package io.takari.builder.enforcer;

import io.takari.builder.enforcer.SimpleFilePermission;
import java.io.FilePermission;
import java.net.SocketPermission;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.ProtectionDomain;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.PropertyPermission;
import java.util.concurrent.ForkJoinPool;

/* loaded from: input_file:io/takari/builder/enforcer/ComposableSecurityManagerPolicy.class */
public class ComposableSecurityManagerPolicy extends java.security.Policy {
    private final SecurityManager originalManager;
    private final java.security.Policy originalPolicy;
    private volatile List<CachingPolicy> defaultPolicy;
    private static volatile ComposableSecurityManagerPolicy policy;
    public static final PermissionCollection allPermissions = new AllPermission().newPermissionCollection();
    private final ThreadLocal<Map<Object, CachingPolicy>> contextPolicies = new ThreadLocal<>();
    private final ThreadLocal<Boolean> privileged = ThreadLocal.withInitial(() -> {
        return Boolean.FALSE;
    });

    static {
        allPermissions.add(new AllPermission());
        allPermissions.setReadOnly();
    }

    private static ComposableSecurityManagerPolicy setPolicy(SecurityManager securityManager) {
        java.security.Policy policy2 = java.security.Policy.getPolicy();
        if (policy2 instanceof ComposableSecurityManagerPolicy) {
            throw new IllegalStateException("Composable security manager policy has already been set.");
        }
        policy = new ComposableSecurityManagerPolicy(securityManager, policy2);
        java.security.Policy.setPolicy(policy);
        return policy;
    }

    public ComposableSecurityManagerPolicy(SecurityManager securityManager, java.security.Policy policy2) {
        this.originalManager = securityManager;
        this.originalPolicy = policy2;
    }

    @Override // java.security.Policy
    public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
        if (this.privileged.get() == Boolean.TRUE) {
            return true;
        }
        if ("setSecurityManager".equals(permission.getName()) || "setPolicy".equals(permission.getName())) {
            return false;
        }
        try {
            this.privileged.set(Boolean.TRUE);
            return enforce(permission);
        } finally {
            this.privileged.set(Boolean.FALSE);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:19:0x0069. Please report as an issue. */
    private boolean enforce(Permission permission) {
        Collection<CachingPolicy> policies = policies();
        if (policies.isEmpty()) {
            return true;
        }
        if (permission instanceof SimpleFilePermission.FileReadPermission) {
            checkRead(policies, permission.getName());
            return true;
        }
        if (permission instanceof SimpleFilePermission.FileWritePermission) {
            checkWrite(policies, permission.getName());
            return true;
        }
        if (!(permission instanceof FilePermission)) {
            if (permission instanceof PropertyPermission) {
                policies.forEach(cachingPolicy -> {
                    cachingPolicy.checkPropertyPermission(permission.getActions(), permission.getName());
                });
                return true;
            }
            if (!(permission instanceof SocketPermission)) {
                return true;
            }
            policies.forEach(cachingPolicy2 -> {
                cachingPolicy2.checkSocketPermission();
            });
            return true;
        }
        String name = permission.getName();
        for (String str : ((FilePermission) permission).getActions().split(",")) {
            switch (str.hashCode()) {
                case -1335458389:
                    if (!str.equals("delete")) {
                        break;
                    }
                    checkWrite(policies, name);
                    break;
                case -1319569547:
                    if (str.equals("execute")) {
                        policies.forEach(cachingPolicy3 -> {
                            cachingPolicy3.checkExec(name);
                        });
                        break;
                    } else {
                        break;
                    }
                case -866824560:
                    if (!str.equals("readlink")) {
                        break;
                    }
                    checkRead(policies, name);
                    break;
                case 3496342:
                    if (!str.equals("read")) {
                        break;
                    }
                    checkRead(policies, name);
                    break;
                case 113399775:
                    if (!str.equals("write")) {
                        break;
                    }
                    checkWrite(policies, name);
                    break;
            }
        }
        return true;
    }

    protected void checkWrite(Collection<CachingPolicy> collection, String str) {
        collection.forEach(cachingPolicy -> {
            cachingPolicy.checkWrite(str);
        });
    }

    protected void checkRead(Collection<CachingPolicy> collection, String str) {
        collection.forEach(cachingPolicy -> {
            cachingPolicy.checkRead(str);
        });
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(ProtectionDomain protectionDomain) {
        System.out.println("Getting permissions domain :" + protectionDomain.getCodeSource());
        return java.security.Policy.UNSUPPORTED_EMPTY_COLLECTION;
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        System.out.println("Getting permissions codesource :" + codeSource);
        return java.security.Policy.UNSUPPORTED_EMPTY_COLLECTION;
    }

    private static ComposableSecurityManagerPolicy get() {
        if (policy == null) {
            throw new IllegalStateException("Illegal System SecurityManager");
        }
        return policy;
    }

    private Collection<CachingPolicy> policies() {
        Map<Object, CachingPolicy> map = this.contextPolicies.get();
        return map != null ? map.values() : this.defaultPolicy != null ? this.defaultPolicy : Collections.emptyList();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Map<Object, CachingPolicy> getContextPolicies() {
        Map<Object, CachingPolicy> map = null;
        if (policy != null) {
            map = policy.contextPolicies.get();
        }
        if (map != null) {
            return new LinkedHashMap(map);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setContextPolicies(Map<Object, CachingPolicy> map) {
        if (policy != null) {
            if (map == null || map.isEmpty()) {
                policy.contextPolicies.set(null);
            } else {
                policy.contextPolicies.set(new LinkedHashMap(map));
            }
        }
    }

    void registerPolicy(Object obj, Policy policy2) {
        Map<Object, CachingPolicy> map = this.contextPolicies.get();
        if (map != null && map.containsKey(obj)) {
            throw new IllegalArgumentException("Policy has already been registered.");
        }
        if (map == null) {
            map = new LinkedHashMap();
            this.contextPolicies.set(map);
        }
        map.put(obj, new CachingPolicy(policy2));
    }

    Policy unregisterPolicy(Object obj) {
        Map<Object, CachingPolicy> map = this.contextPolicies.get();
        if (map == null || !map.containsKey(obj)) {
            throw new IllegalArgumentException("Policy has not been registered.");
        }
        CachingPolicy remove = map.remove(obj);
        if (map.size() == 0) {
            this.contextPolicies.set(null);
        }
        if (remove != null) {
            return remove.policy;
        }
        return null;
    }

    Policy getPolicy(Object obj) {
        CachingPolicy cachingPolicy;
        Map<Object, CachingPolicy> map = this.contextPolicies.get();
        if (map == null || (cachingPolicy = map.get(obj)) == null) {
            return null;
        }
        return cachingPolicy.policy;
    }

    public static void setDefaultPolicy(Policy policy2) {
        ComposableSecurityManagerPolicy composableSecurityManagerPolicy = get();
        if (composableSecurityManagerPolicy.defaultPolicy != null && policy2 != null) {
            throw new IllegalArgumentException("Default Policy has already been set.");
        }
        composableSecurityManagerPolicy.defaultPolicy = policy2 != null ? Collections.singletonList(new CachingPolicy(policy2)) : null;
    }

    public static void registerContextPolicy(Object obj, Policy policy2) {
        get().registerPolicy(obj, policy2);
    }

    public static Policy unregisterContextPolicy(Object obj) {
        return get().unregisterPolicy(obj);
    }

    public static Policy getContextPolicy(Object obj) {
        return get().getPolicy(obj);
    }

    public static ComposableSecurityManagerPolicy setSystemSecurityManager() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager instanceof ExecCommandPassingSecurityManager) {
            throw new IllegalStateException("System SecurityManager has already been set.");
        }
        ForkJoinPool.commonPool();
        ComposableSecurityManagerPolicy policy2 = setPolicy(securityManager);
        System.setSecurityManager(new ExecCommandPassingSecurityManager());
        return policy2;
    }

    public static ComposableSecurityManagerPolicy removeSystemSecurityManager() {
        ComposableSecurityManagerPolicy composableSecurityManagerPolicy = get();
        try {
            composableSecurityManagerPolicy.privileged.set(Boolean.TRUE);
            System.setSecurityManager(composableSecurityManagerPolicy.originalManager);
            java.security.Policy.setPolicy(composableSecurityManagerPolicy.originalPolicy);
            policy = null;
            return composableSecurityManagerPolicy;
        } finally {
            composableSecurityManagerPolicy.privileged.set(Boolean.FALSE);
        }
    }
}
