package org.apache.hadoop.hdfs.server.namenode;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclEntryScope;
import org.apache.hadoop.fs.permission.AclEntryType;
import org.apache.hadoop.fs.permission.AclUtil;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.fs.permission.ScopedAclEntries;
import org.apache.hadoop.hdfs.protocol.AclException;
import org.apache.hadoop.hdfs.protocol.QuotaExceededException;

/* JADX INFO: Access modifiers changed from: package-private */
@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/hdfs/server/namenode/AclStorage.class */
public final class AclStorage {
    static final /* synthetic */ boolean $assertionsDisabled;

    public static boolean copyINodeDefaultAcl(INode iNode) {
        FsPermission createFsPermissionForExtendedAcl;
        INodeDirectory parent = iNode.getParent();
        if (parent.getAclFeature() == null) {
            return false;
        }
        if (!iNode.isFile() && !iNode.isDirectory()) {
            return false;
        }
        List<AclEntry> defaultEntries = new ScopedAclEntries(getEntriesFromAclFeature(parent.getAclFeature())).getDefaultEntries();
        if (defaultEntries.isEmpty()) {
            return false;
        }
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(defaultEntries.size());
        FsPermission fsPermission = iNode.getFsPermission();
        boolean isMinimalAcl = AclUtil.isMinimalAcl(defaultEntries);
        for (AclEntry aclEntry : defaultEntries) {
            AclEntryType type = aclEntry.getType();
            String name = aclEntry.getName();
            AclEntry.Builder name2 = new AclEntry.Builder().setScope(AclEntryScope.ACCESS).setType(type).setName(name);
            name2.setPermission((type == AclEntryType.USER && name == null) ? aclEntry.getPermission().and(fsPermission.getUserAction()) : (type == AclEntryType.GROUP && isMinimalAcl) ? aclEntry.getPermission().and(fsPermission.getGroupAction()) : type == AclEntryType.MASK ? aclEntry.getPermission().and(fsPermission.getGroupAction()) : type == AclEntryType.OTHER ? aclEntry.getPermission().and(fsPermission.getOtherAction()) : aclEntry.getPermission());
            newArrayListWithCapacity.add(name2.build());
        }
        List emptyList = iNode.isDirectory() ? defaultEntries : Collections.emptyList();
        if (AclUtil.isMinimalAcl(newArrayListWithCapacity) && emptyList.isEmpty()) {
            createFsPermissionForExtendedAcl = createFsPermissionForMinimalAcl(newArrayListWithCapacity, fsPermission);
        } else {
            iNode.addAclFeature(createAclFeature(newArrayListWithCapacity, emptyList));
            createFsPermissionForExtendedAcl = createFsPermissionForExtendedAcl(newArrayListWithCapacity, fsPermission);
        }
        iNode.setPermission(createFsPermissionForExtendedAcl);
        return true;
    }

    public static List<AclEntry> readINodeAcl(INode iNode, int i) {
        return getEntriesFromAclFeature(iNode.getAclFeature(i));
    }

    @VisibleForTesting
    static ImmutableList<AclEntry> getEntriesFromAclFeature(AclFeature aclFeature) {
        if (aclFeature == null) {
            return ImmutableList.of();
        }
        ImmutableList.Builder builder = new ImmutableList.Builder();
        for (int i = 0; i < aclFeature.getEntriesSize(); i++) {
            builder.add(AclEntryStatusFormat.toAclEntry(aclFeature.getEntryAt(i)));
        }
        return builder.build();
    }

    public static List<AclEntry> readINodeLogicalAcl(INode iNode) {
        FsPermission fsPermission = iNode.getFsPermission();
        AclFeature aclFeature = iNode.getAclFeature();
        if (aclFeature == null) {
            return AclUtil.getMinimalAcl(fsPermission);
        }
        ImmutableList<AclEntry> entriesFromAclFeature = getEntriesFromAclFeature(aclFeature);
        ScopedAclEntries scopedAclEntries = new ScopedAclEntries(entriesFromAclFeature);
        List accessEntries = scopedAclEntries.getAccessEntries();
        List defaultEntries = scopedAclEntries.getDefaultEntries();
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(entriesFromAclFeature.size() + 3);
        if (accessEntries.isEmpty()) {
            newArrayListWithCapacity.addAll(AclUtil.getMinimalAcl(fsPermission));
        } else {
            newArrayListWithCapacity.add(new AclEntry.Builder().setScope(AclEntryScope.ACCESS).setType(AclEntryType.USER).setPermission(fsPermission.getUserAction()).build());
            newArrayListWithCapacity.addAll(accessEntries);
            newArrayListWithCapacity.add(new AclEntry.Builder().setScope(AclEntryScope.ACCESS).setType(AclEntryType.MASK).setPermission(fsPermission.getGroupAction()).build());
            newArrayListWithCapacity.add(new AclEntry.Builder().setScope(AclEntryScope.ACCESS).setType(AclEntryType.OTHER).setPermission(fsPermission.getOtherAction()).build());
        }
        newArrayListWithCapacity.addAll(defaultEntries);
        return newArrayListWithCapacity;
    }

    public static void removeINodeAcl(INode iNode, int i) throws QuotaExceededException {
        AclFeature aclFeature = iNode.getAclFeature();
        if (aclFeature == null) {
            return;
        }
        FsPermission fsPermission = iNode.getFsPermission();
        ImmutableList<AclEntry> entriesFromAclFeature = getEntriesFromAclFeature(aclFeature);
        if (((AclEntry) entriesFromAclFeature.get(0)).getScope() == AclEntryScope.ACCESS) {
            int binarySearch = Collections.binarySearch(entriesFromAclFeature, new AclEntry.Builder().setScope(AclEntryScope.ACCESS).setType(AclEntryType.GROUP).build(), AclTransformation.ACL_ENTRY_COMPARATOR);
            if (!$assertionsDisabled && binarySearch < 0) {
                throw new AssertionError();
            }
            iNode.setPermission(new FsPermission(fsPermission.getUserAction(), ((AclEntry) entriesFromAclFeature.get(binarySearch)).getPermission(), fsPermission.getOtherAction(), fsPermission.getStickyBit()), i);
        }
        iNode.removeAclFeature(i);
    }

    public static void updateINodeAcl(INode iNode, List<AclEntry> list, int i) throws AclException, QuotaExceededException {
        FsPermission createFsPermissionForMinimalAcl;
        if (!$assertionsDisabled && list.size() < 3) {
            throw new AssertionError();
        }
        FsPermission fsPermission = iNode.getFsPermission();
        if (AclUtil.isMinimalAcl(list)) {
            if (iNode.getAclFeature() != null) {
                iNode.removeAclFeature(i);
            }
            createFsPermissionForMinimalAcl = createFsPermissionForMinimalAcl(list, fsPermission);
        } else {
            ScopedAclEntries scopedAclEntries = new ScopedAclEntries(list);
            List accessEntries = scopedAclEntries.getAccessEntries();
            List defaultEntries = scopedAclEntries.getDefaultEntries();
            if (!defaultEntries.isEmpty() && !iNode.isDirectory()) {
                throw new AclException("Invalid ACL: only directories may have a default ACL.");
            }
            if (iNode.getAclFeature() != null) {
                iNode.removeAclFeature(i);
            }
            iNode.addAclFeature(createAclFeature(accessEntries, defaultEntries), i);
            createFsPermissionForMinimalAcl = createFsPermissionForExtendedAcl(accessEntries, fsPermission);
        }
        iNode.setPermission(createFsPermissionForMinimalAcl, i);
    }

    private AclStorage() {
    }

    private static AclFeature createAclFeature(List<AclEntry> list, List<AclEntry> list2) {
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity((list.size() - 3) + list2.size());
        if (!AclUtil.isMinimalAcl(list)) {
            newArrayListWithCapacity.addAll(list.subList(1, list.size() - 2));
        }
        newArrayListWithCapacity.addAll(list2);
        return new AclFeature(AclEntryStatusFormat.toInt(newArrayListWithCapacity));
    }

    private static FsPermission createFsPermissionForExtendedAcl(List<AclEntry> list, FsPermission fsPermission) {
        return new FsPermission(list.get(0).getPermission(), list.get(list.size() - 2).getPermission(), list.get(list.size() - 1).getPermission(), fsPermission.getStickyBit());
    }

    private static FsPermission createFsPermissionForMinimalAcl(List<AclEntry> list, FsPermission fsPermission) {
        return new FsPermission(list.get(0).getPermission(), list.get(1).getPermission(), list.get(2).getPermission(), fsPermission.getStickyBit());
    }

    static {
        $assertionsDisabled = !AclStorage.class.desiredAssertionStatus();
    }
}
