package de.ipk_gatersleben.bit.bi.edal.aspectj.security;

import de.ipk_gatersleben.bit.bi.edal.aspectj.security.GrantableMethods;
import de.ipk_gatersleben.bit.bi.edal.primary_data.DataManager;
import de.ipk_gatersleben.bit.bi.edal.primary_data.EdalConfiguration;
import de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity;
import de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntityVersion;
import de.ipk_gatersleben.bit.bi.edal.primary_data.file.implementation.PermissionProviderImplementation;
import de.ipk_gatersleben.bit.bi.edal.primary_data.metadata.CheckNullValues;
import de.ipk_gatersleben.bit.bi.edal.primary_data.security.EdalPermission;
import de.ipk_gatersleben.bit.bi.edal.primary_data.security.PermissionProvider;
import java.lang.reflect.Method;
import java.security.AccessControlException;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Iterator;
import javax.security.auth.Subject;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.NoAspectBoundException;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.annotation.SuppressAjWarnings;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.CFlowCounter;

/* compiled from: PublicPermissionCheck.aj */
@Aspect
/* loaded from: input_file:de/ipk_gatersleben/bit/bi/edal/aspectj/security/PublicPermissionCheck.class */
public class PublicPermissionCheck {
    private static /* synthetic */ Throwable ajc$initFailureCause;
    public static final /* synthetic */ PublicPermissionCheck ajc$perSingletonInstance = null;
    public static final CFlowCounter ajc$cflowCounter$0 = null;
    public static final CFlowCounter ajc$cflowCounter$1 = null;
    public static final CFlowCounter ajc$cflowCounter$2 = null;
    public static final CFlowCounter ajc$cflowCounter$3 = null;
    public static final CFlowCounter ajc$cflowCounter$4 = null;
    public static final CFlowCounter ajc$cflowCounter$5 = null;
    public static final CFlowCounter ajc$cflowCounter$6 = null;
    public static final CFlowCounter ajc$cflowCounter$7 = null;
    public static final CFlowCounter ajc$cflowCounter$8 = null;
    public static final CFlowCounter ajc$cflowCounter$9 = null;
    public static final CFlowCounter ajc$cflowCounter$a = null;
    public static final CFlowCounter ajc$cflowCounter$b = null;
    public static final CFlowCounter ajc$cflowCounter$c = null;
    public static final CFlowCounter ajc$cflowCounter$d = null;
    public static final CFlowCounter ajc$cflowCounter$e = null;
    public static final CFlowCounter ajc$cflowCounter$f = null;

    static {
        ajc$preClinit();
        try {
            ajc$postClinit();
        } catch (Throwable th) {
            ajc$initFailureCause = th;
        }
    }

    public void checkPermission(JoinPoint joinPoint) throws AccessControlException {
        if (DataManager.getImplProv() == null) {
            throw new AccessControlException("cannot find current ImplementationProvider for PermissionCheck");
        }
        DataManager.getImplProv().getLogger().debug("WEAVED: check permission: " + joinPoint.toString());
        if (DataManager.getSubject() == null) {
            throw new AccessControlException("cannot find current Subject for PermissionCheck");
        }
        Subject subject = DataManager.getSubject();
        Principal principal = null;
        Iterator<Principal> it = subject.getPrincipals().iterator();
        if (it.hasNext()) {
            principal = it.next();
        }
        DataManager.getImplProv().getLogger().debug("WEAVED: check permission: " + principal);
        try {
            PermissionProvider newInstance = DataManager.getImplProv().getPermissionProvider().newInstance();
            if (newInstance.isRoot(principal)) {
                DataManager.getImplProv().getLogger().debug("WEAVED: permission allowed for root");
                return;
            }
            String str = (String) useGetterMethod(joinPoint, "getName");
            String str2 = (String) useGetterMethod(joinPoint, "getID");
            newInstance.setPermissionObjectID(str2);
            long revision = ((PrimaryDataEntityVersion) useGetterMethod(joinPoint, "getCurrentVersion")).getRevision();
            Class<? extends PrimaryDataEntity> declaringType = joinPoint.getSignature().getDeclaringType();
            GrantableMethods.Methods valueOf = GrantableMethods.Methods.valueOf(joinPoint.getSignature().getName());
            try {
                Method implClass = valueOf.getImplClass(declaringType);
                if (str.equals("/") && (valueOf.equals(GrantableMethods.Methods.createPrimaryDataDirectory) || valueOf.equals(GrantableMethods.Methods.createPrimaryDataFile) || valueOf.equals(GrantableMethods.Methods.listPrimaryDataEntities) || valueOf.equals(GrantableMethods.Methods.getPrimaryDataEntity) || valueOf.equals(GrantableMethods.Methods.searchByDublinCoreElement) || valueOf.equals(GrantableMethods.Methods.searchByMetaData) || valueOf.equals(GrantableMethods.Methods.searchByPublicationStatus) || valueOf.equals(GrantableMethods.Methods.searchByKeyword) || valueOf.equals(GrantableMethods.Methods.exist))) {
                    return;
                }
                EdalPermission edalPermission = new EdalPermission(str2, Long.valueOf(revision), declaringType, implClass);
                boolean checkPerm = checkPerm(subject, edalPermission);
                DataManager.getImplProv().getLogger().debug("WEAVED: checkedpermission :" + checkPerm);
                if (checkPerm) {
                    return;
                }
                String str3 = (String) useGetterMethod(joinPoint, "getName");
                DataManager.getImplProv().getLogger().debug("WEAVED: forbidden Permission: " + edalPermission + "\nfor " + principal + "\t" + PermissionProviderImplementation.getThreadlocalentityid().get());
                throw new AccessControlException(String.valueOf(principal.getName()) + "(" + principal.getClass().getSimpleName() + ") is not allowed to use method " + implClass.getName() + " for Entity '" + str3 + "'");
            } catch (Exception e) {
                throw new AccessControlException("cannot load Method for security check: " + e.getMessage());
            }
        } catch (Exception unused) {
            throw new AccessControlException("unable to load PermissionProvider");
        }
    }

    private Object useGetterMethod(JoinPoint joinPoint, String str) {
        Object obj = null;
        try {
            obj = joinPoint.getThis().getClass().getMethod(str, new Class[0]).invoke(joinPoint.getThis(), new Object[0]);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return obj;
    }

    private boolean checkPerm(Subject subject, final EdalPermission edalPermission) {
        try {
            Subject.doAs(subject, new PrivilegedAction<Object>() { // from class: de.ipk_gatersleben.bit.bi.edal.aspectj.security.PublicPermissionCheck$PublicPermissionCheck$1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    SecurityManager securityManager = System.getSecurityManager();
                    if (securityManager == null) {
                        return null;
                    }
                    securityManager.checkPermission(edalPermission);
                    return null;
                }
            });
            return true;
        } catch (SecurityException unused) {
            return false;
        }
    }

    @Pointcut(value = "(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.*(..)) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getRootDirectory(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getRootDirectory(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.toString(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.toString(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getName(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getName(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getPath(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getPath(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getPermissions(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getPermissions(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getID(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getID(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.isDirectory(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.isDirectory(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getMetaData(..)) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.compareTo(..)) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.hashCode(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.hashCode(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.equals(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.equals(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getCurrentVersion(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getCurrentVersion(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersions(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersions(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersionByRevisionNumber(long)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersionByRevisionNumber(long))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersionByDate(java.util.Calendar)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.getVersionByDate(java.util.Calendar))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.switchCurrentVersion(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataEntity+.switchCurrentVersion(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataDirectory+.getAllPublishedEntities(..)) && (!cflowbelow(execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.PrimaryDataDirectory+.getAllPublishedEntities(..))) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.implementation.PrimaryDataFileImplementation.*(..)) && (!execution(public * de.ipk_gatersleben.bit.bi.edal.primary_data.file.implementation.PrimaryDataDirectoryImplementation.*(..)) && !cflowbelow(adviceexecution(* *)))))))))))))))))))))))))))))))))))))", argNames = EdalConfiguration.DEFAULT_DATABASE_PASSWORD)
    /* synthetic */ void ajc$pointcut$$checkPublicMethods$1ccb() {
    }

    @Around(value = "checkPublicMethods()", argNames = "ajc$aroundClosure")
    @SuppressAjWarnings({"adviceDidNotMatch"})
    public Object ajc$around$de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck$1$d2c361a2(AroundClosure aroundClosure, JoinPoint joinPoint) throws AccessControlException {
        CheckNullValues.ajc$cflowCounter$0.inc();
        try {
            ajc$cflowCounter$f.inc();
            try {
                checkPermission(joinPoint);
                Object ajc$around$de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck$1$d2c361a2proceed = ajc$around$de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck$1$d2c361a2proceed(aroundClosure);
                ajc$cflowCounter$f.dec();
                return ajc$around$de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck$1$d2c361a2proceed;
            } catch (Throwable th) {
                ajc$cflowCounter$f.dec();
                throw th;
            }
        } finally {
            CheckNullValues.ajc$cflowCounter$0.dec();
        }
    }

    static /* synthetic */ Object ajc$around$de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck$1$d2c361a2proceed(AroundClosure aroundClosure) throws Throwable {
        return aroundClosure.run(new Object[0]);
    }

    public static PublicPermissionCheck aspectOf() {
        if (ajc$perSingletonInstance == null) {
            throw new NoAspectBoundException("de_ipk_gatersleben_bit_bi_edal_aspectj_security_PublicPermissionCheck", ajc$initFailureCause);
        }
        return ajc$perSingletonInstance;
    }

    public static boolean hasAspect() {
        return ajc$perSingletonInstance != null;
    }

    private static /* synthetic */ void ajc$postClinit() {
        ajc$perSingletonInstance = new PublicPermissionCheck();
    }

    private static void ajc$preClinit() {
        ajc$cflowCounter$f = new CFlowCounter();
        ajc$cflowCounter$e = new CFlowCounter();
        ajc$cflowCounter$d = new CFlowCounter();
        ajc$cflowCounter$c = new CFlowCounter();
        ajc$cflowCounter$b = new CFlowCounter();
        ajc$cflowCounter$a = new CFlowCounter();
        ajc$cflowCounter$9 = new CFlowCounter();
        ajc$cflowCounter$8 = new CFlowCounter();
        ajc$cflowCounter$7 = new CFlowCounter();
        ajc$cflowCounter$6 = new CFlowCounter();
        ajc$cflowCounter$5 = new CFlowCounter();
        ajc$cflowCounter$4 = new CFlowCounter();
        ajc$cflowCounter$3 = new CFlowCounter();
        ajc$cflowCounter$2 = new CFlowCounter();
        ajc$cflowCounter$1 = new CFlowCounter();
        ajc$cflowCounter$0 = new CFlowCounter();
    }
}
