package org.ut.biolab.medsavant.server.serverapi;

import java.rmi.RemoteException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ut.biolab.medsavant.server.MedSavantServerUnicastRemoteObject;
import org.ut.biolab.medsavant.server.db.ConnectionController;
import org.ut.biolab.medsavant.server.db.PooledConnection;
import org.ut.biolab.medsavant.shared.model.SessionExpiredException;
import org.ut.biolab.medsavant.shared.model.UserLevel;
import org.ut.biolab.medsavant.shared.serverapi.UserManagerAdapter;

/* loaded from: input_file:org/ut/biolab/medsavant/server/serverapi/UserManager.class */
public class UserManager extends MedSavantServerUnicastRemoteObject implements UserManagerAdapter {
    private static final Log LOG = LogFactory.getLog(UserManager.class);
    private static UserManager instance;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.ut.biolab.medsavant.server.serverapi.UserManager$1, reason: invalid class name */
    /* loaded from: input_file:org/ut/biolab/medsavant/server/serverapi/UserManager$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$ut$biolab$medsavant$shared$model$UserLevel = new int[UserLevel.values().length];

        static {
            try {
                $SwitchMap$org$ut$biolab$medsavant$shared$model$UserLevel[UserLevel.ADMIN.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$ut$biolab$medsavant$shared$model$UserLevel[UserLevel.USER.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$ut$biolab$medsavant$shared$model$UserLevel[UserLevel.GUEST.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public static synchronized UserManager getInstance() throws RemoteException, SessionExpiredException {
        if (instance == null) {
            instance = new UserManager();
        }
        return instance;
    }

    private UserManager() throws RemoteException, SessionExpiredException {
    }

    public String[] getUserNames(String str) throws SQLException, SessionExpiredException {
        ArrayList arrayList = new ArrayList();
        ResultSet executePreparedQuery = ConnectionController.executePreparedQuery(str, "SELECT DISTINCT user FROM mysql.user", new Object[0]);
        while (executePreparedQuery.next()) {
            arrayList.add(executePreparedQuery.getString(1));
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public boolean userExists(String str, String str2) throws SQLException, SessionExpiredException {
        return ConnectionController.executePreparedQuery(str, "SELECT user FROM mysql.user WHERE user=?;", str2).next();
    }

    public synchronized void addUser(String str, String str2, char[] cArr, UserLevel userLevel) throws SQLException, SessionExpiredException {
        PooledConnection connectPooled = ConnectionController.connectPooled(str);
        try {
            try {
                connectPooled.setAutoCommit(false);
                connectPooled.executePreparedUpdate("CREATE USER ?@'localhost' IDENTIFIED BY ?", str2, new String(cArr));
                grantPrivileges(str, str2, userLevel);
                connectPooled.commit();
                for (int i = 0; i < cArr.length; i++) {
                    cArr[i] = 0;
                }
                connectPooled.setAutoCommit(true);
                connectPooled.close();
            } catch (SQLException e) {
                connectPooled.rollback();
                throw e;
            }
        } catch (Throwable th) {
            for (int i2 = 0; i2 < cArr.length; i2++) {
                cArr[i2] = 0;
            }
            connectPooled.setAutoCommit(true);
            connectPooled.close();
            throw th;
        }
    }

    public synchronized void changePassword(String str, String str2, char[] cArr, char[] cArr2) throws SQLException, RemoteException, SessionExpiredException {
        PooledConnection connectPooled = ConnectionController.connectPooled(str);
        try {
            connectPooled.setAutoCommit(true);
            ConnectionController.revalidate(str2, new String(cArr), str);
            connectPooled.executePreparedUpdate("SET PASSWORD FOR ?@'localhost' = PASSWORD(?)", str2, new String(cArr2));
            for (int i = 0; i < cArr.length; i++) {
                cArr[i] = 0;
            }
            for (int i2 = 0; i2 < cArr2.length; i2++) {
                cArr2[i2] = 0;
            }
            connectPooled.close();
        } catch (Throwable th) {
            for (int i3 = 0; i3 < cArr.length; i3++) {
                cArr[i3] = 0;
            }
            for (int i4 = 0; i4 < cArr2.length; i4++) {
                cArr2[i4] = 0;
            }
            connectPooled.close();
            throw th;
        }
    }

    public void grantPrivileges(String str, String str2, UserLevel userLevel) throws SQLException, SessionExpiredException {
        PooledConnection connectPooled = ConnectionController.connectPooled(str);
        try {
            String dBName = ConnectionController.getDBName(str);
            LOG.info("Granting " + userLevel + " privileges to " + str2 + " on " + dBName + "...");
            switch (AnonymousClass1.$SwitchMap$org$ut$biolab$medsavant$shared$model$UserLevel[userLevel.ordinal()]) {
                case 1:
                    connectPooled.executePreparedUpdate("GRANT ALTER, RELOAD, CREATE, CREATE TEMPORARY TABLES, CREATE USER, DELETE, DROP, FILE, GRANT OPTION, INSERT, SELECT, UPDATE ON *.* TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT GRANT OPTION ON %s.* TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT ALTER, CREATE, CREATE TEMPORARY TABLES, DELETE, DROP, INSERT, SELECT, UPDATE ON %s.* TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT ON mysql.user TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT ON mysql.db TO ?@'localhost'", str2);
                    break;
                case 2:
                    connectPooled.executePreparedUpdate(String.format("GRANT CREATE TEMPORARY TABLES, SELECT ON %s.* TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT SELECT,INSERT,UPDATE,DELETE ON %s.region_set TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT SELECT,INSERT,UPDATE,DELETE ON %s.region_set_membership TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT INSERT,SELECT,UPDATE,DELETE ON %s.cohort TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate(String.format("GRANT INSERT,SELECT,UPDATE,DELETE ON %s.cohort_membership TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT (user, Create_user_priv) ON mysql.user TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT (user, Create_tmp_table_priv) ON mysql.db TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate("GRANT FILE ON *.* TO ?@'localhost'", str2);
                    break;
                case 3:
                    connectPooled.executePreparedUpdate(String.format("GRANT SELECT ON %s.* TO ?@'localhost'", dBName), str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT (user, Create_user_priv) ON mysql.user TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate("GRANT SELECT (user, Create_tmp_table_priv) ON mysql.db TO ?@'localhost'", str2);
                    connectPooled.executePreparedUpdate("GRANT FILE ON *.* TO ?@'localhost'", str2);
                    break;
            }
            LOG.info("... granted.");
            connectPooled.executeQuery("FLUSH PRIVILEGES");
            connectPooled.close();
        } catch (Throwable th) {
            connectPooled.executeQuery("FLUSH PRIVILEGES");
            connectPooled.close();
            throw th;
        }
    }

    public UserLevel getUserLevel(String str, String str2) throws SQLException, SessionExpiredException {
        if (!userExists(str, str2)) {
            return UserLevel.NONE;
        }
        PooledConnection connectPooled = ConnectionController.connectPooled(str);
        try {
            ResultSet executePreparedQuery = connectPooled.executePreparedQuery("SELECT Create_user_priv FROM mysql.user WHERE user=?", str2);
            if (executePreparedQuery.next() && executePreparedQuery.getString(1).equals("Y")) {
                UserLevel userLevel = UserLevel.ADMIN;
                connectPooled.close();
                return userLevel;
            }
            ResultSet executePreparedQuery2 = connectPooled.executePreparedQuery("SELECT Create_tmp_table_priv FROM mysql.db WHERE user=?", str2);
            if (!executePreparedQuery2.next() || !executePreparedQuery2.getString(1).equals("Y")) {
                connectPooled.close();
                return UserLevel.GUEST;
            }
            UserLevel userLevel2 = UserLevel.USER;
            connectPooled.close();
            return userLevel2;
        } catch (Throwable th) {
            connectPooled.close();
            throw th;
        }
    }

    public void removeUser(String str, String str2) throws SQLException, SessionExpiredException {
        PooledConnection connectPooled = ConnectionController.connectPooled(str);
        connectPooled.executePreparedUpdate("DROP USER ?@'localhost'", str2);
        connectPooled.executeQuery("FLUSH PRIVILEGES");
    }
}
