package org.apache.hadoop.hive.ql.security.authorization.plugin;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.common.classification.InterfaceAudience;
import org.apache.hadoop.hive.metastore.DefaultMetaStoreFilterHookImpl;
import org.apache.hadoop.hive.metastore.api.MetaException;
import org.apache.hadoop.hive.metastore.api.PrincipalType;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.api.TableMeta;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext;
import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject;
import org.apache.hadoop.hive.ql.session.SessionState;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/hive/ql/security/authorization/plugin/AuthorizationMetaStoreFilterHook.class */
public class AuthorizationMetaStoreFilterHook extends DefaultMetaStoreFilterHookImpl {
    public static final Logger LOG = LoggerFactory.getLogger(AuthorizationMetaStoreFilterHook.class);

    public AuthorizationMetaStoreFilterHook(Configuration configuration) {
        super(configuration);
    }

    @Override // org.apache.hadoop.hive.metastore.DefaultMetaStoreFilterHookImpl, org.apache.hadoop.hive.metastore.MetaStoreFilterHook
    public List<String> filterTableNames(String str, String str2, List<String> list) throws MetaException {
        return getTableNames(getFilteredObjects(getHivePrivObjects(str2, list)));
    }

    @Override // org.apache.hadoop.hive.metastore.DefaultMetaStoreFilterHookImpl, org.apache.hadoop.hive.metastore.MetaStoreFilterHook
    public List<Table> filterTables(List<Table> list) throws MetaException {
        return getFilteredTableList(getFilteredObjects(tablesToPrivilegeObjs(list)), list);
    }

    private List<Table> getFilteredTableList(List<HivePrivilegeObject> list, List<Table> list2) {
        ArrayList arrayList = new ArrayList();
        for (HivePrivilegeObject hivePrivilegeObject : list) {
            Table filteredTable = getFilteredTable(hivePrivilegeObject.getDbname(), hivePrivilegeObject.getObjectName(), list2);
            if (filteredTable != null) {
                arrayList.add(filteredTable);
            }
        }
        return arrayList;
    }

    private Table getFilteredTable(String str, String str2, List<Table> list) {
        Table table = null;
        Iterator<Table> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Table next = it.next();
            String dbName = next.getDbName();
            String tableName = next.getTableName();
            if (str.equals(dbName) && str2.equals(tableName)) {
                table = next;
                break;
            }
        }
        return table;
    }

    @Override // org.apache.hadoop.hive.metastore.DefaultMetaStoreFilterHookImpl, org.apache.hadoop.hive.metastore.MetaStoreFilterHook
    public List<String> filterDatabases(List<String> list) throws MetaException {
        return getDbNames(getFilteredObjects(HivePrivilegeObjectUtils.getHivePrivDbObjects(list)));
    }

    private List<String> getDbNames(List<HivePrivilegeObject> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<HivePrivilegeObject> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getDbname());
        }
        return arrayList;
    }

    private List<String> getTableNames(List<HivePrivilegeObject> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<HivePrivilegeObject> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getObjectName());
        }
        return arrayList;
    }

    private List<HivePrivilegeObject> getFilteredObjects(List<HivePrivilegeObject> list) throws MetaException {
        SessionState sessionState = SessionState.get();
        HiveAuthzContext.Builder builder = new HiveAuthzContext.Builder();
        builder.setUserIpAddress(sessionState.getUserIpAddress());
        builder.setForwardedAddresses(sessionState.getForwardedAddresses());
        try {
            return sessionState.getAuthorizerV2().filterListCmdObjects(list, builder.build());
        } catch (HiveAccessControlException e) {
            LOG.error("AccessControlException", e);
            throw new MetaException(e.getMessage());
        } catch (HiveAuthzPluginException e2) {
            LOG.error("Authorization error", e2);
            throw new MetaException(e2.getMessage());
        }
    }

    private List<HivePrivilegeObject> getHivePrivObjects(String str, List<String> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, str, it.next()));
        }
        return arrayList;
    }

    private HivePrivilegeObject createPrivilegeObjectForTable(String str, String str2, String str3, PrincipalType principalType) {
        return new HivePrivilegeObject(HivePrivilegeObject.HivePrivilegeObjectType.TABLE_OR_VIEW, str, str2, null, null, HivePrivilegeObject.HivePrivObjectActionType.OTHER, null, null, str3, principalType);
    }

    private List<HivePrivilegeObject> tablesToPrivilegeObjs(List<Table> list) {
        ArrayList arrayList = new ArrayList();
        for (Table table : list) {
            arrayList.add(createPrivilegeObjectForTable(table.getDbName(), table.getTableName(), table.getOwner(), table.getOwnerType()));
        }
        return arrayList;
    }

    private List<HivePrivilegeObject> tableMetasToPrivilegeObjs(List<TableMeta> list) {
        ArrayList arrayList = new ArrayList();
        for (TableMeta tableMeta : list) {
            arrayList.add(createPrivilegeObjectForTable(tableMeta.getDbName(), tableMeta.getTableName(), tableMeta.getOwnerName(), tableMeta.getOwnerType()));
        }
        return arrayList;
    }

    private ImmutablePair<String, String> tableMetaKey(String str, String str2) {
        return new ImmutablePair<>(str, str2);
    }

    @Override // org.apache.hadoop.hive.metastore.DefaultMetaStoreFilterHookImpl, org.apache.hadoop.hive.metastore.MetaStoreFilterHook
    public List<TableMeta> filterTableMetas(List<TableMeta> list) throws MetaException {
        Set set = (Set) getFilteredObjects(tableMetasToPrivilegeObjs(list)).stream().map(hivePrivilegeObject -> {
            return tableMetaKey(hivePrivilegeObject.getDbname(), hivePrivilegeObject.getObjectName());
        }).collect(Collectors.toSet());
        return (List) list.stream().filter(tableMeta -> {
            return set.contains(tableMetaKey(tableMeta.getDbName(), tableMeta.getTableName()));
        }).collect(Collectors.toList());
    }
}
