package org.elasticsearch.xpack.core.security.authz.privilege;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.lucene.util.automaton.Automaton;
import org.elasticsearch.common.Strings;
import org.elasticsearch.xpack.core.ccr.action.PutFollowAction;
import org.elasticsearch.xpack.core.ccr.action.UnfollowAction;
import org.elasticsearch.xpack.core.ilm.action.ExplainLifecycleAction;
import org.elasticsearch.xpack.core.security.authc.support.mapper.expressiondsl.AllExpression;
import org.elasticsearch.xpack.core.security.support.Automatons;
import org.elasticsearch.xpack.core.watcher.input.none.NoneInput;

/* loaded from: input_file:org/elasticsearch/xpack/core/security/authz/privilege/IndexPrivilege.class */
public final class IndexPrivilege extends Privilege {
    private static final Logger logger = LogManager.getLogger(IndexPrivilege.class);
    private static final Automaton ALL_AUTOMATON = Automatons.patterns("indices:*", "internal:transport/proxy/indices:*");
    private static final Automaton READ_AUTOMATON = Automatons.patterns("indices:data/read/*", "indices:admin/resolve/index");
    private static final Automaton READ_CROSS_CLUSTER_AUTOMATON = Automatons.patterns("internal:transport/proxy/indices:data/read/*", "indices:admin/shards/search_shards", "indices:admin/search/search_shards");
    private static final Automaton CREATE_AUTOMATON = Automatons.patterns("indices:data/write/index*", "indices:data/write/bulk*");
    private static final Automaton CREATE_DOC_AUTOMATON = Automatons.patterns("indices:data/write/index", "indices:data/write/index[*", "indices:data/write/index:op_type/create", "indices:data/write/bulk*");
    private static final Automaton INDEX_AUTOMATON = Automatons.patterns("indices:data/write/index*", "indices:data/write/bulk*", "indices:data/write/update*");
    private static final Automaton DELETE_AUTOMATON = Automatons.patterns("indices:data/write/delete*", "indices:data/write/bulk*");
    private static final Automaton WRITE_AUTOMATON = Automatons.patterns("indices:data/write/*", "indices:admin/mapping/auto_put");
    private static final Automaton MONITOR_AUTOMATON = Automatons.patterns("indices:monitor/*");
    private static final Automaton MANAGE_AUTOMATON = Automatons.unionAndMinimize(Arrays.asList(MONITOR_AUTOMATON, Automatons.patterns("indices:admin/*", "indices:data/read/field_caps*", "indices:data/read/xpack/rollup/get/index/caps*")));
    private static final Automaton CREATE_INDEX_AUTOMATON = Automatons.patterns("indices:admin/create", "indices:admin/auto_create", "indices:admin/data_stream/create");
    private static final Automaton DELETE_INDEX_AUTOMATON = Automatons.patterns("indices:admin/delete", "indices:admin/data_stream/delete");
    private static final Automaton VIEW_METADATA_AUTOMATON = Automatons.patterns("indices:admin/aliases/get", "indices:admin/get", "indices:admin/mappings/fields/get*", "indices:admin/mappings/get", "indices:admin/shards/search_shards", "indices:admin/search/search_shards", "indices:admin/validate/query*", "indices:monitor/settings/get", ExplainLifecycleAction.NAME, "indices:admin/data_stream/lifecycle/get", "indices:admin/data_stream/lifecycle/explain", "indices:admin/data_stream/get", "indices:admin/resolve/index", "indices:data/read/field_caps*", "indices:data/read/xpack/rollup/get/index/caps*", "indices:monitor/transform/checkpoint*");
    private static final Automaton MANAGE_FOLLOW_INDEX_AUTOMATON = Automatons.patterns(PutFollowAction.NAME, UnfollowAction.NAME, "indices:admin/close*", "indices:admin/data_stream/promote", "indices:admin/rollover");
    private static final Automaton MANAGE_LEADER_INDEX_AUTOMATON = Automatons.patterns("indices:admin/xpack/ccr/forget_follower*");
    private static final Automaton MANAGE_ILM_AUTOMATON = Automatons.patterns("indices:admin/ilm/*");
    private static final Automaton MANAGE_DATA_STREAM_LIFECYCLE_AUTOMATON = Automatons.patterns("indices:admin/data_stream/lifecycle/*");
    private static final Automaton MAINTENANCE_AUTOMATON = Automatons.patterns("indices:admin/refresh*", "indices:admin/flush*", "indices:admin/synced_flush", "indices:admin/forcemerge*");
    private static final Automaton AUTO_CONFIGURE_AUTOMATON = Automatons.patterns("indices:admin/mapping/auto_put", "indices:admin/auto_create");
    private static final Automaton CROSS_CLUSTER_REPLICATION_AUTOMATON = Automatons.patterns("indices:data/read/xpack/ccr/shard_changes*", "indices:monitor/stats*", "indices:admin/seq_no/add_retention_lease*", "indices:admin/seq_no/remove_retention_lease*", "indices:admin/seq_no/renew_retention_lease*");
    private static final Automaton CROSS_CLUSTER_REPLICATION_INTERNAL_AUTOMATON = Automatons.patterns("indices:internal/admin/ccr/restore/session/clear*", "indices:internal/admin/ccr/restore/file_chunk/get*", "indices:internal/admin/ccr/restore/session/put*", "internal:transport/proxy/indices:internal/admin/ccr/restore/session/clear*", "internal:transport/proxy/indices:internal/admin/ccr/restore/file_chunk/get*");
    public static final IndexPrivilege NONE = new IndexPrivilege(NoneInput.TYPE, Automatons.EMPTY);
    public static final IndexPrivilege ALL = new IndexPrivilege(AllExpression.NAME, ALL_AUTOMATON);
    public static final IndexPrivilege READ = new IndexPrivilege("read", READ_AUTOMATON);
    public static final IndexPrivilege READ_CROSS_CLUSTER = new IndexPrivilege("read_cross_cluster", READ_CROSS_CLUSTER_AUTOMATON);
    public static final IndexPrivilege CREATE = new IndexPrivilege("create", CREATE_AUTOMATON);
    public static final IndexPrivilege INDEX = new IndexPrivilege("index", INDEX_AUTOMATON);
    public static final IndexPrivilege DELETE = new IndexPrivilege("delete", DELETE_AUTOMATON);
    public static final IndexPrivilege WRITE = new IndexPrivilege("write", WRITE_AUTOMATON);
    public static final IndexPrivilege CREATE_DOC = new IndexPrivilege("create_doc", CREATE_DOC_AUTOMATON);
    public static final IndexPrivilege MONITOR = new IndexPrivilege("monitor", MONITOR_AUTOMATON);
    public static final IndexPrivilege MANAGE = new IndexPrivilege("manage", MANAGE_AUTOMATON);
    public static final IndexPrivilege DELETE_INDEX = new IndexPrivilege("delete_index", DELETE_INDEX_AUTOMATON);
    public static final IndexPrivilege CREATE_INDEX = new IndexPrivilege("create_index", CREATE_INDEX_AUTOMATON);
    public static final IndexPrivilege VIEW_METADATA = new IndexPrivilege("view_index_metadata", VIEW_METADATA_AUTOMATON);
    public static final IndexPrivilege MANAGE_FOLLOW_INDEX = new IndexPrivilege("manage_follow_index", MANAGE_FOLLOW_INDEX_AUTOMATON);
    public static final IndexPrivilege MANAGE_LEADER_INDEX = new IndexPrivilege("manage_leader_index", MANAGE_LEADER_INDEX_AUTOMATON);
    public static final IndexPrivilege MANAGE_ILM = new IndexPrivilege("manage_ilm", MANAGE_ILM_AUTOMATON);
    public static final IndexPrivilege MANAGE_DATA_STREAM_LIFECYCLE = new IndexPrivilege("manage_data_stream_lifecycle", MANAGE_DATA_STREAM_LIFECYCLE_AUTOMATON);
    public static final IndexPrivilege MAINTENANCE = new IndexPrivilege("maintenance", MAINTENANCE_AUTOMATON);
    public static final IndexPrivilege AUTO_CONFIGURE = new IndexPrivilege("auto_configure", AUTO_CONFIGURE_AUTOMATON);
    public static final IndexPrivilege CROSS_CLUSTER_REPLICATION = new IndexPrivilege("cross_cluster_replication", CROSS_CLUSTER_REPLICATION_AUTOMATON);
    public static final IndexPrivilege CROSS_CLUSTER_REPLICATION_INTERNAL = new IndexPrivilege("cross_cluster_replication_internal", CROSS_CLUSTER_REPLICATION_INTERNAL_AUTOMATON);
    private static final Map<String, IndexPrivilege> VALUES = sortByAccessLevel((Map) Stream.of((Object[]) new Map.Entry[]{Map.entry(NoneInput.TYPE, NONE), Map.entry(AllExpression.NAME, ALL), Map.entry("manage", MANAGE), Map.entry("create_index", CREATE_INDEX), Map.entry("monitor", MONITOR), Map.entry("read", READ), Map.entry("index", INDEX), Map.entry("delete", DELETE), Map.entry("write", WRITE), Map.entry("create", CREATE), Map.entry("create_doc", CREATE_DOC), Map.entry("delete_index", DELETE_INDEX), Map.entry("view_index_metadata", VIEW_METADATA), Map.entry("read_cross_cluster", READ_CROSS_CLUSTER), Map.entry("manage_follow_index", MANAGE_FOLLOW_INDEX), Map.entry("manage_leader_index", MANAGE_LEADER_INDEX), Map.entry("manage_ilm", MANAGE_ILM), Map.entry("manage_data_stream_lifecycle", MANAGE_DATA_STREAM_LIFECYCLE), Map.entry("maintenance", MAINTENANCE), Map.entry("auto_configure", AUTO_CONFIGURE), Map.entry("cross_cluster_replication", CROSS_CLUSTER_REPLICATION), Map.entry("cross_cluster_replication_internal", CROSS_CLUSTER_REPLICATION_INTERNAL)}).filter((v0) -> {
        return Objects.nonNull(v0);
    }).collect(Collectors.toUnmodifiableMap((v0) -> {
        return v0.getKey();
    }, (v0) -> {
        return v0.getValue();
    })));
    public static final Predicate<String> ACTION_MATCHER = ALL.predicate();
    public static final Predicate<String> CREATE_INDEX_MATCHER = CREATE_INDEX.predicate();
    private static final ConcurrentHashMap<Set<String>, IndexPrivilege> CACHE = new ConcurrentHashMap<>();

    private IndexPrivilege(String str, Automaton automaton) {
        super((Set<String>) Collections.singleton(str), automaton);
    }

    private IndexPrivilege(Set<String> set, Automaton automaton) {
        super(set, automaton);
    }

    public static IndexPrivilege get(Set<String> set) {
        return CACHE.computeIfAbsent(set, set2 -> {
            return set2.isEmpty() ? NONE : resolve(set2);
        });
    }

    private static IndexPrivilege resolve(Set<String> set) {
        int size = set.size();
        if (size == 0) {
            throw new IllegalArgumentException("empty set should not be used");
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            String lowerCase = it.next().toLowerCase(Locale.ROOT);
            if (ACTION_MATCHER.test(lowerCase)) {
                hashSet.add(actionToPattern(lowerCase));
            } else {
                IndexPrivilege indexPrivilege = lowerCase == null ? null : VALUES.get(lowerCase);
                if (indexPrivilege != null && size == 1) {
                    return indexPrivilege;
                }
                if (indexPrivilege == null) {
                    String str = "unknown index privilege [" + lowerCase + "]. a privilege must be either one of the predefined fixed indices privileges [" + Strings.collectionToCommaDelimitedString(VALUES.entrySet()) + "] or a pattern over one of the available index actions";
                    logger.debug(str);
                    throw new IllegalArgumentException(str);
                }
                hashSet2.add(indexPrivilege.automaton);
            }
        }
        if (!hashSet.isEmpty()) {
            hashSet2.add(Automatons.patterns(hashSet));
        }
        return new IndexPrivilege(set, Automatons.unionAndMinimize(hashSet2));
    }

    static Map<String, IndexPrivilege> values() {
        return VALUES;
    }

    public static Set<String> names() {
        return Collections.unmodifiableSet(VALUES.keySet());
    }

    public static Collection<String> findPrivilegesThatGrant(String str) {
        return VALUES.entrySet().stream().filter(entry -> {
            return ((IndexPrivilege) entry.getValue()).predicate.test(str);
        }).map(entry2 -> {
            return (String) entry2.getKey();
        }).toList();
    }
}
