package ome.services.sessions;

import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.concurrent.ConcurrentHashMap;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import ome.api.local.LocalAdmin;
import ome.conditions.ApiUsageException;
import ome.conditions.AuthenticationException;
import ome.conditions.InternalException;
import ome.conditions.RemovedSessionException;
import ome.conditions.SecurityViolation;
import ome.conditions.SessionException;
import ome.conditions.SessionTimeoutException;
import ome.model.IObject;
import ome.model.annotations.CommentAnnotation;
import ome.model.annotations.TextAnnotation;
import ome.model.enums.EventType;
import ome.model.internal.Details;
import ome.model.internal.Permissions;
import ome.model.meta.Experimenter;
import ome.model.meta.ExperimenterGroup;
import ome.model.meta.Node;
import ome.model.meta.Session;
import ome.model.meta.Share;
import ome.parameters.Filter;
import ome.parameters.Parameters;
import ome.security.basic.PrincipalHolder;
import ome.services.messages.CreateSessionMessage;
import ome.services.messages.DestroySessionMessage;
import ome.services.sessions.SessionManager;
import ome.services.sessions.events.ChangeSecurityContextEvent;
import ome.services.sessions.events.UserGroupUpdateEvent;
import ome.services.sessions.state.SessionCache;
import ome.services.sessions.stats.CounterFactory;
import ome.services.sessions.stats.SessionStats;
import ome.services.util.Executor;
import ome.system.EventContext;
import ome.system.OmeroContext;
import ome.system.Principal;
import ome.system.Roles;
import ome.system.ServiceFactory;
import ome.util.SqlAction;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:ome/services/sessions/SessionManagerImpl.class */
public class SessionManagerImpl implements SessionManager, SessionCache.StaleCacheListener, ApplicationContextAware, ApplicationListener<ApplicationEvent> {
    public static final String GROUP_SUDO_NS = "openmicroscopy.org/security/group-sudo";
    protected OmeroContext context;
    protected Roles roles;
    protected SessionCache cache;
    protected Executor executor;
    protected long defaultTimeToIdle;
    protected long maxUserTimeToIdle;
    protected long defaultTimeToLive;
    protected long maxUserTimeToLive;
    protected PrincipalHolder principalHolder;
    protected CounterFactory factory;
    protected Principal asroot;
    protected SessionContext internalSession;
    private static final String findBy1 = "select s.id, s.uuid from Session s join s.owner o where s.closed is null and o.omeName = :name ";
    private static final String findByOrder = "order by s.started desc";
    private static final Logger log = LoggerFactory.getLogger(SessionManagerImpl.class);
    static String INPUT_ENVIRONMENT = "InputEnvironment";
    static String OUTPUT_ENVIRONMENT = "OutputEnvironment";
    private String internal_uuid = UUID.randomUUID().toString();
    protected boolean readOnly = false;

    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
        this.context = (OmeroContext) applicationContext;
    }

    public void setUuid(String str) {
        this.internal_uuid = str;
    }

    public void setSessionCache(SessionCache sessionCache) {
        this.cache = sessionCache;
        this.cache.setStaleCacheListener(this);
    }

    public void setRoles(Roles roles) {
        this.roles = roles;
    }

    public void setExecutor(Executor executor) {
        this.executor = executor;
    }

    public void setDefaultTimeToIdle(long j) {
        this.defaultTimeToIdle = j;
        this.maxUserTimeToIdle = Math.min(922337203685477580L, j);
        this.maxUserTimeToIdle *= 10;
    }

    public void setDefaultTimeToLive(long j) {
        this.defaultTimeToLive = j;
        this.maxUserTimeToLive = Math.min(922337203685477580L, j);
        this.maxUserTimeToLive *= 10;
    }

    public void setPrincipalHolder(PrincipalHolder principalHolder) {
        this.principalHolder = principalHolder;
    }

    public void setCounterFactory(CounterFactory counterFactory) {
        this.factory = counterFactory;
    }

    public void setReadOnly(boolean z) {
        this.readOnly = z;
    }

    public void init() {
        try {
            this.asroot = new Principal(this.internal_uuid, "system", "Sessions");
            this.internalSession = new InternalSessionContext(executeInternalSession(), this.roles);
            this.cache.putSession(this.internal_uuid, this.internalSession);
        } catch (DataAccessException e) {
            throw new RuntimeException("          =====================================================\nData access exception: Did you create your database? \n=====================================================\n", e);
        }
    }

    protected void define(Session session, String str, String str2, long j, SessionManager.CreationRequest creationRequest) {
        Long valueOf = Long.valueOf(creationRequest.timeToIdle == null ? this.defaultTimeToIdle : creationRequest.timeToIdle.longValue());
        Long valueOf2 = Long.valueOf(creationRequest.timeToLive == null ? this.defaultTimeToLive : creationRequest.timeToLive.longValue());
        if (creationRequest.groupsLed != null) {
            CommentAnnotation commentAnnotation = new CommentAnnotation();
            commentAnnotation.setNs(GROUP_SUDO_NS);
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < creationRequest.groupsLed.size(); i++) {
                if (i > 0) {
                    sb.append(",");
                }
                sb.append(creationRequest.groupsLed.get(i));
            }
            commentAnnotation.setTextValue(sb.toString());
            session.linkAnnotation(commentAnnotation);
        }
        define(session, str, str2, j, valueOf.longValue(), valueOf2.longValue(), creationRequest.principal.getEventType(), creationRequest.agent, creationRequest.ip);
    }

    protected void define(Session session, String str, String str2, long j, long j2, long j3, String str3, String str4, String str5) {
        session.getDetails().setPermissions(Permissions.PRIVATE);
        session.setUuid(str);
        session.setMessage(str2);
        session.setStarted(new Timestamp(j));
        session.setTimeToIdle(Long.valueOf(j2));
        session.setTimeToLive(Long.valueOf(j3));
        session.setDefaultEventType(str3);
        session.setUserAgent(str4);
        session.setUserIP(str5);
    }

    @Override // ome.services.sessions.SessionManager
    public Session createFromRequest(SessionManager.CreationRequest creationRequest) {
        if (creationRequest.credentials != null) {
            try {
                SessionContext sessionContext = this.cache.getSessionContext(creationRequest.credentials);
                if (sessionContext != null) {
                    sessionContext.count().increment();
                    return sessionContext.getSession();
                }
            } catch (SessionException e) {
            }
            if (!(creationRequest.principal == null ? false : executeCheckPassword(creationRequest.principal, creationRequest.credentials))) {
                log.warn("Failed to authenticate: " + creationRequest.principal);
                throw new AuthenticationException("Authentication exception.");
            }
        }
        Session session = new Session();
        define(session, UUID.randomUUID().toString(), "Initial message.", System.currentTimeMillis(), creationRequest);
        return createSession(creationRequest, session);
    }

    @Override // ome.services.sessions.SessionManager
    public Session createWithAgent(Principal principal, String str, String str2, String str3) {
        SessionManager.CreationRequest creationRequest = new SessionManager.CreationRequest();
        creationRequest.principal = principal;
        creationRequest.credentials = str;
        creationRequest.agent = str2;
        creationRequest.ip = str3;
        return createFromRequest(creationRequest);
    }

    @Override // ome.services.sessions.SessionManager
    public Session createWithAgent(Principal principal, String str, String str2) {
        SessionManager.CreationRequest creationRequest = new SessionManager.CreationRequest();
        creationRequest.principal = principal;
        creationRequest.agent = str;
        creationRequest.ip = str2;
        return createFromRequest(creationRequest);
    }

    @Override // ome.services.sessions.SessionManager
    public Share createShare(Principal principal, boolean z, long j, String str, String str2, long j2) {
        Share newShare = newShare();
        define(newShare, UUID.randomUUID().toString(), str2, System.currentTimeMillis(), this.defaultTimeToIdle, j, str, "Share", null);
        newShare.setGroup(new ExperimenterGroup(Long.valueOf(j2), false));
        newShare.setActive(Boolean.valueOf(z));
        newShare.setData(new byte[0]);
        newShare.setItemCount(0L);
        SessionManager.CreationRequest creationRequest = new SessionManager.CreationRequest();
        creationRequest.principal = principal;
        return createSession(creationRequest, newShare);
    }

    private Session createSession(final SessionManager.CreationRequest creationRequest, final Session session) {
        Principal principal = creationRequest.principal;
        try {
            SessionContext sessionContext = this.cache.getSessionContext(principal.getName());
            if (sessionContext != null) {
                sessionContext.count().increment();
                return sessionContext.getSession();
            }
        } catch (SessionException e) {
        }
        HashMap hashMap = new HashMap();
        hashMap.put("omero.group", Long.toString(this.roles.getSystemGroupId()));
        List<?> list = this.readOnly ? (List) this.executor.execute(hashMap, this.asroot, new Executor.SimpleWork(this, "read-only createSession", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.1
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session2, ServiceFactory serviceFactory) {
                Principal validateSessionInputs = SessionManagerImpl.this.validateSessionInputs(serviceFactory, creationRequest);
                SessionManagerImpl.this.executeLookupUser(serviceFactory, validateSessionInputs);
                return SessionManagerImpl.this.executeSessionContextLookup(serviceFactory, validateSessionInputs, session);
            }
        }) : (List) this.executor.execute(hashMap, this.asroot, new Executor.SimpleWork(this, "createSession", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.2
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = false)
            public Object doWork(org.hibernate.Session session2, ServiceFactory serviceFactory) {
                Principal validateSessionInputs = SessionManagerImpl.this.validateSessionInputs(serviceFactory, creationRequest);
                session.setDefaultEventType(validateSessionInputs.getEventType());
                return SessionManagerImpl.this.executeSessionContextLookup(serviceFactory, validateSessionInputs, SessionManagerImpl.this.executeUpdate(serviceFactory, session, SessionManagerImpl.this.executeLookupUser(serviceFactory, validateSessionInputs)));
            }
        });
        if (list == null) {
            throw new RemovedSessionException("No info in database for " + principal);
        }
        SessionContext createSessionContext = createSessionContext(list, null);
        String currentSessionUuid = createSessionContext.getCurrentSessionUuid();
        this.cache.putSession(currentSessionUuid, createSessionContext);
        try {
            this.context.publishEvent(new CreateSessionMessage(this, currentSessionUuid));
            createSessionContext.count().increment();
            return createSessionContext.getSession();
        } catch (RuntimeException e2) {
            log.warn("Session creation cancelled by event listener", e2);
            this.cache.removeSession(currentSessionUuid);
            throw e2;
        }
    }

    @Override // ome.services.sessions.SessionManager
    public Session update(Session session) {
        return update(session, false);
    }

    @Override // ome.services.sessions.SessionManager
    public Session update(final Session session, final boolean z) {
        if (session == null || !session.isLoaded() || session.getUuid() == null) {
            throw new RemovedSessionException("Cannot update; No uuid.");
        }
        String uuid = session.getUuid();
        final Details details = session.getDetails();
        final SessionContext sessionContext = this.cache.getSessionContext(uuid);
        if (sessionContext == null) {
            throw new RemovedSessionException("Can't update; No session with uuid:" + uuid);
        }
        final Session session2 = sessionContext.getSession();
        List<?> list = (List) this.executor.execute(this.asroot, new Executor.SimpleWork(this, "load_for_update", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.3
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = false)
            public Object doWork(org.hibernate.Session session3, ServiceFactory serviceFactory) {
                String str = null;
                if (details != null) {
                    ExperimenterGroup group = details.getGroup();
                    if (group != null) {
                        try {
                            Long id = group.getId();
                            if (id != null) {
                                group = ((LocalAdmin) serviceFactory.getAdminService()).groupProxy(id);
                                if (group != null) {
                                    str = group.getName();
                                }
                            }
                        } catch (Exception e) {
                            throw new ApiUsageException("Cannot change default group to " + group + "\n" + e.getMessage());
                        }
                    }
                }
                if (str == null) {
                    str = sessionContext.getCurrentGroupName();
                }
                Principal principal = new Principal(sessionContext.getCurrentUserName(), str, sessionContext.getCurrentEventType());
                SessionManager.CreationRequest creationRequest = new SessionManager.CreationRequest();
                creationRequest.principal = principal;
                Principal validateSessionInputs = SessionManagerImpl.this.validateSessionInputs(serviceFactory, creationRequest);
                SessionManagerImpl.this.parseAndSetDefaultType(session.getDefaultEventType(), session2);
                SessionManagerImpl.this.parseAndSetUserAgent(session.getUserAgent(), session2);
                SessionManagerImpl.this.parseAndSetTimeouts(session.getTimeToLive(), session.getTimeToIdle(), session2, z);
                return SessionManagerImpl.this.executeSessionContextLookup(serviceFactory, validateSessionInputs, session2);
            }
        });
        if (list == null) {
            log.info("removeSession on update: " + uuid);
            this.cache.removeSession(uuid);
            throw new RemovedSessionException("Database contains no info for " + uuid);
        }
        final SessionContext createSessionContext = createSessionContext(list, sessionContext);
        final Session copy = copy(session2);
        this.executor.execute(this.asroot, new Executor.SimpleWork(this, "update", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.4
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = false)
            public Object doWork(org.hibernate.Session session3, ServiceFactory serviceFactory) {
                return SessionManagerImpl.this.executeUpdate(serviceFactory, copy, createSessionContext.getCurrentUserId().longValue());
            }
        });
        this.cache.putSession(uuid, createSessionContext);
        return copy(session2);
    }

    protected SessionContext createSessionContext(List<?> list, SessionContext sessionContext) {
        Experimenter experimenter = (Experimenter) list.get(0);
        ExperimenterGroup experimenterGroup = (ExperimenterGroup) list.get(1);
        List list2 = (List) list.get(2);
        List list3 = (List) list.get(3);
        List list4 = (List) list.get(4);
        Principal principal = (Principal) list.get(5);
        Session session = (Session) list.get(6);
        parseAndSetDefaultType(principal.getEventType(), session);
        session.getDetails().setOwner(experimenter);
        session.getDetails().setGroup(experimenterGroup);
        return new SessionContextImpl(session, list3, list2, list4, this.factory.createStats(), this.roles, sessionContext);
    }

    @Override // ome.services.sessions.SessionManager
    public Session find(String str) {
        SessionContext sessionContext = this.cache.getSessionContext(str);
        if (sessionContext == null) {
            return null;
        }
        return sessionContext.getSession();
    }

    private List<Session> findByQuery(String str, Parameters parameters) {
        List<Object[]> executeProjection = executeProjection(str, parameters);
        ArrayList arrayList = new ArrayList();
        Iterator<Object[]> it = executeProjection.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(this.cache.getSessionContext((String) it.next()[1]).getSession());
            } catch (Exception e) {
            }
        }
        return arrayList;
    }

    @Override // ome.services.sessions.SessionManager
    public List<Session> findByUser(String str) {
        return findByQuery("select s.id, s.uuid from Session s join s.owner o where s.closed is null and o.omeName = :name order by s.started desc", new Parameters().addString("name", str));
    }

    @Override // ome.services.sessions.SessionManager
    public List<Session> findByUserAndAgent(String str, String... strArr) {
        StringBuilder sb = new StringBuilder();
        sb.append(findBy1);
        Parameters addString = new Parameters().addString("name", str);
        if (strArr == null || strArr.length == 0 || (strArr.length == 1 && strArr[0] == null)) {
            sb.append("and s.userAgent is null ");
        } else {
            sb.append("and s.userAgent in (:agents) ");
            addString.addList("agents", Arrays.asList(strArr));
        }
        sb.append(findByOrder);
        return findByQuery(sb.toString(), addString);
    }

    @Override // ome.services.sessions.SessionManager
    public int getReferenceCount(String str) {
        return this.cache.getSessionContext(str).count().get();
    }

    @Override // ome.services.sessions.SessionManager
    public int detach(String str) {
        return this.cache.getSessionContext(str).count().decrement();
    }

    @Override // ome.services.sessions.SessionManager
    public SessionStats getSessionStats(String str) {
        return this.cache.getSessionContext(str).stats();
    }

    @Override // ome.services.sessions.SessionManager
    public int close(String str) {
        try {
            int decrement = this.cache.getSessionContext(str).count().decrement();
            if (decrement >= 1) {
                log.info("closeSession called but " + decrement + " more references: " + str);
                return decrement;
            }
            log.info("closeSession called and no more references: " + str);
            this.cache.removeSession(str);
            return -2;
        } catch (SessionException e) {
            log.info("closeSession called but doesn't exist: " + str);
            return -1;
        }
    }

    @Override // ome.services.sessions.SessionManager
    public int closeAll() {
        Set<String> ids = this.cache.getIds();
        for (String str : ids) {
            if (!this.asroot.getName().equals(str)) {
                try {
                    log.info("closeAll called for " + str);
                    this.cache.removeSession(str);
                } catch (Exception e) {
                    log.warn(String.format("Exception thrown on closeAll: %s:%s", e.getClass().getName(), e.getMessage()));
                } catch (SessionTimeoutException e2) {
                } catch (RemovedSessionException e3) {
                }
            }
        }
        return ids.size();
    }

    @Override // ome.services.sessions.SessionManager
    public List<String> getUserRoles(String str) {
        SessionContext sessionContext = this.cache.getSessionContext(str);
        if (sessionContext == null) {
            throw new RemovedSessionException("No session with uuid: " + str);
        }
        return sessionContext.getUserRoles();
    }

    @Override // ome.services.sessions.SessionManager
    public Ehcache inMemoryCache(String str) {
        return this.cache.inMemoryCache(str);
    }

    @Override // ome.services.sessions.SessionManager
    public Ehcache onDiskCache(String str) {
        return this.cache.onDiskCache(str);
    }

    @Override // ome.services.sessions.SessionManager
    public Object getInput(String str, String str2) throws RemovedSessionException {
        return getEnvironmentVariable(str, str2, INPUT_ENVIRONMENT);
    }

    @Override // ome.services.sessions.SessionManager
    public Object getOutput(String str, String str2) throws RemovedSessionException {
        return getEnvironmentVariable(str, str2, OUTPUT_ENVIRONMENT);
    }

    @Override // ome.services.sessions.SessionManager
    public Map<String, Object> inputEnvironment(String str) {
        return environment(str, INPUT_ENVIRONMENT);
    }

    @Override // ome.services.sessions.SessionManager
    public Map<String, Object> outputEnvironment(String str) {
        return environment(str, OUTPUT_ENVIRONMENT);
    }

    protected Map<String, Object> environment(String str, String str2) {
        Map map;
        getReferenceCount(str);
        HashMap hashMap = new HashMap();
        Element element = inMemoryCache(str).get(str2);
        if (element != null && (map = (Map) element.getObjectValue()) != null) {
            hashMap.putAll(map);
            return hashMap;
        }
        return hashMap;
    }

    @Override // ome.services.sessions.SessionManager
    public void setInput(String str, String str2, Object obj) throws RemovedSessionException {
        setEnvironmentVariable(str, str2, obj, INPUT_ENVIRONMENT);
    }

    @Override // ome.services.sessions.SessionManager
    public void setOutput(String str, String str2, Object obj) throws RemovedSessionException {
        setEnvironmentVariable(str, str2, obj, OUTPUT_ENVIRONMENT);
    }

    private Object getEnvironmentVariable(String str, String str2, String str3) {
        Map map;
        Element element = inMemoryCache(str).get(str3);
        if (element == null || (map = (Map) element.getObjectValue()) == null) {
            return null;
        }
        return map.get(str2);
    }

    private void setEnvironmentVariable(String str, String str2, Object obj, String str3) {
        Map map;
        Ehcache inMemoryCache = inMemoryCache(str);
        Element element = inMemoryCache.get(str3);
        if (element == null) {
            map = new ConcurrentHashMap();
            inMemoryCache.put(new Element(str3, map));
        } else {
            map = (Map) element.getObjectValue();
        }
        if (obj == null) {
            map.remove(str2);
        } else {
            map.put(str2, obj);
        }
    }

    @Override // ome.services.sessions.SessionManager
    public EventContext getEventContext(Principal principal) {
        SessionContext sessionContext = this.cache.getSessionContext(principal.getName());
        if (sessionContext == null) {
            throw new RemovedSessionException("No session with uuid:" + principal.getName());
        }
        return sessionContext;
    }

    @Override // ome.services.sessions.SessionManager
    public EventContext reload(final String str) {
        if (this.cache.getSessionContext(str) == null) {
            throw new RemovedSessionException("No session with uuid:" + str);
        }
        this.executor.get(this.executor.submit(Executor.Priority.SYSTEM, new Callable<Object>() { // from class: ome.services.sessions.SessionManagerImpl.5
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                SessionManagerImpl.this.cache.reload(str);
                return null;
            }
        }));
        return this.cache.getSessionContext(str);
    }

    public String[] notifications(String str) {
        return null;
    }

    public void onApplicationEvent(ApplicationEvent applicationEvent) {
        if (applicationEvent instanceof UserGroupUpdateEvent) {
            this.cache.updateEvent((UserGroupUpdateEvent) applicationEvent);
        } else if (applicationEvent instanceof DestroySessionMessage) {
            executeCloseSession(((DestroySessionMessage) applicationEvent).getSessionId());
        }
    }

    public void addCallback(String str, SessionCallback sessionCallback) {
    }

    public Object getCallbackObject(String str, String str2) {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Principal validateSessionInputs(ServiceFactory serviceFactory, SessionManager.CreationRequest creationRequest) {
        Principal principal = creationRequest.principal;
        if (principal == null || principal.getName() == null) {
            throw new ApiUsageException("Null principal name.");
        }
        String eventType = principal.getEventType();
        if (StringUtils.isEmpty(eventType)) {
            eventType = "User";
        }
        String group = principal.getGroup();
        if (StringUtils.isEmpty(group)) {
            group = "user";
        }
        if (this.roles.getUserGroupName().equals(group)) {
            ExperimenterGroup _getDefaultGroup = _getDefaultGroup(serviceFactory, principal.getName());
            if (_getDefaultGroup == null) {
                throw new ApiUsageException("Can't find default group for " + principal.getName());
            }
            group = _getDefaultGroup.getName();
        }
        if (creationRequest.groupsLed != null) {
            long longValue = serviceFactory.getAdminService().lookupGroup(group).getId().longValue();
            if (!creationRequest.groupsLed.contains(Long.valueOf(longValue))) {
                throw new SecurityViolation(String.format("Group sudo is not permitted for group %s (gid=%s)", group, Long.valueOf(longValue)));
            }
        }
        return new Principal(principal.getName(), group, serviceFactory.getTypesService().getEnumeration(EventType.class, eventType).getValue());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void parseAndSetDefaultType(String str, Session session) {
        session.setDefaultEventType(str == null ? "User" : str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void parseAndSetUserAgent(String str, Session session) {
        session.setUserAgent(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void parseAndSetTimeouts(Long l, Long l2, Session session, boolean z) {
        if (l != null) {
            if (z) {
                session.setTimeToLive(l);
            } else {
                long min = Math.min(this.maxUserTimeToLive, l.longValue());
                if (min == 0 && this.defaultTimeToLive != 0) {
                    throw new SecurityViolation("Cannot disable timeToLive. Value must be between 1 and " + this.maxUserTimeToLive);
                }
                session.setTimeToLive(Long.valueOf(min));
            }
        }
        if (l2 != null) {
            if (z) {
                session.setTimeToIdle(l2);
                return;
            }
            long min2 = Math.min(this.maxUserTimeToIdle, l2.longValue());
            if (min2 == 0 && this.defaultTimeToIdle != 0) {
                throw new SecurityViolation("Cannot disable timeToIdle. Value must be between 1 and " + this.maxUserTimeToIdle);
            }
            session.setTimeToIdle(Long.valueOf(min2));
        }
    }

    public Session copy(Session session) {
        if (session == null) {
            throw new ApiUsageException("Source may not be null.");
        }
        Share newShare = session instanceof Share ? newShare() : new Session();
        newShare.setId(session.getId());
        newShare.setClosed(session.getClosed());
        newShare.setDefaultEventType(session.getDefaultEventType());
        newShare.getDetails().shallowCopy(session.getDetails());
        newShare.setMessage(session.getMessage());
        newShare.setNode(session.getNode());
        newShare.setStarted(session.getStarted());
        newShare.setTimeToIdle(session.getTimeToIdle());
        newShare.setTimeToLive(session.getTimeToLive());
        newShare.setUserAgent(session.getUserAgent());
        newShare.setUuid(session.getUuid());
        if (newShare instanceof Share) {
            Share share = newShare;
            Share share2 = (Share) session;
            share.setItemCount(share2.getItemCount());
            share.setActive(share2.getActive());
            share.setGroup(share2.getGroup());
            share.setData(share2.getData());
        }
        return newShare;
    }

    public void prepareReload() {
    }

    @Override // ome.services.sessions.state.SessionCache.StaleCacheListener
    public SessionContext reload(final SessionContext sessionContext) {
        final Principal principal = new Principal(sessionContext.getCurrentUserName(), sessionContext.getCurrentGroupName(), sessionContext.getCurrentEventType());
        List<?> list = (List) this.executor.execute(this.asroot, new Executor.SimpleWork(this, "reload", new Object[]{sessionContext.getSession().getUuid()}) { // from class: ome.services.sessions.SessionManagerImpl.6
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session, ServiceFactory serviceFactory) {
                return SessionManagerImpl.this.executeSessionContextLookup(serviceFactory, principal, sessionContext.getSession());
            }
        });
        if (list == null) {
            return null;
        }
        return createSessionContext(list, sessionContext);
    }

    private List<Object[]> executeProjection(final String str, final Parameters parameters) {
        return (List) this.executor.execute(this.asroot, new Executor.SimpleWork(this, "executeProjection", new Object[]{str}) { // from class: ome.services.sessions.SessionManagerImpl.7
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session, ServiceFactory serviceFactory) {
                return serviceFactory.getQueryService().projection(str, parameters);
            }
        });
    }

    @Override // ome.services.sessions.SessionManager
    public boolean executePasswordCheck(String str, String str2) {
        if (this.cache.getIds().contains(str2)) {
            return true;
        }
        return executeCheckPassword(new Principal(str), str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Session executeUpdate(ServiceFactory serviceFactory, Session session, long j) {
        Node findByQuery = serviceFactory.getQueryService().findByQuery("select n from Node n where uuid = :uuid", new Parameters().addString("uuid", this.internal_uuid).setFilter(new Filter().page(0, 1)));
        if (findByQuery == null) {
            findByQuery = new Node(0L, false);
        }
        session.setNode(findByQuery);
        session.setOwner(new Experimenter(Long.valueOf(j), false));
        Session saveAndReturnObject = serviceFactory.getUpdateService().saveAndReturnObject(session);
        saveAndReturnObject.putAt("#2733", session.retrieve("#2733"));
        return saveAndReturnObject;
    }

    private boolean executeCheckPassword(Principal principal, String str) {
        Boolean executeCheckPasswordRO = executeCheckPasswordRO(principal, str);
        if (executeCheckPasswordRO == null) {
            executeCheckPasswordRO = executeCheckPasswordRW(principal, str);
        }
        return executeCheckPasswordRO.booleanValue();
    }

    private Boolean executeCheckPasswordRO(final Principal principal, final String str) {
        return (Boolean) this.executor.execute(this.asroot, new Executor.SimpleWork(this, "executeCheckPasswordRO", new Object[]{principal}) { // from class: ome.services.sessions.SessionManagerImpl.8
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session, ServiceFactory serviceFactory) {
                try {
                    return Boolean.valueOf(((LocalAdmin) serviceFactory.getAdminService()).checkPassword(principal.getName(), str, true));
                } catch (Exception e) {
                    return null;
                }
            }
        });
    }

    private Boolean executeCheckPasswordRW(final Principal principal, final String str) {
        return (Boolean) this.executor.execute(this.asroot, new Executor.SimpleWork(this, "executeCheckPasswordRW", new Object[]{principal}) { // from class: ome.services.sessions.SessionManagerImpl.9
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = false)
            public Object doWork(org.hibernate.Session session, ServiceFactory serviceFactory) {
                return Boolean.valueOf(((LocalAdmin) serviceFactory.getAdminService()).checkPassword(principal.getName(), str, false));
            }
        });
    }

    private Session executeCloseSession(final String str) {
        return (Session) this.executor.executeSql(new Executor.SimpleSqlWork(this, "executeCloseSession", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.10
            @Override // ome.services.util.Executor.SqlWork
            @Transactional(readOnly = false)
            public Object doWork(SqlAction sqlAction) {
                try {
                    if (sqlAction.closeSessions(str) == 0) {
                        SessionManagerImpl.log.warn("No session updated on closeSession:" + str);
                    } else {
                        SessionManagerImpl.log.debug("Session.closed set to now() for " + str);
                    }
                    return null;
                } catch (Exception e) {
                    SessionManagerImpl.log.error("FAILED TO CLOSE SESSION IN DATABASE: " + str, e);
                    return null;
                }
            }
        });
    }

    private Session executeInternalSession() {
        final Long executeNextSessionId = executeNextSessionId();
        return (Session) this.executor.executeSql(new Executor.SimpleSqlWork(this, "executeInternalSession", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.11
            @Override // ome.services.util.Executor.SqlWork
            @Transactional(readOnly = false)
            public Object doWork(SqlAction sqlAction) {
                Session session = new Session();
                SessionManagerImpl.this.define(session, SessionManagerImpl.this.internal_uuid, "Session Manager internal", System.currentTimeMillis(), Long.MAX_VALUE, 0L, "Sessions", "Internal", null);
                long j = 0;
                try {
                    j = sqlAction.nodeId(SessionManagerImpl.this.internal_uuid);
                } catch (EmptyResultDataAccessException e) {
                }
                HashMap hashMap = new HashMap();
                hashMap.put("sid", executeNextSessionId);
                hashMap.put("ttl", session.getTimeToLive());
                hashMap.put("tti", session.getTimeToIdle());
                hashMap.put("start", session.getStarted());
                hashMap.put("type", session.getDefaultEventType());
                hashMap.put("uuid", session.getUuid());
                hashMap.put("node", Long.valueOf(j));
                hashMap.put("owner", Long.valueOf(SessionManagerImpl.this.roles.getRootId()));
                hashMap.put("agent", session.getUserAgent());
                hashMap.put("ip", session.getUserIP());
                if (sqlAction.insertSession(hashMap) == 0) {
                    throw new InternalException("Failed to insert new session: " + session.getUuid());
                }
                session.setId(sqlAction.sessionId(session.getUuid()));
                return session;
            }
        });
    }

    private Long executeNextSessionId() {
        return (Long) this.executor.executeSql(new Executor.SimpleSqlWork(this, "executeNextSessionId", new Object[0]) { // from class: ome.services.sessions.SessionManagerImpl.12
            @Override // ome.services.util.Executor.SqlWork
            @Transactional(readOnly = false)
            public Object doWork(SqlAction sqlAction) {
                return sqlAction.nextSessionId();
            }
        });
    }

    @Override // ome.services.sessions.SessionManager
    public IObject setSecurityContext(Principal principal, IObject iObject) {
        Long id = iObject == null ? null : iObject.getId();
        if (id == null) {
            throw new ApiUsageException("Security context must be managed!");
        }
        SessionContext sessionContext = this.cache.getSessionContext(principal.getName());
        TextAnnotation textAnnotation = null;
        for (TextAnnotation textAnnotation2 : sessionContext.getSession().linkedAnnotationList()) {
            if ((textAnnotation2 instanceof TextAnnotation) && this.roles.isRootUser(textAnnotation2.getDetails().getOwner()) && GROUP_SUDO_NS.equals(textAnnotation2.getNs())) {
                textAnnotation = textAnnotation2;
            }
            if (textAnnotation != null) {
                textAnnotation.getTextValue().split(",");
                throw new SecurityViolation("Group-sudo session cannot change context!");
            }
        }
        long methodCount = sessionContext.stats().methodCount();
        if (methodCount != 0) {
            throw new SecurityViolation(methodCount + " methods active. Aborting!");
        }
        Long currentShareId = sessionContext.getCurrentShareId();
        Share share = currentShareId != null ? new Share(currentShareId, false) : new ExperimenterGroup(sessionContext.getCurrentGroupId(), false);
        ChangeSecurityContextEvent changeSecurityContextEvent = new ChangeSecurityContextEvent(this, principal.getName(), share, iObject);
        try {
            this.context.publishMessage(changeSecurityContextEvent);
            changeSecurityContextEvent.throwIfCancelled();
            if (iObject instanceof ExperimenterGroup) {
                setGroupSecurityContext(principal, id);
            } else {
                if (!(iObject instanceof Share)) {
                    throw new ApiUsageException("Unknown security context:" + iObject);
                }
                setShareSecurityContext(principal, id);
            }
            return share;
        } catch (Throwable th) {
            if (th instanceof RuntimeException) {
                throw ((RuntimeException) th);
            }
            InternalException internalException = new InternalException("Failed to set call publishMessage");
            internalException.initCause(th);
            throw internalException;
        }
    }

    private void setGroupSecurityContext(final Principal principal, final Long l) {
        final EventContext eventContext = getEventContext(principal);
        final ExperimenterGroup[] experimenterGroupArr = new ExperimenterGroup[1];
        final Session session = (Session) this.executor.execute(principal, new Executor.SimpleWork(this, "setGroupSecurityContext", new Object[]{l}) { // from class: ome.services.sessions.SessionManagerImpl.13
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session2, ServiceFactory serviceFactory) {
                if (eventContext.getCurrentShareId() != null) {
                    serviceFactory.getShareService().deactivate();
                }
                Session session3 = SessionManagerImpl.this.cache.getSessionContext(principal.getName()).getSession();
                experimenterGroupArr[0] = session3.getDetails().getGroup();
                session3.getDetails().setGroup(serviceFactory.getAdminService().getGroup(l.longValue()));
                return session3;
            }
        });
        this.executor.execute(principal, new Executor.SimpleWork(this, "checkGroupSecurityContext", new Object[]{l}) { // from class: ome.services.sessions.SessionManagerImpl.14
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session2, ServiceFactory serviceFactory) {
                try {
                    serviceFactory.getAdminService().getEventContext();
                    return null;
                } catch (RuntimeException e) {
                    session.getDetails().setGroup(experimenterGroupArr[0]);
                    throw e;
                }
            }
        });
    }

    private void setShareSecurityContext(Principal principal, final Long l) {
        this.executor.execute(principal, new Executor.SimpleWork(this, "setShareSecurityContext", new Object[]{l}) { // from class: ome.services.sessions.SessionManagerImpl.15
            @Override // ome.services.util.Executor.Work
            @Transactional(readOnly = true)
            public Object doWork(org.hibernate.Session session, ServiceFactory serviceFactory) {
                serviceFactory.getShareService().activate(l.longValue());
                return null;
            }
        });
    }

    private ExperimenterGroup _getDefaultGroup(ServiceFactory serviceFactory, String str) {
        LocalAdmin localAdmin = (LocalAdmin) serviceFactory.getAdminService();
        try {
            return localAdmin.getDefaultGroup(localAdmin.userProxy(str).getId().longValue());
        } catch (Exception e) {
            log.warn("Exception while running executeDefaultGroup", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long executeLookupUser(ServiceFactory serviceFactory, Principal principal) {
        List projection = serviceFactory.getQueryService().projection("select e.id from Experimenter e where e.omeName = :name", new Parameters().addString("name", principal.getName()));
        if (projection.size() == 0) {
            throw new RemovedSessionException("Cannot find a user with name " + principal.getName());
        }
        return ((Long) ((Object[]) projection.get(0))[0]).longValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<Object> executeSessionContextLookup(ServiceFactory serviceFactory, Principal principal, Session session) {
        try {
            ArrayList arrayList = new ArrayList();
            LocalAdmin localAdmin = (LocalAdmin) serviceFactory.getAdminService();
            Experimenter userProxy = localAdmin.userProxy(principal.getName());
            ExperimenterGroup groupProxy = localAdmin.groupProxy(principal.getGroup());
            List memberOfGroupIds = localAdmin.getMemberOfGroupIds(userProxy);
            List leaderOfGroupIds = localAdmin.getLeaderOfGroupIds(userProxy);
            List<String> userRoles = localAdmin.getUserRoles(userProxy);
            arrayList.add(userProxy);
            arrayList.add(groupProxy);
            arrayList.add(memberOfGroupIds);
            arrayList.add(leaderOfGroupIds);
            arrayList.add(userRoles);
            arrayList.add(principal);
            arrayList.add(session);
            return arrayList;
        } catch (Exception e) {
            log.info("No info for " + principal.getName(), e);
            return null;
        }
    }

    private Share newShare() {
        Share share = new Share();
        share.putAt("#2733", "ALLOW");
        return share;
    }
}
