package org.apache.geode.security.templates;

import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
import org.apache.geode.LogWriter;
import org.apache.geode.cache.Cache;
import org.apache.geode.cache.operations.OperationContext;
import org.apache.geode.distributed.DistributedMember;
import org.apache.geode.security.AccessControl;
import org.apache.geode.security.NotAuthorizedException;

/* loaded from: input_file:org/apache/geode/security/templates/DummyAuthorization.class */
public class DummyAuthorization implements AccessControl {
    private final Set allowedOps = new HashSet(20);
    private DistributedMember remoteMember;
    private LogWriter securityLogWriter;
    public static final OperationContext.OperationCode[] READER_OPS = {OperationContext.OperationCode.GET, OperationContext.OperationCode.QUERY, OperationContext.OperationCode.EXECUTE_CQ, OperationContext.OperationCode.CLOSE_CQ, OperationContext.OperationCode.STOP_CQ, OperationContext.OperationCode.REGISTER_INTEREST, OperationContext.OperationCode.UNREGISTER_INTEREST, OperationContext.OperationCode.KEY_SET, OperationContext.OperationCode.CONTAINS_KEY, OperationContext.OperationCode.EXECUTE_FUNCTION};
    public static final OperationContext.OperationCode[] WRITER_OPS = {OperationContext.OperationCode.PUT, OperationContext.OperationCode.PUTALL, OperationContext.OperationCode.DESTROY, OperationContext.OperationCode.INVALIDATE, OperationContext.OperationCode.REGION_CLEAR};

    public static AccessControl create() {
        return new DummyAuthorization();
    }

    public void init(Principal principal, DistributedMember distributedMember, Cache cache) throws NotAuthorizedException {
        String lowerCase;
        if (principal != null && (lowerCase = principal.getName().toLowerCase()) != null) {
            if (lowerCase.equals("root") || lowerCase.equals("admin") || lowerCase.equals("administrator")) {
                addReaderOps();
                addWriterOps();
                this.allowedOps.add(OperationContext.OperationCode.REGION_CREATE);
                this.allowedOps.add(OperationContext.OperationCode.REGION_DESTROY);
            } else if (lowerCase.startsWith("writer")) {
                addWriterOps();
            } else if (lowerCase.startsWith("reader")) {
                addReaderOps();
            }
        }
        this.remoteMember = distributedMember;
        this.securityLogWriter = cache.getSecurityLogger();
    }

    public boolean authorizeOperation(String str, OperationContext operationContext) {
        OperationContext.OperationCode operationCode = operationContext.getOperationCode();
        this.securityLogWriter.fine("Invoked authorize operation for [" + operationCode + "] in region [" + str + "] for client: " + this.remoteMember);
        return this.allowedOps.contains(operationCode);
    }

    public void close() {
        this.allowedOps.clear();
    }

    private void addReaderOps() {
        for (OperationContext.OperationCode operationCode : READER_OPS) {
            this.allowedOps.add(operationCode);
        }
    }

    private void addWriterOps() {
        for (OperationContext.OperationCode operationCode : WRITER_OPS) {
            this.allowedOps.add(operationCode);
        }
    }
}
