package org.apache.ignite3.internal.sql.engine.prepare.ddl.rbac;

import java.util.EnumSet;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.calcite.sql.SqlIdentifier;
import org.apache.calcite.sql.SqlNodeList;
import org.apache.ignite3.internal.sql.engine.prepare.ddl.UserAuthenticationMethod;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlCreateRole;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlCreateUser;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlDropRole;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlDropUser;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlGrantRevokePrivileges;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlGrantRoles;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlPrivileges;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlRbacDdl;
import org.apache.ignite3.internal.sql.engine.sql.rbac.GridgainSqlRevokeRoles;
import org.apache.ignite3.lang.ErrorGroups;
import org.apache.ignite3.lang.IgniteException;
import org.apache.ignite3.sql.SqlException;
import org.gridgain.internal.rbac.privileges.Action;
import org.gridgain.internal.rbac.privileges.ActionAlias;
import org.gridgain.internal.rbac.privileges.Privilege;
import org.gridgain.internal.rbac.privileges.PrivilegeAlias;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/apache/ignite3/internal/sql/engine/prepare/ddl/rbac/RbacDdlSqlToCommandConverter.class */
public class RbacDdlSqlToCommandConverter {
    private final Set<String> knownActionNames = (Set) EnumSet.allOf(Action.class).stream().map((v0) -> {
        return v0.name();
    }).collect(Collectors.toSet());

    public RbacDdlCommand convert(GridgainSqlRbacDdl gridgainSqlRbacDdl, String str) {
        if (gridgainSqlRbacDdl instanceof GridgainSqlCreateUser) {
            return convertCreateUser((GridgainSqlCreateUser) gridgainSqlRbacDdl);
        }
        if (gridgainSqlRbacDdl instanceof GridgainSqlDropUser) {
            return convertDropUser((GridgainSqlDropUser) gridgainSqlRbacDdl);
        }
        if (gridgainSqlRbacDdl instanceof GridgainSqlCreateRole) {
            return convertCreateRole((GridgainSqlCreateRole) gridgainSqlRbacDdl);
        }
        if (gridgainSqlRbacDdl instanceof GridgainSqlDropRole) {
            return convertDropRole((GridgainSqlDropRole) gridgainSqlRbacDdl);
        }
        if (gridgainSqlRbacDdl instanceof GridgainSqlGrantRoles) {
            return convertGrantRoles((GridgainSqlGrantRoles) gridgainSqlRbacDdl);
        }
        if (gridgainSqlRbacDdl instanceof GridgainSqlRevokeRoles) {
            return convertRevokeRoles((GridgainSqlRevokeRoles) gridgainSqlRbacDdl);
        }
        if (!(gridgainSqlRbacDdl instanceof GridgainSqlGrantRevokePrivileges)) {
            throw new SqlException(ErrorGroups.Sql.STMT_VALIDATION_ERR, "Unsupported operation [querySql=\"" + str + "\"]");
        }
        GridgainSqlGrantRevokePrivileges gridgainSqlGrantRevokePrivileges = (GridgainSqlGrantRevokePrivileges) gridgainSqlRbacDdl;
        return convertGrantRevokePrivileges(gridgainSqlGrantRevokePrivileges.privileges(), gridgainSqlGrantRevokePrivileges.rolenames(), gridgainSqlGrantRevokePrivileges.isGrant(), str);
    }

    private static CreateUserCommand convertCreateUser(GridgainSqlCreateUser gridgainSqlCreateUser) {
        CreateUserCommand createUserCommand = new CreateUserCommand();
        createUserCommand.username(gridgainSqlCreateUser.username().getSimple());
        try {
            createUserCommand.authenticationMethod(UserAuthenticationMethod.valueOf(gridgainSqlCreateUser.authenticationMethod().getSimple().toUpperCase()));
            createUserCommand.password(gridgainSqlCreateUser.password());
            createUserCommand.ifNotExists(gridgainSqlCreateUser.ifNotExists());
            return createUserCommand;
        } catch (IllegalArgumentException e) {
            throw new IgniteException(ErrorGroups.Sql.STMT_VALIDATION_ERR, String.format("Unexpected authentication method [option=%s, query=%s]", gridgainSqlCreateUser.authenticationMethod(), gridgainSqlCreateUser), e);
        }
    }

    private static DropUserCommand convertDropUser(GridgainSqlDropUser gridgainSqlDropUser) {
        DropUserCommand dropUserCommand = new DropUserCommand();
        dropUserCommand.username(gridgainSqlDropUser.username().getSimple());
        dropUserCommand.ifExists(gridgainSqlDropUser.ifExists());
        return dropUserCommand;
    }

    private static CreateRoleCommand convertCreateRole(GridgainSqlCreateRole gridgainSqlCreateRole) {
        CreateRoleCommand createRoleCommand = new CreateRoleCommand();
        createRoleCommand.name(gridgainSqlCreateRole.name().getSimple());
        createRoleCommand.ifNotExists(gridgainSqlCreateRole.ifNotExists());
        return createRoleCommand;
    }

    private static DropRoleCommand convertDropRole(GridgainSqlDropRole gridgainSqlDropRole) {
        DropRoleCommand dropRoleCommand = new DropRoleCommand();
        dropRoleCommand.name(gridgainSqlDropRole.name().getSimple());
        dropRoleCommand.ifExists(gridgainSqlDropRole.ifExists());
        return dropRoleCommand;
    }

    private static AssignRolesCommand convertGrantRoles(GridgainSqlGrantRoles gridgainSqlGrantRoles) {
        AssignRolesCommand assignRolesCommand = new AssignRolesCommand();
        assignRolesCommand.rolenames(converToStringSet(gridgainSqlGrantRoles.rolenames()));
        assignRolesCommand.usernames(converToStringSet(gridgainSqlGrantRoles.usernames()));
        return assignRolesCommand;
    }

    private static RevokeRolesCommand convertRevokeRoles(GridgainSqlRevokeRoles gridgainSqlRevokeRoles) {
        RevokeRolesCommand revokeRolesCommand = new RevokeRolesCommand();
        revokeRolesCommand.rolenames(converToStringSet(gridgainSqlRevokeRoles.rolenames()));
        revokeRolesCommand.usernames(converToStringSet(gridgainSqlRevokeRoles.usernames()));
        return revokeRolesCommand;
    }

    private PrivilegesCommand convertGrantRevokePrivileges(GridgainSqlPrivileges gridgainSqlPrivileges, SqlNodeList sqlNodeList, boolean z, String str) {
        Set<String> converToStringSet = converToStringSet(sqlNodeList);
        ActionAlias alias = gridgainSqlPrivileges.alias();
        if (alias != null) {
            return new PrivilegesCommand(PrivilegeAlias.builder().alias(alias).selector(gridgainSqlPrivileges.object() != null ? gridgainSqlPrivileges.object().getSimple() : null).build(), converToStringSet, z);
        }
        return new PrivilegesCommand(convertToPrivilegesSet(gridgainSqlPrivileges, str), converToStringSet, z);
    }

    @Nullable
    private static Set<String> converToStringSet(@Nullable SqlNodeList sqlNodeList) {
        if (sqlNodeList == null) {
            return null;
        }
        Stream stream = sqlNodeList.getList().stream();
        Class<SqlIdentifier> cls = SqlIdentifier.class;
        Objects.requireNonNull(SqlIdentifier.class);
        return (Set) stream.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getSimple();
        }).collect(Collectors.toSet());
    }

    private Set<Privilege> convertToPrivilegesSet(GridgainSqlPrivileges gridgainSqlPrivileges, String str) {
        HashSet hashSet = new HashSet(this.knownActionNames);
        String simple = gridgainSqlPrivileges.object() != null ? gridgainSqlPrivileges.object().getSimple() : null;
        Stream stream = gridgainSqlPrivileges.actions().stream();
        Class<SqlIdentifier> cls = SqlIdentifier.class;
        Objects.requireNonNull(SqlIdentifier.class);
        return (Set) stream.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getSimple();
        }).map((v0) -> {
            return v0.toUpperCase();
        }).map(str2 -> {
            Action action = null;
            if (hashSet.remove(str2)) {
                action = Action.valueOf(str2);
            } else if (this.knownActionNames.contains(str2)) {
                throw duplicatePrivilegeAction(str2, str);
            }
            if (action == null) {
                throw unexpectedPrivilegeAction(str2, str);
            }
            return Privilege.builder().selector(simple).action(action).build();
        }).collect(Collectors.toSet());
    }

    private static IgniteException duplicatePrivilegeAction(String str, String str2) {
        return new SqlException(ErrorGroups.Sql.STMT_VALIDATION_ERR, String.format("Duplicate privilege action has been specified [action=%s, query=%s]", str, str2));
    }

    private static IgniteException unexpectedPrivilegeAction(String str, String str2) {
        return new SqlException(ErrorGroups.Sql.STMT_VALIDATION_ERR, String.format("Unexpected privilege action [action=%s, query=%s]", str, str2));
    }
}
