package ca.nrc.cadc.vosi.actions;

import ca.nrc.cadc.log.WebServiceLogInfo;
import ca.nrc.cadc.net.ResourceNotFoundException;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.reg.Standards;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.rest.InlineContentHandler;
import ca.nrc.cadc.rest.RestAction;
import ca.nrc.cadc.tap.PluginFactory;
import ca.nrc.cadc.tap.schema.TapPermissions;
import ca.nrc.cadc.tap.schema.TapSchemaDAO;
import java.security.AccessControlException;
import java.util.ArrayList;
import javax.sql.DataSource;
import org.apache.log4j.Logger;
import org.opencadc.gms.GroupClient;
import org.opencadc.gms.GroupURI;
import org.opencadc.gms.GroupUtil;

/* loaded from: input_file:ca/nrc/cadc/vosi/actions/TablesAction.class */
public abstract class TablesAction extends RestAction {
    private static final Logger log = Logger.getLogger(TablesAction.class);
    protected static final String PERMS_CONTENTTYPE = "text/plain";
    protected static final String OWNER_KEY = "owner";
    protected static final String PUBLIC_KEY = "public";
    protected static final String RGROUP_KEY = "r-group";
    protected static final String RWGROUP_KEY = "rw-group";

    /* JADX INFO: Access modifiers changed from: protected */
    public final DataSource getDataSource() {
        return new PluginFactory().getDataSourceProvider().getDataSource(((RestAction) this).syncInput.getRequestPath());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkWritableImpl() throws TransientException {
        super.checkWritable();
    }

    protected InlineContentHandler getInlineContentHandler() {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTableName() {
        String path = this.syncInput.getPath();
        if (path == null || !path.isEmpty()) {
            return path;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final TapSchemaDAO getTapSchemaDAO() {
        TapSchemaDAO tapSchemaDAO = new PluginFactory().getTapSchemaDAO();
        tapSchemaDAO.setDataSource(getDataSource());
        tapSchemaDAO.setOrdered(true);
        return tapSchemaDAO;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkDropTablePermission(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        String schemaFromTable = Util.getSchemaFromTable(str);
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(schemaFromTable);
        TapPermissions tablePermissions = tapSchemaDAO.getTablePermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + schemaFromTable);
        }
        if (tablePermissions == null) {
            throw new ResourceNotFoundException("table not found: " + str);
        }
        if (Util.isOwner(schemaPermissions)) {
            ((RestAction) this).logInfo.setMessage("drop table allowed: schema owner");
        } else {
            if (!Util.isOwner(tablePermissions)) {
                throw new AccessControlException("permission denied");
            }
            ((RestAction) this).logInfo.setMessage("drop table allowed: table owner");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TapPermissions checkViewSchemaPermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + str);
        }
        if (!Util.isOwner(schemaPermissions)) {
            throw new AccessControlException("permission denied");
        }
        ((RestAction) this).logInfo.setMessage("view schema permissions allowed: schema owner");
        return schemaPermissions;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkModifySchemaPermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + str);
        }
        if (!Util.isOwner(schemaPermissions)) {
            throw new AccessControlException("permission denied");
        }
        ((RestAction) this).logInfo.setMessage("modify schema permissions allowed: schema owner");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TapPermissions checkViewTablePermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        String schemaFromTable = Util.getSchemaFromTable(str);
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(schemaFromTable);
        TapPermissions tablePermissions = tapSchemaDAO.getTablePermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + schemaFromTable);
        }
        if (tablePermissions == null) {
            throw new ResourceNotFoundException("table not found: " + str);
        }
        if (Util.isOwner(schemaPermissions)) {
            ((RestAction) this).logInfo.setMessage("view table permissions allowed: schema owner");
            return tablePermissions;
        }
        if (!Util.isOwner(tablePermissions)) {
            throw new AccessControlException("permission denied");
        }
        ((RestAction) this).logInfo.setMessage("view table permissions allowed: table owner");
        return tablePermissions;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkModifyTablePermissionsPermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        String schemaFromTable = Util.getSchemaFromTable(str);
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(schemaFromTable);
        TapPermissions tablePermissions = tapSchemaDAO.getTablePermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + schemaFromTable);
        }
        if (tablePermissions == null) {
            throw new ResourceNotFoundException("table not found: " + str);
        }
        if (Util.isOwner(schemaPermissions)) {
            ((RestAction) this).logInfo.setMessage("modify table permissions allowed: schema owner");
        } else {
            if (!Util.isOwner(tablePermissions)) {
                throw new AccessControlException("permission denied");
            }
            ((RestAction) this).logInfo.setMessage("modify table permissions allowed: table owner");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkTableReadPermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        TapPermissions tablePermissions = tapSchemaDAO.getTablePermissions(str);
        if (tablePermissions == null) {
            throw new ResourceNotFoundException("table not found: " + str);
        }
        String schemaFromTable = Util.getSchemaFromTable(str);
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(schemaFromTable);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("schema not found: " + schemaFromTable);
        }
        if (schemaPermissions.owner == null) {
            ((RestAction) this).logInfo.setMessage("view table allowed: null schema owner");
            return;
        }
        if (schemaPermissions.isPublic.booleanValue()) {
            ((RestAction) this).logInfo.setMessage("view table allowed: public schema");
            return;
        }
        if (tablePermissions.owner == null) {
            ((RestAction) this).logInfo.setMessage("view table allowed: null table owner");
            return;
        }
        if (tablePermissions.isPublic.booleanValue()) {
            ((RestAction) this).logInfo.setMessage("view table allowed: public table");
            return;
        }
        if (Util.isOwner(tablePermissions)) {
            ((RestAction) this).logInfo.setMessage("view table allowed: table owner");
            return;
        }
        if (Util.isOwner(schemaPermissions)) {
            ((RestAction) this).logInfo.setMessage("view table allowed: schema owner");
            return;
        }
        GroupClient groupClient = GroupUtil.getGroupClient(new LocalAuthority().getServiceURI(Standards.GMS_SEARCH_01.toString()));
        ArrayList arrayList = new ArrayList(4);
        if (schemaPermissions.readGroup != null) {
            arrayList.add(schemaPermissions.readGroup);
        }
        if (schemaPermissions.readWriteGroup != null) {
            arrayList.add(schemaPermissions.readWriteGroup);
        }
        if (tablePermissions.readGroup != null) {
            arrayList.add(tablePermissions.readGroup);
        }
        if (tablePermissions.readWriteGroup != null) {
            arrayList.add(tablePermissions.readWriteGroup);
        }
        GroupURI permittedGroup = Util.getPermittedGroup(groupClient, arrayList);
        if (permittedGroup == null) {
            throw new AccessControlException("permission denied");
        }
        ((RestAction) this).logInfo.setMessage("view table allowed: member of group " + permittedGroup);
    }

    public void checkTableWritePermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        checkTableWritePermissions(tapSchemaDAO, str, this.logInfo);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkTableWritePermissions(TapSchemaDAO tapSchemaDAO, String str, WebServiceLogInfo webServiceLogInfo) throws AccessControlException, ResourceNotFoundException {
        TapPermissions tablePermissions = tapSchemaDAO.getTablePermissions(str);
        if (tablePermissions == null) {
            throw new ResourceNotFoundException("table not found: " + str);
        }
        if (Util.isOwner(tablePermissions)) {
            webServiceLogInfo.setMessage("table write allowed: table owner");
            return;
        }
        GroupClient groupClient = GroupUtil.getGroupClient(new LocalAuthority().getServiceURI(Standards.GMS_SEARCH_01.toString()));
        ArrayList arrayList = new ArrayList(1);
        if (tablePermissions.readWriteGroup != null) {
            arrayList.add(tablePermissions.readWriteGroup);
            GroupURI permittedGroup = Util.getPermittedGroup(groupClient, arrayList);
            if (permittedGroup != null) {
                webServiceLogInfo.setMessage("schema write allowed: member of table group " + permittedGroup);
                return;
            }
        }
        throw new AccessControlException("permission denied");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkSchemaWritePermissions(TapSchemaDAO tapSchemaDAO, String str) throws AccessControlException, ResourceNotFoundException {
        TapPermissions schemaPermissions = tapSchemaDAO.getSchemaPermissions(str);
        if (schemaPermissions == null) {
            throw new ResourceNotFoundException("not found: " + str);
        }
        if (Util.isOwner(schemaPermissions)) {
            ((RestAction) this).logInfo.setMessage("schema write allowed: schema owner");
            return;
        }
        GroupClient groupClient = GroupUtil.getGroupClient(new LocalAuthority().getServiceURI(Standards.GMS_SEARCH_01.toString()));
        ArrayList arrayList = new ArrayList(1);
        if (schemaPermissions.readWriteGroup != null) {
            arrayList.add(schemaPermissions.readWriteGroup);
            GroupURI permittedGroup = Util.getPermittedGroup(groupClient, arrayList);
            if (permittedGroup != null) {
                ((RestAction) this).logInfo.setMessage("schema write allowed: member of table group " + permittedGroup);
                return;
            }
        }
        throw new AccessControlException("permission denied");
    }
}
