package com.cloudera.api.dao.impl;

import com.cloudera.api.ApiFeature;
import com.cloudera.api.ApiVersionContext;
import com.cloudera.api.DataView;
import com.cloudera.api.dao.AuthRoleManagerDao;
import com.cloudera.api.dao.ClouderaMasterServerDao;
import com.cloudera.api.dao.ClusterManagerDao;
import com.cloudera.api.dao.CmPeerManagerDao;
import com.cloudera.api.dao.DAOFactory;
import com.cloudera.api.dao.DataContextManagerDao;
import com.cloudera.api.dao.ExternalUserMappingManagerDao;
import com.cloudera.api.dao.HostManagerDao;
import com.cloudera.api.dao.HostTemplateManagerDao;
import com.cloudera.api.dao.RoleManagerDao;
import com.cloudera.api.dao.ServiceManagerDao;
import com.cloudera.api.dao.UserManagerDao;
import com.cloudera.api.model.ApiAuthRole;
import com.cloudera.api.model.ApiAuthRoleList;
import com.cloudera.api.model.ApiAuthRoleRef;
import com.cloudera.api.model.ApiCluster;
import com.cloudera.api.model.ApiClusterFilterType;
import com.cloudera.api.model.ApiClusterList;
import com.cloudera.api.model.ApiCmPeer;
import com.cloudera.api.model.ApiCommand;
import com.cloudera.api.model.ApiConfig;
import com.cloudera.api.model.ApiConfigList;
import com.cloudera.api.model.ApiDeployment;
import com.cloudera.api.model.ApiDeployment2;
import com.cloudera.api.model.ApiExternalUserMapping;
import com.cloudera.api.model.ApiExternalUserMappingList;
import com.cloudera.api.model.ApiHost;
import com.cloudera.api.model.ApiHostTemplate;
import com.cloudera.api.model.ApiHostTemplateList;
import com.cloudera.api.model.ApiKerberosInfo;
import com.cloudera.api.model.ApiPrincipalList;
import com.cloudera.api.model.ApiRole;
import com.cloudera.api.model.ApiScmDbInfo;
import com.cloudera.api.model.ApiService;
import com.cloudera.api.model.ApiUser2;
import com.cloudera.api.model.ApiUser2List;
import com.cloudera.api.model.ApiVersionInfo;
import com.cloudera.cmf.VersionData;
import com.cloudera.cmf.command.ClusterTemplate;
import com.cloudera.cmf.command.ClusterTemplateImportArgs;
import com.cloudera.cmf.command.ClusterTemplateImportCommand;
import com.cloudera.cmf.command.ClusterTemplateImportContext;
import com.cloudera.cmf.command.ClusterTemplateInstantiatorVisited;
import com.cloudera.cmf.command.ClusterTemplateValidator;
import com.cloudera.cmf.command.ClusterTemplateVisited;
import com.cloudera.cmf.model.ClusterType;
import com.cloudera.cmf.model.ConfigValueProvider;
import com.cloudera.cmf.model.DbAuthRole;
import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbConfigContainer;
import com.cloudera.cmf.model.DbConfigContainerConfigProvider;
import com.cloudera.cmf.model.DbCredential;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.model.DbUser;
import com.cloudera.cmf.model.Enums;
import com.cloudera.cmf.model.ExternalMappingType;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.security.GenerateCredentialsCommand;
import com.cloudera.cmf.service.CommandUtils;
import com.cloudera.cmf.service.ServiceHandler;
import com.cloudera.cmf.service.ValidationCollection;
import com.cloudera.cmf.service.ValidationContext;
import com.cloudera.cmf.service.config.ConfigSpec;
import com.cloudera.cmf.service.config.ParamParseException;
import com.cloudera.cmf.service.mgmt.MgmtParams;
import com.cloudera.cmf.service.mgmt.MgmtServiceHandler;
import com.cloudera.cmf.service.scm.ScmHandler;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.cmf.user.UserRole;
import com.cloudera.cmf.version.Release;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.enterprise.dbutil.DbType;
import com.cloudera.server.cmf.CurrentUserManager;
import com.cloudera.server.cmf.cluster.ClusterUtils;
import com.cloudera.server.web.common.I18n;
import com.cloudera.server.web.common.Util;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Function;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.collect.Collections2;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/api/dao/impl/ClouderaMasterServerDaoImpl.class */
public class ClouderaMasterServerDaoImpl extends ManagerDaoBase implements ClouderaMasterServerDao {
    private static final String LINE_SEPARATOR = System.getProperty("line.separator");
    private static Logger LOG = LoggerFactory.getLogger(ClouderaMasterServerDaoImpl.class);
    private static final Function<MessageWithArgs, String> MESSAGE_TO_STRING = new Function<MessageWithArgs, String>() { // from class: com.cloudera.api.dao.impl.ClouderaMasterServerDaoImpl.1
        public String apply(MessageWithArgs messageWithArgs) {
            return Util.escapeForJS(I18n.t(messageWithArgs.messageId, messageWithArgs.args));
        }
    };
    private final CurrentUserManager currentUserMgr;

    /* JADX INFO: Access modifiers changed from: protected */
    public ClouderaMasterServerDaoImpl(DAOFactory dAOFactory, CurrentUserManager currentUserManager, DaoImplUtils daoImplUtils) {
        super(dAOFactory);
        this.currentUserMgr = currentUserManager;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiConfigList getConfig(DataView dataView, boolean z) {
        ApiConfigList apiConfigList = new ApiConfigList();
        ValidationCollection validationCollection = null;
        ScmHandler scmHandler = this.serviceHandlerRegistry.getScmHandler();
        DbConfigContainerConfigProvider scmConfigProvider = this.cmfEM.getScmConfigProvider();
        DbConfigContainer configContainer = scmConfigProvider.getConfigContainer();
        if (dataView == DataView.FULL) {
            validationCollection = scmHandler.validateModel(this.serviceHandlerRegistry, scmConfigProvider);
        }
        this.modelFactory.populateConfigList(apiConfigList, ValidationContext.of(configContainer), configContainer.getImmutableConfigs(), z ? null : scmHandler.getConfigSpec(), validationCollection, dataView, Release.NULL, Enums.ConfigScope.CONFIG_CONTAINER);
        Iterator it = apiConfigList.iterator();
        while (it.hasNext()) {
            ApiConfig apiConfig = (ApiConfig) it.next();
            apiConfig.setName(apiConfig.getName().toUpperCase());
        }
        return apiConfigList;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxCommit
    public ApiConfigList updateConfig(ApiConfigList apiConfigList, boolean z) {
        return updateConfig(apiConfigList, z, I18n.t("message.configRevision.scmUpdateViaApi"));
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxCommit
    public ApiConfigList updateConfig(ApiConfigList apiConfigList, boolean z, String str) {
        DbConfigContainer configContainer = this.cmfEM.getScmConfigProvider().getConfigContainer();
        ConfigSpec configSpec = this.serviceHandlerRegistry.getScmHandler().getConfigSpec();
        this.operationsManager.beginConfigWork(this.cmfEM, str, false);
        if (!apiConfigList.getConfigs().isEmpty()) {
            Iterator it = apiConfigList.iterator();
            while (it.hasNext()) {
                ApiConfig apiConfig = (ApiConfig) it.next();
                apiConfig.setName(apiConfig.getName().toLowerCase());
                if (apiConfig.getName().equals(ScmParams.CDP_ENV.getTemplateName())) {
                    ScmParams.CdpEnv cdpEnv = (ScmParams.CdpEnv) ScmHandler.getScmConfigValue(ScmParams.CDP_ENV, this.cmfEM.getScmConfigProvider());
                    if (apiConfig.getValue() == null) {
                        LOG.info("Skipping deletion of config " + ScmParams.CDP_ENV.getTemplateName() + " because it is immutable.");
                        apiConfig.setValue(cdpEnv.name());
                    } else if (cdpEnv.equals(ScmParams.CDP_ENV.getDefaultValueNoVersion())) {
                        apiConfig.setValue(ScmParams.CdpEnv.valueOf(apiConfig.getValue()).name());
                    } else {
                        apiConfig.setValue(cdpEnv.name());
                    }
                }
            }
            updateConfigs(null, null, null, null, configContainer, z ? null : configSpec, apiConfigList);
        }
        return getConfig(z ? DataView.EXPORT : DataView.SUMMARY, z);
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiScmDbInfo getScmDbInfo() {
        ApiScmDbInfo apiScmDbInfo = new ApiScmDbInfo();
        apiScmDbInfo.setEmbeddedDbUsed(Boolean.valueOf(this.sdp.getEmbeddedDbManager().isCmUsingEmbeddedDb()));
        apiScmDbInfo.setScmDbType(ApiScmDbInfo.ScmDbType.convert(DbType.getDatabaseType(this.sdp.getEntityManagerFactory()).getDbPropertiesValue()));
        return apiScmDbInfo;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiPrincipalList getKerberosPrincipals(boolean z) {
        ApiPrincipalList apiPrincipalList = new ApiPrincipalList();
        HashSet newHashSet = Sets.newHashSet();
        for (DbService dbService : this.cmfEM.findAllServices()) {
            ServiceHandler serviceHandler = this.serviceHandlerRegistry.get(dbService);
            if (serviceHandler.requiresCredentials(this.cmfEM, dbService)) {
                for (DbRole dbRole : dbService.getRoles()) {
                    newHashSet.addAll(serviceHandler.getRoleHandler(dbRole.getRoleType()).getRequiredPrincipals(dbRole, null).values());
                }
            }
        }
        if (z) {
            Iterator it = this.cmfEM.findAllCredentials().iterator();
            while (it.hasNext()) {
                newHashSet.remove(((DbCredential) it.next()).getPrincipal());
            }
        }
        apiPrincipalList.setPrincipals(Lists.newArrayList(newHashSet));
        return apiPrincipalList;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxCommit
    public ApiCommand importClusterTemplate(ClusterTemplate clusterTemplate, boolean z) {
        return this.modelFactory.newCommand(this.operationsManager.executeGlobalCmd(this.cmfEM, ClusterTemplateImportCommand.COMMAND_NAME, ClusterTemplateImportArgs.of(validateAndPrepareContext(this.cmfEM, clusterTemplate, z))), DataView.FULL);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public String getTelemetryPublisherUrl() {
        DbService dbService = (DbService) Iterables.getFirst(this.cmfEM.findServicesByType(MgmtServiceHandler.SERVICE_TYPE), (Object) null);
        if (dbService == null) {
            throw new IllegalStateException("Mgmt service not found");
        }
        ConfigValueProvider configValueProvider = (DbRole) Iterables.getFirst(dbService.getRolesWithType(MgmtServiceHandler.RoleNames.TELEMETRYPUBLISHER.name()), (Object) null);
        if (configValueProvider == null) {
            throw new IllegalStateException("Telemetry Publisher role not found");
        }
        try {
            boolean booleanValue = MgmtParams.TELEMETRYPUBLISHER_SSL_ENABLED.extract(configValueProvider).booleanValue();
            String name = configValueProvider.getHost().getName();
            try {
                long longValue = ((Long) MgmtParams.TELEMETRYPUBLISHER_SERVER_PORT.extract(configValueProvider)).longValue();
                Object[] objArr = new Object[3];
                objArr[0] = booleanValue ? "s" : CommandUtils.CONFIG_TOP_LEVEL_DIR;
                objArr[1] = name;
                objArr[2] = Long.valueOf(longValue);
                return String.format("http%s://%s:%d", objArr);
            } catch (ParamParseException e) {
                throw new IllegalStateException("Could not extract Telemetry Publisher server port parameter", e);
            }
        } catch (ParamParseException e2) {
            throw new IllegalStateException("Could not extract Telemetry Publisher SSL", e2);
        }
    }

    private ClusterTemplateImportContext validateAndPrepareContext(CmfEntityManager cmfEntityManager, ClusterTemplate clusterTemplate, boolean z) {
        ClusterTemplateInstantiatorVisited clusterTemplateInstantiatorVisited = new ClusterTemplateInstantiatorVisited();
        clusterTemplateInstantiatorVisited.visit(clusterTemplate.getInstantiator());
        Preconditions.checkArgument(clusterTemplateInstantiatorVisited.getErrorMsgs().isEmpty(), Joiner.on(LINE_SEPARATOR).join(Collections2.transform(clusterTemplateInstantiatorVisited.getErrorMsgs(), MESSAGE_TO_STRING)));
        ClusterTemplateVisited clusterTemplateVisited = new ClusterTemplateVisited();
        clusterTemplateVisited.visit(clusterTemplate);
        Preconditions.checkArgument(clusterTemplateVisited.getDuplicateRefs().isEmpty(), Collections2.transform(Collections.singletonList(MessageWithArgs.of("message.command.cluster.importClusterTemplate.errors.validation.duplicateReferences", new String[]{Joiner.on(',').join(clusterTemplateVisited.getDuplicateRefs())})), MESSAGE_TO_STRING));
        Preconditions.checkArgument(clusterTemplateVisited.getErrorMsgs().isEmpty(), Joiner.on(LINE_SEPARATOR).join(Collections2.transform(clusterTemplateVisited.getErrorMsgs(), MESSAGE_TO_STRING)));
        List<MessageWithArgs> validate = ClusterTemplateValidator.validate(clusterTemplateVisited, clusterTemplateInstantiatorVisited, cmfEntityManager);
        Preconditions.checkArgument(validate.isEmpty(), Joiner.on(LINE_SEPARATOR).join(Collections2.transform(validate, MESSAGE_TO_STRING)));
        return new ClusterTemplateImportContext(clusterTemplate, clusterTemplateVisited, clusterTemplateInstantiatorVisited, z);
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiKerberosInfo getKerberosInfo() {
        boolean z = false;
        Iterator it = this.cmfEM.findAllClusters().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DbCluster dbCluster = (DbCluster) it.next();
            if (this.serviceHandlerRegistry.get(dbCluster).requiresCredentials(this.serviceHandlerRegistry, this.cmfEM, dbCluster)) {
                z = true;
                break;
            }
        }
        ApiKerberosInfo apiKerberosInfo = new ApiKerberosInfo(z);
        if (z) {
            ClusterUtils.populateKerberosInfo(this.cmfEM, apiKerberosInfo);
        }
        return apiKerberosInfo;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    public ApiVersionInfo getVersion() {
        ApiVersionInfo apiVersionInfo = new ApiVersionInfo();
        apiVersionInfo.setBuildTimestamp(VersionData.getBuildTimestamp());
        apiVersionInfo.setBuildUser(VersionData.getBuildUser());
        apiVersionInfo.setGitHash(VersionData.getGitHash());
        apiVersionInfo.setSnapshot(Boolean.valueOf(VersionData.isSnapshot()));
        apiVersionInfo.setVersion(VersionData.getVersion());
        return apiVersionInfo;
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiDeployment2 getDeployment2(DataView dataView) {
        Preconditions.checkArgument(dataView == DataView.EXPORT || dataView == DataView.EXPORT_REDACTED);
        ApiDeployment2 apiDeployment2 = new ApiDeployment2();
        apiDeployment2.setTimestamp(new Date());
        apiDeployment2.setVersionInfo(getVersion());
        if (ApiVersionContext.getVersion() >= 32) {
            apiDeployment2.setClusters(this.daoFactory.newClusterManager().listClusters(dataView).getClusters());
            apiDeployment2.setDataContexts(this.daoFactory.newDataContextManagerDao().readDataContexts());
            apiDeployment2.setAuthRoles(this.daoFactory.newAuthRoleManagerDao().listAuthRoles(dataView).getAuthRoles());
            apiDeployment2.setExternalUserMappings(this.daoFactory.newExternalUserMappingManagerDao().listExternalUserMappings(dataView).getExternalUserMappings());
        } else {
            apiDeployment2.setClusters(this.daoFactory.newClusterManager().listClusters(dataView, ApiClusterFilterType.BASE).getClusters());
        }
        apiDeployment2.setUsers2(this.daoFactory.newUserManager().listUsers2(dataView).getUsers2());
        apiDeployment2.setHosts(this.daoFactory.newHostManager().getAllHosts(dataView));
        try {
            apiDeployment2.setManagementService(this.daoFactory.newServiceManager().getMgmtService(dataView));
        } catch (NoSuchElementException e) {
            apiDeployment2.setManagementService((ApiService) null);
        }
        apiDeployment2.setManagerSettings(this.daoFactory.newCmsManager().getConfig(dataView, false));
        if (ApiFeature.ALL_HOSTS_CONFIG.isAvailable()) {
            apiDeployment2.setAllHostsConfig(this.daoFactory.newHostManager().getAllHostsConfig(dataView));
        }
        if (ApiFeature.PEERS.isAvailable()) {
            apiDeployment2.setPeers(this.daoFactory.newCmPeerManager().listPeers(dataView).getCmPeers());
        }
        if (ApiVersionContext.getVersion() >= 7) {
            HostTemplateManagerDao newHostTemplateManager = this.daoFactory.newHostTemplateManager();
            ArrayList arrayList = new ArrayList();
            Iterator it = apiDeployment2.getClusters().iterator();
            while (it.hasNext()) {
                arrayList.addAll(newHostTemplateManager.getAllHostTemplates(((ApiCluster) it.next()).getName()).getHostTemplates());
            }
            apiDeployment2.setHostTemplates(new ApiHostTemplateList(arrayList));
        }
        return apiDeployment2;
    }

    @VisibleForTesting
    @TxReadOnly
    void verifyAdminUser(ApiDeployment apiDeployment) {
        verifyAdminUser2(ApiUserUtils.promoteToV2(apiDeployment, this.cmfEM));
    }

    @VisibleForTesting
    @TxReadOnly
    void verifyAdminUser2(ApiDeployment2 apiDeployment2) {
        Preconditions.checkArgument(apiDeployment2 != null, "Deployment cannot be null");
        Preconditions.checkArgument((apiDeployment2.getUsers2() == null || apiDeployment2.getUsers2().isEmpty()) ? false : true, "Deployment must contain a user list");
        Preconditions.checkArgument(Iterables.any(apiDeployment2.getUsers2(), new Predicate<ApiUser2>() { // from class: com.cloudera.api.dao.impl.ClouderaMasterServerDaoImpl.2
            public boolean apply(ApiUser2 apiUser2) {
                for (ApiAuthRoleRef apiAuthRoleRef : apiUser2.getAuthRoles()) {
                    DbAuthRole findAuthRole = ClouderaMasterServerDaoImpl.this.findAuthRole(apiAuthRoleRef.getUuid(), apiAuthRoleRef.getName());
                    if (findAuthRole != null) {
                        if (findAuthRole.getBaseRoleId() == null && UserRole.valueOf(findAuthRole.getName()) == UserRole.ROLE_ADMIN) {
                            return true;
                        }
                        if (findAuthRole.getBaseRoleId() != null && UserRole.valueOf(findAuthRole.getBaseRoleId().getName()) == UserRole.ROLE_ADMIN) {
                            return true;
                        }
                    }
                }
                return false;
            }
        }), "Requested deployment does not have an admin user");
    }

    private void deleteCurrentHosts(ApiDeployment2 apiDeployment2) {
        HostManagerDao newHostManager = this.daoFactory.newHostManager();
        Iterator it = apiDeployment2.getHosts().iterator();
        while (it.hasNext()) {
            newHostManager.deleteHost(((ApiHost) it.next()).getHostId());
        }
    }

    private void updateHosts(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getHosts() != null) {
            HostManagerDao newHostManager = this.daoFactory.newHostManager();
            for (ApiHost apiHost : apiDeployment2.getHosts()) {
                try {
                    newHostManager.getHost(apiHost.getHostId(), DataView.FULL);
                    newHostManager.updateHost(apiHost.getHostId(), apiHost);
                } catch (NoSuchElementException e) {
                    newHostManager.createHosts(Arrays.asList(apiHost));
                }
            }
        }
    }

    private void deleteClusters(ApiDeployment2 apiDeployment2) {
        ClusterManagerDao newClusterManager = this.daoFactory.newClusterManager();
        ServiceManagerDao newServiceManager = this.daoFactory.newServiceManager();
        RoleManagerDao newRoleManager = this.daoFactory.newRoleManager();
        for (ApiCluster apiCluster : apiDeployment2.getClusters()) {
            for (ApiService apiService : apiCluster.getServices()) {
                Iterator it = apiService.getRoles().iterator();
                while (it.hasNext()) {
                    newRoleManager.deleteRole(apiCluster.getName(), apiService.getName(), ((ApiRole) it.next()).getName());
                }
                newServiceManager.deleteService(apiCluster.getName(), apiService.getName());
            }
            newClusterManager.deleteCluster(apiCluster.getName());
        }
    }

    private void updateClusters(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getClusters() != null) {
            this.daoFactory.newClusterManager().createClusters(new ApiClusterList(apiDeployment2.getClusters()), true);
        }
    }

    private void deleteCluster(ApiCluster apiCluster) {
        ClusterManagerDao newClusterManager = this.daoFactory.newClusterManager();
        ServiceManagerDao newServiceManager = this.daoFactory.newServiceManager();
        RoleManagerDao newRoleManager = this.daoFactory.newRoleManager();
        for (ApiService apiService : apiCluster.getServices()) {
            Iterator it = apiService.getRoles().iterator();
            while (it.hasNext()) {
                newRoleManager.deleteRole(apiCluster.getName(), apiService.getName(), ((ApiRole) it.next()).getName());
            }
            newServiceManager.deleteService(apiCluster.getName(), apiService.getName());
        }
        newClusterManager.deleteCluster(apiCluster.getName());
    }

    private void deleteMultiClusters(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getClusters() == null || apiDeployment2.getDataContexts() == null) {
            return;
        }
        DataContextManagerDao newDataContextManagerDao = this.daoFactory.newDataContextManagerDao();
        apiDeployment2.getClusters().stream().filter(apiCluster -> {
            return apiCluster.getClusterType().equals(ClusterType.COMPUTE_CLUSTER.name());
        }).forEach(apiCluster2 -> {
            deleteCluster(apiCluster2);
        });
        apiDeployment2.getDataContexts().forEach(apiDataContext -> {
            newDataContextManagerDao.deleteDataContext(apiDataContext.getName());
        });
        apiDeployment2.getClusters().stream().filter(apiCluster3 -> {
            return apiCluster3.getClusterType().equals(ClusterType.BASE_CLUSTER.name());
        }).forEach(apiCluster4 -> {
            deleteCluster(apiCluster4);
        });
    }

    private void updateMultiClusters(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getClusters() == null) {
            return;
        }
        if (apiDeployment2.getDataContexts() == null) {
            updateClusters(apiDeployment2);
            return;
        }
        ClusterManagerDao newClusterManager = this.daoFactory.newClusterManager();
        DataContextManagerDao newDataContextManagerDao = this.daoFactory.newDataContextManagerDao();
        newClusterManager.createClusters(new ApiClusterList((List) apiDeployment2.getClusters().stream().filter(apiCluster -> {
            return apiCluster.getClusterType().equals(ClusterType.BASE_CLUSTER.name());
        }).collect(Collectors.toList())), true);
        apiDeployment2.getDataContexts().forEach(apiDataContext -> {
            newDataContextManagerDao.createDataContext(apiDataContext);
        });
        newClusterManager.createClusters(new ApiClusterList((List) apiDeployment2.getClusters().stream().filter(apiCluster2 -> {
            return apiCluster2.getClusterType().equals(ClusterType.COMPUTE_CLUSTER.name());
        }).collect(Collectors.toList())), true);
    }

    private void deleteMgmtService(ApiDeployment2 apiDeployment2) {
        ServiceManagerDao newServiceManager = this.daoFactory.newServiceManager();
        RoleManagerDao newRoleManager = this.daoFactory.newRoleManager();
        ApiService managementService = apiDeployment2.getManagementService();
        if (managementService != null) {
            Iterator it = managementService.getRoles().iterator();
            while (it.hasNext()) {
                newRoleManager.deleteRole(null, managementService.getName(), ((ApiRole) it.next()).getName());
            }
            newServiceManager.deleteService(null, managementService.getName());
        }
    }

    private void updateManagementService(ApiDeployment2 apiDeployment2) {
        ServiceManagerDao newServiceManager = this.daoFactory.newServiceManager();
        if (apiDeployment2.getManagementService() != null) {
            newServiceManager.createService(null, apiDeployment2.getManagementService().getType(), apiDeployment2.getManagementService());
        }
    }

    private void deleteManagerSettings(ApiDeployment2 apiDeployment2) {
        ApiConfigList managerSettings = apiDeployment2.getManagerSettings();
        ClouderaMasterServerDao newCmsManager = this.daoFactory.newCmsManager();
        if (managerSettings != null) {
            ApiConfigList apiConfigList = new ApiConfigList();
            Iterator it = managerSettings.iterator();
            while (it.hasNext()) {
                apiConfigList.add(new ApiConfig(((ApiConfig) it.next()).getName(), (String) null));
            }
            newCmsManager.updateConfig(apiConfigList, false);
        }
    }

    private void deletePeers(ApiDeployment2 apiDeployment2) {
        List<ApiCmPeer> peers = apiDeployment2.getPeers();
        if (peers == null) {
            return;
        }
        CmPeerManagerDao newCmPeerManager = this.daoFactory.newCmPeerManager();
        for (ApiCmPeer apiCmPeer : peers) {
            newCmPeerManager.deletePeer(apiCmPeer.getName(), apiCmPeer.getType(), DataView.SUMMARY);
        }
    }

    private void deleteHostTemplates(ApiDeployment2 apiDeployment2) {
        ApiHostTemplateList hostTemplates = apiDeployment2.getHostTemplates();
        if (hostTemplates != null) {
            HostTemplateManagerDao newHostTemplateManager = this.daoFactory.newHostTemplateManager();
            Iterator it = hostTemplates.iterator();
            while (it.hasNext()) {
                ApiHostTemplate apiHostTemplate = (ApiHostTemplate) it.next();
                newHostTemplateManager.deleteHostTemplate(apiHostTemplate.getClusterRef().getClusterName(), apiHostTemplate.getName());
            }
        }
    }

    private void updateManagerSettings(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getManagerSettings() != null) {
            this.daoFactory.newCmsManager().updateConfig(apiDeployment2.getManagerSettings(), false);
        }
    }

    private void updateAllHostsConfig(ApiDeployment2 apiDeployment2) {
        if (apiDeployment2.getAllHostsConfig() != null) {
            this.daoFactory.newHostManager().updateAllHostsConfig(null, apiDeployment2.getAllHostsConfig());
        }
    }

    private void updatePeers(ApiDeployment2 apiDeployment2) {
        List<ApiCmPeer> peers = apiDeployment2.getPeers();
        if (peers == null) {
            return;
        }
        CmPeerManagerDao newCmPeerManager = this.daoFactory.newCmPeerManager();
        for (ApiCmPeer apiCmPeer : peers) {
            Preconditions.checkArgument(apiCmPeer.getUsername() != null, "Peer %s has no username.", apiCmPeer.getName());
            Preconditions.checkArgument(apiCmPeer.getPassword() != null, "Peer %s has no password.", apiCmPeer.getName());
            newCmPeerManager.createPeer(apiCmPeer, apiCmPeer.getUsername(), apiCmPeer.getPassword());
        }
    }

    private void updateExternalUsers(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22, boolean z) {
        ExternalUserMappingManagerDao newExternalUserMappingManagerDao = this.daoFactory.newExternalUserMappingManagerDao();
        if (apiDeployment22.getExternalUserMappings() == null || apiDeployment22.getExternalUserMappings().isEmpty()) {
            return;
        }
        newExternalUserMappingManagerDao.createExternalUserMappings(new ApiExternalUserMappingList(apiDeployment22.getExternalUserMappings()));
    }

    private void deleteExternalUsers(ApiDeployment2 apiDeployment2) {
        ExternalUserMappingManagerDao newExternalUserMappingManagerDao = this.daoFactory.newExternalUserMappingManagerDao();
        for (ApiExternalUserMapping apiExternalUserMapping : apiDeployment2.getExternalUserMappings()) {
            newExternalUserMappingManagerDao.deleteExternalUserMappingByName(apiExternalUserMapping.getName(), ExternalMappingType.valueOf(apiExternalUserMapping.getType().toString()));
        }
        this.cmfEM.flush();
    }

    private void deleteAuthRolesInDeployment(ApiDeployment2 apiDeployment2) {
        AuthRoleManagerDao newAuthRoleManagerDao = this.daoFactory.newAuthRoleManagerDao();
        for (ApiAuthRole apiAuthRole : apiDeployment2.getAuthRoles()) {
            if (apiAuthRole.getIsCustom().booleanValue()) {
                newAuthRoleManagerDao.deleteAuthRoleByName(apiAuthRole.getName());
            }
        }
        this.cmfEM.flush();
    }

    private void updateAuthRoles(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22, boolean z) {
        AuthRoleManagerDao newAuthRoleManagerDao = this.daoFactory.newAuthRoleManagerDao();
        if (apiDeployment22.getAuthRoles() != null) {
            for (ApiAuthRole apiAuthRole : apiDeployment22.getAuthRoles()) {
                if (apiAuthRole.getIsCustom().booleanValue()) {
                    newAuthRoleManagerDao.createAuthRoles(new ApiAuthRoleList(Arrays.asList(apiAuthRole)), true);
                }
            }
        }
    }

    private void deleteUsers2(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22) {
        DbUser loggedInUser = this.operationsManager.getLoggedInUser(this.cmfEM);
        deleteUsersHelper(this.daoFactory.newUserManager(), apiDeployment2, apiDeployment22);
        for (DbAuthRole dbAuthRole : loggedInUser.getImmutableAuthRole()) {
            if (dbAuthRole.isCustom()) {
                dbAuthRole.removeUser(loggedInUser);
            }
        }
    }

    private void updateUsers2(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22, boolean z) {
        updateUsersInternal(apiDeployment2, apiDeployment22, z, false);
    }

    private void updateHostTemplates(ApiDeployment2 apiDeployment2) {
        ApiHostTemplateList hostTemplates = apiDeployment2.getHostTemplates();
        if (hostTemplates != null) {
            HostTemplateManagerDao newHostTemplateManager = this.daoFactory.newHostTemplateManager();
            Iterator it = hostTemplates.iterator();
            while (it.hasNext()) {
                ApiHostTemplate apiHostTemplate = (ApiHostTemplate) it.next();
                try {
                    newHostTemplateManager.updateHostTemplate(apiHostTemplate.getClusterRef().getClusterName(), apiHostTemplate.getName(), apiHostTemplate);
                } catch (NoSuchElementException e) {
                    newHostTemplateManager.createHostTemplates(apiHostTemplate.getClusterRef().getClusterName(), new ApiHostTemplateList(Lists.newArrayList(new ApiHostTemplate[]{apiHostTemplate})));
                }
            }
        }
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxCommit
    public ApiDeployment2 updateDeployment2(ApiDeployment2 apiDeployment2, boolean z) {
        Preconditions.checkArgument(apiDeployment2 != null, "You failed to provide a deployment object");
        this.operationsManager.beginConfigWork(this.cmfEM, "API deployment update", false);
        ApiDeployment2 deployment2 = getDeployment2(DataView.EXPORT);
        if (z) {
            if (ApiVersionContext.getVersion() >= 7) {
                deleteHostTemplates(deployment2);
            }
            if (ApiVersionContext.getVersion() >= 32) {
                deleteUsers2(deployment2, apiDeployment2);
                deleteExternalUsers(deployment2);
                deleteAuthRolesInDeployment(deployment2);
                deleteMultiClusters(deployment2);
            } else {
                deleteClusters(deployment2);
            }
            deleteMgmtService(deployment2);
            deleteCurrentHosts(deployment2);
            deleteManagerSettings(deployment2);
            deletePeers(deployment2);
            this.cmfEM.flush();
        }
        updateHosts(apiDeployment2);
        updateManagementService(apiDeployment2);
        updatePeers(apiDeployment2);
        if (ApiVersionContext.getVersion() > 31) {
            updateMultiClusters(apiDeployment2);
        } else {
            updateClusters(apiDeployment2);
        }
        updateManagerSettings(apiDeployment2);
        updateAllHostsConfig(apiDeployment2);
        if (ApiVersionContext.getVersion() >= 7) {
            updateHostTemplates(apiDeployment2);
        }
        if (ApiVersionContext.getVersion() >= 32) {
            updateAuthRoles(deployment2, apiDeployment2, z);
            updateExternalUsers(deployment2, apiDeployment2, z);
        }
        updateUsers2(deployment2, apiDeployment2, z);
        return getDeployment2(DataView.EXPORT);
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public ApiDeployment getDeployment(DataView dataView) {
        Preconditions.checkArgument(dataView == DataView.EXPORT || dataView == DataView.EXPORT_REDACTED);
        ApiDeployment apiDeployment = new ApiDeployment();
        apiDeployment.setTimestamp(new Date());
        apiDeployment.setVersionInfo(getVersion());
        apiDeployment.setClusters(this.daoFactory.newClusterManager().listClusters(dataView).getClusters());
        apiDeployment.setUsers(this.daoFactory.newUserManager().listUsers(dataView).getUsers());
        apiDeployment.setHosts(this.daoFactory.newHostManager().getAllHosts(dataView));
        try {
            apiDeployment.setManagementService(this.daoFactory.newServiceManager().getMgmtService(dataView));
        } catch (NoSuchElementException e) {
            apiDeployment.setManagementService((ApiService) null);
        }
        apiDeployment.setManagerSettings(this.daoFactory.newCmsManager().getConfig(dataView, false));
        if (ApiFeature.ALL_HOSTS_CONFIG.isAvailable()) {
            apiDeployment.setAllHostsConfig(this.daoFactory.newHostManager().getAllHostsConfig(dataView));
        }
        if (ApiFeature.PEERS.isAvailable()) {
            apiDeployment.setPeers(this.daoFactory.newCmPeerManager().listPeers(dataView).getCmPeers());
        }
        if (ApiVersionContext.getVersion() >= 7) {
            HostTemplateManagerDao newHostTemplateManager = this.daoFactory.newHostTemplateManager();
            ArrayList arrayList = new ArrayList();
            Iterator it = apiDeployment.getClusters().iterator();
            while (it.hasNext()) {
                arrayList.addAll(newHostTemplateManager.getAllHostTemplates(((ApiCluster) it.next()).getName()).getHostTemplates());
            }
            apiDeployment.setHostTemplates(new ApiHostTemplateList(arrayList));
        }
        return apiDeployment;
    }

    private void deleteUsersHelper(UserManagerDao userManagerDao, ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22) {
        DbUser loggedInUser = this.operationsManager.getLoggedInUser(this.cmfEM);
        verifyAdminUser2(apiDeployment22);
        for (ApiUser2 apiUser2 : apiDeployment2.getUsers2()) {
            if (!apiUser2.getName().equals(loggedInUser.getName())) {
                userManagerDao.deleteUser2(apiUser2.getName());
            }
        }
        this.cmfEM.flush();
    }

    private void updateUsers(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22, boolean z) {
        updateUsersInternal(apiDeployment2, apiDeployment22, z, true);
    }

    private void updateUsersInternal(ApiDeployment2 apiDeployment2, ApiDeployment2 apiDeployment22, boolean z, boolean z2) {
        DbUser loggedInUser = this.operationsManager.getLoggedInUser(this.cmfEM);
        UserManagerDao newUserManager = this.daoFactory.newUserManager();
        if (z && z2) {
            deleteUsersHelper(newUserManager, apiDeployment2, apiDeployment22);
        }
        ApiUser2 apiUser2 = null;
        if (apiDeployment22.getUsers2() != null) {
            for (ApiUser2 apiUser22 : apiDeployment22.getUsers2()) {
                if (apiUser22.getName().equals(loggedInUser.getName())) {
                    apiUser2 = apiUser22;
                } else {
                    newUserManager.createUsers2(new ApiUser2List(Arrays.asList(apiUser22)));
                }
            }
        }
        if (z && apiUser2 == null) {
            try {
                newUserManager.deleteUser2ForDeployment(loggedInUser.getName());
            } catch (NoSuchElementException e) {
                if (this.currentUserMgr.isAuthenticated()) {
                    throw e;
                }
            }
        } else {
            if (apiUser2 != null) {
                newUserManager.updateUser2(apiUser2.getName(), apiUser2);
            }
        }
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxCommit
    public ApiDeployment updateDeployment(ApiDeployment apiDeployment, boolean z) {
        Preconditions.checkArgument(apiDeployment != null, "You failed to provide a deployment object");
        this.operationsManager.beginConfigWork(this.cmfEM, "API deployment update", false);
        ApiDeployment2 promoteToV2 = ApiUserUtils.promoteToV2(getDeployment(DataView.EXPORT), this.cmfEM);
        ApiDeployment2 promoteToV22 = ApiUserUtils.promoteToV2(apiDeployment, this.cmfEM);
        if (z) {
            if (ApiVersionContext.getVersion() >= 7) {
                deleteHostTemplates(promoteToV2);
            }
            deleteClusters(promoteToV2);
            deleteMgmtService(promoteToV2);
            deleteCurrentHosts(promoteToV2);
            deleteManagerSettings(promoteToV2);
            deletePeers(promoteToV2);
            this.cmfEM.flush();
        }
        updateHosts(promoteToV22);
        updateManagementService(promoteToV22);
        updatePeers(promoteToV22);
        updateClusters(promoteToV22);
        updateManagerSettings(promoteToV22);
        updateAllHostsConfig(promoteToV22);
        if (ApiVersionContext.getVersion() >= 7) {
            updateHostTemplates(promoteToV22);
        }
        updateUsers(promoteToV2, promoteToV22, z);
        return getDeployment(DataView.EXPORT);
    }

    @Override // com.cloudera.api.dao.ClouderaMasterServerDao
    @TxReadOnly
    public byte[] retrieveKeytab(ApiPrincipalList apiPrincipalList) {
        if (apiPrincipalList == null || apiPrincipalList.size() == 0) {
            throw new IllegalStateException("No principal list provided");
        }
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(apiPrincipalList.size());
        Iterator it = apiPrincipalList.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            DbCredential findCredentialByPrincipal = this.cmfEM.findCredentialByPrincipal(str);
            if (findCredentialByPrincipal == null) {
                throw new IllegalStateException(String.format("Principal %s does not exist.", str));
            }
            newArrayListWithCapacity.add(findCredentialByPrincipal.getKeytab());
        }
        try {
            return newArrayListWithCapacity.size() == 1 ? (byte[]) newArrayListWithCapacity.get(0) : GenerateCredentialsCommand.mergeKeytabs(newArrayListWithCapacity);
        } catch (IOException | InterruptedException e) {
            throw new IllegalStateException("Error merging keytabs: ", e);
        }
    }
}
