package com.cloudera.cmf.service;

import com.cloudera.cmf.command.CommandHelpers;
import com.cloudera.cmf.model.DbCommand;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.security.GenerateCredentialsCommand;
import com.cloudera.cmf.service.EntityChange;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/service/SecureRoleCreateListener.class */
public class SecureRoleCreateListener implements EntityUpdateListener<RoleChange> {
    private static final Logger LOG = LoggerFactory.getLogger(SecureRoleCreateListener.class);
    private ServiceHandlerRegistry shr;

    public SecureRoleCreateListener(ServiceHandlerRegistry serviceHandlerRegistry) {
        this.shr = serviceHandlerRegistry;
    }

    @Override // com.cloudera.cmf.service.EntityUpdateListener
    public void onEntityUpdate(CmfEntityManager cmfEntityManager, List<RoleChange> list) {
        HashSet newHashSet = Sets.newHashSet();
        for (RoleChange roleChange : list) {
            if (roleChange.getChangeType() == EntityChange.ChangeType.CREATE) {
                newHashSet.add(roleChange.getRoleName());
            }
        }
        String str = null;
        List findRolesByNames = cmfEntityManager.findRolesByNames(ImmutableList.copyOf(newHashSet));
        Preconditions.checkArgument(findRolesByNames.size() == newHashSet.size());
        Iterator it = findRolesByNames.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DbRole dbRole = (DbRole) it.next();
            if (this.shr.getRoleHandler(dbRole).requiresCredentials(cmfEntityManager, dbRole)) {
                str = dbRole.getName();
                break;
            }
        }
        if (str != null) {
            DbCommand executeGlobalCommandIfAvailable = CommandHelpers.executeGlobalCommandIfAvailable(GenerateCredentialsCommand.COMMAND_NAME, Lists.newArrayList(), cmfEntityManager, this.shr);
            if (executeGlobalCommandIfAvailable != null) {
                LOG.info(String.format("Generating credentials (command %d) for role creation: %s", executeGlobalCommandIfAvailable.getId(), str));
            } else {
                LOG.info(String.format("Skipping credentials generation for role creation (%s) because command is not available", str));
            }
        }
    }
}
