package org.apache.cassandra.auth;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.Lists;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.cql3.CIDR;
import org.apache.cassandra.cql3.QueryOptions;
import org.apache.cassandra.cql3.QueryProcessor;
import org.apache.cassandra.cql3.UntypedResultSet;
import org.apache.cassandra.cql3.statements.SelectStatement;
import org.apache.cassandra.db.ConsistencyLevel;
import org.apache.cassandra.db.marshal.InetAddressType;
import org.apache.cassandra.db.marshal.ShortType;
import org.apache.cassandra.db.marshal.TupleType;
import org.apache.cassandra.exceptions.RequestExecutionException;
import org.apache.cassandra.schema.SchemaConstants;
import org.apache.cassandra.service.ClientState;
import org.apache.cassandra.service.QueryState;
import org.apache.cassandra.transport.Dispatcher;
import org.apache.cassandra.transport.messages.ResultMessage;
import org.apache.cassandra.utils.ByteBufferUtil;
import org.apache.cassandra.utils.MBeanWrapper;
import org.apache.cassandra.utils.Pair;

/* loaded from: input_file:org/apache/cassandra/auth/CIDRGroupsMappingManager.class */
public class CIDRGroupsMappingManager implements CIDRGroupsMappingManagerMBean {
    public static final String MBEAN_NAME = "org.apache.cassandra.db:type=CIDRGroupsMappingManager";
    private SelectStatement getCidrGroupsStatement;
    private SelectStatement getCidrsForCidrGroupStatement;
    private static final int PAGE_SIZE = 128;

    public void setup() {
        if (!MBeanWrapper.instance.isRegistered(MBEAN_NAME)) {
            MBeanWrapper.instance.registerMBean(this, MBEAN_NAME);
        }
        this.getCidrGroupsStatement = (SelectStatement) QueryProcessor.getStatement(String.format("SELECT cidr_group FROM %s.%s", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.CIDR_GROUPS), ClientState.forInternalCalls());
        this.getCidrsForCidrGroupStatement = (SelectStatement) QueryProcessor.getStatement(String.format("SELECT cidrs FROM %s.%s where cidr_group = ?", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.CIDR_GROUPS), ClientState.forInternalCalls());
    }

    @VisibleForTesting
    ResultMessage.Rows select(SelectStatement selectStatement, QueryOptions queryOptions) {
        return selectStatement.execute(QueryState.forInternalCalls(), queryOptions, Dispatcher.RequestTime.forImmediateExecution());
    }

    UntypedResultSet process(String str, ConsistencyLevel consistencyLevel) throws RequestExecutionException {
        return QueryProcessor.process(str, consistencyLevel);
    }

    protected static String getCidrTuplesSetString(List<CIDR> list) {
        return "{" + ((String) list.stream().map((v0) -> {
            return v0.asCqlTupleString();
        }).collect(Collectors.joining(", "))) + "}";
    }

    public UntypedResultSet getCidrGroupsTableEntries() {
        return QueryProcessor.executeInternalWithPaging(String.format("SELECT * FROM %s.%s", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.CIDR_GROUPS), 128, new Object[0]);
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public Set<String> getAvailableCidrGroups() {
        HashSet hashSet = new HashSet();
        Iterator<UntypedResultSet.Row> it = UntypedResultSet.create(select(this.getCidrGroupsStatement, QueryOptions.forInternalCalls(CassandraAuthorizer.authReadConsistencyLevel(), Collections.emptyList())).result).iterator();
        while (it.hasNext()) {
            UntypedResultSet.Row next = it.next();
            if (!next.has("cidr_group")) {
                throw new IllegalStateException("Invalid row " + next + " in table: system_auth.cidr_groups");
            }
            hashSet.add(next.getString("cidr_group"));
        }
        return hashSet;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Set<Pair<InetAddress, Short>> retrieveCidrsFromRow(UntypedResultSet.Row row) {
        if (!row.has("cidrs")) {
            throw new RuntimeException("Invalid row, doesn't have column cidrs");
        }
        HashSet hashSet = new HashSet();
        TupleType tupleType = new TupleType(Arrays.asList(InetAddressType.instance, ShortType.instance));
        Iterator it = row.getFrozenSet("cidrs", tupleType).iterator();
        while (it.hasNext()) {
            List<ByteBuffer> unpack = tupleType.unpack((ByteBuffer) it.next());
            hashSet.add(Pair.create(InetAddressType.instance.compose(unpack.get(0)), Short.valueOf(((Short) ShortType.instance.compose(unpack.get(1))).shortValue())));
        }
        return hashSet;
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public Set<String> getCidrsOfCidrGroupAsStrings(String str) {
        UntypedResultSet create = UntypedResultSet.create(select(this.getCidrsForCidrGroupStatement, QueryOptions.forInternalCalls(CassandraAuthorizer.authReadConsistencyLevel(), Lists.newArrayList(new ByteBuffer[]{ByteBufferUtil.bytes(str)}))).result);
        if (create.isEmpty()) {
            return Collections.emptySet();
        }
        Set<Pair<InetAddress, Short>> retrieveCidrsFromRow = retrieveCidrsFromRow(create.one());
        HashSet hashSet = new HashSet();
        for (Pair<InetAddress, Short> pair : retrieveCidrsFromRow) {
            hashSet.add(pair.left().getHostAddress() + "/" + pair.right());
        }
        return hashSet;
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public void updateCidrGroup(String str, List<String> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(CIDR.getInstance(it.next()));
        }
        process(String.format("UPDATE %s.%s SET cidrs = %s WHERE cidr_group = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.CIDR_GROUPS, getCidrTuplesSetString(arrayList), str), CassandraAuthorizer.authWriteConsistencyLevel());
    }

    @VisibleForTesting
    void dropCidrGroupIfExists(String str) {
        process(String.format("DELETE FROM %s.%s WHERE cidr_group = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.CIDR_GROUPS, str), CassandraAuthorizer.authWriteConsistencyLevel());
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public void dropCidrGroup(String str) {
        if (getCidrsOfCidrGroupAsStrings(str).isEmpty()) {
            throw new RuntimeException("CIDR group '" + str + "' doesn't exists");
        }
        dropCidrGroupIfExists(str);
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public void recreateCidrGroupsMapping(Map<String, List<String>> map) {
        Set<String> availableCidrGroups = getAvailableCidrGroups();
        for (Map.Entry<String, List<String>> entry : map.entrySet()) {
            String key = entry.getKey();
            updateCidrGroup(key, entry.getValue());
            availableCidrGroups.remove(key);
        }
        Iterator<String> it = availableCidrGroups.iterator();
        while (it.hasNext()) {
            dropCidrGroupIfExists(it.next());
        }
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public Set<String> getCidrGroupsOfIP(String str) {
        try {
            return DatabaseDescriptor.getCIDRAuthorizer().lookupCidrGroupsForIp(InetAddress.getByName(str));
        } catch (UnknownHostException e) {
            throw new IllegalArgumentException("Invalid IP " + str, e);
        }
    }

    @Override // org.apache.cassandra.auth.CIDRGroupsMappingManagerMBean
    public void loadCidrGroupsCache() {
        DatabaseDescriptor.getCIDRAuthorizer().loadCidrGroupsCache();
    }
}
