package org.apache.turbine.services.security;

import java.util.List;
import java.util.Map;
import javax.servlet.ServletConfig;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.torque.util.Criteria;
import org.apache.turbine.om.security.Group;
import org.apache.turbine.om.security.Permission;
import org.apache.turbine.om.security.Role;
import org.apache.turbine.om.security.User;
import org.apache.turbine.services.InitializationException;
import org.apache.turbine.services.TurbineBaseService;
import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.services.crypto.CryptoAlgorithm;
import org.apache.turbine.services.crypto.CryptoService;
import org.apache.turbine.services.crypto.TurbineCrypto;
import org.apache.turbine.services.factory.FactoryService;
import org.apache.turbine.util.security.AccessControlList;
import org.apache.turbine.util.security.DataBackendException;
import org.apache.turbine.util.security.EntityExistsException;
import org.apache.turbine.util.security.GroupSet;
import org.apache.turbine.util.security.PasswordMismatchException;
import org.apache.turbine.util.security.PermissionSet;
import org.apache.turbine.util.security.RoleSet;
import org.apache.turbine.util.security.UnknownEntityException;

/* loaded from: input_file:org/apache/turbine/services/security/BaseSecurityService.class */
public abstract class BaseSecurityService extends TurbineBaseService implements SecurityService {
    private int readerCount = 0;
    private UserManager userManager = null;
    private Class userClass = null;
    private Class groupClass = null;
    private Class permissionClass = null;
    private Class roleClass = null;
    private Class aclClass = null;
    private FactoryService aclFactoryService = null;
    private static Group globalGroup = null;
    private static Log log;
    static Class class$org$apache$turbine$services$security$BaseSecurityService;
    static Class class$java$util$Map;

    @Override // org.apache.turbine.services.security.SecurityService
    public String encryptPassword(String str) {
        return encryptPassword(str, null);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public String encryptPassword(String str, String str2) {
        if (str == null) {
            return null;
        }
        String lowerCase = getConfiguration().getString(SecurityService.SECURE_PASSWORDS_KEY, SecurityService.SECURE_PASSWORDS_DEFAULT).toLowerCase();
        String string = getConfiguration().getString(SecurityService.SECURE_PASSWORDS_ALGORITHM_KEY, "SHA");
        CryptoService service = TurbineCrypto.getService();
        if (service == null || !(lowerCase.equals("true") || lowerCase.equals("yes"))) {
            return str;
        }
        try {
            CryptoAlgorithm cryptoAlgorithm = service.getCryptoAlgorithm(string);
            cryptoAlgorithm.setSeed(str2);
            return cryptoAlgorithm.encrypt(str);
        } catch (Exception e) {
            log.error("Unable to encrypt password: ", e);
            return null;
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public boolean checkPassword(String str, String str2) {
        String encryptPassword = encryptPassword(str, str2);
        if (encryptPassword == null) {
            return false;
        }
        return encryptPassword.equals(str2);
    }

    @Override // org.apache.turbine.services.TurbineBaseService, org.apache.turbine.services.BaseInitable, org.apache.turbine.services.Initable
    public void init() throws InitializationException {
        Configuration configuration = getConfiguration();
        String string = configuration.getString(SecurityService.USER_MANAGER_KEY, SecurityService.USER_MANAGER_DEFAULT);
        String string2 = configuration.getString("user.class", SecurityService.USER_CLASS_DEFAULT);
        String string3 = configuration.getString(SecurityService.GROUP_CLASS_KEY, SecurityService.GROUP_CLASS_DEFAULT);
        String string4 = configuration.getString(SecurityService.PERMISSION_CLASS_KEY, SecurityService.PERMISSION_CLASS_DEFAULT);
        String string5 = configuration.getString(SecurityService.ROLE_CLASS_KEY, SecurityService.ROLE_CLASS_DEFAULT);
        String string6 = configuration.getString(SecurityService.ACL_CLASS_KEY, SecurityService.ACL_CLASS_DEFAULT);
        try {
            this.userClass = Class.forName(string2);
            this.groupClass = Class.forName(string3);
            this.permissionClass = Class.forName(string4);
            this.roleClass = Class.forName(string5);
            this.aclClass = Class.forName(string6);
        } catch (Exception e) {
            if (this.userClass == null) {
                throw new InitializationException("Failed to create a Class object for User implementation", e);
            }
            if (this.groupClass == null) {
                throw new InitializationException("Failed to create a Class object for Group implementation", e);
            }
            if (this.permissionClass == null) {
                throw new InitializationException("Failed to create a Class object for Permission implementation", e);
            }
            if (this.roleClass == null) {
                throw new InitializationException("Failed to create a Class object for Role implementation", e);
            }
            if (this.aclClass == null) {
                throw new InitializationException("Failed to create a Class object for ACL implementation", e);
            }
        }
        try {
            UserManager userManager = (UserManager) Class.forName(string).newInstance();
            userManager.init(configuration);
            setUserManager(userManager);
            try {
                this.aclFactoryService = (FactoryService) TurbineServices.getInstance().getService(FactoryService.SERVICE_NAME);
                setInit(true);
            } catch (Exception e2) {
                throw new InitializationException("BaseSecurityService.init: Failed to get the Factory Service object", e2);
            }
        } catch (Exception e3) {
            throw new InitializationException("Failed to instantiate UserManager", e3);
        }
    }

    @Override // org.apache.turbine.services.TurbineBaseService
    public void init(ServletConfig servletConfig) throws InitializationException {
        init();
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Class getUserClass() throws UnknownEntityException {
        if (this.userClass == null) {
            throw new UnknownEntityException("Failed to create a Class object for User implementation");
        }
        return this.userClass;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User getUserInstance() throws UnknownEntityException {
        try {
            return (User) getUserClass().newInstance();
        } catch (Exception e) {
            throw new UnknownEntityException("Failed instantiate an User implementation object", e);
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User getUserInstance(String str) throws UnknownEntityException {
        User userInstance = getUserInstance();
        userInstance.setName(str);
        return userInstance;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Class getGroupClass() throws UnknownEntityException {
        if (this.groupClass == null) {
            throw new UnknownEntityException("Failed to create a Class object for Group implementation");
        }
        return this.groupClass;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGroupInstance() throws UnknownEntityException {
        try {
            return (Group) getGroupClass().newInstance();
        } catch (Exception e) {
            throw new UnknownEntityException("Failed to instantiate a Group implementation object", e);
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGroupInstance(String str) throws UnknownEntityException {
        Group groupInstance = getGroupInstance();
        groupInstance.setName(str);
        return groupInstance;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Class getPermissionClass() throws UnknownEntityException {
        if (this.permissionClass == null) {
            throw new UnknownEntityException("Failed to create a Class object for Permission implementation");
        }
        return this.permissionClass;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getPermissionInstance() throws UnknownEntityException {
        try {
            return (Permission) getPermissionClass().newInstance();
        } catch (Exception e) {
            throw new UnknownEntityException("Failed to instantiate a Permission implementation object", e);
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getPermissionInstance(String str) throws UnknownEntityException {
        Permission permissionInstance = getPermissionInstance();
        permissionInstance.setName(str);
        return permissionInstance;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Class getRoleClass() throws UnknownEntityException {
        if (this.roleClass == null) {
            throw new UnknownEntityException("Failed to create a Class object for Role implementation");
        }
        return this.roleClass;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getRoleInstance() throws UnknownEntityException {
        try {
            return (Role) getRoleClass().newInstance();
        } catch (Exception e) {
            throw new UnknownEntityException("Failed to instantiate a Role implementation object", e);
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getRoleInstance(String str) throws UnknownEntityException {
        Role roleInstance = getRoleInstance();
        roleInstance.setName(str);
        return roleInstance;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Class getAclClass() throws UnknownEntityException {
        if (this.aclClass == null) {
            throw new UnknownEntityException("Failed to create a Class object for ACL implementation");
        }
        return this.aclClass;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public AccessControlList getAclInstance(Map map, Map map2) throws UnknownEntityException {
        Class cls;
        Class cls2;
        Object[] objArr = {map, map2};
        String[] strArr = new String[2];
        if (class$java$util$Map == null) {
            cls = class$("java.util.Map");
            class$java$util$Map = cls;
        } else {
            cls = class$java$util$Map;
        }
        strArr[0] = cls.getName();
        if (class$java$util$Map == null) {
            cls2 = class$("java.util.Map");
            class$java$util$Map = cls2;
        } else {
            cls2 = class$java$util$Map;
        }
        strArr[1] = cls2.getName();
        try {
            return (AccessControlList) this.aclFactoryService.getInstance(this.aclClass.getName(), objArr, strArr);
        } catch (Exception e) {
            throw new UnknownEntityException("Failed to instantiate an ACL implementation object", e);
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public UserManager getUserManager() {
        return this.userManager;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void setUserManager(UserManager userManager) {
        this.userManager = userManager;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public boolean accountExists(User user) throws DataBackendException {
        return getUserManager().accountExists(user);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public boolean accountExists(String str) throws DataBackendException {
        return getUserManager().accountExists(str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User getAuthenticatedUser(String str, String str2) throws DataBackendException, UnknownEntityException, PasswordMismatchException {
        return getUserManager().retrieve(str, str2);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User getUser(String str) throws DataBackendException, UnknownEntityException {
        return getUserManager().retrieve(str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User[] getUsers(Criteria criteria) throws DataBackendException {
        return (User[]) getUserList(criteria).toArray(new User[0]);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public List getUserList(Criteria criteria) throws DataBackendException {
        return getUserManager().retrieveList(criteria);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public User getAnonymousUser() throws UnknownEntityException {
        User userInstance = getUserInstance();
        userInstance.setName("");
        return userInstance;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public boolean isAnonymousUser(User user) {
        return user == null || StringUtils.isEmpty(user.getName());
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void saveUser(User user) throws UnknownEntityException, DataBackendException {
        getUserManager().store(user);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void saveOnSessionUnbind(User user) throws UnknownEntityException, DataBackendException {
        this.userManager.saveOnSessionUnbind(user);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void addUser(User user, String str) throws DataBackendException, EntityExistsException {
        getUserManager().createAccount(user, str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void removeUser(User user) throws DataBackendException, UnknownEntityException {
        revokeAll(user);
        getUserManager().removeAccount(user);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void changePassword(User user, String str, String str2) throws PasswordMismatchException, UnknownEntityException, DataBackendException {
        getUserManager().changePassword(user, str, str2);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public void forcePassword(User user, String str) throws UnknownEntityException, DataBackendException {
        getUserManager().forcePassword(user, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void lockShared() {
        this.readerCount++;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void unlockShared() {
        this.readerCount--;
        notify();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void lockExclusive() {
        while (this.readerCount > 0) {
            try {
                wait();
            } catch (InterruptedException e) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void unlockExclusive() {
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGlobalGroup() {
        Class cls;
        if (globalGroup == null) {
            if (class$org$apache$turbine$services$security$BaseSecurityService == null) {
                cls = class$("org.apache.turbine.services.security.BaseSecurityService");
                class$org$apache$turbine$services$security$BaseSecurityService = cls;
            } else {
                cls = class$org$apache$turbine$services$security$BaseSecurityService;
            }
            Class cls2 = cls;
            synchronized (cls) {
                if (globalGroup == null) {
                    try {
                        globalGroup = getAllGroups().getGroupByName(Group.GLOBAL_GROUP_NAME);
                    } catch (DataBackendException e) {
                        log.error("Failed to retrieve global group object: ", e);
                    }
                }
            }
        }
        return globalGroup;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGroup(String str) throws DataBackendException, UnknownEntityException {
        return getGroupByName(str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGroupByName(String str) throws DataBackendException, UnknownEntityException {
        Group groupByName = getAllGroups().getGroupByName(str);
        if (groupByName == null) {
            throw new UnknownEntityException("The specified group does not exist");
        }
        return groupByName;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getGroupById(int i) throws DataBackendException, UnknownEntityException {
        Group groupById = getAllGroups().getGroupById(i);
        if (groupById == null) {
            throw new UnknownEntityException("The specified group does not exist");
        }
        return groupById;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getRole(String str) throws DataBackendException, UnknownEntityException {
        return getRoleByName(str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getRoleByName(String str) throws DataBackendException, UnknownEntityException {
        Role roleByName = getAllRoles().getRoleByName(str);
        if (roleByName == null) {
            throw new UnknownEntityException("The specified role does not exist");
        }
        roleByName.setPermissions(getPermissions(roleByName));
        return roleByName;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getRoleById(int i) throws DataBackendException, UnknownEntityException {
        Role roleById = getAllRoles().getRoleById(i);
        if (roleById == null) {
            throw new UnknownEntityException("The specified role does not exist");
        }
        roleById.setPermissions(getPermissions(roleById));
        return roleById;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getPermission(String str) throws DataBackendException, UnknownEntityException {
        return getPermissionByName(str);
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getPermissionByName(String str) throws DataBackendException, UnknownEntityException {
        Permission permissionByName = getAllPermissions().getPermissionByName(str);
        if (permissionByName == null) {
            throw new UnknownEntityException("The specified permission does not exist");
        }
        return permissionByName;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getPermissionById(int i) throws DataBackendException, UnknownEntityException {
        Permission permissionById = getAllPermissions().getPermissionById(i);
        if (permissionById == null) {
            throw new UnknownEntityException("The specified permission does not exist");
        }
        return permissionById;
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public GroupSet getAllGroups() throws DataBackendException {
        return getGroups(new Criteria());
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public RoleSet getAllRoles() throws DataBackendException {
        return getRoles(new Criteria());
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public PermissionSet getAllPermissions() throws DataBackendException {
        return getPermissions(new Criteria());
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Group getNewGroup(String str) {
        try {
            return getGroupInstance(str);
        } catch (UnknownEntityException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Role getNewRole(String str) {
        try {
            return getRoleInstance(str);
        } catch (UnknownEntityException e) {
            return null;
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public Permission getNewPermission(String str) {
        try {
            return getPermissionInstance(str);
        } catch (UnknownEntityException e) {
            return null;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void renamePermission(Permission permission, String str) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void renameRole(Role role, String str) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void renameGroup(Group group, String str) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void removePermission(Permission permission) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void removeRole(Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void removeGroup(Group group) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract Permission addPermission(Permission permission) throws DataBackendException, EntityExistsException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract Role addRole(Role role) throws DataBackendException, EntityExistsException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract Group addGroup(Group group) throws DataBackendException, EntityExistsException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void savePermission(Permission permission) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void saveRole(Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void saveGroup(Group group) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract PermissionSet getPermissions(Criteria criteria) throws DataBackendException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract RoleSet getRoles(Criteria criteria) throws DataBackendException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract GroupSet getGroups(Criteria criteria) throws DataBackendException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void revokeAll(Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void revoke(Role role, Permission permission) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void grant(Role role, Permission permission) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void revokeAll(User user) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void revoke(User user, Group group, Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract void grant(User user, Group group, Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract PermissionSet getPermissions(Role role) throws DataBackendException, UnknownEntityException;

    @Override // org.apache.turbine.services.security.SecurityService
    public abstract AccessControlList getACL(User user) throws DataBackendException, UnknownEntityException;

    static {
        Class cls;
        if (class$org$apache$turbine$services$security$BaseSecurityService == null) {
            cls = class$("org.apache.turbine.services.security.BaseSecurityService");
            class$org$apache$turbine$services$security$BaseSecurityService = cls;
        } else {
            cls = class$org$apache$turbine$services$security$BaseSecurityService;
        }
        log = LogFactory.getLog(cls);
    }
}
