package org.duracloud.durastore.util;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.duracloud.common.error.NoUserLoggedInException;
import org.duracloud.common.model.AclType;
import org.duracloud.common.rest.DuraCloudRequestContextUtil;
import org.duracloud.common.sns.AccountChangeNotifier;
import org.duracloud.security.context.SecurityContextUtil;
import org.duracloud.security.impl.DuracloudUserDetails;
import org.duracloud.storage.domain.RetrievedContent;
import org.duracloud.storage.domain.StorageProviderType;
import org.duracloud.storage.error.StorageException;
import org.duracloud.storage.provider.StorageProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;

/* loaded from: input_file:org/duracloud/durastore/util/ACLStorageProvider.class */
public class ACLStorageProvider implements StorageProvider {
    private final Logger log;
    private final StorageProvider targetProvider;
    private SecurityContextUtil securityContextUtil;
    private Map<String, Map<String, AclType>> spaceACLMap;
    private boolean loaded;
    private Thread cacheLoaderThread;
    private AccountChangeNotifier notifier;
    private DuraCloudRequestContextUtil requestContextUtil;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/duracloud/durastore/util/ACLStorageProvider$CacheLoader.class */
    public class CacheLoader implements Runnable {
        private CacheLoader() {
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                Iterator spaces = ACLStorageProvider.this.targetProvider.getSpaces();
                while (spaces.hasNext()) {
                    String str = (String) spaces.next();
                    ACLStorageProvider.this.spaceACLMap.put(str, getSpaceACLs(str));
                }
                ACLStorageProvider.this.loaded = true;
            } catch (Exception e) {
                ACLStorageProvider.this.log.error("Failed to complete the run of the CacheLoader", e);
            }
        }

        private Map<String, AclType> getSpaceACLs(String str) {
            try {
                return ACLStorageProvider.this.targetProvider.getSpaceACLs(str);
            } catch (StorageException e) {
                ACLStorageProvider.this.log.warn("Error getting space acls: {}, err: {}", str, e);
                return new HashMap();
            }
        }
    }

    public ACLStorageProvider(StorageProvider storageProvider, AccountChangeNotifier accountChangeNotifier, DuraCloudRequestContextUtil duraCloudRequestContextUtil) {
        this(storageProvider, new SecurityContextUtil(), accountChangeNotifier, duraCloudRequestContextUtil);
    }

    public ACLStorageProvider(StorageProvider storageProvider, SecurityContextUtil securityContextUtil, AccountChangeNotifier accountChangeNotifier, DuraCloudRequestContextUtil duraCloudRequestContextUtil) {
        this.log = LoggerFactory.getLogger(ACLStorageProvider.class);
        this.cacheLoaderThread = null;
        if (!$assertionsDisabled && storageProvider == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && securityContextUtil == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && accountChangeNotifier == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && duraCloudRequestContextUtil == null) {
            throw new AssertionError();
        }
        this.targetProvider = storageProvider;
        this.securityContextUtil = securityContextUtil;
        this.spaceACLMap = new HashMap();
        this.loaded = false;
        this.notifier = accountChangeNotifier;
        this.requestContextUtil = duraCloudRequestContextUtil;
        ensureCacheLoaderThreadIsRunning();
    }

    private void ensureCacheLoaderThreadIsRunning() {
        if (this.cacheLoaderThread != null && this.cacheLoaderThread.isAlive()) {
            this.log.debug("cacheLoaderThread is already running.");
            return;
        }
        this.log.info("cacheLoaderThread was not running. Starting it up...");
        this.cacheLoaderThread = new Thread(new CacheLoader());
        this.cacheLoaderThread.start();
        this.log.info("cacheLoaderThread has been started");
    }

    private void waitForCache() {
        while (!this.loaded) {
            ensureCacheLoaderThreadIsRunning();
            this.log.debug("waiting: {}", this.targetProvider.getClass().getName());
            try {
                Thread.sleep(500L);
            } catch (InterruptedException e) {
            }
        }
    }

    public StorageProviderType getStorageProviderType() {
        return this.targetProvider.getStorageProviderType();
    }

    public Iterator<String> getSpaces() {
        DuracloudUserDetails currentUserDetails = getCurrentUserDetails();
        if (isAdmin(currentUserDetails)) {
            return this.targetProvider.getSpaces();
        }
        waitForCache();
        ArrayList arrayList = new ArrayList();
        for (String str : this.spaceACLMap.keySet()) {
            if (userHasAccess(currentUserDetails, this.spaceACLMap.get(str)) && !arrayList.contains(str)) {
                arrayList.add(str);
            }
        }
        Collections.sort(arrayList);
        return arrayList.iterator();
    }

    private boolean isAdmin(DuracloudUserDetails duracloudUserDetails) {
        Collection authorities;
        if (null == duracloudUserDetails || null == (authorities = duracloudUserDetails.getAuthorities())) {
            return false;
        }
        Iterator it = authorities.iterator();
        while (it.hasNext()) {
            if ("ROLE_ADMIN".equals(((GrantedAuthority) it.next()).getAuthority())) {
                return true;
            }
        }
        return false;
    }

    private DuracloudUserDetails getCurrentUserDetails() {
        try {
            return this.securityContextUtil.getCurrentUserDetails();
        } catch (NoUserLoggedInException e) {
            return null;
        }
    }

    private boolean userHasAccess(DuracloudUserDetails duracloudUserDetails, Map<String, AclType> map) {
        if (map.keySet().contains("acl-group-public")) {
            return true;
        }
        if (null == duracloudUserDetails) {
            return false;
        }
        if (map.keySet().contains("acl-" + duracloudUserDetails.getUsername())) {
            return true;
        }
        List groups = duracloudUserDetails.getGroups();
        if (null == groups || groups.size() == 0) {
            return false;
        }
        Iterator it = groups.iterator();
        while (it.hasNext()) {
            if (map.keySet().contains("acl-" + ((String) it.next()))) {
                return true;
            }
        }
        return false;
    }

    public Iterator<String> getSpaceContents(String str, String str2) {
        return this.targetProvider.getSpaceContents(str, str2);
    }

    public List<String> getSpaceContentsChunked(String str, String str2, long j, String str3) {
        return this.targetProvider.getSpaceContentsChunked(str, str2, j, str3);
    }

    public void createSpace(String str) {
        waitForCache();
        this.targetProvider.createSpace(str);
        DuracloudUserDetails currentUserDetails = getCurrentUserDetails();
        if (null != currentUserDetails) {
            HashMap hashMap = new HashMap();
            hashMap.put("acl-" + currentUserDetails.getUsername(), AclType.WRITE);
            this.spaceACLMap.put(str, hashMap);
        }
    }

    public void deleteSpace(String str) {
        waitForCache();
        Throwable th = null;
        try {
            this.targetProvider.deleteSpace(str);
            this.spaceACLMap.remove(str);
        } catch (StorageException e) {
            th = e;
        }
        if ((getClass().getSimpleName() + "-cache").equalsIgnoreCase(str)) {
            this.log.info("cycling cache.");
            this.spaceACLMap.clear();
            this.loaded = false;
            new Thread(new CacheLoader()).start();
        }
        if (null != th) {
            throw th;
        }
    }

    public Map<String, String> getSpaceProperties(String str) {
        return this.targetProvider.getSpaceProperties(str);
    }

    public Map<String, AclType> getSpaceACLs(String str) {
        if (isAdmin(getCurrentUserDetails()) && !this.loaded) {
            return this.targetProvider.getSpaceACLs(str);
        }
        waitForCache();
        if (this.spaceACLMap.containsKey(str)) {
            return this.spaceACLMap.get(str);
        }
        Map<String, AclType> spaceACLs = this.targetProvider.getSpaceACLs(str);
        this.spaceACLMap.put(str, spaceACLs);
        return spaceACLs;
    }

    public void setSpaceACLs(String str, Map<String, AclType> map) {
        waitForCache();
        this.targetProvider.setSpaceACLs(str, map);
        if (null != map) {
            this.spaceACLMap.put(str, map);
        }
        sendCacheChangedNotification();
    }

    private void sendCacheChangedNotification() {
        this.notifier.storageProviderCacheOnNodeChanged(this.requestContextUtil.getAccountId());
    }

    public String addContent(String str, String str2, String str3, Map<String, String> map, long j, String str4, InputStream inputStream) {
        return this.targetProvider.addContent(str, str2, str3, map, j, str4, inputStream);
    }

    public String copyContent(String str, String str2, String str3, String str4) {
        return this.targetProvider.copyContent(str, str2, str3, str4);
    }

    public RetrievedContent getContent(String str, String str2) {
        return this.targetProvider.getContent(str, str2);
    }

    public RetrievedContent getContent(String str, String str2, String str3) {
        return this.targetProvider.getContent(str, str2, str3);
    }

    public void deleteContent(String str, String str2) {
        this.targetProvider.deleteContent(str, str2);
    }

    public void setContentProperties(String str, String str2, Map<String, String> map) {
        this.targetProvider.setContentProperties(str, str2, map);
    }

    public Map<String, String> getContentProperties(String str, String str2) {
        return this.targetProvider.getContentProperties(str, str2);
    }

    static {
        $assertionsDisabled = !ACLStorageProvider.class.desiredAssertionStatus();
    }
}
