package us.jts.fortress.rbac;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.log4j.Logger;
import us.jts.fortress.SecurityException;
import us.jts.fortress.util.time.Constraint;
import us.jts.fortress.util.time.Time;
import us.jts.fortress.util.time.Validator;

/* loaded from: input_file:us/jts/fortress/rbac/DSDChecker.class */
public class DSDChecker implements Validator {
    private static final String CLS_NM = DSDChecker.class.getName();
    private static final Logger log = Logger.getLogger(CLS_NM);

    @Override // us.jts.fortress.util.time.Validator
    public int validate(Session session, Constraint constraint, Time time) throws SecurityException {
        Set<SDSet> dsdCache;
        int i = 0;
        List<UserRole> roles = session.getRoles();
        if (roles == null || roles.size() == 0) {
            return 0;
        }
        Set<String> inheritedRoles = RoleUtil.getInheritedRoles(roles, session.getUser().getContextId());
        if (inheritedRoles != null && inheritedRoles.size() > 1 && (dsdCache = SDUtil.getDsdCache(inheritedRoles, session.getUser().getContextId())) != null && dsdCache.size() > 0) {
            for (SDSet sDSet : dsdCache) {
                Iterator<UserRole> it = roles.iterator();
                int i2 = 0;
                Set<String> members = sDSet.getMembers();
                while (it.hasNext()) {
                    UserRole next = it.next();
                    if (members.contains(next.getName())) {
                        i2++;
                        if (i2 >= sDSet.getCardinality().intValue()) {
                            it.remove();
                            log.warn(CLS_NM + ".validate userId [" + session.getUserId() + "] failed activation of assignedRole [" + next.getName() + "] validates DSD Set Name:" + sDSet.getName() + " Cardinality:" + sDSet.getCardinality());
                            i = 2055;
                        }
                    } else {
                        Iterator<String> it2 = RoleUtil.getAscendants(next.getName(), session.getUser().getContextId()).iterator();
                        while (true) {
                            if (it2.hasNext()) {
                                String next2 = it2.next();
                                if (members.contains(next2)) {
                                    i2++;
                                    if (i2 >= sDSet.getCardinality().intValue()) {
                                        it.remove();
                                        log.warn(CLS_NM + ".validate userId [" + session.getUserId() + "] assignedRole [" + next.getName() + "] parentRole [" + next2 + "] validates DSD Set Name:" + sDSet.getName() + " Cardinality:" + sDSet.getCardinality());
                                        i = 2055;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        return i;
    }
}
