package org.apache.atlas.authorize;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.atlas.AtlasErrorCode;
import org.apache.atlas.RequestContext;
import org.apache.atlas.exception.AtlasBaseException;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/apache/atlas/authorize/AtlasAuthorizationUtils.class */
public class AtlasAuthorizationUtils {
    private static final Logger LOG = LoggerFactory.getLogger(AtlasAuthorizationUtils.class);

    public static void verifyAccess(AtlasAdminAccessRequest atlasAdminAccessRequest, Object... objArr) throws AtlasBaseException {
        if (isAccessAllowed(atlasAdminAccessRequest)) {
        } else {
            throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, new String[]{atlasAdminAccessRequest.getUser(), (objArr == null || objArr.length <= 0) ? "" : StringUtils.join(objArr)});
        }
    }

    public static void verifyAccess(AtlasTypeAccessRequest atlasTypeAccessRequest, Object... objArr) throws AtlasBaseException {
        if (isAccessAllowed(atlasTypeAccessRequest)) {
        } else {
            throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, new String[]{atlasTypeAccessRequest.getUser(), (objArr == null || objArr.length <= 0) ? "" : StringUtils.join(objArr)});
        }
    }

    public static void verifyAccess(AtlasEntityAccessRequest atlasEntityAccessRequest, Object... objArr) throws AtlasBaseException {
        if (isAccessAllowed(atlasEntityAccessRequest)) {
        } else {
            throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, new String[]{atlasEntityAccessRequest.getUser(), (objArr == null || objArr.length <= 0) ? "" : StringUtils.join(objArr)});
        }
    }

    public static void verifyAccess(AtlasRelationshipAccessRequest atlasRelationshipAccessRequest, Object... objArr) throws AtlasBaseException {
        if (isAccessAllowed(atlasRelationshipAccessRequest)) {
        } else {
            throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, new String[]{atlasRelationshipAccessRequest.getUser(), (objArr == null || objArr.length <= 0) ? "" : StringUtils.join(objArr)});
        }
    }

    public static void scrubSearchResults(AtlasSearchResultScrubRequest atlasSearchResultScrubRequest) throws AtlasBaseException {
        String currentUserName = getCurrentUserName();
        if (StringUtils.isNotEmpty(currentUserName)) {
            try {
                AtlasAuthorizer atlasAuthorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
                atlasSearchResultScrubRequest.setUser(currentUserName, getCurrentUserGroups());
                atlasSearchResultScrubRequest.setClientIPAddress(RequestContext.get().getClientIPAddress());
                atlasAuthorizer.scrubSearchResults(atlasSearchResultScrubRequest);
            } catch (AtlasAuthorizationException e) {
                LOG.error("Unable to obtain AtlasAuthorizer", e);
            }
        }
    }

    public static boolean isAccessAllowed(AtlasAdminAccessRequest atlasAdminAccessRequest) {
        boolean z = false;
        String currentUserName = getCurrentUserName();
        if (StringUtils.isNotEmpty(currentUserName)) {
            try {
                AtlasAuthorizer atlasAuthorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
                atlasAdminAccessRequest.setUser(currentUserName, getCurrentUserGroups());
                atlasAdminAccessRequest.setClientIPAddress(RequestContext.get().getClientIPAddress());
                z = atlasAuthorizer.isAccessAllowed(atlasAdminAccessRequest);
            } catch (AtlasAuthorizationException e) {
                LOG.error("Unable to obtain AtlasAuthorizer", e);
            }
        } else {
            z = true;
        }
        return z;
    }

    public static boolean isAccessAllowed(AtlasEntityAccessRequest atlasEntityAccessRequest) {
        boolean z = false;
        if (StringUtils.isNotEmpty(getCurrentUserName())) {
            try {
                AtlasAuthorizer atlasAuthorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
                atlasEntityAccessRequest.setUser(getCurrentUserName(), getCurrentUserGroups());
                atlasEntityAccessRequest.setClientIPAddress(RequestContext.get().getClientIPAddress());
                z = atlasAuthorizer.isAccessAllowed(atlasEntityAccessRequest);
            } catch (AtlasAuthorizationException e) {
                LOG.error("Unable to obtain AtlasAuthorizer", e);
            }
        } else {
            z = true;
        }
        return z;
    }

    public static boolean isAccessAllowed(AtlasTypeAccessRequest atlasTypeAccessRequest) {
        boolean z = false;
        if (StringUtils.isNotEmpty(getCurrentUserName())) {
            try {
                AtlasAuthorizer atlasAuthorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
                atlasTypeAccessRequest.setUser(getCurrentUserName(), getCurrentUserGroups());
                atlasTypeAccessRequest.setClientIPAddress(RequestContext.get().getClientIPAddress());
                z = atlasAuthorizer.isAccessAllowed(atlasTypeAccessRequest);
            } catch (AtlasAuthorizationException e) {
                LOG.error("Unable to obtain AtlasAuthorizer", e);
            }
        } else {
            z = true;
        }
        return z;
    }

    public static boolean isAccessAllowed(AtlasRelationshipAccessRequest atlasRelationshipAccessRequest) {
        boolean z = false;
        if (StringUtils.isNotEmpty(getCurrentUserName())) {
            try {
                AtlasAuthorizer atlasAuthorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
                atlasRelationshipAccessRequest.setUser(getCurrentUserName(), getCurrentUserGroups());
                atlasRelationshipAccessRequest.setClientIPAddress(RequestContext.get().getClientIPAddress());
                z = atlasAuthorizer.isAccessAllowed(atlasRelationshipAccessRequest);
            } catch (AtlasAuthorizationException e) {
                LOG.error("Unable to obtain AtlasAuthorizer", e);
            }
        } else {
            z = true;
        }
        return z;
    }

    public static String getRequestIpAddress(HttpServletRequest httpServletRequest) {
        String str = "";
        try {
            str = InetAddress.getByName(httpServletRequest.getRemoteAddr()).getHostAddress();
        } catch (UnknownHostException e) {
            LOG.error("Failed to retrieve client IP address", e);
        }
        return str;
    }

    public static String getCurrentUserName() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null ? authentication.getName() : "";
    }

    public static Set<String> getCurrentUserGroups() {
        HashSet hashSet = new HashSet();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            Iterator it = authentication.getAuthorities().iterator();
            while (it.hasNext()) {
                hashSet.add(((GrantedAuthority) it.next()).getAuthority());
            }
        }
        return hashSet;
    }
}
