package org.hsqldb.rights;

import org.hsqldb.Database;
import org.hsqldb.HsqlNameManager;
import org.hsqldb.Routine;
import org.hsqldb.RoutineSchema;
import org.hsqldb.SchemaObject;
import org.hsqldb.SqlInvariants;
import org.hsqldb.Tokens;
import org.hsqldb.error.Error;
import org.hsqldb.error.ErrorCode;
import org.hsqldb.lib.Collection;
import org.hsqldb.lib.HashMappedList;
import org.hsqldb.lib.HsqlArrayList;
import org.hsqldb.lib.IntValueHashMap;
import org.hsqldb.lib.Iterator;
import org.hsqldb.lib.OrderedHashSet;
import org.hsqldb.lib.Set;

/* loaded from: input_file:org/hsqldb/rights/GranteeManager.class */
public class GranteeManager {
    static User systemAuthorisation = new User(HsqlNameManager.newSystemObjectName(SqlInvariants.SYSTEM_AUTHORIZATION_NAME, 11), null);
    private HashMappedList map = new HashMappedList();
    private HashMappedList roleMap = new HashMappedList();
    Database database;
    Grantee publicRole;
    Grantee dbaRole;
    Grantee schemaRole;
    Grantee changeAuthRole;
    static final IntValueHashMap rightsStringLookup;

    public GranteeManager(Database database) {
        this.database = database;
        addRole(this.database.nameManager.newHsqlName("PUBLIC", false, 11));
        this.publicRole = getRole("PUBLIC");
        this.publicRole.isPublic = true;
        addRole(this.database.nameManager.newHsqlName(SqlInvariants.DBA_ADMIN_ROLE_NAME, false, 11));
        this.dbaRole = getRole(SqlInvariants.DBA_ADMIN_ROLE_NAME);
        this.dbaRole.setAdminDirect();
        addRole(this.database.nameManager.newHsqlName(SqlInvariants.SCHEMA_CREATE_ROLE_NAME, false, 11));
        this.schemaRole = getRole(SqlInvariants.SCHEMA_CREATE_ROLE_NAME);
        addRole(this.database.nameManager.newHsqlName(SqlInvariants.CHANGE_AUTH_ROLE_NAME, false, 11));
        this.changeAuthRole = getRole(SqlInvariants.CHANGE_AUTH_ROLE_NAME);
    }

    public Grantee getDBARole() {
        return this.dbaRole;
    }

    public static Grantee getSystemRole() {
        return systemAuthorisation;
    }

    public void grant(OrderedHashSet orderedHashSet, SchemaObject schemaObject, Right right, Grantee grantee, boolean z) {
        if (schemaObject instanceof RoutineSchema) {
            grant(orderedHashSet, ((RoutineSchema) schemaObject).getSpecificRoutines(), right, grantee, z);
            return;
        }
        HsqlNameManager.HsqlName name = schemaObject.getName();
        if (schemaObject instanceof Routine) {
            name = ((Routine) schemaObject).getSpecificName();
        }
        if (!grantee.isGrantable(schemaObject, right)) {
            throw Error.error(2000, grantee.getName().getNameString());
        }
        if (grantee.isAdmin()) {
            grantee = schemaObject.getOwner();
        }
        checkGranteeList(orderedHashSet);
        for (int i = 0; i < orderedHashSet.size(); i++) {
            Grantee grantee2 = get((String) orderedHashSet.get(i));
            grantee2.grant(name, right, grantee, z);
            if (grantee2.isRole) {
                updateAllRights(grantee2);
            }
        }
    }

    public void grant(OrderedHashSet orderedHashSet, SchemaObject[] schemaObjectArr, Right right, Grantee grantee, boolean z) {
        boolean z2 = false;
        for (int i = 0; i < schemaObjectArr.length; i++) {
            if (grantee.isGrantable(schemaObjectArr[i], right)) {
                grant(orderedHashSet, schemaObjectArr[i], right, grantee, z);
                z2 = true;
            }
        }
        if (!z2) {
            throw Error.error(2000, grantee.getName().getNameString());
        }
    }

    public void checkGranteeList(OrderedHashSet orderedHashSet) {
        for (int i = 0; i < orderedHashSet.size(); i++) {
            String str = (String) orderedHashSet.get(i);
            Grantee grantee = get(str);
            if (grantee == null) {
                throw Error.error(ErrorCode.X_28501, str);
            }
            if (isImmutable(str)) {
                throw Error.error(ErrorCode.X_28502, str);
            }
            if ((grantee instanceof User) && ((User) grantee).isExternalOnly) {
                throw Error.error(ErrorCode.X_28000, str);
            }
        }
    }

    public void grant(String str, String str2, Grantee grantee) {
        Grantee grantee2 = get(str);
        if (grantee2 == null) {
            throw Error.error(ErrorCode.X_28501, str);
        }
        if (isImmutable(str)) {
            throw Error.error(ErrorCode.X_28502, str);
        }
        Grantee role = getRole(str2);
        if (role == null) {
            throw Error.error(ErrorCode.X_0P000, str2);
        }
        if (role == grantee2) {
            throw Error.error(ErrorCode.X_0P501, str);
        }
        if (role.hasRole(grantee2)) {
            throw Error.error(ErrorCode.X_0P501, str2);
        }
        if (!grantee.isGrantable(role)) {
            throw Error.error(2000, grantee.getName().getNameString());
        }
        grantee2.grant(role);
        grantee2.updateAllRights();
        if (grantee2.isRole) {
            updateAllRights(grantee2);
        }
    }

    public void checkRoleList(String str, OrderedHashSet orderedHashSet, Grantee grantee, boolean z) {
        Grantee grantee2 = get(str);
        for (int i = 0; i < orderedHashSet.size(); i++) {
            String str2 = (String) orderedHashSet.get(i);
            Grantee role = getRole(str2);
            if (role == null) {
                throw Error.error(ErrorCode.X_0P000, str2);
            }
            if (str2.equals(SqlInvariants.SYSTEM_AUTHORIZATION_NAME) || str2.equals("PUBLIC")) {
                throw Error.error(ErrorCode.X_28502, str2);
            }
            if (z) {
                if (grantee2.getDirectRoles().contains(role)) {
                    throw Error.error(ErrorCode.X_0P000, str);
                }
            } else if (!grantee2.getDirectRoles().contains(role)) {
                throw Error.error(ErrorCode.X_0P000, str2);
            }
            if (!grantee.isAdmin()) {
                throw Error.error(2000, grantee.getName().getNameString());
            }
        }
    }

    public void grantSystemToPublic(SchemaObject schemaObject, Right right) {
        this.publicRole.grant(schemaObject.getName(), right, systemAuthorisation, true);
    }

    public void revoke(String str, String str2, Grantee grantee) {
        if (!grantee.isAdmin()) {
            throw Error.error(ErrorCode.X_42507);
        }
        Grantee grantee2 = get(str);
        if (grantee2 == null) {
            throw Error.error(ErrorCode.X_28000, str);
        }
        grantee2.revoke((Grantee) this.roleMap.get(str2));
        grantee2.updateAllRights();
        if (grantee2.isRole) {
            updateAllRights(grantee2);
        }
    }

    public void revoke(OrderedHashSet orderedHashSet, SchemaObject schemaObject, Right right, Grantee grantee, boolean z, boolean z2) {
        if (schemaObject instanceof RoutineSchema) {
            revoke(orderedHashSet, ((RoutineSchema) schemaObject).getSpecificRoutines(), right, grantee, z, z2);
            return;
        }
        HsqlNameManager.HsqlName name = schemaObject.getName();
        if (schemaObject instanceof Routine) {
            name = ((Routine) schemaObject).getSpecificName();
        }
        if (!grantee.isFullyAccessibleByRole(name)) {
            throw Error.error(ErrorCode.X_42501, schemaObject.getName().name);
        }
        if (grantee.isAdmin()) {
            grantee = schemaObject.getOwner();
        }
        for (int i = 0; i < orderedHashSet.size(); i++) {
            String str = (String) orderedHashSet.get(i);
            if (get(str) == null) {
                throw Error.error(ErrorCode.X_28501, str);
            }
            if (isImmutable(str)) {
                throw Error.error(ErrorCode.X_28502, str);
            }
        }
        for (int i2 = 0; i2 < orderedHashSet.size(); i2++) {
            Grantee grantee2 = get((String) orderedHashSet.get(i2));
            grantee2.revoke(schemaObject, right, grantee, z);
            grantee2.updateAllRights();
            if (grantee2.isRole) {
                updateAllRights(grantee2);
            }
        }
    }

    public void revoke(OrderedHashSet orderedHashSet, SchemaObject[] schemaObjectArr, Right right, Grantee grantee, boolean z, boolean z2) {
        for (SchemaObject schemaObject : schemaObjectArr) {
            revoke(orderedHashSet, schemaObject, right, grantee, z, z2);
        }
    }

    void removeEmptyRole(Grantee grantee) {
        for (int i = 0; i < this.map.size(); i++) {
            ((Grantee) this.map.get(i)).roles.remove(grantee);
        }
    }

    public void removeDbObject(HsqlNameManager.HsqlName hsqlName) {
        for (int i = 0; i < this.map.size(); i++) {
            ((Grantee) this.map.get(i)).revokeDbObject(hsqlName);
        }
    }

    public void removeDbObjects(OrderedHashSet orderedHashSet) {
        Iterator it2 = orderedHashSet.iterator();
        while (it2.hasNext()) {
            HsqlNameManager.HsqlName hsqlName = (HsqlNameManager.HsqlName) it2.next();
            for (int i = 0; i < this.map.size(); i++) {
                ((Grantee) this.map.get(i)).revokeDbObject(hsqlName);
            }
        }
    }

    void updateAllRights(Grantee grantee) {
        for (int i = 0; i < this.map.size(); i++) {
            Grantee grantee2 = (Grantee) this.map.get(i);
            if (grantee2.isRole) {
                grantee2.updateNestedRoles(grantee);
            }
        }
        for (int i2 = 0; i2 < this.map.size(); i2++) {
            Grantee grantee3 = (Grantee) this.map.get(i2);
            if (!grantee3.isRole) {
                grantee3.updateAllRights();
            }
        }
    }

    public boolean removeGrantee(String str) {
        Grantee grantee;
        if (isReserved(str) || (grantee = (Grantee) this.map.remove(str)) == null) {
            return false;
        }
        grantee.clearPrivileges();
        updateAllRights(grantee);
        if (!grantee.isRole) {
            return true;
        }
        this.roleMap.remove(str);
        removeEmptyRole(grantee);
        return true;
    }

    public Grantee addRole(HsqlNameManager.HsqlName hsqlName) {
        if (this.map.containsKey(hsqlName.name)) {
            throw Error.error(ErrorCode.X_28503, hsqlName.name);
        }
        if (SqlInvariants.isLobsSchemaName(hsqlName.name) || SqlInvariants.isSystemSchemaName(hsqlName.name)) {
            throw Error.error(ErrorCode.X_28502, hsqlName.name);
        }
        Grantee grantee = new Grantee(hsqlName, this);
        grantee.isRole = true;
        this.map.put(hsqlName.name, grantee);
        this.roleMap.add(hsqlName.name, grantee);
        return grantee;
    }

    public User addUser(HsqlNameManager.HsqlName hsqlName) {
        if (this.map.containsKey(hsqlName.name)) {
            throw Error.error(ErrorCode.X_28503, hsqlName.name);
        }
        if (SqlInvariants.isLobsSchemaName(hsqlName.name) || SqlInvariants.isSystemSchemaName(hsqlName.name)) {
            throw Error.error(ErrorCode.X_28502, hsqlName.name);
        }
        User user = new User(hsqlName, this);
        this.map.put(hsqlName.name, user);
        return user;
    }

    public void removeNewUser(HsqlNameManager.HsqlName hsqlName) {
        this.map.remove(hsqlName.name);
    }

    boolean isGrantee(String str) {
        return this.map.containsKey(str);
    }

    public static int getCheckSingleRight(String str) {
        int right = getRight(str);
        if (right != 0) {
            return right;
        }
        throw Error.error(ErrorCode.X_42581, str);
    }

    public static int getRight(String str) {
        return rightsStringLookup.get(str, 0);
    }

    public Grantee get(String str) {
        return (Grantee) this.map.get(str);
    }

    public Collection getGrantees() {
        return this.map.values();
    }

    public static boolean validRightString(String str) {
        return getRight(str) != 0;
    }

    public static boolean isImmutable(String str) {
        return str.equals(SqlInvariants.SYSTEM_AUTHORIZATION_NAME) || str.equals(SqlInvariants.DBA_ADMIN_ROLE_NAME) || str.equals(SqlInvariants.SCHEMA_CREATE_ROLE_NAME) || str.equals(SqlInvariants.CHANGE_AUTH_ROLE_NAME);
    }

    public static boolean isReserved(String str) {
        return str.equals(SqlInvariants.SYSTEM_AUTHORIZATION_NAME) || str.equals(SqlInvariants.DBA_ADMIN_ROLE_NAME) || str.equals(SqlInvariants.SCHEMA_CREATE_ROLE_NAME) || str.equals(SqlInvariants.CHANGE_AUTH_ROLE_NAME) || str.equals("PUBLIC");
    }

    public void dropRole(String str) {
        if (!isRole(str)) {
            throw Error.error(ErrorCode.X_0P000, str);
        }
        if (isReserved(str)) {
            throw Error.error(ErrorCode.X_42507);
        }
        removeGrantee(str);
    }

    public Set getRoleNames() {
        return this.roleMap.keySet();
    }

    public Collection getRoles() {
        return this.roleMap.values();
    }

    public Grantee getRole(String str) {
        Grantee grantee = (Grantee) this.roleMap.get(str);
        if (grantee == null) {
            throw Error.error(ErrorCode.X_0P000, str);
        }
        return grantee;
    }

    public boolean isRole(String str) {
        return this.roleMap.containsKey(str);
    }

    public String[] getSQL() {
        HsqlArrayList hsqlArrayList = new HsqlArrayList();
        Iterator it2 = getRoles().iterator();
        while (it2.hasNext()) {
            Grantee grantee = (Grantee) it2.next();
            if (!isReserved(grantee.getName().getNameString())) {
                hsqlArrayList.add(grantee.getSQL());
            }
        }
        Iterator it3 = getGrantees().iterator();
        while (it3.hasNext()) {
            Grantee grantee2 = (Grantee) it3.next();
            if ((grantee2 instanceof User) && !((User) grantee2).isExternalOnly) {
                hsqlArrayList.add(grantee2.getSQL());
                if (((User) grantee2).isLocalOnly) {
                    hsqlArrayList.add(((User) grantee2).getLocalUserSQL());
                }
            }
        }
        String[] strArr = new String[hsqlArrayList.size()];
        hsqlArrayList.toArray(strArr);
        return strArr;
    }

    public String[] getRightstSQL() {
        HsqlArrayList hsqlArrayList = new HsqlArrayList();
        Iterator it2 = getGrantees().iterator();
        while (it2.hasNext()) {
            Grantee grantee = (Grantee) it2.next();
            if (!isImmutable(grantee.getName().getNameString()) && (!(grantee instanceof User) || !((User) grantee).isExternalOnly)) {
                hsqlArrayList.addAll(grantee.getRightsSQL());
            }
        }
        String[] strArr = new String[hsqlArrayList.size()];
        hsqlArrayList.toArray(strArr);
        return strArr;
    }

    static {
        systemAuthorisation.isSystem = true;
        systemAuthorisation.setAdminDirect();
        systemAuthorisation.setInitialSchema(SqlInvariants.SYSTEM_SCHEMA_HSQLNAME);
        SqlInvariants.INFORMATION_SCHEMA_HSQLNAME.owner = systemAuthorisation;
        SqlInvariants.SYSTEM_SCHEMA_HSQLNAME.owner = systemAuthorisation;
        SqlInvariants.LOBS_SCHEMA_HSQLNAME.owner = systemAuthorisation;
        SqlInvariants.SQLJ_SCHEMA_HSQLNAME.owner = systemAuthorisation;
        rightsStringLookup = new IntValueHashMap(7);
        rightsStringLookup.put(Tokens.T_ALL, 63);
        rightsStringLookup.put(Tokens.T_SELECT, 1);
        rightsStringLookup.put(Tokens.T_UPDATE, 8);
        rightsStringLookup.put(Tokens.T_DELETE, 2);
        rightsStringLookup.put(Tokens.T_INSERT, 4);
        rightsStringLookup.put(Tokens.T_EXECUTE, 32);
        rightsStringLookup.put(Tokens.T_USAGE, 16);
        rightsStringLookup.put(Tokens.T_REFERENCES, 64);
        rightsStringLookup.put(Tokens.T_TRIGGER, 128);
    }
}
