrivilegeRequest, TAlterSentryRoleRevokePrivilegeResponse tAlterSentryRoleRevokePrivilegeResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntities(tAlterSentryRoleRevokePrivilegeRequest, tAlterSentryRoleRevokePrivilegeResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for revoke role privilege: " + e.getMessage(), e);
        }
    }

    public void onRevokeUserOwnerPrivilege(String str, TSentryResponseStatus tSentryResponseStatus, String str2, TSentryAuthorizable tSentryAuthorizable) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(Constants.OPERATION_REVOKE_PRIVILEGE, Constants.OBJECT_TYPE_PRINCIPAL, str, tSentryResponseStatus, tSentryAuthorizable, TSentryPrincipalType.USER, str2, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for grant user owner privilege: " + e.getMessage(), e);
        }
    }

    public void onGrantRoleToGroup(TAlterSentryRoleAddGroupsRequest tAlterSentryRoleAddGroupsRequest, TAlterSentryRoleAddGroupsResponse tAlterSentryRoleAddGroupsResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tAlterSentryRoleAddGroupsRequest, tAlterSentryRoleAddGroupsResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for adding groups to a role: " + e.getMessage(), e);
        }
    }

    public void onRevokeRoleFromGroup(TAlterSentryRoleDeleteGroupsRequest tAlterSentryRoleDeleteGroupsRequest, TAlterSentryRoleDeleteGroupsResponse tAlterSentryRoleDeleteGroupsResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tAlterSentryRoleDeleteGroupsRequest, tAlterSentryRoleDeleteGroupsResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for deleting groups from a role: " + e.getMessage(), e);
        }
    }

    public void onGrantRoleToUser(TAlterSentryRoleAddUsersRequest tAlterSentryRoleAddUsersRequest, TAlterSentryRoleAddUsersResponse tAlterSentryRoleAddUsersResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tAlterSentryRoleAddUsersRequest, tAlterSentryRoleAddUsersResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for adding users to a role: " + e.getMessage(), e);
        }
    }

    public void onRevokeRoleFromUser(TAlterSentryRoleDeleteUsersRequest tAlterSentryRoleDeleteUsersRequest, TAlterSentryRoleDeleteUsersResponse tAlterSentryRoleDeleteUsersResponse) {
        try {
            info(JSON_LOG_ENTITY.createJsonLogEntity(tAlterSentryRoleDeleteUsersRequest, tAlterSentryRoleDeleteUsersResponse, this.conf));
        } catch (Exception e) {
            ERROR_LOGGER.error("Cannot generate an audit log for deleting users from a role: " + e.getMessage(), e);
        }
    }

    private void info(Collection<JsonLogEntity> collection) throws Exception {
        Iterator<JsonLogEntity> it = collection.iterator();
        while (it.hasNext()) {
            info(it.next());
        }
    }

    private void info(JsonLogEntity jsonLogEntity) throws Exception {
        AUDIT_LOGGER.info(jsonLogEntity.toJsonFormatLog());
    }
}
