package com.cloudera.server.web.cmf;

import com.cloudera.cmf.model.ConfigValueProvider;
import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.security.EnableKerberosCommand;
import com.cloudera.cmf.service.ServiceHandlerRegistry;
import com.cloudera.cmf.service.config.ParamParseException;
import com.cloudera.cmf.service.core.CoreSettingsParams;
import com.cloudera.cmf.service.core.CoreSettingsServiceHandler;
import com.cloudera.cmf.service.csd.components.FirstPartyCsdServiceTypes;
import com.cloudera.cmf.service.csd.components.ThirdPartyCsdServiceTypes;
import com.cloudera.server.web.cmf.CmfPath;
import com.cloudera.server.web.cmf.include.EntityLinkHelper;
import com.cloudera.server.web.common.AjaxLink;
import com.cloudera.server.web.common.CurrentUser;
import com.cloudera.server.web.common.I18n;
import com.cloudera.server.web.common.Link;
import com.cloudera.server.web.common.Util;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/server/web/cmf/ClusterSecurityStatus.class */
public class ClusterSecurityStatus {

    @JsonProperty
    private final String clusterName;

    @JsonProperty
    private final Long clusterId;

    @JsonProperty
    private final String clusterDisplayName;

    @JsonProperty
    private final Link clusterLink;

    @JsonProperty
    public final boolean isKeyTrusteeServerCluster;

    @JsonProperty
    private final boolean isKerberosEnabled;

    @JsonProperty
    private final boolean isEncryptionEnabled;

    @JsonProperty
    private final boolean supportsEncryption;

    @JsonProperty
    private final Link enableKerberosLink;

    @JsonProperty
    private final Link configKerberosLink;

    @JsonProperty
    private final Link enableEncryptionLink;

    @JsonProperty
    private final boolean hasKeyAdminAuthority;

    @JsonProperty
    private final boolean hasAdminAuthority;
    private static final Logger LOG = LoggerFactory.getLogger(ClusterSecurityStatus.class);

    @JsonProperty
    private final List<ServiceInfo> kerberosEnabledForService = Lists.newLinkedList();

    @JsonProperty
    private final List<ServiceInfo> kerberosDisabledForService = Lists.newLinkedList();
    private final Set<String> SERVICE_TYPES_TO_IGNORE = ImmutableSet.of(FirstPartyCsdServiceTypes.SQOOP_CLIENT, CoreSettingsServiceHandler.SERVICE_TYPE, ThirdPartyCsdServiceTypes.NIFICA);

    public ClusterSecurityStatus(CmfEntityManager cmfEntityManager, ServiceHandlerRegistry serviceHandlerRegistry, DbCluster dbCluster) {
        this.clusterId = dbCluster.getId();
        this.clusterName = dbCluster.getName();
        this.clusterDisplayName = dbCluster.getDisplayName();
        this.clusterLink = new Link(dbCluster.getDisplayName(), CmfPath.to(CmfPath.Type.DEFAULT, dbCluster));
        this.isKeyTrusteeServerCluster = Util.mustBeKeyTrusteeServerCluster(cmfEntityManager, dbCluster);
        this.isKerberosEnabled = serviceHandlerRegistry.get(dbCluster).getClusterCommand(EnableKerberosCommand.COMMAND_NAME).checkAvailability(dbCluster) != null;
        this.configKerberosLink = new AjaxLink(I18n.t("label.kerberosConfigurationView"), CmfPath.GenericConfig.buildUrlForDialogWithTitle(CmfPath.Cluster.buildGetUrl(dbCluster, CmfPath.GenericConfig.KERBEROS_CONFIG, null), I18n.t("label.configuration.kerberosConfigurationFor", dbCluster.getDisplayName())));
        this.enableKerberosLink = new AjaxLink(I18n.t("message.command.cluster.enableKerberos.name"), CmfPath.Cluster.buildGetUrl(dbCluster, "kerberos/wizardRedirect", null));
        this.enableEncryptionLink = EntityLinkHelper.getEnableHDFSEncryptionLink(dbCluster);
        this.hasAdminAuthority = CurrentUser.hasAuthorityForCluster(dbCluster, "ROLE_ADMIN");
        this.hasKeyAdminAuthority = CurrentUser.hasAuthorityForCluster(dbCluster, "AUTH_KEY_ADMIN");
        for (DbService dbService : cmfEntityManager.findServicesInCluster(dbCluster)) {
            if (!this.SERVICE_TYPES_TO_IGNORE.contains(dbService.getServiceType())) {
                if (serviceHandlerRegistry.get(dbService).requiresCredentials(cmfEntityManager, dbService)) {
                    this.kerberosEnabledForService.add(new ServiceInfo(dbService));
                } else {
                    this.kerberosDisabledForService.add(new ServiceInfo(dbService));
                }
            }
        }
        List findServicesInClusterByType = cmfEntityManager.findServicesInClusterByType(dbCluster, "HDFS");
        this.supportsEncryption = !findServicesInClusterByType.isEmpty();
        ConfigValueProvider configValueProvider = (DbService) Iterables.getFirst(findServicesInClusterByType, (Object) null);
        if (configValueProvider == null) {
            this.isEncryptionEnabled = false;
            return;
        }
        boolean z = false;
        try {
            z = CoreSettingsParams.KMS_CONNECTOR.extract(configValueProvider) != null;
        } catch (ParamParseException e) {
            LOG.debug(e.getMessage(), e);
        }
        this.isEncryptionEnabled = z;
    }

    private boolean matchServiceName(List<DbService> list, String str) {
        Iterator<DbService> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }
}
