package uk.ac.ox.it.ords.security.services.impl.hibernate;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.sql.rowset.CachedRowSet;
import javax.sql.rowset.RowSetProvider;
import org.apache.commons.configuration.Configuration;
import org.apache.log4j.Logger;
import uk.ac.ox.it.ords.security.configuration.MetaConfiguration;
import uk.ac.ox.it.ords.security.services.ODBCService;

/* loaded from: input_file:uk/ac/ox/it/ords/security/services/impl/hibernate/ODBCServiceImpl.class */
public class ODBCServiceImpl implements ODBCService {
    public static final String SCHEMA_NAME = "public";
    static Logger log = Logger.getLogger(ODBCServiceImpl.class);
    protected static String ORDS_DATABASE_NAME = "ords.database.name";
    protected static String ORDS_DATABASE_USER = "ords.database.user";
    protected static String ORDS_DATABASE_PASSWORD = "ords.database.password";

    @Override // uk.ac.ox.it.ords.security.services.ODBCService
    public void removeRole(String str, String str2, String str3) throws Exception {
        revokeFromDatabase(str, str2, str3);
        dropRole(str, str2, str3);
    }

    protected boolean revokeFromDatabase(String str, String str2, String str3) throws Exception {
        List<String> revokeStatement = getRevokeStatement(str, str3);
        runSQLStatements(revokeStatement, str2, str3);
        String specialRevokeStatement = getSpecialRevokeStatement(str);
        revokeStatement.clear();
        revokeStatement.add(specialRevokeStatement);
        runSQLStatements(revokeStatement, str2, str3);
        return true;
    }

    protected void dropRole(String str, String str2, String str3) throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(String.format("REASSIGN OWNED BY \"%s\" TO \"ords\"", str));
        arrayList.add(String.format("DROP ROLE \"%s\"", str));
        runSQLStatements(arrayList, str2, str3);
    }

    protected List<String> getRevokeStatement(String str, String str2) throws ClassNotFoundException, SQLException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(String.format("REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA \"%s\" FROM \"%s\";", SCHEMA_NAME, str));
        arrayList.add(String.format("revoke all on schema %s from \"%s\";", SCHEMA_NAME, str));
        arrayList.add(String.format("revoke connect on database \"%s\" from \"%s\";", str2, str));
        return arrayList;
    }

    protected String getSpecialRevokeStatement(String str) {
        return String.format("alter default privileges in schema %s revoke all on tables from \"%s\" ;", SCHEMA_NAME, str);
    }

    protected void runSQLStatements(List<String> list, String str, String str2) throws Exception {
        Connection connection = null;
        Properties properties = new Properties();
        PreparedStatement preparedStatement = null;
        Configuration configuration = MetaConfiguration.getConfiguration();
        properties.put("user", configuration.getString(ORDS_DATABASE_USER));
        properties.put("password", configuration.getString(ORDS_DATABASE_PASSWORD));
        try {
            connection = DriverManager.getConnection("jdbc:postgresql://" + str + "/" + str2, properties);
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                preparedStatement = connection.prepareStatement(it.next());
                preparedStatement.execute();
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (connection != null) {
                connection.close();
            }
        } catch (Throwable th) {
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    @Override // uk.ac.ox.it.ords.security.services.ODBCService
    public List<String> getAllODBCRolesForDatabase(String str, String str2) throws Exception {
        ArrayList arrayList = new ArrayList();
        CachedRowSet runJDBCQuery = runJDBCQuery(String.format("select rolname from pg_roles where rolname like '%s'", "%_ords_" + str2), null, str, MetaConfiguration.getConfiguration().getString(ORDS_DATABASE_NAME));
        while (runJDBCQuery.next()) {
            arrayList.add(runJDBCQuery.getString(1));
        }
        return arrayList;
    }

    protected CachedRowSet runJDBCQuery(String str, List<Object> list, String str2, String str3) throws Exception {
        Connection connection = null;
        Properties properties = new Properties();
        PreparedStatement preparedStatement = null;
        Configuration configuration = MetaConfiguration.getConfiguration();
        properties.put("user", configuration.getString(ORDS_DATABASE_USER));
        properties.put("password", configuration.getString(ORDS_DATABASE_PASSWORD));
        try {
            try {
                Connection connection2 = DriverManager.getConnection("jdbc:postgresql://" + str2 + "/" + str3, properties);
                PreparedStatement prepareStatement = connection2.prepareStatement(str);
                if (!str.toLowerCase().startsWith("select")) {
                    prepareStatement.execute();
                    log.debug("prepareAndExecuteStatement:return null");
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (connection2 != null) {
                        connection2.close();
                    }
                    return null;
                }
                ResultSet executeQuery = prepareStatement.executeQuery();
                CachedRowSet createCachedRowSet = RowSetProvider.newFactory().createCachedRowSet();
                createCachedRowSet.populate(executeQuery);
                log.debug("prepareAndExecuteStatement:return result");
                if (prepareStatement != null) {
                    prepareStatement.close();
                }
                if (connection2 != null) {
                    connection2.close();
                }
                return createCachedRowSet;
            } catch (SQLException e) {
                log.error("Error with this command", e);
                log.error("Query:" + str);
                throw e;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                preparedStatement.close();
            }
            if (0 != 0) {
                connection.close();
            }
            throw th;
        }
    }
}
