package io.hops.hopsworks.common.hdfs;

import io.hops.hopsworks.common.constants.auth.AllowedRoles;
import io.hops.hopsworks.common.dao.hdfsUser.HdfsGroupsFacade;
import io.hops.hopsworks.common.dao.hdfsUser.HdfsUsersFacade;
import io.hops.hopsworks.common.user.UserValidator;
import io.hops.hopsworks.common.util.Settings;
import io.hops.hopsworks.persistence.entity.dataset.Dataset;
import io.hops.hopsworks.persistence.entity.dataset.DatasetAccessPermission;
import io.hops.hopsworks.persistence.entity.dataset.DatasetSharedWith;
import io.hops.hopsworks.persistence.entity.dataset.PermissionTransition;
import io.hops.hopsworks.persistence.entity.hdfs.user.HdfsGroups;
import io.hops.hopsworks.persistence.entity.hdfs.user.HdfsUsers;
import io.hops.hopsworks.persistence.entity.project.Project;
import io.hops.hopsworks.persistence.entity.project.team.ProjectTeam;
import io.hops.hopsworks.persistence.entity.user.Users;
import io.hops.security.UserAlreadyInGroupException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclEntryScope;
import org.apache.hadoop.fs.permission.AclEntryType;
import org.apache.hadoop.fs.permission.FsAction;

@TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
@Stateless
/* loaded from: input_file:io/hops/hopsworks/common/hdfs/HdfsUsersController.class */
public class HdfsUsersController {
    public static final String USER_NAME_DELIMITER = "__";

    @EJB
    private HdfsUsersFacade hdfsUsersFacade;

    @EJB
    private HdfsGroupsFacade hdfsGroupsFacade;

    @EJB
    private DistributedFsService dfsService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.hops.hopsworks.common.hdfs.HdfsUsersController$1, reason: invalid class name */
    /* loaded from: input_file:io/hops/hopsworks/common/hdfs/HdfsUsersController$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission;
        static final /* synthetic */ int[] $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition = new int[PermissionTransition.values().length];

        static {
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_TO_EDITABLE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.READ_ONLY_TO_READ_ONLY.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_BY_OWNERS_TO_EDITABLE_BY_OWNERS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_TO_EDITABLE_BY_OWNERS.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_TO_READ_ONLY.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_BY_OWNERS_TO_EDITABLE.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.EDITABLE_BY_OWNERS_TO_READ_ONLY.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.READ_ONLY_TO_EDITABLE.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[PermissionTransition.READ_ONLY_TO_EDITABLE_BY_OWNERS.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission = new int[DatasetAccessPermission.values().length];
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[DatasetAccessPermission.EDITABLE.ordinal()] = 1;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[DatasetAccessPermission.EDITABLE_BY_OWNERS.ordinal()] = 2;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[DatasetAccessPermission.READ_ONLY.ordinal()] = 3;
            } catch (NoSuchFieldError e12) {
            }
        }
    }

    public void addProjectFolderOwner(Project project, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        String hdfsUserName = getHdfsUserName(project, project.getOwner());
        Path path = new Path(Utils.getProjectPath(project.getName()));
        distributedFileSystemOps.setOwner(path, hdfsUserName, project.getName());
        distributedFileSystemOps.setPermission(path, FsPermissions.r_xr_xr_x);
        HdfsGroups findByName = this.hdfsGroupsFacade.findByName(project.getName());
        if (findByName == null) {
            throw new IllegalArgumentException("No group found for project in HDFS.");
        }
        addToGroup(hdfsUserName, findByName.getName(), distributedFileSystemOps);
    }

    public void createDatasetGroupsAndSetPermissions(Users users, Project project, Dataset dataset, Path path, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (users == null || project == null || project.getProjectTeamCollection() == null || dataset == null) {
            throw new IllegalArgumentException("One or more arguments are null.");
        }
        String hdfsGroupName = getHdfsGroupName(project, dataset);
        String hdfsAclGroupName = getHdfsAclGroupName(project, dataset);
        distributedFileSystemOps.setOwner(path, getHdfsUserName(project, users), hdfsGroupName);
        distributedFileSystemOps.addGroup(hdfsAclGroupName);
        distributedFileSystemOps.setPermission(path, getDatasetAcl(hdfsAclGroupName));
        HdfsGroups findByName = this.hdfsGroupsFacade.findByName(hdfsGroupName);
        if (findByName == null) {
            throw new IllegalArgumentException("Could not create dataset group in HDFS.");
        }
        addToGroup(getHdfsUserName(project, users), findByName.getName(), distributedFileSystemOps);
        addMembersToGroups(hdfsGroupName, hdfsAclGroupName, distributedFileSystemOps, project.getProjectTeamCollection(), dataset.getPermission());
    }

    private List<AclEntry> getDatasetAcl(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.USER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.GROUP).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.GROUP).setName(str).setScope(AclEntryScope.ACCESS).setPermission(FsAction.READ_EXECUTE).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.OTHER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.NONE).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.GROUP).setName(str).setScope(AclEntryScope.DEFAULT).setPermission(FsAction.READ_EXECUTE).build());
        return arrayList;
    }

    public void deleteGroups(List<HdfsGroups> list) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            Iterator<HdfsGroups> it = list.iterator();
            while (it.hasNext()) {
                distributedFileSystemOps.removeGroup(it.next().getName());
            }
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void deleteUsers(Collection<HdfsUsers> collection) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            Iterator<HdfsUsers> it = collection.iterator();
            while (it.hasNext()) {
                distributedFileSystemOps.removeUser(it.next().getName());
            }
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void deleteDatasetGroups(Project project, Dataset dataset) throws IOException {
        if (dataset == null) {
            throw new IllegalArgumentException("One or more arguments are null.");
        }
        String hdfsGroupName = getHdfsGroupName(dataset);
        String hdfsAclGroupName = getHdfsAclGroupName(project, dataset);
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            distributedFileSystemOps.removeGroup(hdfsGroupName);
            distributedFileSystemOps.removeGroup(hdfsAclGroupName);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public List<HdfsUsers> getAllProjectHdfsUsers(String str) {
        return this.hdfsUsersFacade.findProjectUsers(str);
    }

    public List<HdfsGroups> getAllProjectHdfsGroups(String str) {
        return this.hdfsGroupsFacade.findProjectGroups(str);
    }

    public List<HdfsGroups> listProjectGroups(Project project, List<Dataset> list) {
        if (project == null) {
            throw new IllegalArgumentException("One or more arguments are null.");
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.hdfsGroupsFacade.findByName(project.getName()));
        Iterator<Dataset> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(this.hdfsGroupsFacade.findByName(getHdfsGroupName(project, it.next())));
        }
        return arrayList;
    }

    public String getHdfsUserName(Project project, Users users) {
        if (project == null || users == null) {
            throw new IllegalArgumentException("project or user were not provided");
        }
        return project.getName() + "__" + users.getUsername();
    }

    public String getUserName(String str) {
        return str.split("__")[1];
    }

    public String getProjectName(String str) {
        return str.split("__")[0];
    }

    public String getHdfsGroupName(Project project, Dataset dataset) {
        if (project == null || dataset == null) {
            return null;
        }
        return project.getName() + "__" + dataset.getName();
    }

    public String getHdfsAclGroupName(Project project, Dataset dataset) {
        return getHdfsGroupName(project, dataset) + "__" + Settings.KAFKA_ACL_OPERATION_TYPE_READ;
    }

    public String getHdfsGroupName(Project project, String str) {
        if (project == null || str == null) {
            return null;
        }
        return project.getName() + "__" + str;
    }

    public String getHdfsGroupName(Dataset dataset) {
        if (dataset == null) {
            return null;
        }
        return dataset.getProject().getName() + "__" + dataset.getName();
    }

    public void makeImmutable(Path path, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.USER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.READ_EXECUTE).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.GROUP).setScope(AclEntryScope.ACCESS).setPermission(FsAction.READ_EXECUTE).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.OTHER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.NONE).build());
        distributedFileSystemOps.setPermission(path, arrayList);
    }

    public void undoImmutable(Path path, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.USER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.GROUP).setScope(AclEntryScope.ACCESS).setPermission(FsAction.ALL).build());
        arrayList.add(new AclEntry.Builder().setType(AclEntryType.OTHER).setScope(AclEntryScope.ACCESS).setPermission(FsAction.NONE).build());
        distributedFileSystemOps.setPermission(path, arrayList);
    }

    public void addNewProjectMember(ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            addNewProjectMember(projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void addNewMember(ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            addNewMember(projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void addNewMember(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            addNewMember(dataset, datasetAccessPermission, projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void addNewProjectMember(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        createUserIfNotExist(projectTeam, distributedFileSystemOps);
        if (AllowedRoles.DATA_OWNER.equals(projectTeam.getTeamRole())) {
            addToGroup(projectTeam.getProject().getName(), projectTeam, distributedFileSystemOps);
        }
        addNewMember(projectTeam, distributedFileSystemOps);
    }

    public void addNewMember(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        createUserIfNotExist(projectTeam, distributedFileSystemOps);
        for (Dataset dataset : projectTeam.getProject().getDatasetCollection()) {
            addNewMember(dataset, dataset.getPermission(), projectTeam, distributedFileSystemOps);
        }
        for (DatasetSharedWith datasetSharedWith : projectTeam.getProject().getDatasetSharedWithCollection()) {
            addNewMember(datasetSharedWith.getDataset(), datasetSharedWith.getPermission(), projectTeam, distributedFileSystemOps);
        }
    }

    public void removeMember(ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            removeMember(projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void removeUserName(ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            removeUserName(projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void removeMember(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            removeMember(dataset, datasetAccessPermission, projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void removeUserName(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        distributedFileSystemOps.removeUser(getHdfsUserName(projectTeam.getProject(), projectTeam.getUser()));
    }

    public void removeMember(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        for (Dataset dataset : projectTeam.getProject().getDatasetCollection()) {
            removeMember(dataset, dataset.getPermission(), projectTeam, distributedFileSystemOps);
        }
        for (DatasetSharedWith datasetSharedWith : projectTeam.getProject().getDatasetSharedWithCollection()) {
            removeMember(datasetSharedWith.getDataset(), datasetSharedWith.getPermission(), projectTeam, distributedFileSystemOps);
        }
    }

    public void changeMemberRole(ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            changeMemberRole(projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void changeMemberRole(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam) throws IOException {
        DistributedFileSystemOps distributedFileSystemOps = null;
        try {
            distributedFileSystemOps = this.dfsService.getDfsOps();
            changeMemberRole(dataset, datasetAccessPermission, projectTeam, distributedFileSystemOps);
            this.dfsService.closeDfsClient(distributedFileSystemOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(distributedFileSystemOps);
            throw th;
        }
    }

    public void changeMemberRole(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (AllowedRoles.DATA_OWNER.equals(projectTeam.getTeamRole())) {
            addToGroup(projectTeam.getProject().getName(), projectTeam, distributedFileSystemOps);
        } else {
            removeFromGroup(projectTeam.getProject().getName(), projectTeam, distributedFileSystemOps);
        }
        for (Dataset dataset : projectTeam.getProject().getDatasetCollection()) {
            changeMemberRole(dataset, dataset.getPermission(), projectTeam, distributedFileSystemOps);
        }
        for (DatasetSharedWith datasetSharedWith : projectTeam.getProject().getDatasetSharedWithCollection()) {
            changeMemberRole(datasetSharedWith.getDataset(), datasetSharedWith.getPermission(), projectTeam, distributedFileSystemOps);
        }
    }

    public void addNewMember(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        addNewMember(getHdfsGroupName(dataset.getProject(), dataset), getHdfsAclGroupName(dataset.getProject(), dataset), getHdfsUserName(projectTeam.getProject(), projectTeam.getUser()), datasetAccessPermission, projectTeam, distributedFileSystemOps);
    }

    private void addNewMember(String str, String str2, String str3, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        switch (AnonymousClass1.$SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[datasetAccessPermission.ordinal()]) {
            case Settings.IS_ONLINE /* 1 */:
                addToGroup(str3, str, distributedFileSystemOps);
                return;
            case 2:
                if (AllowedRoles.DATA_OWNER.equals(projectTeam.getTeamRole())) {
                    addToGroup(str3, str, distributedFileSystemOps);
                    return;
                } else {
                    addToGroup(str3, str2, distributedFileSystemOps);
                    return;
                }
            case Settings.INFERENCE_SCHEMAVERSION /* 3 */:
                addToGroup(str3, str2, distributedFileSystemOps);
                return;
            default:
                throw new IOException("Unknown permission for dataset: " + str);
        }
    }

    public void addMembersToGroups(String str, String str2, DistributedFileSystemOps distributedFileSystemOps, Collection<ProjectTeam> collection, DatasetAccessPermission datasetAccessPermission) throws IOException {
        if (collection == null || collection.isEmpty()) {
            return;
        }
        for (ProjectTeam projectTeam : collection) {
            addNewMember(str, str2, getHdfsUserName(projectTeam.getProject(), projectTeam.getUser()), datasetAccessPermission, projectTeam, distributedFileSystemOps);
        }
    }

    public void removeMember(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        String hdfsGroupName = getHdfsGroupName(dataset.getProject(), dataset);
        String hdfsAclGroupName = getHdfsAclGroupName(dataset.getProject(), dataset);
        String hdfsUserName = getHdfsUserName(projectTeam.getProject(), projectTeam.getUser());
        switch (AnonymousClass1.$SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[datasetAccessPermission.ordinal()]) {
            case Settings.IS_ONLINE /* 1 */:
                removeFromGroup(hdfsUserName, hdfsGroupName, distributedFileSystemOps);
                return;
            case 2:
                if (AllowedRoles.DATA_OWNER.equals(projectTeam.getTeamRole())) {
                    removeFromGroup(hdfsUserName, hdfsGroupName, distributedFileSystemOps);
                    return;
                } else {
                    removeFromGroup(hdfsUserName, hdfsAclGroupName, distributedFileSystemOps);
                    return;
                }
            case Settings.INFERENCE_SCHEMAVERSION /* 3 */:
                removeFromGroup(hdfsUserName, hdfsAclGroupName, distributedFileSystemOps);
                return;
            default:
                throw new IOException("Unknown permission for dataset: " + dataset.getName());
        }
    }

    public void changeMemberRole(Dataset dataset, DatasetAccessPermission datasetAccessPermission, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        String hdfsGroupName = getHdfsGroupName(dataset.getProject(), dataset);
        String hdfsAclGroupName = getHdfsAclGroupName(dataset.getProject(), dataset);
        String hdfsUserName = getHdfsUserName(projectTeam.getProject(), projectTeam.getUser());
        switch (AnonymousClass1.$SwitchMap$io$hops$hopsworks$persistence$entity$dataset$DatasetAccessPermission[datasetAccessPermission.ordinal()]) {
            case Settings.IS_ONLINE /* 1 */:
            case Settings.INFERENCE_SCHEMAVERSION /* 3 */:
                return;
            case 2:
                if (AllowedRoles.DATA_OWNER.equals(projectTeam.getTeamRole())) {
                    removeFromGroup(hdfsUserName, hdfsAclGroupName, distributedFileSystemOps);
                    addToGroup(hdfsUserName, hdfsGroupName, distributedFileSystemOps);
                    return;
                } else {
                    removeFromGroup(hdfsUserName, hdfsGroupName, distributedFileSystemOps);
                    addToGroup(hdfsUserName, hdfsAclGroupName, distributedFileSystemOps);
                    return;
                }
            default:
                throw new IOException("Unknown permission for dataset: " + dataset.getName());
        }
    }

    public void changePermission(Dataset dataset, Project project, PermissionTransition permissionTransition) throws IOException {
        DistributedFileSystemOps dfsOps = this.dfsService.getDfsOps();
        try {
            dfsOps = this.dfsService.getDfsOps();
            changePermission(dataset, project, permissionTransition, dfsOps);
            this.dfsService.closeDfsClient(dfsOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(dfsOps);
            throw th;
        }
    }

    public void changePermission(Dataset dataset, Project project, PermissionTransition permissionTransition, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        Iterator it = project.getProjectTeamCollection().iterator();
        while (it.hasNext()) {
            changePermission(dataset, (ProjectTeam) it.next(), permissionTransition, distributedFileSystemOps);
        }
    }

    public void changePermission(Dataset dataset, ProjectTeam projectTeam, PermissionTransition permissionTransition) throws IOException {
        DistributedFileSystemOps dfsOps = this.dfsService.getDfsOps();
        try {
            dfsOps = this.dfsService.getDfsOps();
            changePermission(dataset, projectTeam, permissionTransition, dfsOps);
            this.dfsService.closeDfsClient(dfsOps);
        } catch (Throwable th) {
            this.dfsService.closeDfsClient(dfsOps);
            throw th;
        }
    }

    public void changePermission(Dataset dataset, ProjectTeam projectTeam, PermissionTransition permissionTransition, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        String hdfsUserName = getHdfsUserName(projectTeam.getProject(), projectTeam.getUser());
        String hdfsGroupName = getHdfsGroupName(dataset.getProject(), dataset);
        String hdfsAclGroupName = getHdfsAclGroupName(dataset.getProject(), dataset);
        switch (AnonymousClass1.$SwitchMap$io$hops$hopsworks$persistence$entity$dataset$PermissionTransition[permissionTransition.ordinal()]) {
            case Settings.IS_ONLINE /* 1 */:
            case 2:
            case Settings.INFERENCE_SCHEMAVERSION /* 3 */:
                return;
            case 4:
                changePermissionEditableToEditableByOwners(hdfsGroupName, hdfsAclGroupName, hdfsUserName, projectTeam.getTeamRole(), distributedFileSystemOps);
                return;
            case 5:
                changePermissionEditableToReadOnly(hdfsGroupName, hdfsAclGroupName, hdfsUserName, distributedFileSystemOps);
                return;
            case UserValidator.PASSWORD_MIN_LENGTH /* 6 */:
                changePermissionEditableByOwnersToEditable(hdfsGroupName, hdfsAclGroupName, hdfsUserName, projectTeam.getTeamRole(), distributedFileSystemOps);
                return;
            case 7:
                changePermissionEditableByOwnersToReadOnly(hdfsGroupName, hdfsAclGroupName, hdfsUserName, projectTeam.getTeamRole(), distributedFileSystemOps);
                return;
            case 8:
                changePermissionReadOnlyToEditable(hdfsGroupName, hdfsAclGroupName, hdfsUserName, distributedFileSystemOps);
                return;
            case 9:
                changePermissionReadOnlyToEditableByOwners(hdfsGroupName, hdfsAclGroupName, hdfsUserName, projectTeam.getTeamRole(), distributedFileSystemOps);
                return;
            default:
                throw new IllegalArgumentException("Illegal permission transition.");
        }
    }

    private void changePermissionReadOnlyToEditableByOwners(String str, String str2, String str3, String str4, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (AllowedRoles.DATA_OWNER.equals(str4)) {
            removeFromGroup(str3, str2, distributedFileSystemOps);
            addToGroup(str3, str, distributedFileSystemOps);
        }
    }

    private void changePermissionReadOnlyToEditable(String str, String str2, String str3, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        removeFromGroup(str3, str2, distributedFileSystemOps);
        addToGroup(str3, str, distributedFileSystemOps);
    }

    private void changePermissionEditableByOwnersToReadOnly(String str, String str2, String str3, String str4, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (AllowedRoles.DATA_OWNER.equals(str4)) {
            removeFromGroup(str3, str, distributedFileSystemOps);
            addToGroup(str3, str2, distributedFileSystemOps);
        }
    }

    private void changePermissionEditableByOwnersToEditable(String str, String str2, String str3, String str4, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (AllowedRoles.DATA_SCIENTIST.equals(str4)) {
            removeFromGroup(str3, str2, distributedFileSystemOps);
            addToGroup(str3, str, distributedFileSystemOps);
        }
    }

    private void changePermissionEditableToReadOnly(String str, String str2, String str3, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        removeFromGroup(str3, str, distributedFileSystemOps);
        addToGroup(str3, str2, distributedFileSystemOps);
    }

    private void changePermissionEditableToEditableByOwners(String str, String str2, String str3, String str4, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (AllowedRoles.DATA_SCIENTIST.equals(str4)) {
            removeFromGroup(str3, str, distributedFileSystemOps);
            addToGroup(str3, str2, distributedFileSystemOps);
        }
    }

    private void addToGroup(String str, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        addToGroup(getHdfsUserName(projectTeam.getProject(), projectTeam.getUser()), str, distributedFileSystemOps);
    }

    private void removeFromGroup(String str, ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        removeFromGroup(getHdfsUserName(projectTeam.getProject(), projectTeam.getUser()), str, distributedFileSystemOps);
    }

    private void removeFromGroup(String str, String str2, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        removeFromGroup(this.hdfsUsersFacade.findByName(str), this.hdfsGroupsFacade.findByName(str2), distributedFileSystemOps);
    }

    public void removeFromGroup(HdfsUsers hdfsUsers, HdfsGroups hdfsGroups, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (hdfsGroups.hasUser(hdfsUsers)) {
            distributedFileSystemOps.removeUserFromGroup(hdfsUsers.getName(), hdfsGroups.getName());
        }
    }

    public void addToGroup(String str, String str2, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        try {
            distributedFileSystemOps.addUserToGroup(str, str2);
        } catch (UserAlreadyInGroupException e) {
        }
    }

    private void createUserIfNotExist(ProjectTeam projectTeam, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        String hdfsUserName = getHdfsUserName(projectTeam.getProject(), projectTeam.getUser());
        if (this.hdfsUsersFacade.findByName(hdfsUserName) == null) {
            distributedFileSystemOps.addUser(hdfsUserName);
        }
    }

    public HdfsUsers getOrCreateUser(String str, DistributedFileSystemOps distributedFileSystemOps) throws IOException {
        if (this.hdfsUsersFacade.findByName(str) == null) {
            distributedFileSystemOps.addUser(str);
        }
        return this.hdfsUsersFacade.findByName(str);
    }
}
