package com.ibm.datatools.ddl.service.change.db2.luw;

import com.ibm.datatools.ddl.service.Copyright;
import com.ibm.datatools.ddl.service.change.Change;
import com.ibm.datatools.ddl.service.change.ChangeMap;
import com.ibm.datatools.ddl.service.command.ChangeCommand;
import com.ibm.datatools.ddl.service.command.db2.luw.LuwGrantCommand;
import com.ibm.datatools.ddl.service.command.db2.luw.LuwRevokeCommand;
import com.ibm.db.models.db2.DB2Package;
import com.ibm.db.models.db2.luw.LUWTableSpace;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import org.eclipse.datatools.connectivity.sqm.core.containment.ContainmentServiceImpl;
import org.eclipse.datatools.modelbase.sql.accesscontrol.AuthorizationIdentifier;
import org.eclipse.datatools.modelbase.sql.accesscontrol.Group;
import org.eclipse.datatools.modelbase.sql.accesscontrol.Privilege;
import org.eclipse.datatools.modelbase.sql.routines.Routine;
import org.eclipse.datatools.modelbase.sql.schema.Database;
import org.eclipse.datatools.modelbase.sql.schema.SQLObject;
import org.eclipse.datatools.modelbase.sql.tables.Table;
import org.eclipse.datatools.modelbase.sql.tables.ViewTable;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.ecore.EObject;

/* loaded from: input_file:com/ibm/datatools/ddl/service/change/db2/luw/LUWPrivilegeChange.class */
public class LUWPrivilegeChange extends LUWChange {
    private static final String CONTROL = "CONTROL";
    private static final String ALTER = "ALTER";
    private static final String INDEX = "INDEX";
    private static final String REFERENCES = "REFERENCES";
    private static final String INSERT = "INSERT";
    private static final String DELETE = "DELETE";
    private static final String SELECT = "SELECT";
    private static final String UPDATE = "UPDATE";
    private static final String DBADM = "DBADM";
    private static final String CREATE_EXTERNAL_ROUTINE = "CREATE_EXTERNAL_ROUTINE";
    private static final String CREATE_NOT_FENCED_ROUTINE = "CREATE_NOT_FENCED_ROUTINE";
    private static final String SYSIBM = "SYSIBM";
    private static final String PUBLIC = "PUBLIC";
    private static final String VERSION_95 = "V9.5";
    private static final Pattern SYSSPACE = Pattern.compile("^SYS*");
    private final Privilege beforePrivilege;
    private final Privilege afterPrivilege;
    private Set<String> privilegesToRevoke;

    /* JADX INFO: Access modifiers changed from: protected */
    public LUWPrivilegeChange(SQLObject sQLObject, SQLObject sQLObject2) {
        super(sQLObject, sQLObject2);
        this.privilegesToRevoke = new HashSet();
        this.beforePrivilege = getBeforeObject();
        this.afterPrivilege = getAfterObject();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.datatools.ddl.service.change.Change
    public void analyzeState(Change change) {
        super.analyzeState(change);
        if (change == null || !mustNotChange(change)) {
            return;
        }
        changeState(Change.State.UNCHANGEABLE);
        clearIsImpactAnalysisRequired();
    }

    public void analyzeWithCause(Change change) {
        if (needsDropStatement()) {
            if (CREATE_EXTERNAL_ROUTINE.equals(this.beforePrivilege.getAction())) {
                Database rootElement = ContainmentServiceImpl.INSTANCE.getRootElement(this.beforePrivilege);
                if (change.needsDropStatement() && (rootElement instanceof Database) && rootElement.getVersion().equals(VERSION_95)) {
                    handleSpecialV95RevokeScenario(this.beforePrivilege);
                }
            } else if (CONTROL.equalsIgnoreCase(this.beforePrivilege.getAction()) && isUndoChange()) {
                handleUndoRevokeControl(this.beforePrivilege);
            }
            this.privilegesToRevoke.add(this.beforePrivilege.getAction());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.datatools.ddl.service.change.Change
    public boolean mustNotChange() {
        Privilege object = getObject();
        if ((object.getGrantee() instanceof Group) && isGroupPUBLIC(object.getGrantee().getName())) {
            return false;
        }
        if (isSYSIBMUser(object)) {
            return true;
        }
        return isSYSIBM(object.getGrantor()) && getParentChange() != null;
    }

    @Override // com.ibm.datatools.ddl.service.change.Change
    protected boolean mustNotChange(Change change) {
        Privilege object = getObject();
        if (change.getObject() instanceof LUWTableSpace) {
            if (isDefaultOrSystemTablespace(change.getObject())) {
                return true;
            }
        } else if (((change.getObject() instanceof Routine) || (change.getObject() instanceof DB2Package)) && ((change.isDropCreate() || change.isUnchanged()) && (object.getObject() instanceof DB2Package))) {
            return true;
        }
        if (change.getState() == Change.State.UNCHANGED) {
            if (change.getParentChange() != null && isCauseChangeDROPCREATE(change.getParentChange())) {
                return true;
            }
        } else if (isCauseChangeDROPCREATE(change)) {
            return true;
        }
        return isSYSIBMUser(object);
    }

    private boolean isCauseChangeDROPCREATE(Change change) {
        if (isSYSIBM(getObject().getGrantor())) {
            return (change.getState() == Change.State.CREATE || change.getState() == Change.State.DROP || change.getState() == Change.State.DROPCREATE) && !(change instanceof LUWPrivilegeChange);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.datatools.ddl.service.change.Change
    public boolean mustDrop() {
        return isGranteeDeleted();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.datatools.ddl.service.change.Change
    public boolean mustDropCreate() {
        return needsAlterStatement() || arePropertiesChanged(this.beforePrivilege, this.afterPrivilege) || isGranteeNameChanged(this.beforePrivilege.getGrantee(), this.afterPrivilege.getGrantee());
    }

    private static boolean isDefaultOrSystemTablespace(LUWTableSpace lUWTableSpace) {
        return SYSSPACE.matcher(lUWTableSpace.getName()).find() || getDefaultUserSpace().equals(lUWTableSpace.getName()) || getDefaultTemptableSpace().equals(lUWTableSpace.getName());
    }

    private static boolean isSYSIBMUser(Privilege privilege) {
        return isSYSIBM(privilege.getGrantee());
    }

    private static boolean isSYSIBM(AuthorizationIdentifier authorizationIdentifier) {
        return authorizationIdentifier != null && SYSIBM.equalsIgnoreCase(authorizationIdentifier.getName());
    }

    private static boolean isGroupPUBLIC(String str) {
        return str != null && PUBLIC.equalsIgnoreCase(str);
    }

    private void handleSpecialV95RevokeScenario(Privilege privilege) {
        boolean z = false;
        Iterator it = privilege.getGrantee().getReceivedPrivilege().iterator();
        while (it.hasNext()) {
            String action = ((Privilege) it.next()).getAction();
            if (CREATE_NOT_FENCED_ROUTINE.equals(action)) {
                return;
            }
            if (DBADM.equals(action)) {
                z = true;
            }
        }
        if (z) {
            this.privilegesToRevoke.add(CREATE_NOT_FENCED_ROUTINE);
        }
    }

    private void handleUndoRevokeControl(Privilege privilege) {
        Set<String> grantControlActions = getGrantControlActions(privilege.getObject());
        if (grantControlActions == null || grantControlActions.size() == 0) {
            return;
        }
        grantControlActions.removeAll(getPrivilegeActionsForUser(privilege.getGrantee().getName(), privilege.getObject().getPrivileges()));
        Iterator<String> it = grantControlActions.iterator();
        while (it.hasNext()) {
            this.privilegesToRevoke.add(it.next());
        }
    }

    private static List<String> getPrivilegeActionsForUser(String str, EList<Privilege> eList) {
        ArrayList arrayList = new ArrayList();
        for (Privilege privilege : eList) {
            if (privilege.getGrantee().getName().equals(str)) {
                arrayList.add(privilege.getAction());
            }
        }
        return arrayList;
    }

    private boolean isGranteeDeleted() {
        return (this.beforePrivilege == null || this.afterPrivilege == null || this.beforePrivilege.getGrantee() == null || this.afterPrivilege.getGrantee() != null) ? false : true;
    }

    @Override // com.ibm.datatools.ddl.service.change.Change
    public List<ChangeCommand> getChangeCommands(ChangeMap changeMap) {
        ArrayList arrayList = new ArrayList();
        if (needsDropStatement()) {
            Iterator<String> it = this.privilegesToRevoke.iterator();
            while (it.hasNext()) {
                arrayList.add(new LuwRevokeCommand(this.beforePrivilege, it.next()));
            }
        }
        if (needsCreateStatement()) {
            arrayList.add(new LuwGrantCommand(this.afterPrivilege));
        }
        return arrayList;
    }

    private static Set<String> getGrantControlActions(EObject eObject) {
        String[] strArr = new String[0];
        if (eObject instanceof ViewTable) {
            strArr = new String[]{DELETE, INSERT, SELECT, UPDATE};
        } else if (eObject instanceof Table) {
            strArr = new String[]{DELETE, INSERT, SELECT, UPDATE, "ALTER", INDEX, REFERENCES};
        }
        return new HashSet(Arrays.asList(strArr));
    }

    public static String copyright() {
        return Copyright.IBM_COPYRIGHT;
    }
}
