package org.apache.xindice.core.security;

import java.io.FileInputStream;
import java.util.ArrayList;
import java.util.HashMap;
import org.apache.xindice.Debug;
import org.apache.xindice.core.Database;
import org.apache.xindice.util.Configuration;
import org.apache.xindice.util.ConfigurationCallback;
import org.apache.xindice.util.ReadOnlyException;
import org.apache.xindice.xml.dom.DOMParser;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/xindice/core/security/LocalSecurityManager.class */
public class LocalSecurityManager implements DBSecurityManager {
    protected Database db;
    protected HashMap permissions;
    private boolean disabled;
    private static final String ACL_COLLECTION = ACL_COLLECTION;
    private static final String ACL_COLLECTION = ACL_COLLECTION;
    private static final String ACL_FILE = ACL_FILE;
    private static final String ACL_FILE = ACL_FILE;
    private static final String PERMISSIONS = PERMISSIONS;
    private static final String PERMISSIONS = PERMISSIONS;
    private static final String COLLECTIONS = COLLECTIONS;
    private static final String COLLECTIONS = COLLECTIONS;
    private static final String COLLECTION = "collection";
    private static final String DOCUMENTS = DOCUMENTS;
    private static final String DOCUMENTS = DOCUMENTS;
    private static final String XMLOBJECTS = XMLOBJECTS;
    private static final String XMLOBJECTS = XMLOBJECTS;
    private static final String XMLOBJECT = XMLOBJECT;
    private static final String XMLOBJECT = XMLOBJECT;
    private static final String RESOURCES = RESOURCES;
    private static final String RESOURCES = RESOURCES;
    private static final String RESOURCE = RESOURCE;
    private static final String RESOURCE = RESOURCE;
    private static final String NAME = "name";
    private static final String CORE = CORE;
    private static final String CORE = CORE;
    private static final String ADMIN = "admin";
    private static final String ALL_ACCESS_GROUP = ALL_ACCESS_GROUP;
    private static final String ALL_ACCESS_GROUP = ALL_ACCESS_GROUP;
    private static ThreadLocal credentials = new ThreadLocal();
    protected Configuration config = null;
    private boolean startup = true;

    public LocalSecurityManager(Database database, boolean z) {
        this.db = null;
        this.permissions = null;
        this.disabled = false;
        this.db = database;
        this.disabled = z;
        this.permissions = new HashMap();
    }

    @Override // org.apache.xindice.util.Named
    public String getName() {
        return "LocalSecurityManager";
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public void checkAccess(String str, int i, Credentials credentials2) throws AccessDeniedException, InvalidCredentialsException {
        if (this.startup || this.disabled) {
            return;
        }
        if (credentials2 == null) {
            throw new InvalidCredentialsException();
        }
        ResourcePermissions resourcePermissions = (ResourcePermissions) this.permissions.get(str);
        ArrayList groups = credentials2.getGroups();
        if (groups.contains("admin")) {
            return;
        }
        if (resourcePermissions != null) {
            for (int i2 = 0; i2 < groups.size(); i2++) {
                String str2 = (String) groups.get(i2);
                if (resourcePermissions.checkPermission(100, i, ALL_ACCESS_GROUP)) {
                    return;
                }
                if (resourcePermissions.checkPermission(101, i, str2)) {
                    throw new AccessDeniedException();
                }
                if (resourcePermissions.checkPermission(100, i, str2)) {
                    return;
                }
            }
        }
        throw new AccessDeniedException();
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public void checkAccess(String str, int i) throws AccessDeniedException, InvalidCredentialsException {
        checkAccess(str, i, (Credentials) credentials.get());
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public Credentials authenticate(String str, String str2) throws InvalidPasswordException, UnknownUserException, InvalidCredentialsException {
        PasswordCredentials passwordCredentials = new PasswordCredentials(str, str2, this.db);
        credentials.set(passwordCredentials);
        return passwordCredentials;
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public void logout() {
        credentials.set(null);
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public void setActive() {
        this.startup = false;
    }

    @Override // org.apache.xindice.core.security.DBSecurityManager
    public void readConfig() {
        Document document = null;
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(ACL_FILE);
                document = DOMParser.toDocument(fileInputStream);
                fileInputStream.close();
            } catch (Exception e) {
                Debug.println(new StringBuffer().append("\u0007FATAL ERROR: Reading security configuration file '").append(ACL_FILE).append("'").toString());
                Debug.printStackTrace(e);
                System.exit(1);
            }
            if (document != null) {
                Configuration child = new Configuration(document.getDocumentElement(), false).getChild(CORE);
                String stringBuffer = new StringBuffer().append("/").append(child.getAttribute("name")).append("/").toString();
                handleConfig(stringBuffer, child.getChild(PERMISSIONS, true));
                Configuration child2 = child.getChild(COLLECTIONS);
                if (child2 != null) {
                    child2.processChildren("collection", new ConfigurationCallback(this, stringBuffer) { // from class: org.apache.xindice.core.security.LocalSecurityManager.1
                        private final String val$resourceName;
                        private final LocalSecurityManager this$0;

                        {
                            this.this$0 = this;
                            this.val$resourceName = stringBuffer;
                        }

                        @Override // org.apache.xindice.util.ConfigurationCallback
                        public void process(Configuration configuration) {
                            try {
                                Debug.println(configuration.getName());
                                new StringBuffer().append(this.val$resourceName).append(configuration.getAttribute("name")).append("/").toString();
                                this.this$0.handleCollection(this.val$resourceName, configuration);
                            } catch (ReadOnlyException e2) {
                                Debug.printStackTrace(e2);
                            }
                        }
                    });
                }
            } else {
                Debug.println("Access Control List could not be loaded");
            }
        } catch (Exception e2) {
            Debug.printStackTrace(e2);
        }
    }

    protected void handleCollection(String str, Configuration configuration) throws ReadOnlyException {
        if (configuration != null) {
            String stringBuffer = new StringBuffer().append(str).append(configuration.getAttribute("name")).append("/").toString();
            Configuration child = configuration.getChild(PERMISSIONS, true);
            if (child != null) {
                handleConfig(stringBuffer, child);
            }
            processChildren(stringBuffer, XMLOBJECTS, XMLOBJECT, configuration);
            Configuration child2 = configuration.getChild(DOCUMENTS, true);
            if (child2 != null) {
                processChildren(stringBuffer, RESOURCES, RESOURCE, child2);
                processChildren(stringBuffer, XMLOBJECTS, XMLOBJECT, child2);
            }
            Configuration child3 = configuration.getChild(COLLECTIONS);
            if (child3 != null) {
                child3.processChildren("collection", new ConfigurationCallback(this, stringBuffer) { // from class: org.apache.xindice.core.security.LocalSecurityManager.2
                    private final String val$resourceName;
                    private final LocalSecurityManager this$0;

                    {
                        this.this$0 = this;
                        this.val$resourceName = stringBuffer;
                    }

                    @Override // org.apache.xindice.util.ConfigurationCallback
                    public void process(Configuration configuration2) {
                        try {
                            new StringBuffer().append(this.val$resourceName).append(configuration2.getAttribute("name")).append("/").toString();
                            this.this$0.handleCollection(this.val$resourceName, configuration2);
                        } catch (ReadOnlyException e) {
                            Debug.printStackTrace(e);
                        }
                    }
                });
            }
        }
    }

    protected void processChildren(String str, String str2, String str3, Configuration configuration) throws ReadOnlyException {
        Configuration child = configuration.getChild(str2, true);
        if (child != null) {
            child.processChildren(str3, new ConfigurationCallback(this, str) { // from class: org.apache.xindice.core.security.LocalSecurityManager.3
                private final String val$resourceName;
                private final LocalSecurityManager this$0;

                {
                    this.this$0 = this;
                    this.val$resourceName = str;
                }

                @Override // org.apache.xindice.util.ConfigurationCallback
                public void process(Configuration configuration2) {
                    try {
                        this.this$0.handleConfig(new StringBuffer().append(this.val$resourceName).append(configuration2.getAttribute("name")).append("/").toString(), configuration2.getChild(LocalSecurityManager.PERMISSIONS, true));
                    } catch (ReadOnlyException e) {
                        Debug.printStackTrace(e);
                    }
                }
            });
        }
    }

    protected void handleConfig(String str, Configuration configuration) {
        if (configuration != null) {
            try {
                ResourcePermissions resourcePermissions = new ResourcePermissions(str);
                resourcePermissions.setConfig(configuration);
                this.permissions.put(str, resourcePermissions);
            } catch (NullPointerException e) {
                Debug.println("Name attribute is required for all ACL objects");
            }
        }
    }

    @Override // org.apache.xindice.util.Configurable
    public void setConfig(Configuration configuration) {
        this.config = configuration;
    }

    @Override // org.apache.xindice.util.Configurable
    public Configuration getConfig() {
        return this.config;
    }
}
