package us.jts.fortress.rbac;

import java.util.List;
import java.util.Set;
import us.jts.fortress.AccessMgr;
import us.jts.fortress.GlobalErrIds;
import us.jts.fortress.SecurityException;
import us.jts.fortress.util.attr.VUtil;
import us.jts.fortress.util.time.CUtil;

/* loaded from: input_file:us/jts/fortress/rbac/AccessMgrImpl.class */
public class AccessMgrImpl extends Manageable implements AccessMgr {
    private static final String CLS_NM = AccessMgrImpl.class.getName();
    private static final UserP userP = new UserP();
    private static final PermP permP = new PermP();

    @Override // us.jts.fortress.AccessMgr
    public Session authenticate(String str, char[] cArr) throws SecurityException {
        VUtil.assertNotNullOrEmpty(str, GlobalErrIds.USER_ID_NULL, getFullMethodName(CLS_NM, "authenticate"));
        VUtil.assertNotNullOrEmpty(cArr, GlobalErrIds.USER_PW_NULL, getFullMethodName(CLS_NM, "authenticate"));
        User user = new User(str);
        user.setContextId(this.contextId);
        User read = userP.read(user, false);
        read.setPassword(cArr);
        read.setContextId(this.contextId);
        Session authenticate = userP.authenticate(read);
        authenticate.setUser(read);
        return authenticate;
    }

    @Override // us.jts.fortress.AccessMgr
    public Session createSession(User user, boolean z) throws SecurityException {
        assertContext(CLS_NM, "createSession", user, GlobalErrIds.USER_NULL);
        return userP.createSession(user, z);
    }

    @Override // us.jts.fortress.AccessMgr
    public boolean checkAccess(Session session, Permission permission) throws SecurityException {
        assertContext(CLS_NM, "checkAccess", permission, GlobalErrIds.PERM_NULL);
        assertContext(CLS_NM, "checkAccess", session, GlobalErrIds.USER_SESS_NULL);
        VUtil.assertNotNullOrEmpty(permission.getOpName(), GlobalErrIds.PERM_OPERATION_NULL, getFullMethodName(CLS_NM, "checkAccess"));
        VUtil.assertNotNullOrEmpty(permission.getObjectName(), GlobalErrIds.PERM_OBJECT_NULL, getFullMethodName(CLS_NM, "checkAccess"));
        CUtil.validateConstraints(session, CUtil.ConstraintType.USER, false);
        CUtil.validateConstraints(session, CUtil.ConstraintType.ROLE, false);
        return permP.checkPermission(session, permission);
    }

    @Override // us.jts.fortress.AccessMgr
    public List<Permission> sessionPermissions(Session session) throws SecurityException {
        assertContext(CLS_NM, "sessionPermissions", session, GlobalErrIds.USER_SESS_NULL);
        CUtil.validateConstraints(session, CUtil.ConstraintType.USER, false);
        CUtil.validateConstraints(session, CUtil.ConstraintType.ROLE, false);
        return permP.search(session);
    }

    @Override // us.jts.fortress.AccessMgr
    public List<UserRole> sessionRoles(Session session) throws SecurityException {
        assertContext(CLS_NM, "sessionRoles", session, GlobalErrIds.USER_SESS_NULL);
        CUtil.validateConstraints(session, CUtil.ConstraintType.USER, false);
        CUtil.validateConstraints(session, CUtil.ConstraintType.ROLE, false);
        return session.getRoles();
    }

    @Override // us.jts.fortress.AccessMgr
    public Set<String> authorizedRoles(Session session) throws SecurityException {
        assertContext(CLS_NM, "authorizedRoles", session, GlobalErrIds.USER_SESS_NULL);
        VUtil.assertNotNull(session.getUser(), GlobalErrIds.USER_NULL, CLS_NM + ".authorizedRoles");
        CUtil.validateConstraints(session, CUtil.ConstraintType.USER, false);
        CUtil.validateConstraints(session, CUtil.ConstraintType.ROLE, false);
        return RoleUtil.getInheritedRoles(session.getRoles(), this.contextId);
    }

    @Override // us.jts.fortress.AccessMgr
    public void addActiveRole(Session session, UserRole userRole) throws SecurityException {
        int indexOf;
        assertContext(CLS_NM, "addActiveRole", session, GlobalErrIds.USER_SESS_NULL);
        assertContext(CLS_NM, "addActiveRole", userRole, GlobalErrIds.ROLE_NULL);
        userRole.setUserId(session.getUserId());
        List<UserRole> roles = session.getRoles();
        if (roles != null && roles.contains(userRole)) {
            throw new SecurityException(GlobalErrIds.URLE_ALREADY_ACTIVE, getFullMethodName(CLS_NM, "addActiveRole") + " User [" + session.getUserId() + "] Role [" + userRole.getName() + "] role already activated.");
        }
        User user = new User(session.getUserId());
        user.setContextId(this.contextId);
        List<UserRole> roles2 = userP.read(user, true).getRoles();
        if (!VUtil.isNotNullOrEmpty(roles2) || (indexOf = roles2.indexOf(userRole)) == -1) {
            throw new SecurityException(GlobalErrIds.URLE_ACTIVATE_FAILED, getFullMethodName(CLS_NM, "addActiveRole") + " Role [" + userRole.getName() + "] User [" + session.getUserId() + "] role not authorized for user.");
        }
        SDUtil.validateDSD(session, userRole);
        session.setRole(roles2.get(indexOf));
    }

    @Override // us.jts.fortress.AccessMgr
    public void dropActiveRole(Session session, UserRole userRole) throws SecurityException {
        assertContext(CLS_NM, "dropActiveRole", session, GlobalErrIds.USER_SESS_NULL);
        assertContext(CLS_NM, "dropActiveRole", userRole, GlobalErrIds.ROLE_NULL);
        userRole.setUserId(session.getUserId());
        List<UserRole> roles = session.getRoles();
        VUtil.assertNotNull(roles, GlobalErrIds.URLE_DEACTIVE_FAILED, CLS_NM + getFullMethodName(CLS_NM, "dropActiveRole"));
        if (roles.indexOf(userRole) == -1) {
            throw new SecurityException(GlobalErrIds.URLE_NOT_ACTIVE, getFullMethodName(CLS_NM, "dropActiveRole") + " Role [" + userRole.getName() + "] User [" + session.getUserId() + "], not previously activated");
        }
        roles.remove(userRole);
    }

    @Override // us.jts.fortress.AccessMgr
    public String getUserId(Session session) throws SecurityException {
        assertContext(CLS_NM, "getUserId", session, GlobalErrIds.USER_SESS_NULL);
        return session.getUserId();
    }

    @Override // us.jts.fortress.AccessMgr
    public User getUser(Session session) throws SecurityException {
        assertContext(CLS_NM, "getUser", session, GlobalErrIds.USER_SESS_NULL);
        return session.getUser();
    }
}
