package org.apache.jetspeed.security.impl;

import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Permission;
import java.security.Permissions;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.i18n.KeyedMessage;
import org.apache.jetspeed.security.JSSubject;
import org.apache.jetspeed.security.PermissionManager;
import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.UserPrincipal;
import org.apache.jetspeed.security.om.InternalPermission;
import org.apache.jetspeed.security.om.InternalPrincipal;
import org.apache.jetspeed.security.om.impl.InternalPermissionImpl;
import org.apache.jetspeed.util.ArgUtil;
import org.apache.ojb.broker.query.Criteria;
import org.apache.ojb.broker.query.QueryByCriteria;
import org.apache.ojb.broker.query.QueryFactory;
import org.springmodules.orm.ojb.support.PersistenceBrokerDaoSupport;

/* loaded from: input_file:portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.1.jar:org/apache/jetspeed/security/impl/PermissionManagerImpl.class */
public class PermissionManagerImpl extends PersistenceBrokerDaoSupport implements PermissionManager {
    private static final Log log;
    private static ThreadLocal permissionsCache;
    static Class class$org$apache$jetspeed$security$impl$PermissionManagerImpl;
    static Class class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl;
    static Class class$java$lang$String;
    static Class class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl;

    @Override // org.apache.jetspeed.security.PermissionManager
    public Permissions getPermissions(Principal principal) {
        String preferencesFullPath = SecurityHelper.getPreferencesFullPath(principal);
        ArgUtil.notNull(new Object[]{preferencesFullPath}, new String[]{"fullPath"}, "removePermission(java.security.Principal)");
        HashMap hashMap = (HashMap) permissionsCache.get();
        if (hashMap == null) {
            hashMap = new HashMap();
            permissionsCache.set(hashMap);
        }
        HashSet hashSet = (HashSet) hashMap.get(preferencesFullPath);
        if (hashSet == null) {
            InternalPrincipal internalPrincipal = getInternalPrincipal(preferencesFullPath);
            if (null != internalPrincipal) {
                hashSet = getSecurityPermissions(internalPrincipal.getPermissions());
            }
            if (hashSet == null) {
                hashSet = new HashSet();
            }
            hashMap.put(preferencesFullPath, hashSet);
        }
        Permissions permissions = new Permissions();
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            permissions.add((Permission) it.next());
        }
        return permissions;
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public Permissions getPermissions(Collection collection) {
        Class cls;
        HashSet hashSet;
        ArgUtil.notNull(new Object[]{collection}, new String[]{"principals"}, "getPermissions(java.util.Collection)");
        Permissions permissions = new Permissions();
        Collection principalsFullPath = getPrincipalsFullPath(collection);
        if (null != principalsFullPath && principalsFullPath.size() > 0) {
            HashSet hashSet2 = new HashSet();
            HashMap hashMap = (HashMap) permissionsCache.get();
            if (hashMap == null) {
                hashMap = new HashMap();
                permissionsCache.set(hashMap);
            }
            Iterator it = principalsFullPath.iterator();
            while (it.hasNext()) {
                HashSet hashSet3 = (HashSet) hashMap.get(it.next());
                if (hashSet3 != null) {
                    it.remove();
                    hashSet2.addAll(hashSet3);
                }
            }
            if (principalsFullPath.size() > 0) {
                Criteria criteria = new Criteria();
                criteria.addIn("fullPath", principalsFullPath);
                if (class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl == null) {
                    cls = class$("org.apache.jetspeed.security.om.impl.InternalPrincipalImpl");
                    class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl = cls;
                } else {
                    cls = class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl;
                }
                for (InternalPrincipal internalPrincipal : getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria))) {
                    Collection permissions2 = internalPrincipal.getPermissions();
                    if (null != permissions2) {
                        hashSet = getSecurityPermissions(permissions2);
                        hashSet2.addAll(hashSet);
                    } else {
                        hashSet = new HashSet();
                    }
                    hashMap.put(internalPrincipal.getFullPath(), hashSet);
                }
            }
            Iterator it2 = hashSet2.iterator();
            while (it2.hasNext()) {
                permissions.add((Permission) it2.next());
            }
        }
        return permissions;
    }

    private Collection getPrincipalsFullPath(Collection collection) {
        ArrayList arrayList = new ArrayList();
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            String preferencesFullPath = SecurityHelper.getPreferencesFullPath((Principal) it.next());
            if (null != preferencesFullPath) {
                arrayList.add(preferencesFullPath);
            }
        }
        return arrayList;
    }

    private HashSet getSecurityPermissions(Collection collection) {
        Class<?> cls;
        Class<?> cls2;
        HashSet hashSet = new HashSet();
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            InternalPermission internalPermission = (InternalPermission) it.next();
            try {
                Class<?> cls3 = Class.forName(internalPermission.getClassname());
                Class<?>[] clsArr = new Class[2];
                if (class$java$lang$String == null) {
                    cls = class$("java.lang.String");
                    class$java$lang$String = cls;
                } else {
                    cls = class$java$lang$String;
                }
                clsArr[0] = cls;
                if (class$java$lang$String == null) {
                    cls2 = class$("java.lang.String");
                    class$java$lang$String = cls2;
                } else {
                    cls2 = class$java$lang$String;
                }
                clsArr[1] = cls2;
                Permission permission = (Permission) cls3.getConstructor(clsArr).newInstance(internalPermission.getName(), internalPermission.getActions());
                if (hashSet.add(permission) && log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("Added permimssion: [class, ").append(permission.getClass().getName()).append("], ").append("[name, ").append(permission.getName()).append("], ").append("[actions, ").append(permission.getActions()).append("]").toString());
                }
            } catch (Exception e) {
                log.error("Internal error", e);
            }
        }
        return hashSet;
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public void addPermission(Permission permission) throws SecurityException {
        ArgUtil.notNull(new Object[]{permission}, new String[]{"permission"}, "addPermission(java.security.Permission)");
        try {
            getPersistenceBrokerTemplate().store(new InternalPermissionImpl(permission.getClass().getName(), permission.getName(), permission.getActions()));
        } catch (Exception e) {
            KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.addPermission", "store", e.getMessage());
            this.logger.error(create, e);
            throw new SecurityException(create, e);
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public void removePermission(Permission permission) throws SecurityException {
        ArgUtil.notNull(new Object[]{permission}, new String[]{"permission"}, "removePermission(java.security.Permission)");
        InternalPermission internalPermission = getInternalPermission(permission);
        if (null != internalPermission) {
            permissionsCache.set(null);
            try {
                getPersistenceBrokerTemplate().delete(internalPermission);
            } catch (Exception e) {
                KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.removePermission", "delete", e.getMessage());
                this.logger.error(create, e);
                throw new SecurityException(create, e);
            }
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public void removePermissions(Principal principal) throws SecurityException {
        String preferencesFullPath = SecurityHelper.getPreferencesFullPath(principal);
        ArgUtil.notNull(new Object[]{preferencesFullPath}, new String[]{"fullPath"}, "removePermission(java.security.Principal)");
        InternalPrincipal internalPrincipal = getInternalPrincipal(preferencesFullPath);
        if (null != internalPrincipal) {
            Collection permissions = internalPrincipal.getPermissions();
            if (null != permissions) {
                permissions.clear();
            }
            permissionsCache.set(null);
            try {
                internalPrincipal.setModifiedDate(new Timestamp(System.currentTimeMillis()));
                internalPrincipal.setPermissions(permissions);
                getPersistenceBrokerTemplate().store(internalPrincipal);
            } catch (Exception e) {
                KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.removePermissions", "store", e.getMessage());
                this.logger.error(create, e);
                throw new SecurityException(create, e);
            }
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public void grantPermission(Principal principal, Permission permission) throws SecurityException {
        String preferencesFullPath = SecurityHelper.getPreferencesFullPath(principal);
        ArgUtil.notNull(new Object[]{preferencesFullPath, permission}, new String[]{"fullPath", "permission"}, "grantPermission(java.security.Principal, java.security.Permission)");
        ArrayList arrayList = new ArrayList();
        InternalPrincipal internalPrincipal = getInternalPrincipal(preferencesFullPath);
        if (null == internalPrincipal) {
            if (principal instanceof UserPrincipal) {
                throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(principal.getName()));
            }
            if (!(principal instanceof RolePrincipal)) {
                throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST.create(principal.getName()));
            }
            throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(principal.getName()));
        }
        InternalPermission internalPermission = getInternalPermission(permission);
        if (null == internalPermission) {
            throw new SecurityException(SecurityException.PERMISSION_DOES_NOT_EXIST.create(permission.getName()));
        }
        if (null != internalPrincipal.getPermissions()) {
            arrayList.addAll(internalPrincipal.getPermissions());
        }
        if (!arrayList.contains(internalPermission)) {
            arrayList.add(internalPermission);
        }
        permissionsCache.set(null);
        try {
            internalPrincipal.setModifiedDate(new Timestamp(System.currentTimeMillis()));
            internalPrincipal.setPermissions(arrayList);
            getPersistenceBrokerTemplate().store(internalPrincipal);
        } catch (Exception e) {
            KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.grantPermission", "store", e.getMessage());
            this.logger.error(create, e);
            throw new SecurityException(create, e);
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public boolean permissionExists(Permission permission) {
        boolean z = true;
        if (null == getInternalPermission(permission)) {
            z = false;
        }
        return z;
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public void revokePermission(Principal principal, Permission permission) throws SecurityException {
        Collection<InternalPermission> permissions;
        String preferencesFullPath = SecurityHelper.getPreferencesFullPath(principal);
        ArgUtil.notNull(new Object[]{preferencesFullPath, permission}, new String[]{"fullPath", "permission"}, "revokePermission(java.security.Principal, java.security.Permission)");
        InternalPrincipal internalPrincipal = getInternalPrincipal(preferencesFullPath);
        if (null == internalPrincipal || null == (permissions = internalPrincipal.getPermissions())) {
            return;
        }
        boolean z = false;
        ArrayList arrayList = new ArrayList();
        for (InternalPermission internalPermission : permissions) {
            if (internalPermission.getClassname().equals(permission.getClass().getName()) && internalPermission.getName().equals(permission.getName()) && internalPermission.getActions().equals(permission.getActions())) {
                z = true;
            } else {
                arrayList.add(internalPermission);
            }
        }
        if (z) {
            permissionsCache.set(null);
            try {
                internalPrincipal.setModifiedDate(new Timestamp(System.currentTimeMillis()));
                internalPrincipal.setPermissions(arrayList);
                getPersistenceBrokerTemplate().store(internalPrincipal);
            } catch (Exception e) {
                KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.revokePermission", "store", e.getMessage());
                this.logger.error(create, e);
                throw new SecurityException(create, e);
            }
        }
    }

    InternalPrincipal getInternalPrincipal(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("fullPath", str);
        if (class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl == null) {
            cls = class$("org.apache.jetspeed.security.om.impl.InternalPrincipalImpl");
            class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$om$impl$InternalPrincipalImpl;
        }
        return (InternalPrincipal) getPersistenceBrokerTemplate().getObjectByQuery(QueryFactory.newQuery(cls, criteria));
    }

    InternalPermission getInternalPermission(Permission permission) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("classname", permission.getClass().getName());
        criteria.addEqualTo("name", permission.getName());
        criteria.addEqualTo("actions", permission.getActions());
        if (class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl == null) {
            cls = class$("org.apache.jetspeed.security.om.impl.InternalPermissionImpl");
            class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl;
        }
        return (InternalPermission) getPersistenceBrokerTemplate().getObjectByQuery(QueryFactory.newQuery(cls, criteria));
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public boolean checkPermission(Subject subject, Permission permission) {
        try {
            JSSubject.doAsPrivileged(subject, new PrivilegedAction(this, permission) { // from class: org.apache.jetspeed.security.impl.PermissionManagerImpl.1
                private final Permission val$permission;
                private final PermissionManagerImpl this$0;

                {
                    this.this$0 = this;
                    this.val$permission = permission;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    AccessController.checkPermission(this.val$permission);
                    return null;
                }
            }, (AccessControlContext) null);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public Collection getPermissions() {
        Class cls;
        if (class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl == null) {
            cls = class$("org.apache.jetspeed.security.om.impl.InternalPermissionImpl");
            class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl;
        }
        QueryByCriteria newQuery = QueryFactory.newQuery(cls, new Criteria());
        newQuery.addOrderByAscending("classname");
        newQuery.addOrderByAscending("name");
        return getPersistenceBrokerTemplate().getCollectionByQuery(newQuery);
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public Permissions getPermissions(String str, String str2) {
        Class cls;
        Class<?> cls2;
        Class<?> cls3;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("classname", str);
        criteria.addEqualTo("name", str2);
        if (class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl == null) {
            cls = class$("org.apache.jetspeed.security.om.impl.InternalPermissionImpl");
            class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$om$impl$InternalPermissionImpl;
        }
        Collection<InternalPermission> collectionByQuery = getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria));
        Permissions permissions = new Permissions();
        for (InternalPermission internalPermission : collectionByQuery) {
            try {
                Class<?> cls4 = Class.forName(internalPermission.getClassname());
                Class<?>[] clsArr = new Class[2];
                if (class$java$lang$String == null) {
                    cls2 = class$("java.lang.String");
                    class$java$lang$String = cls2;
                } else {
                    cls2 = class$java$lang$String;
                }
                clsArr[0] = cls2;
                if (class$java$lang$String == null) {
                    cls3 = class$("java.lang.String");
                    class$java$lang$String = cls3;
                } else {
                    cls3 = class$java$lang$String;
                }
                clsArr[1] = cls3;
                permissions.add((Permission) cls4.getConstructor(clsArr).newInstance(internalPermission.getName(), internalPermission.getActions()));
            } catch (Exception e) {
                this.logger.error("Failed to retrieve permissions", e);
            }
        }
        return permissions;
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public int updatePermission(Permission permission, Collection collection) throws SecurityException {
        InternalPermission internalPermission = getInternalPermission(permission);
        Iterator it = collection.iterator();
        LinkedList linkedList = new LinkedList();
        while (it.hasNext()) {
            linkedList.add(getInternalPrincipal(SecurityHelper.getPreferencesFullPath((Principal) it.next())));
        }
        internalPermission.setPrincipals(linkedList);
        internalPermission.setModifiedDate(new Timestamp(System.currentTimeMillis()));
        try {
            getPersistenceBrokerTemplate().store(internalPermission);
            return 0;
        } catch (Exception e) {
            KeyedMessage create = SecurityException.UNEXPECTED.create("PermissionManager.updatePermission", "store", e.getMessage());
            this.logger.error(create, e);
            throw new SecurityException(create, e);
        }
    }

    @Override // org.apache.jetspeed.security.PermissionManager
    public Collection getPrincipals(Permission permission) {
        LinkedList linkedList = new LinkedList();
        InternalPermission internalPermission = getInternalPermission(permission);
        if (internalPermission == null) {
            return linkedList;
        }
        Iterator it = internalPermission.getPrincipals().iterator();
        while (it.hasNext()) {
            linkedList.add(SecurityHelper.createPrincipalFromFullPath(((InternalPrincipal) it.next()).getFullPath()));
        }
        return linkedList;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$jetspeed$security$impl$PermissionManagerImpl == null) {
            cls = class$("org.apache.jetspeed.security.impl.PermissionManagerImpl");
            class$org$apache$jetspeed$security$impl$PermissionManagerImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$impl$PermissionManagerImpl;
        }
        log = LogFactory.getLog(cls);
        permissionsCache = new ThreadLocal();
    }
}
