package ome.security.basic;

import java.util.ArrayList;
import java.util.List;
import ome.api.StatefulServiceInterface;
import ome.conditions.ApiUsageException;
import ome.conditions.InternalException;
import ome.conditions.SessionTimeoutException;
import ome.model.meta.EventLog;
import ome.security.basic.BasicSecurityWiring;
import ome.services.messages.ContextMessage;
import ome.system.EventContext;
import ome.tools.hibernate.SessionFactory;
import ome.util.SqlAction;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.hibernate.Session;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationListener;
import org.springframework.transaction.interceptor.TransactionAttribute;
import org.springframework.transaction.interceptor.TransactionAttributeSource;

/* loaded from: input_file:ome/security/basic/EventHandler.class */
public class EventHandler implements MethodInterceptor, ApplicationListener<ContextMessage> {
    private static Logger log = LoggerFactory.getLogger(EventHandler.class);
    protected final TransactionAttributeSource txSource;
    protected final BasicSecuritySystem secSys;
    protected final SessionFactory factory;
    protected final SqlAction sql;
    protected final boolean readOnly;

    public EventHandler(SqlAction sqlAction, BasicSecuritySystem basicSecuritySystem, SessionFactory sessionFactory, TransactionAttributeSource transactionAttributeSource) {
        this(sqlAction, basicSecuritySystem, sessionFactory, transactionAttributeSource, false);
    }

    public EventHandler(SqlAction sqlAction, BasicSecuritySystem basicSecuritySystem, SessionFactory sessionFactory, TransactionAttributeSource transactionAttributeSource, boolean z) {
        this.secSys = basicSecuritySystem;
        this.txSource = transactionAttributeSource;
        this.factory = sessionFactory;
        this.sql = sqlAction;
        this.readOnly = z;
    }

    public void onApplicationEvent(ContextMessage contextMessage) {
        CurrentDetails currentDetails = this.secSys.cd;
        Session session = this.factory.getSession();
        if (contextMessage instanceof ContextMessage.Pop) {
            this.secSys.disableReadFilter(session);
            currentDetails.logout();
            this.secSys.enableReadFilter(session);
        } else if (contextMessage instanceof ContextMessage.Push) {
            boolean isReadOnly = currentDetails.getCurrentEventContext().isReadOnly();
            this.secSys.disableReadFilter(session);
            currentDetails.login(currentDetails.getLast());
            currentDetails.setContext(contextMessage.context);
            if (!doLogin(isReadOnly, false)) {
                throw new InternalException("Failed to login on Push: " + contextMessage.context);
            }
            this.secSys.enableReadFilter(session);
        }
    }

    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
        boolean checkReadOnly = checkReadOnly(methodInvocation);
        boolean isAssignableFrom = StatefulServiceInterface.class.isAssignableFrom(methodInvocation.getThis().getClass());
        boolean z = isAssignableFrom && "close".equals(methodInvocation.getMethod().getName());
        if (!checkReadOnly && this.readOnly) {
            throw new ApiUsageException("This instance is read-only");
        }
        Session session = this.factory.getSession();
        if (!checkReadOnly) {
            this.sql.deferConstraints();
        }
        if (!doLogin(checkReadOnly, z)) {
            return null;
        }
        boolean z2 = false;
        try {
            try {
                this.secSys.enableReadFilter(session);
                Object proceed = methodInvocation.proceed();
                saveLogs(checkReadOnly, session);
                this.secSys.cd.loadPermissions(session);
                if (0 == 0 && !isAssignableFrom) {
                    try {
                        if (!checkReadOnly) {
                            session.flush();
                            if (session.isDirty()) {
                                throw new InternalException("Session is dirty. Cannot properly reset security system. Must rollback.\n Session=" + session);
                            }
                            this.secSys.disableReadFilter(session);
                            session.clear();
                        } else if (session.isDirty()) {
                            if (log.isDebugEnabled()) {
                                log.debug("Clearing dirty session.");
                            }
                            session.clear();
                        }
                    } finally {
                    }
                }
                return proceed;
            } finally {
            }
        } catch (Throwable th) {
            if (!z2 && !isAssignableFrom) {
                try {
                    if (!checkReadOnly) {
                        session.flush();
                        if (session.isDirty()) {
                            throw new InternalException("Session is dirty. Cannot properly reset security system. Must rollback.\n Session=" + session);
                        }
                        this.secSys.disableReadFilter(session);
                        session.clear();
                    } else if (session.isDirty()) {
                        if (log.isDebugEnabled()) {
                            log.debug("Clearing dirty session.");
                        }
                        session.clear();
                    }
                } finally {
                    this.secSys.disableReadFilter(session);
                    this.secSys.invalidateEventContext();
                }
            }
            this.secSys.disableReadFilter(session);
            this.secSys.invalidateEventContext();
            throw th;
        }
    }

    public boolean doLogin(boolean z, boolean z2) {
        try {
            this.secSys.loadEventContext(z, z2);
            EventContext eventContext = this.secSys.getEventContext();
            if (!z) {
                this.sql.prepareSession(eventContext.getCurrentEventId().longValue(), eventContext.getCurrentUserId().longValue(), eventContext.getCurrentGroupId().longValue());
            }
            if (!log.isInfoEnabled()) {
                return true;
            }
            StringBuilder sb = new StringBuilder();
            sb.append(" Auth:\tuser=");
            sb.append(eventContext.getCurrentUserId());
            sb.append(",group=");
            sb.append(eventContext.getCurrentGroupId());
            sb.append(",event=");
            sb.append(eventContext.getCurrentEventId());
            sb.append("(");
            sb.append(eventContext.getCurrentEventType());
            sb.append("),sess=");
            sb.append(eventContext.getCurrentSessionUuid());
            Long currentShareId = eventContext.getCurrentShareId();
            if (currentShareId != null) {
                sb.append(",share=");
                sb.append(currentShareId);
            }
            log.info(sb.toString());
            return true;
        } catch (SessionTimeoutException e) {
            if (!(e.sessionContext instanceof BasicSecurityWiring.CloseOnNoSessionContext)) {
                throw e;
            }
            log.debug("CloseOnNoSessionContext. Skipping");
            return false;
        }
    }

    boolean checkReadOnly(MethodInvocation methodInvocation) {
        TransactionAttribute transactionAttribute = this.txSource.getTransactionAttribute(methodInvocation.getMethod(), methodInvocation.getThis().getClass());
        if (transactionAttribute == null) {
            return true;
        }
        return transactionAttribute.isReadOnly();
    }

    /* JADX WARN: Type inference failed for: r0v19, types: [java.util.List, java.lang.Object, java.util.ArrayList] */
    void saveLogs(boolean z, Session session) {
        ArrayList<EventLog> arrayList = new ArrayList(this.secSys.getLogs());
        this.secSys.clearLogs();
        if (arrayList == null || arrayList.size() == 0) {
            return;
        }
        if (z) {
            StringBuilder sb = new StringBuilder();
            sb.append("EventLogs in readOnly transaction:\n");
            for (EventLog eventLog : arrayList) {
                sb.append(eventLog.getAction());
                sb.append(" ");
                sb.append(eventLog);
                sb.append(eventLog.getEntityType());
                sb.append(" ");
                sb.append(eventLog.getEntityId());
                sb.append("\b");
            }
            throw new InternalException(sb.toString());
        }
        try {
            long nextValue = (this.sql.nextValue("seq_eventlog", arrayList.size()) - arrayList.size()) + 1;
            ?? arrayList2 = new ArrayList();
            for (EventLog eventLog2 : arrayList) {
                if (eventLog2.getEvent().getId() == null) {
                    throw new RuntimeException("Transient event");
                }
                long j = nextValue;
                nextValue = j + 1;
                new Object[6][0] = Long.valueOf(j);
                arrayList2[1] = -35L;
                arrayList2[2] = eventLog2.getEntityId();
                arrayList2[3] = eventLog2.getEntityType();
                arrayList2[4] = eventLog2.getAction();
                arrayList2[5] = eventLog2.getEvent().getId();
                arrayList2.add(arrayList2);
            }
            this.sql.insertLogs((List) arrayList2);
        } catch (Exception e) {
            log.error("Error saving event logs: " + arrayList, e);
        }
        if (this.secSys.getLogs().size() > 0) {
            throw new InternalException("More logs present after saveLogs()");
        }
    }
}
