package org.apache.turbine.services.security.torque;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.torque.om.Persistent;
import org.apache.torque.util.BasePeer;
import org.apache.torque.util.Criteria;
import org.apache.turbine.om.security.Group;
import org.apache.turbine.om.security.Permission;
import org.apache.turbine.om.security.Role;
import org.apache.turbine.om.security.User;
import org.apache.turbine.services.InitializationException;
import org.apache.turbine.services.security.BaseSecurityService;
import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.turbine.services.security.torque.om.BaseTurbineRolePermissionPeer;
import org.apache.turbine.services.security.torque.om.BaseTurbineUserGroupRolePeer;
import org.apache.turbine.util.security.AccessControlList;
import org.apache.turbine.util.security.DataBackendException;
import org.apache.turbine.util.security.EntityExistsException;
import org.apache.turbine.util.security.GroupSet;
import org.apache.turbine.util.security.PermissionSet;
import org.apache.turbine.util.security.RoleSet;
import org.apache.turbine.util.security.UnknownEntityException;

/* loaded from: input_file:org/apache/turbine/services/security/torque/TorqueSecurityService.class */
public class TorqueSecurityService extends BaseSecurityService {
    private static Log log;
    static Class class$org$apache$turbine$services$security$torque$TorqueSecurityService;

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.TurbineBaseService, org.apache.turbine.services.BaseInitable, org.apache.turbine.services.Initable
    public void init() throws InitializationException {
        Configuration configuration = getConfiguration();
        GroupPeerManager.init(configuration);
        RolePeerManager.init(configuration);
        PermissionPeerManager.init(configuration);
        super.init();
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public AccessControlList getACL(User user) throws DataBackendException, UnknownEntityException {
        try {
            if (!TurbineSecurity.accountExists(user)) {
                throw new UnknownEntityException(new StringBuffer().append("The account '").append(user.getName()).append("' does not exist").toString());
            }
            try {
                Hashtable hashtable = new Hashtable();
                Hashtable hashtable2 = new Hashtable();
                lockShared();
                Iterator it = getAllGroups().iterator();
                while (it.hasNext()) {
                    Group group = (Group) it.next();
                    RoleSet retrieveSet = RolePeerManager.retrieveSet(user, group);
                    hashtable.put(group, retrieveSet);
                    PermissionSet permissionSet = new PermissionSet();
                    Iterator it2 = retrieveSet.iterator();
                    while (it2.hasNext()) {
                        permissionSet.add(PermissionPeerManager.retrieveSet((Role) it2.next()));
                    }
                    hashtable2.put(group, permissionSet);
                }
                AccessControlList aclInstance = getAclInstance(hashtable, hashtable2);
                unlockShared();
                return aclInstance;
            } catch (Exception e) {
                throw new DataBackendException(new StringBuffer().append("Failed to build ACL for user '").append(user.getName()).append("'").toString(), e);
            }
        } catch (Throwable th) {
            unlockShared();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void grant(User user, Group group, Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean accountExists = TurbineSecurity.accountExists(user);
                boolean checkExists = checkExists(group);
                boolean checkExists2 = checkExists(role);
                if (accountExists && checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(BaseTurbineUserGroupRolePeer.USER_ID, ((Persistent) user).getPrimaryKey());
                    criteria.add(BaseTurbineUserGroupRolePeer.GROUP_ID, ((Persistent) group).getPrimaryKey());
                    criteria.add(BaseTurbineUserGroupRolePeer.ROLE_ID, ((Persistent) role).getPrimaryKey());
                    BaseTurbineUserGroupRolePeer.doInsert(criteria);
                    unlockExclusive();
                    return;
                }
                unlockExclusive();
                if (!accountExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getName()).append("'").toString());
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("grant(User,Group,Role) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void revoke(User user, Group group, Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean accountExists = TurbineSecurity.accountExists(user);
                boolean checkExists = checkExists(group);
                boolean checkExists2 = checkExists(role);
                if (accountExists && checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(BaseTurbineUserGroupRolePeer.USER_ID, ((Persistent) user).getPrimaryKey());
                    criteria.add(BaseTurbineUserGroupRolePeer.GROUP_ID, ((Persistent) group).getPrimaryKey());
                    criteria.add(BaseTurbineUserGroupRolePeer.ROLE_ID, ((Persistent) role).getPrimaryKey());
                    BaseTurbineUserGroupRolePeer.doDelete(criteria);
                    unlockExclusive();
                    return;
                }
                unlockExclusive();
                if (!accountExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getName()).append("'").toString());
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("revoke(User,Role,Group) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void revokeAll(User user) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!TurbineSecurity.accountExists(user)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getName()).append("'").toString());
                }
                BasePeer.deleteAll(BaseTurbineUserGroupRolePeer.TABLE_NAME, BaseTurbineUserGroupRolePeer.USER_ID, ((Persistent) user).getPrimaryKey().intValue());
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("revokeAll(User) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void grant(Role role, Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean checkExists = checkExists(role);
                boolean checkExists2 = checkExists(permission);
                if (checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(BaseTurbineRolePermissionPeer.ROLE_ID, ((Persistent) role).getPrimaryKey());
                    criteria.add(BaseTurbineRolePermissionPeer.PERMISSION_ID, ((Persistent) permission).getPrimaryKey());
                    BaseTurbineRolePermissionPeer.doInsert(criteria);
                    unlockExclusive();
                    return;
                }
                unlockExclusive();
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("grant(Role,Permission) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void revoke(Role role, Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean checkExists = checkExists(role);
                boolean checkExists2 = checkExists(permission);
                if (checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(BaseTurbineRolePermissionPeer.ROLE_ID, ((Persistent) role).getPrimaryKey());
                    criteria.add(BaseTurbineRolePermissionPeer.PERMISSION_ID, ((Persistent) permission).getPrimaryKey());
                    BaseTurbineRolePermissionPeer.doDelete(criteria);
                    unlockExclusive();
                    return;
                }
                unlockExclusive();
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("revoke(Role,Permission) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void revokeAll(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                BasePeer.deleteAll(BaseTurbineRolePermissionPeer.TABLE_NAME, BaseTurbineRolePermissionPeer.ROLE_ID, ((Persistent) role).getPrimaryKey().intValue());
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("revokeAll(Role) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public GroupSet getGroups(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(GroupPeerManager.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new GroupSet(GroupPeerManager.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getGroups(Criteria) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public RoleSet getRoles(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(RolePeerManager.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new RoleSet(RolePeerManager.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getRoles(Criteria) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public PermissionSet getPermissions(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(PermissionPeerManager.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new PermissionSet(PermissionPeerManager.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getPermissions(Criteria) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public PermissionSet getPermissions(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockShared();
                if (!checkExists(role)) {
                    unlockShared();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                PermissionSet retrieveSet = PermissionPeerManager.retrieveSet(role);
                unlockShared();
                return retrieveSet;
            } catch (Exception e) {
                throw new DataBackendException("getPermissions(Role) failed", e);
            }
        } catch (Throwable th) {
            unlockShared();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public void saveGroup(Group group) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(group)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
            }
            GroupPeerManager.doUpdate(GroupPeerManager.buildCriteria(group));
        } catch (Exception e) {
            throw new DataBackendException("saveGroup(Group) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public void saveRole(Role role) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(role)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
            }
            RolePeerManager.doUpdate(RolePeerManager.buildCriteria(role));
        } catch (Exception e) {
            throw new DataBackendException("saveRole(Role) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public void savePermission(Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(permission)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
            }
            PermissionPeerManager.doUpdate(PermissionPeerManager.buildCriteria(permission));
        } catch (Exception e) {
            throw new DataBackendException("savePermission(Permission) failed", e);
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized Group addGroup(Group group) throws DataBackendException, EntityExistsException {
        try {
            if (StringUtils.isEmpty(group.getName())) {
                throw new DataBackendException("Could not create a group with empty name!");
            }
            try {
                lockExclusive();
                if (checkExists(group)) {
                    unlockExclusive();
                    throw new EntityExistsException(new StringBuffer().append("Group '").append(group).append("' already exists").toString());
                }
                GroupPeerManager.doInsert(GroupPeerManager.buildCriteria(group));
                Criteria criteria = new Criteria();
                criteria.add(GroupPeerManager.getNameColumn(), group.getName());
                List doSelect = GroupPeerManager.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Group group2 = (Group) doSelect.get(0);
                getAllGroups().add(group2);
                unlockExclusive();
                return group2;
            } catch (Exception e) {
                throw new DataBackendException("addGroup(Group) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized Role addRole(Role role) throws DataBackendException, EntityExistsException {
        try {
            if (StringUtils.isEmpty(role.getName())) {
                throw new DataBackendException("Could not create a role with empty name!");
            }
            try {
                lockExclusive();
                if (checkExists(role)) {
                    unlockExclusive();
                    throw new EntityExistsException(new StringBuffer().append("Role '").append(role).append("' already exists").toString());
                }
                RolePeerManager.doInsert(RolePeerManager.buildCriteria(role));
                Criteria criteria = new Criteria();
                criteria.add(RolePeerManager.getNameColumn(), role.getName());
                List doSelect = RolePeerManager.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Role role2 = (Role) doSelect.get(0);
                getAllRoles().add(role2);
                unlockExclusive();
                return role2;
            } catch (Exception e) {
                throw new DataBackendException("addRole(Role) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized Permission addPermission(Permission permission) throws DataBackendException, EntityExistsException {
        try {
            if (StringUtils.isEmpty(permission.getName())) {
                throw new DataBackendException("Could not create a permission with empty name!");
            }
            try {
                lockExclusive();
                if (checkExists(permission)) {
                    unlockExclusive();
                    throw new EntityExistsException(new StringBuffer().append("Permission '").append(permission).append("' already exists").toString());
                }
                PermissionPeerManager.doInsert(PermissionPeerManager.buildCriteria(permission));
                Criteria criteria = new Criteria();
                criteria.add(PermissionPeerManager.getNameColumn(), permission.getName());
                List doSelect = PermissionPeerManager.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Permission permission2 = (Permission) doSelect.get(0);
                getAllPermissions().add(permission2);
                unlockExclusive();
                return permission2;
            } catch (Exception e) {
                throw new DataBackendException("addPermission(Permission) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void removeGroup(Group group) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(group)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
                }
                GroupPeerManager.doDelete(GroupPeerManager.buildCriteria(group));
                getAllGroups().remove(group);
                unlockExclusive();
            } catch (Exception e) {
                log.error("Failed to delete a Group");
                log.error(e);
                throw new DataBackendException("removeGroup(Group) failed", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void removeRole(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
                }
                revokeAll(role);
                RolePeerManager.doDelete(RolePeerManager.buildCriteria(role));
                getAllRoles().remove(role);
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("removeRole(Role)", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void removePermission(Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(permission)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
                }
                PermissionPeerManager.doDelete(PermissionPeerManager.buildCriteria(permission));
                getAllPermissions().remove(permission);
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("removePermission(Permission)", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void renameGroup(Group group, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(group)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
                }
                group.setName(str);
                GroupPeerManager.doUpdate(GroupPeerManager.buildCriteria(group));
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("renameGroup(Group,String)", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void renameRole(Role role, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
                }
                role.setName(str);
                RolePeerManager.doUpdate(RolePeerManager.buildCriteria(role));
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("renameRole(Role,String)", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    @Override // org.apache.turbine.services.security.BaseSecurityService, org.apache.turbine.services.security.SecurityService
    public synchronized void renamePermission(Permission permission, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(permission)) {
                    unlockExclusive();
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
                }
                permission.setName(str);
                PermissionPeerManager.doUpdate(PermissionPeerManager.buildCriteria(permission));
                unlockExclusive();
            } catch (Exception e) {
                throw new DataBackendException("renamePermission(Permission,name)", e);
            }
        } catch (Throwable th) {
            unlockExclusive();
            throw th;
        }
    }

    protected boolean checkExists(Group group) throws DataBackendException, Exception {
        return GroupPeerManager.checkExists(group);
    }

    protected boolean checkExists(Role role) throws DataBackendException, Exception {
        return RolePeerManager.checkExists(role);
    }

    protected boolean checkExists(Permission permission) throws DataBackendException, Exception {
        return PermissionPeerManager.checkExists(permission);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$turbine$services$security$torque$TorqueSecurityService == null) {
            cls = class$("org.apache.turbine.services.security.torque.TorqueSecurityService");
            class$org$apache$turbine$services$security$torque$TorqueSecurityService = cls;
        } else {
            cls = class$org$apache$turbine$services$security$torque$TorqueSecurityService;
        }
        log = LogFactory.getLog(cls);
    }
}
