package com.cloudera.cmf.service.sentry;

import com.cloudera.cmf.Constants;
import com.cloudera.cmf.ProductState;
import com.cloudera.cmf.model.DbProcess;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.protocol.ResourceUnion;
import com.cloudera.cmf.protocol.ResourcesUtil;
import com.cloudera.cmf.service.AbstractDaemonRoleHandler;
import com.cloudera.cmf.service.ConfigFilesTransform;
import com.cloudera.cmf.service.DaemonRoleHandler;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.Validator;
import com.cloudera.cmf.service.config.CommonParamSpecs;
import com.cloudera.cmf.service.config.ConfigFileGenerator;
import com.cloudera.cmf.service.config.ConfigUpdateListener;
import com.cloudera.cmf.service.config.CoreConfigFileDefinitions;
import com.cloudera.cmf.service.config.InverseDependencyChainValidator;
import com.cloudera.cmf.service.config.KerberosKeytabGenerator;
import com.cloudera.cmf.service.config.MgmtConfigFileDefinitions;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.config.ParamSpecEvaluator;
import com.cloudera.cmf.service.config.PathParamSpec;
import com.cloudera.cmf.service.config.PropertiesConfigFileGenerator;
import com.cloudera.cmf.service.config.RefreshConfigListener;
import com.cloudera.cmf.service.config.ServiceParamSpec;
import com.cloudera.cmf.service.config.XMLConfigFileGenerator;
import com.cloudera.cmf.service.config.transform.ConfigFilesTransformBuilder;
import com.cloudera.cmf.service.core.CoreSettingsParams;
import com.cloudera.cmf.service.hadoopcommon.HadoopCommonHelpers;
import com.cloudera.cmf.service.hdfs.HdfsParams;
import com.cloudera.cmf.service.hive.HiveParams;
import com.cloudera.cmf.service.hive.HiveServiceHandler;
import com.cloudera.cmf.service.sentry.SentryServiceHandler;
import com.cloudera.server.common.KerberosAuthentication;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;

/* loaded from: input_file:com/cloudera/cmf/service/sentry/SentryServerRoleHandler.class */
public class SentryServerRoleHandler extends AbstractDaemonRoleHandler {
    public static final String SENTRY_USER = "sentry";
    public static final String SENTRY_GROUP = "sentry";
    public static final String SENTRY_JVM_OPTS_CMD_VAR = "HADOOP_CLIENT_OPTS";
    private static final String HIVE_CONF_DIR_NAME = "hive-conf";

    public SentryServerRoleHandler(SentryServiceHandler sentryServiceHandler, ServiceDataProvider serviceDataProvider) {
        super(sentryServiceHandler, serviceDataProvider);
        this.minInstanceCount = 1;
        this.maxInstanceCount = SentryServiceHandler.HA_SINCE.contains(sentryServiceHandler.getVersion()) ? 2 : 1;
    }

    @Override // com.cloudera.cmf.service.DaemonRoleHandler
    public DbProcess makeProcess(DbRole dbRole, List<String> list) throws DaemonRoleHandler.ProcessSupplierException {
        Preconditions.checkArgument(list.isEmpty());
        Map<String, Object> prepareConfiguration = prepareConfiguration(dbRole);
        DbProcess dbProcess = new DbProcess(makeProcessName(dbRole));
        dbProcess.setUser(getProcessUser(prepareConfiguration));
        dbProcess.setGroup(getProcessGroup(prepareConfiguration));
        dbProcess.setProgram("sentry/sentry.sh");
        dbProcess.setArguments(Collections.emptyList());
        dbProcess.setConfigurationData(generateConfiguration(dbRole, prepareConfiguration));
        dbProcess.setEnvironment(getEnvironment(dbRole, prepareConfiguration));
        dbProcess.setStatusLinks(getStatusLinks(dbRole));
        dbProcess.initWithRole(dbRole);
        dbProcess.setResources(makeResources(dbRole, prepareConfiguration));
        dbProcess.setRefreshFiles(getRefreshableConfigFiles());
        return dbProcess;
    }

    @Override // com.cloudera.cmf.service.RoleHandler
    public Enum<?> getRoleTypeEnum() {
        return SentryServiceHandler.RoleNames.SENTRY_SERVER;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public Map<String, String> getEnvironmentForRole(DbRole dbRole, Map<String, Object> map) {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("HADOOP_CLIENT_OPTS", HadoopCommonHelpers.makeJavaOpts((ParamSpec) Iterables.getOnlyElement(getResourceManagementHandler().getMemoryParams()), SentryParams.SENTRY_SERVER_JAVA_OPTS, getHeapDumpFile(dbRole), map, this, dbRole, dbRole.getService(), this.serviceProvider));
        newHashMap.put("SENTRY_SERVER_DATABASE_TYPE", SentryParams.SENTRY_DATABASE_TYPE.extractToConfigFileString(map));
        newHashMap.put("HIVE_CONF_DIR_NAME", "hive-conf");
        return newHashMap;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public String getEnvironmentSafetyValveTemplateName() {
        return "sentry_env_safety_valve";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public List<ResourceUnion> addDefaultResources(DbRole dbRole, Map<String, Object> map) {
        return Lists.newArrayList();
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler, com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public List<ResourceUnion> makeResources(DbRole dbRole, Map<String, Object> map) {
        List<ResourceUnion> makeResources = super.makeResources(dbRole, map);
        addResourcesForPathParamSpec(makeResources, dbRole, map, (PathParamSpec) getConfigSpec().getParam(CommonParamSpecs.OOM_HEAP_DUMP_DIR));
        addResourcesForPathParamSpec(makeResources, dbRole, map, (PathParamSpec) getConfigSpec().getParam(CommonParamSpecs.STACKS_COLLECTION_DIRECTORY));
        makeResources.add(ResourcesUtil.newLogDirectoryResource(getLogDirParamSpec().extract(map), getProcessUser(map), getProcessGroup(map), getLogDirParamSpec().getMode()));
        if (this.serviceProvider.getFeatureManager().hasFeature(ProductState.Feature.NAVIGATOR)) {
            addResourcesForPathParamSpec(makeResources, dbRole, map, SentryParams.SENTRY_AUDIT_LOG_DIR).setDynamic(true);
        }
        makeResources.addAll(makePortResources(dbRole, map));
        return makeResources;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    protected Set<ParamSpec<?>> getDaemonParamSpecs(ImmutableSet<ParamSpec<?>> immutableSet) {
        return Sets.union(immutableSet, SentryParams.SENTRY_SERVER_PARAMS);
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    public Map<String, String> getPrincipalPrefixes(long j, DbRole dbRole) {
        return ImmutableMap.of(KerberosAuthentication.KERBEROS_ROLE_PRINCIPAL, this.serviceHandler.getKerberosPrincipalName(dbRole.getService()));
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    protected Set<ConfigFileGenerator> getConfigFileGenerators(ImmutableSet<ConfigFileGenerator> immutableSet) {
        HashSet newHashSet = Sets.newHashSet();
        newHashSet.add(new XMLConfigFileGenerator(SentryConfigFileDefinitions.SENTRY_SERVER_SITE, "sentry-site.xml"));
        newHashSet.add(new KerberosKeytabGenerator(SentryParams.SENTRY_KEYTAB_FILE_NAME));
        newHashSet.add(new PropertiesConfigFileGenerator(SentryConfigFileDefinitions.LOG4J_PROPERTIES, "sentry-log4j.properties"));
        if (Constants.SERVICE_VERSIONS_SINCE_CDH5_2_0.contains(this.serviceHandler.getVersion())) {
            newHashSet.add(MgmtConfigFileDefinitions.navigatorClientConfigGenerator(SentryParams.NAVIGATOR_COLLECTION_ENABLED, SentryParams.NAVIGATOR_EVENT_FILTER, SentryParams.NAVIGATOR_EVENT_TRACKER, SentryParams.NAVIGATOR_QUEUE_POLICY, SentryParams.NAVIGATOR_CLIENT_CONFIG_SAFETY_VALVE, false, new ParamSpecEvaluator(SentryParams.SENTRY_AUDIT_LOG_DIR), new ParamSpecEvaluator(SentryParams.SENTRY_MAX_AUDIT_LOG_SIZE)));
        }
        return Sets.union(newHashSet, immutableSet);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler, com.cloudera.cmf.service.AbstractRoleHandler
    public Set<ConfigUpdateListener> getConfigUpdateListeners() {
        HashSet newHashSet = Sets.newHashSet(super.getConfigUpdateListeners());
        if (Constants.SERVICE_VERSIONS_SINCE_CDH5_2_0.contains(this.serviceHandler.getVersion())) {
            newHashSet.add(new RefreshConfigListener(this.serviceProvider.getServiceHandlerRegistry(), this.serviceProvider.getHeartbeatRequester(), this, RefreshConfigListener.Refreshable.CONFIGS, SentryParams.NAVIGATOR_COLLECTION_ENABLED, SentryParams.NAVIGATOR_EVENT_FILTER, SentryParams.NAVIGATOR_EVENT_TRACKER, SentryParams.NAVIGATOR_QUEUE_POLICY, SentryParams.NAVIGATOR_CLIENT_CONFIG_SAFETY_VALVE, SentryParams.SENTRY_AUDIT_LOG_DIR, SentryParams.SENTRY_MAX_AUDIT_LOG_SIZE));
            newHashSet.add(new RefreshConfigListener(this.serviceProvider.getServiceHandlerRegistry(), this.serviceProvider.getHeartbeatRequester(), this, RefreshConfigListener.Refreshable.RESOURCES, SentryParams.SENTRY_AUDIT_LOG_DIR));
        }
        return newHashSet;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler, com.cloudera.cmf.service.DaemonRoleHandler
    public List<String> getRefreshableConfigFiles() {
        ImmutableList.Builder builder = ImmutableList.builder();
        builder.addAll(super.getRefreshableConfigFiles());
        if (Constants.SERVICE_VERSIONS_SINCE_CDH5_2_0.contains(this.serviceHandler.getVersion())) {
            builder.add(MgmtConfigFileDefinitions.NAVIGATOR_CLIENT_CONFIG_FILE);
        }
        return builder.build();
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    public Map<ServiceParamSpec, ConfigFilesTransform> getTypesForDependencyClientConfigs(DbService dbService, DbRole dbRole) {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.putAll(super.getTypesForDependencyClientConfigs(dbService, dbRole));
        builder.put(SentryParams.DFS_CONNECTOR, getDfsCcTransform());
        return builder.build();
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    @Nonnull
    public Map<String, ConfigFilesTransform> getTypesForInverseDependencyClientConfigs(DbService dbService) {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put(HiveServiceHandler.SERVICE_TYPE, getHiveCcTransform());
        return builder.build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    public List<Validator> getAdditionalValidators() {
        List<Validator> additionalValidators = super.getAdditionalValidators();
        additionalValidators.add(new InverseDependencyChainValidator(HiveServiceHandler.SERVICE_TYPE, false));
        return additionalValidators;
    }

    static ConfigFilesTransformBuilder getDfsCcTransform() {
        return ConfigFilesTransformBuilder.builder().excludeFilename(Sets.newHashSet(new String[]{CoreConfigFileDefinitions.TOPOLOGY_SCRIPT_CFG.getOutputFileName(), CoreConfigFileDefinitions.TOPOLOGY_MAP_CFG.getOutputFileName(), CoreSettingsParams.HADOOP_ENV_SH, "log4j.properties", HdfsParams.HDFS_SITE_XML})).changeParentDir(null);
    }

    static ConfigFilesTransformBuilder getHiveCcTransform() {
        return ConfigFilesTransformBuilder.builder().includeOnly(HiveParams.HIVE_SITE_XML).changeParentDir("hive-conf");
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public String getLogFileName(DbRole dbRole) {
        return formatLogName(HadoopCommonHelpers.LOG_FILE_FORMAT, dbRole);
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public boolean isSingletonForWizards() {
        return true;
    }
}
