package com.cloudera.api.dao.impl;

import com.cloudera.api.DataView;
import com.cloudera.api.dao.DAOFactory;
import com.cloudera.api.dao.ExternalUserMappingManagerDao;
import com.cloudera.api.model.ApiAuthRoleRef;
import com.cloudera.api.model.ApiExternalUserMapping;
import com.cloudera.api.model.ApiExternalUserMappingList;
import com.cloudera.cmf.model.DbAuthRole;
import com.cloudera.cmf.model.DbExternalMapping;
import com.cloudera.cmf.model.DbUser;
import com.cloudera.cmf.model.ExternalMappingType;
import com.cloudera.cmf.service.CommandUtils;
import com.cloudera.cmf.user.UserRole;
import com.cloudera.server.cmf.CurrentUserManager;
import com.google.common.base.Preconditions;
import com.google.common.collect.Sets;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/cloudera/api/dao/impl/ExternalUserMappingManagerDaoImpl.class */
public class ExternalUserMappingManagerDaoImpl extends ManagerDaoBase implements ExternalUserMappingManagerDao {
    private final CurrentUserManager currentUserMgr;

    /* JADX INFO: Access modifiers changed from: protected */
    public ExternalUserMappingManagerDaoImpl(DAOFactory dAOFactory, CurrentUserManager currentUserManager) {
        super(dAOFactory);
        this.currentUserMgr = currentUserManager;
    }

    public void externalUserMappingListPreconditions(ApiExternalUserMappingList apiExternalUserMappingList) {
        Preconditions.checkArgument((apiExternalUserMappingList == null || apiExternalUserMappingList.getExternalUserMappings().isEmpty()) ? false : true, "External user mapping list must be provided.");
        Iterator it = apiExternalUserMappingList.iterator();
        while (it.hasNext()) {
            externalUserMappingPreconditions((ApiExternalUserMapping) it.next());
        }
    }

    public void externalUserMappingPreconditions(ApiExternalUserMapping apiExternalUserMapping) {
        Preconditions.checkArgument(apiExternalUserMapping != null, "External user mapping information not provided.");
        Preconditions.checkArgument(apiExternalUserMapping.getName() != null, "External user mapping name not provided.");
        Preconditions.checkArgument(apiExternalUserMapping.getType() != null, "External user mapping type not provided.");
        Preconditions.checkArgument(ExternalMappingType.valueOf(apiExternalUserMapping.getType().name()) != null, "External user mapping not valid.");
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxCommit
    public ApiExternalUserMappingList createExternalUserMappings(ApiExternalUserMappingList apiExternalUserMappingList) {
        externalUserMappingListPreconditions(apiExternalUserMappingList);
        ApiExternalUserMappingList apiExternalUserMappingList2 = new ApiExternalUserMappingList();
        for (ApiExternalUserMapping apiExternalUserMapping : apiExternalUserMappingList.getExternalUserMappings()) {
            HashSet newHashSet = Sets.newHashSet();
            DbExternalMapping addExternalMapping = this.operationsManager.addExternalMapping(this.cmfEM, apiExternalUserMapping.getName(), apiExternalUserMapping.getType().name());
            if (apiExternalUserMapping.getAuthRoles() != null) {
                for (ApiAuthRoleRef apiAuthRoleRef : apiExternalUserMapping.getAuthRoles()) {
                    DbAuthRole findAuthRole = findAuthRole(apiAuthRoleRef.getUuid(), apiAuthRoleRef.getName());
                    findAuthRole.addExternalMapping(addExternalMapping);
                    newHashSet.add(findAuthRole);
                }
            }
            this.operationsManager.assignExternalMappingAuthRoles(this.cmfEM, addExternalMapping, newHashSet);
            apiExternalUserMappingList2.getExternalUserMappings().add(this.modelFactory.newExternalUserMapping(addExternalMapping));
        }
        return apiExternalUserMappingList2;
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxCommit
    public ApiExternalUserMapping deleteExternalUserMapping(String str) {
        DbExternalMapping findExternalMappingByUuid = this.cmfEM.findExternalMappingByUuid(str);
        Preconditions.checkArgument(findExternalMappingByUuid != null);
        ApiExternalUserMapping newExternalUserMapping = this.modelFactory.newExternalUserMapping(findExternalMappingByUuid);
        this.operationsManager.deleteExternalMapping(this.cmfEM, findExternalMappingByUuid);
        return newExternalUserMapping;
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxCommit
    public ApiExternalUserMapping deleteExternalUserMappingByName(String str, ExternalMappingType externalMappingType) {
        DbExternalMapping findExternalUser = findExternalUser(null, str, externalMappingType);
        Preconditions.checkArgument(findExternalUser != null);
        ApiExternalUserMapping newExternalUserMapping = this.modelFactory.newExternalUserMapping(findExternalUser);
        this.operationsManager.deleteExternalMapping(this.cmfEM, findExternalUser);
        return newExternalUserMapping;
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxReadOnly
    public ApiExternalUserMappingList listExternalUserMappings(DataView dataView) {
        List findAllExternalMappings = this.cmfEM.findAllExternalMappings();
        ApiExternalUserMappingList apiExternalUserMappingList = new ApiExternalUserMappingList();
        Iterator it = findAllExternalMappings.iterator();
        while (it.hasNext()) {
            apiExternalUserMappingList.getExternalUserMappings().add(this.modelFactory.newExternalUserMapping((DbExternalMapping) it.next(), dataView));
        }
        Collections.sort(apiExternalUserMappingList.getExternalUserMappings(), new Comparator<ApiExternalUserMapping>() { // from class: com.cloudera.api.dao.impl.ExternalUserMappingManagerDaoImpl.1
            @Override // java.util.Comparator
            public int compare(ApiExternalUserMapping apiExternalUserMapping, ApiExternalUserMapping apiExternalUserMapping2) {
                return (apiExternalUserMapping == null ? CommandUtils.CONFIG_TOP_LEVEL_DIR : apiExternalUserMapping.getName()).compareTo(apiExternalUserMapping2 == null ? CommandUtils.CONFIG_TOP_LEVEL_DIR : apiExternalUserMapping2.getName());
            }
        });
        return apiExternalUserMappingList;
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxCommit
    public ApiExternalUserMapping updateExternalUserMapping(String str, ApiExternalUserMapping apiExternalUserMapping) {
        DbExternalMapping findExternalMappingByUuid = this.cmfEM.findExternalMappingByUuid(str);
        Preconditions.checkArgument(findExternalMappingByUuid != null);
        Preconditions.checkArgument(apiExternalUserMapping.getUuid() != null);
        Preconditions.checkArgument(apiExternalUserMapping.getType() != null);
        Preconditions.checkArgument(apiExternalUserMapping.getName() != null);
        if (!apiExternalUserMapping.getName().equals(findExternalMappingByUuid.getCode())) {
            this.operationsManager.renameExternalMapping(this.cmfEM, findExternalMappingByUuid, apiExternalUserMapping.getName());
        }
        if (!apiExternalUserMapping.getType().name().equals(findExternalMappingByUuid.getExternalMappingType().name())) {
            throw new SecurityException("Type of external user mappings cannot be updated. Please delete and re-create the mappings as necessary.");
        }
        if (apiExternalUserMapping.getAuthRoles() == null || apiExternalUserMapping.getAuthRoles().isEmpty()) {
            this.operationsManager.deleteExternalMappingAuthRole(this.cmfEM, findExternalMappingByUuid);
        } else {
            HashSet newHashSet = Sets.newHashSet();
            for (ApiAuthRoleRef apiAuthRoleRef : apiExternalUserMapping.getAuthRoles()) {
                newHashSet.add(findAuthRole(apiAuthRoleRef.getUuid(), apiAuthRoleRef.getName()));
            }
            this.operationsManager.assignExternalMappingAuthRoles(this.cmfEM, findExternalMappingByUuid, newHashSet);
        }
        return this.modelFactory.newExternalUserMapping(findExternalMappingByUuid);
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    public ApiExternalUserMapping getExternalUserMapping(String str) {
        DbExternalMapping findExternalMappingByUuid = this.cmfEM.findExternalMappingByUuid(str);
        Preconditions.checkArgument(findExternalMappingByUuid != null);
        return this.modelFactory.newExternalUserMapping(findExternalMappingByUuid);
    }

    @Override // com.cloudera.api.dao.ExternalUserMappingManagerDao
    @TxReadOnly
    public void checkForAdmins() {
        DbUser loggedInUser = this.currentUserMgr.getLoggedInUser(this.cmfEM);
        Preconditions.checkArgument(loggedInUser != null);
        if (loggedInUser.isInternal()) {
            throw new SecurityException("Internal users cannot administer auth roles.");
        }
        if (!this.currentUserMgr.getRoles().contains(UserRole.ROLE_USER_ADMIN) && !this.currentUserMgr.getRoles().contains(UserRole.ROLE_ADMIN)) {
            throw new SecurityException("Only administrators can administer auth roles.");
        }
    }
}
