package com.cloudera.server.web.cmf;

import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbHost;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.CommandUtils;
import com.cloudera.server.cmf.components.Authorizer;
import com.google.common.base.Preconditions;
import com.google.common.base.Supplier;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.concurrent.Callable;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:com/cloudera/server/web/cmf/AuthScopeContext.class */
public class AuthScopeContext {
    private static final String CLUSTER_NAME = "clusterName";
    private static final String CLUSTERS_PATTERN = "/*/clusters/{clusterName}/**";
    private static final String HOST_ID_OR_NAME = "hostId";
    private static final String HOSTS_PATTERN = "/*/hosts/{hostId}/**";
    private static final Logger LOG = LoggerFactory.getLogger(AuthScopeContext.class);
    private static final ThreadLocal<AuthScope> CURRENT_AUTHSCOPE = new ThreadLocal<AuthScope>() { // from class: com.cloudera.server.web.cmf.AuthScopeContext.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public AuthScope initialValue() {
            return AuthScope.global();
        }
    };
    private static final ThreadLocal<Integer> PRIVILEGED_MODE = new ThreadLocal<Integer>() { // from class: com.cloudera.server.web.cmf.AuthScopeContext.2
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Integer initialValue() {
            return 0;
        }
    };

    public static AuthScope get() {
        return CURRENT_AUTHSCOPE.get();
    }

    public static AuthScope set(@Nullable AuthScope authScope) {
        AuthScope authScope2 = CURRENT_AUTHSCOPE.get();
        if (authScope == null) {
            authScope = AuthScope.global();
        }
        CURRENT_AUTHSCOPE.set(authScope);
        return authScope2;
    }

    private static void pushPriviledgedMode() {
        PRIVILEGED_MODE.set(Integer.valueOf(PRIVILEGED_MODE.get().intValue() + 1));
    }

    private static void popPriviledgedMode() throws IllegalStateException {
        if (PRIVILEGED_MODE.get().intValue() == 0) {
            new IllegalStateException("Privilege mode is inconsistent");
        }
        PRIVILEGED_MODE.set(Integer.valueOf(PRIVILEGED_MODE.get().intValue() - 1));
    }

    public static void clearPriviledgedMode() {
        if (PRIVILEGED_MODE.get().intValue() != 0) {
            LOG.warn(String.format("Privilegded mode is not cleaned up properly count %s", PRIVILEGED_MODE.get()));
        }
        PRIVILEGED_MODE.set(0);
    }

    public static boolean inPriviledgedMode() {
        return PRIVILEGED_MODE.get().intValue() > 0;
    }

    public static AuthScope getAuthScope(String str, CmfEntityManager cmfEntityManager) {
        String trim = str.trim();
        if (trim.startsWith("/api/")) {
            trim = trim.replaceFirst("/api", CommandUtils.CONFIG_TOP_LEVEL_DIR);
        }
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        if (!antPathMatcher.match(CLUSTERS_PATTERN, trim)) {
            if (!antPathMatcher.match(HOSTS_PATTERN, trim)) {
                return AuthScope.global();
            }
            Map extractUriTemplateVariables = antPathMatcher.extractUriTemplateVariables(HOSTS_PATTERN, trim);
            Preconditions.checkState(extractUriTemplateVariables.containsKey(HOST_ID_OR_NAME));
            String str2 = (String) extractUriTemplateVariables.get(HOST_ID_OR_NAME);
            DbHost findHostByHostId = cmfEntityManager.findHostByHostId(str2);
            return (AuthScope) Authorizer.HOST_TO_AUTHSCOPE.apply(findHostByHostId == null ? cmfEntityManager.findHostByHostName(str2) : findHostByHostId);
        }
        Map extractUriTemplateVariables2 = antPathMatcher.extractUriTemplateVariables(CLUSTERS_PATTERN, trim);
        Preconditions.checkState(extractUriTemplateVariables2.containsKey(CLUSTER_NAME));
        String str3 = (String) extractUriTemplateVariables2.get(CLUSTER_NAME);
        DbCluster findClusterByName = cmfEntityManager.findClusterByName(str3);
        if (findClusterByName == null) {
            findClusterByName = cmfEntityManager.findClusterByDisplayName(str3);
        }
        if (findClusterByName == null) {
            throw new NoSuchElementException(String.format("Cluster '%s'", str3));
        }
        return AuthScope.cluster(findClusterByName.getName());
    }

    public static <T> T invokeInAuthScope(String str, Supplier<T> supplier) {
        Preconditions.checkState(CmfEntityManager.currentCmfEntityManager() != null, "Must be a part of a transaction");
        AuthScope authScope = CURRENT_AUTHSCOPE.get();
        CURRENT_AUTHSCOPE.set(getAuthScope(str, CmfEntityManager.currentCmfEntityManager()));
        try {
            T t = (T) supplier.get();
            CURRENT_AUTHSCOPE.set(authScope);
            return t;
        } catch (Throwable th) {
            CURRENT_AUTHSCOPE.set(authScope);
            throw th;
        }
    }

    public static <T> T privilegedMode(Callable<T> callable) throws Exception {
        pushPriviledgedMode();
        try {
            T call = callable.call();
            popPriviledgedMode();
            return call;
        } catch (Throwable th) {
            popPriviledgedMode();
            throw th;
        }
    }

    public static void privilegedMode(final Runnable runnable) {
        privilegedMode(new Supplier<Void>() { // from class: com.cloudera.server.web.cmf.AuthScopeContext.3
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public Void m1803get() {
                runnable.run();
                return null;
            }
        });
    }

    public static <T> T privilegedMode(Supplier<T> supplier) {
        pushPriviledgedMode();
        try {
            T t = (T) supplier.get();
            popPriviledgedMode();
            return t;
        } catch (Throwable th) {
            popPriviledgedMode();
            throw th;
        }
    }
}
