package org.apache.slide.security;

import java.lang.reflect.InvocationTargetException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.apache.slide.common.Namespace;
import org.apache.slide.common.NamespaceConfig;
import org.apache.slide.common.ServiceAccessException;
import org.apache.slide.common.SlideToken;
import org.apache.slide.common.SlideTokenWrapper;
import org.apache.slide.common.Uri;
import org.apache.slide.structure.ActionNode;
import org.apache.slide.structure.GroupNode;
import org.apache.slide.structure.LinkNode;
import org.apache.slide.structure.ObjectAlreadyExistsException;
import org.apache.slide.structure.ObjectNode;
import org.apache.slide.structure.ObjectNotFoundException;
import org.apache.slide.structure.SubjectNode;
import org.apache.slide.util.Configuration;

/* loaded from: input_file:org/apache/slide/security/SecurityImpl.class */
public final class SecurityImpl implements Security {
    private Namespace namespace;
    private NamespaceConfig namespaceConfig;
    private Hashtable rolesCache = new Hashtable();
    static Class class$org$apache$slide$structure$ObjectNode;
    static Class class$java$lang$String;
    static Class class$java$util$Vector;

    public SecurityImpl(Namespace namespace, NamespaceConfig namespaceConfig) {
        this.namespace = namespace;
        this.namespaceConfig = namespaceConfig;
    }

    @Override // org.apache.slide.security.Security
    public void checkCredentials(SlideToken slideToken, ObjectNode objectNode, ActionNode actionNode) throws ServiceAccessException, AccessDeniedException {
        SlideTokenWrapper slideTokenWrapper = new SlideTokenWrapper(slideToken, false);
        try {
            if (Configuration.useIntegratedSecurity()) {
                Uri uri = this.namespace.getUri(slideTokenWrapper, objectNode.getUri());
                checkPermission(uri.getStore().retrieveObject(uri), (SubjectNode) getPrincipal(slideTokenWrapper), actionNode);
            }
        } catch (ObjectNotFoundException unused) {
            throw new AccessDeniedException(objectNode.getUri(), slideTokenWrapper.getCredentialsToken().getPublicCredentials(), actionNode.getUri());
        }
    }

    @Override // org.apache.slide.security.Security
    public void checkPermission(ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode) throws ServiceAccessException, AccessDeniedException, ObjectNotFoundException {
        if (!hasPermission(objectNode, subjectNode, actionNode)) {
            throw new AccessDeniedException(objectNode.getUri(), subjectNode.getUri(), actionNode.getUri());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    @Override // org.apache.slide.security.Security
    public void denyPermission(SlideToken slideToken, NodePermission nodePermission) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        if (!nodePermission.isNegative()) {
            nodePermission.setNegative(true);
        }
        grantPermission(slideToken, nodePermission);
    }

    @Override // org.apache.slide.security.Security
    public void denyPermission(SlideToken slideToken, ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        denyPermission(slideToken, objectNode, subjectNode, actionNode, true);
    }

    @Override // org.apache.slide.security.Security
    public void denyPermission(SlideToken slideToken, ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode, boolean z) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        denyPermission(slideToken, new NodePermission(objectNode, subjectNode, actionNode, z, true));
    }

    @Override // org.apache.slide.security.Security
    public Enumeration enumeratePermissions(SlideToken slideToken, String str) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        Uri uri = this.namespace.getUri(slideToken, str);
        return uri.getStore().enumeratePermissions(uri);
    }

    @Override // org.apache.slide.security.Security
    public Enumeration enumeratePermissions(SlideToken slideToken, ObjectNode objectNode) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        return enumeratePermissions(slideToken, objectNode.getUri());
    }

    @Override // org.apache.slide.security.Security
    public ObjectNode getPrincipal(SlideToken slideToken) throws ServiceAccessException, ObjectNotFoundException {
        Class<?> class$;
        Class<?> class$2;
        Class<?> class$3;
        Class<?> class$4;
        String publicCredentials = slideToken.getCredentialsToken().getPublicCredentials();
        if (publicCredentials == null || publicCredentials.equals("")) {
            publicCredentials = this.namespaceConfig.getGuestPath();
        }
        Uri uri = this.namespace.getUri(slideToken, new StringBuffer(String.valueOf(this.namespaceConfig.getUsersPath())).append("/").append(publicCredentials).toString());
        try {
            return uri.getStore().retrieveObject(uri);
        } catch (ObjectNotFoundException e) {
            if (!this.namespaceConfig.isAutoCreateUsers()) {
                throw e;
            }
            try {
                Uri parentUri = uri.getParentUri();
                ObjectNode retrieveObject = uri.getStore().retrieveObject(parentUri);
                Enumeration enumerateChildren = retrieveObject.enumerateChildren();
                Enumeration enumerateLinks = retrieveObject.enumerateLinks();
                Vector vector = new Vector();
                while (enumerateChildren.hasMoreElements()) {
                    vector.addElement(enumerateChildren.nextElement());
                }
                vector.addElement(uri.toString());
                Vector vector2 = new Vector();
                while (enumerateLinks.hasMoreElements()) {
                    vector2.addElement(enumerateLinks.nextElement());
                }
                Class<?> cls = Class.forName(this.namespaceConfig.getAutoCreateUsersRole());
                Class<?>[] clsArr = new Class[1];
                if (class$java$lang$String != null) {
                    class$ = class$java$lang$String;
                } else {
                    class$ = class$("java.lang.String");
                    class$java$lang$String = class$;
                }
                clsArr[0] = class$;
                uri.getStore().createObject(uri, (ObjectNode) cls.getConstructor(clsArr).newInstance(uri.toString()));
                Class<?>[] clsArr2 = new Class[3];
                if (class$java$lang$String != null) {
                    class$2 = class$java$lang$String;
                } else {
                    class$2 = class$("java.lang.String");
                    class$java$lang$String = class$2;
                }
                clsArr2[0] = class$2;
                if (class$java$util$Vector != null) {
                    class$3 = class$java$util$Vector;
                } else {
                    class$3 = class$("java.util.Vector");
                    class$java$util$Vector = class$3;
                }
                clsArr2[1] = class$3;
                if (class$java$util$Vector != null) {
                    class$4 = class$java$util$Vector;
                } else {
                    class$4 = class$("java.util.Vector");
                    class$java$util$Vector = class$4;
                }
                clsArr2[2] = class$4;
                parentUri.getStore().storeObject(parentUri, (ObjectNode) retrieveObject.getClass().getConstructor(clsArr2).newInstance(parentUri.toString(), vector, vector2));
                return uri.getStore().retrieveObject(uri);
            } catch (ClassNotFoundException unused) {
                throw new ObjectNotFoundException(uri);
            } catch (IllegalAccessException unused2) {
                throw new ObjectNotFoundException(uri);
            } catch (InstantiationException unused3) {
                throw new ObjectNotFoundException(uri);
            } catch (NoSuchMethodException unused4) {
                throw new ObjectNotFoundException(uri);
            } catch (InvocationTargetException unused5) {
                throw new ObjectNotFoundException(uri);
            } catch (ObjectAlreadyExistsException unused6) {
                e.printStackTrace();
                throw new ObjectNotFoundException(uri);
            }
        }
    }

    @Override // org.apache.slide.security.Security
    public Enumeration getRoles(SlideToken slideToken) throws ServiceAccessException, ObjectNotFoundException {
        return getRoles(getPrincipal(slideToken));
    }

    @Override // org.apache.slide.security.Security
    public Enumeration getRoles(ObjectNode objectNode) {
        Class class$;
        Vector vector = new Vector();
        vector.addElement(NamespaceConfig.NOBODY);
        Class<?> cls = objectNode.getClass();
        do {
            Class<?> cls2 = cls;
            if (class$org$apache$slide$structure$ObjectNode != null) {
                class$ = class$org$apache$slide$structure$ObjectNode;
            } else {
                class$ = class$("org.apache.slide.structure.ObjectNode");
                class$org$apache$slide$structure$ObjectNode = class$;
            }
            if (cls2.equals(class$)) {
                return vector.elements();
            }
            for (Class<?> cls3 : cls.getInterfaces()) {
                String name = cls3.getName();
                String roleMapping = this.namespaceConfig.getRoleMapping(name);
                if (roleMapping != null) {
                    vector.addElement(roleMapping);
                } else {
                    vector.addElement(name);
                }
            }
            cls = cls.getSuperclass();
        } while (cls != null);
        throw new IllegalStateException("Invalid node");
    }

    @Override // org.apache.slide.security.Security
    public void grantPermission(SlideToken slideToken, NodePermission nodePermission) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        Uri uri = this.namespace.getUri(slideToken, nodePermission.getObjectUri());
        ObjectNode retrieveObject = uri.getStore().retrieveObject(uri);
        Enumeration enumeratePermissions = enumeratePermissions(slideToken, retrieveObject);
        boolean z = false;
        while (enumeratePermissions.hasMoreElements() && !z) {
            if (nodePermission.equals(enumeratePermissions.nextElement())) {
                z = true;
            }
        }
        if (z) {
            return;
        }
        checkCredentials(slideToken, retrieveObject, this.namespaceConfig.getGrantPermissionAction());
        uri.getStore().grantPermission(uri, nodePermission);
    }

    @Override // org.apache.slide.security.Security
    public void grantPermission(SlideToken slideToken, ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        grantPermission(slideToken, objectNode, subjectNode, actionNode, true);
    }

    @Override // org.apache.slide.security.Security
    public void grantPermission(SlideToken slideToken, ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode, boolean z) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        grantPermission(slideToken, new NodePermission(objectNode, subjectNode, actionNode, z));
    }

    @Override // org.apache.slide.security.Security
    public boolean hasPermission(ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode) throws ServiceAccessException, ObjectNotFoundException {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        ObjectNode objectNode2 = objectNode;
        Uri uri = this.namespace.getUri(subjectNode.getUri());
        Uri uri2 = this.namespace.getUri(actionNode.getUri());
        while (!z && !z2 && !z3) {
            Uri uri3 = this.namespace.getUri(objectNode2.getUri());
            Enumeration enumeratePermissions = uri3.getStore().enumeratePermissions(uri3);
            while (enumeratePermissions.hasMoreElements()) {
                boolean z4 = z;
                boolean z5 = z2;
                NodePermission nodePermission = (NodePermission) enumeratePermissions.nextElement();
                String subjectUri = nodePermission.getSubjectUri();
                if (subjectUri.equals("~")) {
                    boolean startsWith = nodePermission.isInheritable() ? objectNode.getUri().startsWith(uri.toString()) : objectNode.getUri().equals(uri.toString());
                    z = !nodePermission.isNegative() && startsWith && uri2.toString().startsWith(nodePermission.getActionUri());
                    z2 = nodePermission.isNegative() && startsWith && uri2.toString().startsWith(nodePermission.getActionUri());
                } else if (nodePermission.isInheritable() || nodePermission.getObjectUri().equals(objectNode.getUri())) {
                    if (subjectUri.startsWith("/")) {
                        z = !nodePermission.isNegative() && uri.toString().startsWith(nodePermission.getSubjectUri()) && uri2.toString().startsWith(nodePermission.getActionUri());
                        z2 = nodePermission.isNegative() && uri.toString().startsWith(nodePermission.getSubjectUri()) && uri2.toString().startsWith(nodePermission.getActionUri());
                    } else if (subjectUri.startsWith("+")) {
                        Uri uri4 = this.namespace.getUri(subjectUri.substring(1));
                        ObjectNode retrieveObject = uri4.getStore().retrieveObject(uri4);
                        if ((retrieveObject instanceof GroupNode) && retrieveObject.hasChildren()) {
                            Enumeration enumerateChildren = retrieveObject.enumerateChildren();
                            while (enumerateChildren.hasMoreElements()) {
                                z4 = z;
                                z5 = z2;
                                Uri uri5 = this.namespace.getUri((String) enumerateChildren.nextElement());
                                ObjectNode retrieveObject2 = uri5.getStore().retrieveObject(uri5);
                                String linkedUri = retrieveObject2 instanceof LinkNode ? ((LinkNode) retrieveObject2).getLinkedUri() : retrieveObject2.getUri();
                                z = (!nodePermission.isNegative() && uri.toString().startsWith(linkedUri) && uri2.toString().startsWith(nodePermission.getActionUri())) | z4;
                                z2 = (nodePermission.isNegative() && uri.toString().startsWith(linkedUri) && uri2.toString().startsWith(nodePermission.getActionUri())) | z5;
                            }
                        }
                    } else {
                        z = !nodePermission.isNegative() && hasRole(subjectNode, subjectUri) && uri2.toString().startsWith(nodePermission.getActionUri());
                        z2 = nodePermission.isNegative() && hasRole(subjectNode, subjectUri) && uri2.toString().startsWith(nodePermission.getActionUri());
                    }
                }
                z |= z4;
                z2 |= z5;
            }
            Uri parentUri = uri3.getParentUri();
            if (parentUri != null) {
                objectNode2 = parentUri.getStore().retrieveObject(parentUri);
            } else {
                z3 = true;
            }
        }
        return !z2 && z;
    }

    @Override // org.apache.slide.security.Security
    public boolean hasRole(SlideToken slideToken, String str) throws ServiceAccessException, ObjectNotFoundException {
        return hasRole(getPrincipal(slideToken), str);
    }

    @Override // org.apache.slide.security.Security
    public boolean hasRole(ObjectNode objectNode, String str) throws ServiceAccessException, ObjectNotFoundException {
        if (str.equals(NamespaceConfig.NOBODY)) {
            return true;
        }
        String roleMapping = this.namespaceConfig.getRoleMapping(str);
        if (roleMapping != null && roleMapping.equals(NamespaceConfig.NOBODY)) {
            return true;
        }
        Class<?> cls = (Class) this.rolesCache.get(str);
        if (cls == null && roleMapping != null) {
            cls = (Class) this.rolesCache.get(roleMapping);
            if (cls == null) {
                try {
                    cls = Class.forName(roleMapping);
                    this.rolesCache.put(str, cls);
                    this.rolesCache.put(roleMapping, cls);
                } catch (ClassNotFoundException unused) {
                }
            }
        }
        if (cls == null) {
            try {
                cls = Class.forName(str);
                this.rolesCache.put(str, cls);
            } catch (ClassNotFoundException unused2) {
            }
        }
        return cls != null && cls.isInstance(objectNode);
    }

    @Override // org.apache.slide.security.Security
    public void revokePermission(SlideToken slideToken, NodePermission nodePermission) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        Uri uri = this.namespace.getUri(slideToken, nodePermission.getObjectUri());
        checkCredentials(slideToken, uri.getStore().retrieveObject(uri), this.namespaceConfig.getRevokePermissionAction());
        uri.getStore().revokePermission(uri, nodePermission);
    }

    @Override // org.apache.slide.security.Security
    public void revokePermission(SlideToken slideToken, ObjectNode objectNode, SubjectNode subjectNode, ActionNode actionNode) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        checkCredentials(slideToken, objectNode, this.namespaceConfig.getRevokePermissionAction());
        NodePermission nodePermission = new NodePermission(objectNode, subjectNode, actionNode);
        Uri uri = this.namespace.getUri(slideToken, objectNode.getUri());
        uri.getStore().revokePermission(uri, nodePermission);
    }

    @Override // org.apache.slide.security.Security
    public void setPermissions(SlideToken slideToken, String str, Enumeration enumeration) throws ServiceAccessException, ObjectNotFoundException, AccessDeniedException {
        Uri uri = this.namespace.getUri(slideToken, str);
        ObjectNode retrieveObject = uri.getStore().retrieveObject(uri);
        checkCredentials(slideToken, retrieveObject, this.namespaceConfig.getGrantPermissionAction());
        checkCredentials(slideToken, retrieveObject, this.namespaceConfig.getRevokePermissionAction());
        uri.getStore().revokePermissions(uri);
        while (enumeration.hasMoreElements()) {
            uri.getStore().grantPermission(uri, (NodePermission) enumeration.nextElement());
        }
    }
}
