package com.enginframe.acl;

import com.enginframe.acl.condition.Condition;
import com.enginframe.common.utils.Utils;
import com.enginframe.common.utils.log.Log;
import com.enginframe.common.utils.log.LogFactory;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* JADX WARN: Classes with same name are omitted:
  input_file:kernel/ef_root/WEBAPP/WEB-INF/lib/ef.jar:com/enginframe/acl/ACL.class
  input_file:kernel/ef_root/agent/agent.jar:com/enginframe/acl/ACL.class
 */
/* loaded from: input_file:com/enginframe/acl/ACL.class */
class ACL {
    static final String ACL_DIRECTIVE_ALLOW = "allow";
    static final String ACL_DIRECTIVE_DENY = "deny";
    static final String ACL_PRIORITY_ALLOW = "allow";
    static final String ACL_PRIORITY_DENY = "deny";
    static final String ACL_PRIORITY_DEFAULT = "deny";
    static final String PARAM_PREFIX = "@";
    private final String id;
    private final String[] parameterNames;
    private String description;
    private Condition condition;
    private final Map<String, List<String>> allowedMap = new HashMap();
    private final Map<String, List<String>> deniedMap = new HashMap();
    private String priority = "deny";
    private boolean hasErrors = false;
    private final StringBuilder errorMessages = new StringBuilder();

    /* JADX INFO: Access modifiers changed from: package-private */
    public ACL(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Null id");
        }
        getLog().debug("id (" + str + ")");
        String[] parseIdWithParams = parseIdWithParams(str);
        this.id = parseIdWithParams[0];
        this.parameterNames = new String[parseIdWithParams.length - 1];
        for (int i = 1; i < parseIdWithParams.length; i++) {
            this.parameterNames[i - 1] = "@" + parseIdWithParams[i];
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String[] parseIdWithParams(String str) {
        return str.split("[, \\[\\]]+");
    }

    Log getLog() {
        return LogFactory.getLog(getClass());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String id() {
        return this.id;
    }

    public void setCondition(Condition condition) {
        this.condition = condition;
    }

    public void setDescription(String str) {
        this.description = str;
    }

    String getDescription() {
        return this.description;
    }

    private boolean checkPriority(String str) {
        return ApplyACLInfo.APPLY_ACL_PRIORITY_ALLOW.equals(str) || "deny".equals(str);
    }

    public void setPriority(String str) {
        if (checkPriority(str)) {
            this.priority = str;
        } else {
            getLog().warn(this + ": using default priority since (" + str + ") isn't recognized");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAllow(String str, String str2) {
        if (Utils.isVoid(str) || str2 == null) {
            return;
        }
        if (getLog().isDebugEnabled()) {
            getLog().debug("username (" + str + "), action (" + str2 + ")");
        }
        setMap(str, str2, ApplyACLInfo.APPLY_ACL_PRIORITY_ALLOW);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDeny(String str, String str2) {
        if (getLog().isDebugEnabled()) {
            getLog().debug("username (" + str + "), action (" + str2 + ")");
        }
        setMap(str, str2, "deny");
    }

    private void setMap(String str, String str2, String str3) {
        List<String> actorsMapped = getActorsMapped(str2, str3);
        if (actorsMapped.contains(str)) {
            return;
        }
        actorsMapped.add(str);
    }

    private boolean isAllowed(ActorProvider actorProvider, String str, String str2, Map<String, String> map) {
        boolean z = false;
        try {
            z = isMapped(actorProvider, str, str2, ApplyACLInfo.APPLY_ACL_PRIORITY_ALLOW, map);
            if (getLog().isDebugEnabled()) {
                getLog().debug("username (" + str + "), action (" + str2 + "),  acl (" + this.id + ") - Result (" + z + ")");
            }
            return z;
        } catch (Throwable th) {
            if (getLog().isDebugEnabled()) {
                getLog().debug("username (" + str + "), action (" + str2 + "),  acl (" + this.id + ") - Result (" + z + ")");
            }
            throw th;
        }
    }

    private boolean isDenied(ActorProvider actorProvider, String str, String str2, Map<String, String> map) {
        boolean z = false;
        try {
            z = isMapped(actorProvider, str, str2, "deny", map);
            if (getLog().isDebugEnabled()) {
                getLog().debug("username (" + str + "), action (" + str2 + "),  acl (" + this.id + ") - Result (" + z + ")");
            }
            return z;
        } catch (Throwable th) {
            if (getLog().isDebugEnabled()) {
                getLog().debug("username (" + str + "), action (" + str2 + "),  acl (" + this.id + ") - Result (" + z + ")");
            }
            throw th;
        }
    }

    private boolean isMapped(ActorProvider actorProvider, String str, String str2, String str3, Map<String, String> map) {
        List<String> actorsMapped = getActorsMapped(str2, str3);
        if (getLog().isDebugEnabled()) {
            getLog().debug("Map (" + str3 + "), action (" + str2 + "), usersMapped (" + actorsMapped + ")");
        }
        Iterator<String> it = actorsMapped.iterator();
        while (it.hasNext()) {
            String actualActorId = getActualActorId(it.next(), map);
            if (actualActorId.equals(str)) {
                return true;
            }
            ACLActor actor = actorProvider.getActor(actualActorId);
            if (actor != null && actor.hasMember(str)) {
                return true;
            }
        }
        return false;
    }

    private String getActualActorId(String str, Map<String, String> map) {
        return str.startsWith("@") ? map.get(str) : str;
    }

    private List<String> getActorsMapped(String str, String str2) {
        List<String> emptyList = Collections.emptyList();
        if (ApplyACLInfo.APPLY_ACL_PRIORITY_ALLOW.equals(str2)) {
            emptyList = getActorsAllowed(str);
        } else if ("deny".equals(str2)) {
            emptyList = getActorsDenied(str);
        }
        return emptyList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean allow(ActorProvider actorProvider, String str, String str2, String... strArr) {
        if (checkErrors() || !checkParams(strArr)) {
            return false;
        }
        if (this.condition == null) {
            getLog().debug("condition is NULL");
        } else {
            getLog().debug("testing condition");
            if (!this.condition.evaluate()) {
                getLog().debug("condition evaluated FALSE");
                return false;
            }
        }
        boolean z = false;
        Map<String, String> createParamValueMap = createParamValueMap(strArr);
        if (this.priority.equals(ApplyACLInfo.APPLY_ACL_PRIORITY_ALLOW)) {
            z = allowAllowPriority(actorProvider, str, str2, createParamValueMap);
        } else if (this.priority.equals("deny")) {
            z = allowDenyPriority(actorProvider, str, str2, createParamValueMap);
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean checkErrors() {
        if (!this.hasErrors) {
            return false;
        }
        getLog().error("ACL (%s) has errors: " + this.errorMessages.toString());
        return true;
    }

    private boolean checkParams(String[] strArr) {
        if (checkParamsNumber(strArr)) {
            return true;
        }
        Log log = getLog();
        Object[] objArr = new Object[3];
        objArr[0] = this.id;
        objArr[1] = Integer.valueOf(this.parameterNames.length);
        objArr[2] = Integer.valueOf(strArr != null ? strArr.length : 0);
        log.error(String.format("ACL (%s) gets (%d) parameters but (%d) have been passed", objArr));
        return false;
    }

    private boolean checkParamsNumber(String[] strArr) {
        return strArr != null ? strArr.length == this.parameterNames.length : this.parameterNames.length == 0;
    }

    private Map<String, String> createParamValueMap(String[] strArr) {
        HashMap hashMap = new HashMap();
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                hashMap.put(this.parameterNames[i], strArr[i]);
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final boolean deny(ActorProvider actorProvider, String str, String str2, String... strArr) {
        return !allow(actorProvider, str, str2, strArr);
    }

    boolean allowAllowPriority(ActorProvider actorProvider, String str, String str2, Map<String, String> map) {
        if (getLog().isDebugEnabled()) {
            getLog().debug("username (" + str + "), action (" + str2 + ")");
        }
        return !isDenied(actorProvider, str, str2, map) || isAllowed(actorProvider, str, str2, map);
    }

    boolean allowDenyPriority(ActorProvider actorProvider, String str, String str2, Map<String, String> map) {
        if (getLog().isDebugEnabled()) {
            getLog().debug("username(" + str + "), action (" + str2 + ")");
        }
        return isAllowed(actorProvider, str, str2, map) && !isDenied(actorProvider, str, str2, map);
    }

    private List<String> getActorsAllowed(String str) {
        return getList(str, this.allowedMap);
    }

    private List<String> getActorsDenied(String str) {
        return getList(str, this.deniedMap);
    }

    private List<String> getList(String str, Map<String, List<String>> map) {
        List<String> list = map.get(str);
        if (list == null) {
            list = new ArrayList();
            map.put(str, list);
        }
        return list;
    }

    public String toString() {
        return "ACL (" + id() + ")";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addError(String str) {
        this.hasErrors = true;
        this.errorMessages.append(str).append('\n');
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean hasParameter(String str) {
        boolean z = false;
        for (int i = 0; !z && i < this.parameterNames.length; i++) {
            z = this.parameterNames[i].equals(str);
        }
        return z;
    }
}
