package com.webank.wedatasphere.schedulis.common.user;

import azkaban.user.Permission;
import azkaban.user.Role;
import azkaban.user.User;
import azkaban.user.UserManager;
import azkaban.user.UserManagerException;
import azkaban.utils.Props;
import com.webank.wedatasphere.schedulis.common.utils.LdapCheckCenter;
import com.webank.wedatasphere.schedulis.common.utils.XmlResolveUtils;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/webank/wedatasphere/schedulis/common/user/WebankXmlUserManager.class */
public class WebankXmlUserManager implements UserManager {
    public static final String XML_FILE_PARAM = "user.manager.xml.file";
    public static final String AZKABAN_USERS_TAG = "azkaban-users";
    public static final String USER_TAG = "user";
    public static final String ROLE_TAG = "role";
    public static final String GROUP_TAG = "group";
    public static final String ROLENAME_ATTR = "name";
    public static final String ROLEPERMISSIONS_ATTR = "permissions";
    public static final String USERNAME_ATTR = "username";
    public static final String PASSWORD_ATTR = "password";
    public static final String EMAIL_ATTR = "email";
    public static final String ROLES_ATTR = "roles";
    public static final String PROXY_ATTR = "proxy";
    public static final String GROUPS_ATTR = "groups";
    public static final String GROUPNAME_ATTR = "name";
    private static final Logger logger = LoggerFactory.getLogger(WebankXmlUserManager.class.getName());
    private final String xmlPath;
    private HashMap<String, User> users;
    private HashMap<String, String> userPassword;
    private HashMap<String, Role> roles;
    private HashMap<String, Set<String>> groupRoles;
    private HashMap<String, Set<String>> proxyUserMap;
    private Props props;

    public WebankXmlUserManager(Props props) {
        this.props = props;
        this.xmlPath = props.getString("user.manager.xml.file");
        parseXMLFile();
    }

    private void parseXMLFile() {
        File file = new File(this.xmlPath);
        if (!file.exists()) {
            throw new IllegalArgumentException("User xml file " + this.xmlPath + " doesn't exist.");
        }
        HashMap<String, User> hashMap = new HashMap<>();
        HashMap<String, String> hashMap2 = new HashMap<>();
        HashMap<String, Role> hashMap3 = new HashMap<>();
        HashMap<String, Set<String>> hashMap4 = new HashMap<>();
        HashMap<String, Set<String>> hashMap5 = new HashMap<>();
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        try {
            XmlResolveUtils.avoidXEE(newInstance);
            try {
                NodeList childNodes = newInstance.newDocumentBuilder().parse(file).getChildNodes().item(0).getChildNodes();
                for (int i = 0; i < childNodes.getLength(); i++) {
                    Node item = childNodes.item(i);
                    if (item.getNodeType() == 1) {
                        if (item.getNodeName().equals("user")) {
                            parseUserTag(item, hashMap, hashMap2, hashMap5);
                        } else if (item.getNodeName().equals("role")) {
                            parseRoleTag(item, hashMap3);
                        } else if (item.getNodeName().equals("group")) {
                            parseGroupRoleTag(item, hashMap4);
                        }
                    }
                }
                synchronized (this) {
                    this.users = hashMap;
                    this.userPassword = hashMap2;
                    this.roles = hashMap3;
                    this.proxyUserMap = hashMap5;
                    this.groupRoles = hashMap4;
                }
            } catch (IOException e) {
                throw new IllegalArgumentException("Exception while parsing " + this.xmlPath + ". Error reading file.", e);
            } catch (SAXException e2) {
                throw new IllegalArgumentException("Exception while parsing " + this.xmlPath + ". Invalid XML.", e2);
            }
        } catch (ParserConfigurationException e3) {
            throw new IllegalArgumentException("Exception while parsing user xml. Document builder not created.", e3);
        }
    }

    private void parseUserTag(Node node, HashMap<String, User> hashMap, HashMap<String, String> hashMap2, HashMap<String, Set<String>> hashMap3) {
        NamedNodeMap attributes = node.getAttributes();
        Node namedItem = attributes.getNamedItem("username");
        if (namedItem == null) {
            throw new RuntimeException("Error loading user. The 'username' attribute doesn't exist");
        }
        String nodeValue = namedItem.getNodeValue();
        hashMap2.put(nodeValue, nodeValue);
        User user = new User(namedItem.getNodeValue());
        hashMap.put(nodeValue, user);
        logger.info("Loading user " + user.getUserId());
        Node namedItem2 = attributes.getNamedItem("roles");
        if (namedItem2 != null) {
            for (String str : namedItem2.getNodeValue().split("\\s*,\\s*")) {
                user.addRole(str);
            }
        }
        Node namedItem3 = attributes.getNamedItem("proxy");
        if (namedItem3 != null) {
            String nodeValue2 = namedItem3.getNodeValue();
            if (StringUtils.isNotEmpty(nodeValue2)) {
                for (String str2 : nodeValue2.split("\\s*,\\s*")) {
                    Set<String> set = hashMap3.get(nodeValue);
                    if (set == null) {
                        set = new HashSet();
                        hashMap3.put(nodeValue, set);
                    }
                    user.addProxyUser(str2);
                    set.add(str2);
                }
            }
        }
        Node namedItem4 = attributes.getNamedItem("groups");
        if (namedItem4 != null) {
            for (String str3 : namedItem4.getNodeValue().split("\\s*,\\s*")) {
                user.addGroup(str3);
            }
        }
        Node namedItem5 = attributes.getNamedItem("email");
        if (namedItem5 != null) {
            user.setEmail(namedItem5.getNodeValue());
        }
    }

    private void parseRoleTag(Node node, HashMap<String, Role> hashMap) {
        NamedNodeMap attributes = node.getAttributes();
        Node namedItem = attributes.getNamedItem("name");
        if (namedItem == null) {
            throw new RuntimeException("Error loading role. The role 'name' attribute doesn't exist");
        }
        Node namedItem2 = attributes.getNamedItem("permissions");
        if (namedItem2 == null) {
            throw new RuntimeException("Error loading role. The role 'permissions' attribute doesn't exist");
        }
        String nodeValue = namedItem.getNodeValue();
        String[] split = namedItem2.getNodeValue().split("\\s*,\\s*");
        Permission permission = new Permission();
        for (String str : split) {
            try {
                permission.addPermission(Permission.Type.valueOf(str));
            } catch (IllegalArgumentException e) {
                logger.error("Error adding type " + str + ". Permission doesn't exist.", e);
            }
        }
        hashMap.put(nodeValue, new Role(nodeValue, permission));
    }

    @Override // azkaban.user.UserManager
    public User getUser(String str, String str2) throws UserManagerException {
        String str3;
        if (str == null || str.trim().isEmpty()) {
            throw new UserManagerException("Empty User Name");
        }
        if (str2 == null || str2.trim().isEmpty()) {
            throw new UserManagerException("Empty Password");
        }
        User user = null;
        synchronized (this) {
            parseXMLFile();
            str3 = this.userPassword.get(str);
            if (str3 != null) {
                user = this.users.get(str);
            }
        }
        if (str3 == null || "".equals(str3) || !LdapCheckCenter.checkLogin(this.props, str3, str2) || user == null) {
            throw new UserManagerException("Error User Name Or Password");
        }
        resolveGroupRoles(user);
        user.setPermissions(new User.UserPermissions() { // from class: com.webank.wedatasphere.schedulis.common.user.WebankXmlUserManager.1
            @Override // azkaban.user.User.UserPermissions
            public boolean hasPermission(String str4) {
                return true;
            }

            @Override // azkaban.user.User.UserPermissions
            public void addPermission(String str4) {
            }
        });
        return user;
    }

    public User getUser(String str, String str2, String str3) throws UserManagerException {
        String str4;
        if (StringUtils.isBlank(str)) {
            throw new UserManagerException("Empty User Name");
        }
        User user = null;
        synchronized (this) {
            parseXMLFile();
            str4 = this.userPassword.get(str);
            if (str4 != null) {
                user = this.users.get(str);
            }
        }
        if (str4 == null || "".equals(str4) || user == null) {
            throw new UserManagerException("super user login failed");
        }
        resolveGroupRoles(user);
        user.setPermissions(new User.UserPermissions() { // from class: com.webank.wedatasphere.schedulis.common.user.WebankXmlUserManager.2
            @Override // azkaban.user.User.UserPermissions
            public boolean hasPermission(String str5) {
                return true;
            }

            @Override // azkaban.user.User.UserPermissions
            public void addPermission(String str5) {
            }
        });
        return user;
    }

    private void resolveGroupRoles(User user) {
        Iterator<String> it = user.getGroups().iterator();
        while (it.hasNext()) {
            Set<String> set = this.groupRoles.get(it.next());
            if (set != null) {
                Iterator<String> it2 = set.iterator();
                while (it2.hasNext()) {
                    user.addRole(it2.next());
                }
            }
        }
    }

    private void parseGroupRoleTag(Node node, HashMap<String, Set<String>> hashMap) {
        NamedNodeMap attributes = node.getAttributes();
        Node namedItem = attributes.getNamedItem("name");
        if (namedItem == null) {
            throw new RuntimeException("Error loading role. The role 'name' attribute doesn't exist");
        }
        String nodeValue = namedItem.getNodeValue();
        HashSet hashSet = new HashSet();
        Node namedItem2 = attributes.getNamedItem("roles");
        if (namedItem2 != null) {
            for (String str : namedItem2.getNodeValue().split("\\s*,\\s*")) {
                hashSet.add(str);
            }
        }
        hashMap.put(nodeValue, hashSet);
        logger.info("Group roles " + nodeValue + " added.");
    }

    @Override // azkaban.user.UserManager
    public boolean validateUser(String str) {
        return this.users.containsKey(str);
    }

    @Override // azkaban.user.UserManager
    public Role getRole(String str) {
        return this.roles.get(str);
    }

    @Override // azkaban.user.UserManager
    public boolean validateGroup(String str) {
        return true;
    }

    @Override // azkaban.user.UserManager
    public boolean validateProxyUser(String str, User user) {
        return this.proxyUserMap.containsKey(user.getUserId()) && this.proxyUserMap.get(user.getUserId()).contains(str);
    }
}
