package org.apache.iotdb.db.queryengine.plan.relational.security;

import org.apache.iotdb.common.rpc.thrift.TSStatus;
import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.exception.auth.AccessDeniedException;
import org.apache.iotdb.db.auth.AuthorityChecker;
import org.apache.iotdb.db.queryengine.plan.relational.metadata.QualifiedObjectName;
import org.apache.iotdb.rpc.TSStatusCode;

/* loaded from: input_file:org/apache/iotdb/db/queryengine/plan/relational/security/ITableAuthCheckerImpl.class */
public class ITableAuthCheckerImpl implements ITableAuthChecker {
    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkDatabaseVisibility(String str, String str2) {
        if (!AuthorityChecker.SUPER_USER.equals(str) && !AuthorityChecker.checkDBVisible(str, str2)) {
            throw new AccessDeniedException("DATABASE " + str2);
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkDatabasePrivilege(String str, String str2, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus tSStatus = AuthorityChecker.getTSStatus(AuthorityChecker.checkDBPermission(str, str2, tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType(), str2);
        if (tSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(tSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkDatabasePrivilegeGrantOption(String str, String str2, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus grantOptTSStatus = AuthorityChecker.getGrantOptTSStatus(AuthorityChecker.checkDBPermissionGrantOption(str, str2, tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType(), str2);
        if (grantOptTSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(grantOptTSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkTablePrivilege(String str, QualifiedObjectName qualifiedObjectName, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus tSStatus = AuthorityChecker.getTSStatus(AuthorityChecker.checkTablePermission(str, qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName(), tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType(), qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName());
        if (tSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(tSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkTablePrivilegeGrantOption(String str, QualifiedObjectName qualifiedObjectName, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus grantOptTSStatus = AuthorityChecker.getGrantOptTSStatus(AuthorityChecker.checkTablePermissionGrantOption(str, qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName(), tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType(), qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName());
        if (grantOptTSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(grantOptTSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public boolean checkTablePrivilege4Pipe(String str, QualifiedObjectName qualifiedObjectName) {
        return AuthorityChecker.SUPER_USER.equals(str) || AuthorityChecker.getTSStatus(AuthorityChecker.checkTablePermission(str, qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName(), PrivilegeType.SELECT), PrivilegeType.SELECT, qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName()).getCode() == TSStatusCode.SUCCESS_STATUS.getStatusCode();
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkTableVisibility(String str, QualifiedObjectName qualifiedObjectName) {
        if (!AuthorityChecker.SUPER_USER.equals(str) && !AuthorityChecker.checkTableVisible(str, qualifiedObjectName.getDatabaseName(), qualifiedObjectName.getObjectName())) {
            throw new AccessDeniedException("TABLE " + qualifiedObjectName);
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkGlobalPrivilege(String str, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus tSStatus = AuthorityChecker.getTSStatus(AuthorityChecker.checkSystemPermission(str, tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType());
        if (tSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(tSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkGlobalPrivilegeGrantOption(String str, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus grantOptTSStatus = AuthorityChecker.getGrantOptTSStatus(AuthorityChecker.checkSystemPermissionGrantOption(str, tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType());
        if (grantOptTSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(grantOptTSStatus.getMessage());
        }
    }

    @Override // org.apache.iotdb.db.queryengine.plan.relational.security.ITableAuthChecker
    public void checkAnyScopePrivilegeGrantOption(String str, TableModelPrivilege tableModelPrivilege) {
        if (AuthorityChecker.SUPER_USER.equals(str)) {
            return;
        }
        TSStatus grantOptTSStatus = AuthorityChecker.getGrantOptTSStatus(AuthorityChecker.checkAnyScopePermissionGrantOption(str, tableModelPrivilege.getPrivilegeType()), tableModelPrivilege.getPrivilegeType());
        if (grantOptTSStatus.getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) {
            throw new AccessDeniedException(grantOptTSStatus.getMessage());
        }
    }
}
