package io.hops.hopsworks.common.hdfs;

import io.hops.hopsworks.common.dao.hdfs.HdfsLeDescriptorsFacade;
import io.hops.hopsworks.common.dao.hdfsUser.HdfsUsersFacade;
import io.hops.hopsworks.common.hdfs.inode.InodeController;
import io.hops.hopsworks.common.security.BaseHadoopClientsService;
import io.hops.hopsworks.common.util.Settings;
import io.hops.hopsworks.exceptions.CryptoPasswordNotFoundException;
import io.hops.hopsworks.persistence.entity.hdfs.inode.Inode;
import io.hops.hopsworks.persistence.entity.hdfs.user.HdfsGroups;
import io.hops.hopsworks.persistence.entity.project.Project;
import io.hops.hopsworks.persistence.entity.user.Users;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.net.HopsSSLSocketFactory;
import org.apache.hadoop.security.UserGroupInformation;

@Stateless
/* loaded from: input_file:io/hops/hopsworks/common/hdfs/DistributedFsService.class */
public class DistributedFsService {
    public static final String HOPSFS_SCHEME = "hopsfs://";
    private static final Logger logger = Logger.getLogger(DistributedFsService.class.getName());

    @EJB
    private InodeController inodeController;

    @EJB
    private HdfsUsersFacade hdfsUsersFacade;

    @EJB
    private HdfsUsersController hdfsUsersController;

    @EJB
    private HdfsLeDescriptorsFacade hdfsLeDescriptorsFacade;

    @EJB
    private Settings settings;

    @EJB
    private BaseHadoopClientsService bhcs;
    private Configuration conf;
    private String hadoopConfDir;
    private String transientDir;
    private UserGroupInformation loginUser;

    @PostConstruct
    public void init() {
        try {
            this.loginUser = UserGroupInformation.getLoginUser();
            System.setProperty("hadoop.home.dir", this.settings.getHadoopSymbolicLinkDir());
            this.hadoopConfDir = this.settings.getHadoopConfDir();
            File file = new File(this.hadoopConfDir, Settings.DEFAULT_HADOOP_CONFFILE_NAME);
            if (!file.exists()) {
                logger.log(Level.SEVERE, "Unable to locate configuration file in {0}", file);
                throw new IllegalStateException("No hadoop conf file: core-site.xml");
            }
            File file2 = new File(this.hadoopConfDir, "hdfs-site.xml");
            if (!file2.exists()) {
                logger.log(Level.SEVERE, "Unable to locate configuration file in {0}", file2);
                throw new IllegalStateException("No hdfs conf file: hdfs-site.xml");
            }
            Path path = new Path(file2.getAbsolutePath());
            Path path2 = new Path(file.getAbsolutePath());
            this.conf = new Configuration();
            this.conf.addResource(path2);
            this.conf.addResource(path);
            this.conf.set("fs.permissions.umask-mode", Settings.SPARK_HADOOP_FS_PERMISSIONS_UMASK_DEFAULT);
            this.conf.setStrings("dfs.namenode.rpc-address", new String[]{this.hdfsLeDescriptorsFacade.getRPCEndpoint()});
            if (this.settings.getHopsRpcTls()) {
                this.transientDir = this.settings.getHopsworksTmpCertDir();
            }
        } catch (IOException e) {
            logger.log(Level.SEVERE, "Could not get login user", (Throwable) e);
            throw new IllegalStateException(e);
        }
    }

    @PreDestroy
    public void preDestroy() {
        this.conf.clear();
        this.conf = null;
    }

    public DistributedFileSystemOps getDfsOps() {
        if (!this.settings.getHopsRpcTls()) {
            return new DistributedFileSystemOps(UserGroupInformation.createRemoteUser(this.loginUser.getUserName()), this.conf);
        }
        Configuration configuration = new Configuration(this.conf);
        HopsSSLSocketFactory.setTlsConfiguration(this.bhcs.getSuperKeystorePath(), this.bhcs.getSuperKeystorePassword(), this.bhcs.getSuperTrustStorePath(), this.bhcs.getSuperTrustStorePassword(), configuration);
        return new DistributedFileSystemOps(UserGroupInformation.createRemoteUser(this.loginUser.getUserName()), configuration);
    }

    public DistributedFileSystemOps getDfsOps(URI uri) {
        if (!this.settings.getHopsRpcTls()) {
            return new DistributedFileSystemOps(UserGroupInformation.createRemoteUser(this.loginUser.getUserName()), this.conf, uri);
        }
        Configuration configuration = new Configuration(this.conf);
        HopsSSLSocketFactory.setTlsConfiguration(this.bhcs.getSuperKeystorePath(), this.bhcs.getSuperKeystorePassword(), this.bhcs.getSuperTrustStorePath(), this.bhcs.getSuperTrustStorePassword(), configuration);
        return new DistributedFileSystemOps(UserGroupInformation.createRemoteUser(this.loginUser.getUserName()), configuration, uri);
    }

    public DistributedFileSystemOps getDfsOps(Project project, Users users) {
        return getDfsOps(this.hdfsUsersController.getHdfsUserName(project, users));
    }

    public DistributedFileSystemOps getDfsOps(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("username not provided.");
        }
        try {
            UserGroupInformation createProxyUser = UserGroupInformation.createProxyUser(str, UserGroupInformation.getLoginUser());
            if (!this.settings.getHopsRpcTls()) {
                return new DistributedFileSystemOps(createProxyUser, this.conf);
            }
            try {
                this.bhcs.materializeCertsForNonSuperUser(str);
                Configuration configuration = new Configuration(this.conf);
                this.bhcs.configureTlsForProjectSpecificUser(str, this.transientDir, configuration);
                return new DistributedFileSystemOps(createProxyUser, configuration);
            } catch (CryptoPasswordNotFoundException e) {
                logger.log(Level.SEVERE, e.getMessage(), e);
                this.bhcs.removeNonSuperUserCertificate(str);
                return null;
            }
        } catch (IOException e2) {
            logger.log(Level.SEVERE, (String) null, (Throwable) e2);
            return null;
        }
    }

    public void closeDfsClient(DistributedFileSystemOps distributedFileSystemOps) {
        if (null != distributedFileSystemOps) {
            if (this.settings.getHopsRpcTls() && !distributedFileSystemOps.getEffectiveUser().equals(this.loginUser.getUserName())) {
                this.bhcs.removeNonSuperUserCertificate(distributedFileSystemOps.getEffectiveUser());
            }
            distributedFileSystemOps.close();
        }
    }

    public DistributedFileSystemOps getDfsOpsForTesting(String str) {
        if (str == null || str.isEmpty()) {
            throw new NullPointerException("username not set.");
        }
        Collection hdfsGroupsCollection = this.hdfsUsersFacade.findByName(str).getHdfsGroupsCollection();
        String[] strArr = new String[hdfsGroupsCollection.size()];
        Iterator it = hdfsGroupsCollection.iterator();
        int i = 0;
        while (it.hasNext()) {
            strArr[i] = ((HdfsGroups) it.next()).getName();
            i++;
        }
        try {
            UserGroupInformation createProxyUserForTesting = UserGroupInformation.createProxyUserForTesting(str, UserGroupInformation.getLoginUser(), strArr);
            if (!this.settings.getHopsRpcTls()) {
                return new DistributedFileSystemOps(createProxyUserForTesting, this.conf);
            }
            try {
                this.bhcs.materializeCertsForNonSuperUser(str);
                Configuration configuration = new Configuration(this.conf);
                this.bhcs.configureTlsForProjectSpecificUser(str, this.transientDir, configuration);
                return new DistributedFileSystemOps(createProxyUserForTesting, configuration);
            } catch (CryptoPasswordNotFoundException e) {
                logger.log(Level.SEVERE, e.getMessage(), e);
                this.bhcs.removeNonSuperUserCertificate(str);
                return null;
            }
        } catch (IOException e2) {
            logger.log(Level.SEVERE, (String) null, (Throwable) e2);
            return null;
        }
    }

    public UserGroupInformation getLoginUser() {
        return this.loginUser;
    }

    @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
    public boolean isDir(String str) {
        Inode inodeAtPath = this.inodeController.getInodeAtPath(str);
        if (inodeAtPath != null) {
            return inodeAtPath.isDir();
        }
        return false;
    }

    @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
    public Inode getInode(String str) {
        return this.inodeController.getInodeAtPath(str);
    }

    @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
    public List<String> getChildNames(String str) {
        Inode inodeAtPath = this.inodeController.getInodeAtPath(str);
        if (!inodeAtPath.isDir()) {
            return Collections.EMPTY_LIST;
        }
        List<Inode> children = this.inodeController.getChildren(inodeAtPath);
        ArrayList arrayList = new ArrayList(children.size());
        for (Inode inode : children) {
            if (!inode.isDir()) {
                arrayList.add(inode.getInodePK().getName());
            }
        }
        return arrayList;
    }

    public List<Inode> getChildInodes(String str) {
        Inode inodeAtPath = this.inodeController.getInodeAtPath(str);
        return inodeAtPath.isDir() ? this.inodeController.getChildren(inodeAtPath) : Collections.EMPTY_LIST;
    }
}
