package org.exist.security;

import java.util.ArrayList;
import java.util.Iterator;
import org.apache.log4j.Logger;
import org.exist.EXistException;
import org.exist.collections.Collection;
import org.exist.collections.triggers.TriggerException;
import org.exist.dom.DocumentImpl;
import org.exist.storage.BrokerPool;
import org.exist.storage.DBBroker;
import org.exist.util.LockException;
import org.exist.util.hashtable.Int2ObjectHashMap;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/exist-1_0b2_build_1107.jar:org/exist/security/SecurityManager.class */
public class SecurityManager {
    public static final String ACL_FILE = "users.xml";
    public static final String DBA_GROUP = "dba";
    public static final String DBA_USER = "admin";
    public static final String GUEST_GROUP = "guest";
    public static final String GUEST_USER = "guest";
    public static final String SYSTEM = "/db/system";
    private static final Logger LOG;
    private BrokerPool pool;
    private Int2ObjectHashMap groups = new Int2ObjectHashMap(65);
    private Int2ObjectHashMap users = new Int2ObjectHashMap(65);
    private int nextUserId;
    private int nextGroupId;
    private BrokerPool brokerPool;
    static Class class$org$exist$security$SecurityManager;

    public SecurityManager(BrokerPool brokerPool, DBBroker dBBroker) {
        this.nextUserId = 0;
        this.nextGroupId = 0;
        this.pool = brokerPool;
        try {
            Collection collection = dBBroker.getCollection(SYSTEM);
            if (collection == null) {
                collection = dBBroker.getOrCreateCollection(SYSTEM);
                collection.setPermissions(504);
                dBBroker.saveCollection(collection);
            }
            DocumentImpl document = collection.getDocument(dBBroker, ACL_FILE);
            if ((document != null ? document.getDocumentElement() : null) == null) {
                LOG.debug("creating system users");
                User user = new User(DBA_USER, null);
                user.addGroup(DBA_GROUP);
                int i = this.nextUserId + 1;
                this.nextUserId = i;
                user.setUID(i);
                this.users.put(user.getUID(), user);
                User user2 = new User("guest", "guest", "guest");
                int i2 = this.nextUserId + 1;
                this.nextUserId = i2;
                user2.setUID(i2);
                this.users.put(user2.getUID(), user2);
                addGroup(DBA_GROUP);
                addGroup("guest");
                save(dBBroker);
            } else {
                LOG.debug("loading acl");
                NodeList childNodes = document.getDocumentElement().getChildNodes();
                for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
                    if (childNodes.item(i3).getNodeType() == 1) {
                        Element element = (Element) childNodes.item(i3);
                        if (element.getTagName().equals("users")) {
                            try {
                                this.nextUserId = Integer.parseInt(element.getAttribute("last-id"));
                            } catch (NumberFormatException e) {
                            }
                            NodeList childNodes2 = element.getChildNodes();
                            for (int i4 = 0; i4 < childNodes2.getLength(); i4++) {
                                Node item = childNodes2.item(i4);
                                if (item.getNodeType() == 1 && item.getLocalName().equals(Permission.USER_STRING)) {
                                    User user3 = new User((Element) item);
                                    this.users.put(user3.getUID(), user3);
                                }
                            }
                        } else if (element.getTagName().equals("groups")) {
                            try {
                                this.nextGroupId = Integer.parseInt(element.getAttribute("last-id"));
                            } catch (NumberFormatException e2) {
                            }
                            NodeList childNodes3 = element.getChildNodes();
                            for (int i5 = 0; i5 < childNodes3.getLength(); i5++) {
                                Node item2 = childNodes3.item(i5);
                                if (item2.getNodeType() == 1 && item2.getLocalName().equals("group")) {
                                    Group group = new Group((Element) item2);
                                    this.groups.put(group.getId(), group);
                                }
                            }
                        }
                    }
                }
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            LOG.debug(new StringBuffer().append("loading acl failed: ").append(e3.getMessage()).toString());
        }
    }

    public synchronized void deleteUser(String str) throws PermissionDeniedException {
        deleteUser(getUser(str));
    }

    public synchronized void deleteUser(User user) throws PermissionDeniedException {
        if (user == null) {
            return;
        }
        if (user.getName().equals(DBA_USER) || user.getName().equals("guest")) {
            throw new PermissionDeniedException(new StringBuffer().append("user ").append(user.getName()).append(" is required by the system. It cannot be removed.").toString());
        }
        User user2 = (User) this.users.remove(user.getUID());
        if (user2 != null) {
            LOG.debug(new StringBuffer().append("user ").append(user2.getName()).append(" removed").toString());
        } else {
            LOG.debug("user not found");
        }
        DBBroker dBBroker = null;
        try {
            try {
                dBBroker = this.pool.get();
                save(dBBroker);
                this.pool.release(dBBroker);
            } catch (EXistException e) {
                e.printStackTrace();
                this.pool.release(dBBroker);
            }
        } catch (Throwable th) {
            this.pool.release(dBBroker);
            throw th;
        }
    }

    public synchronized User getUser(String str) {
        Iterator valueIterator = this.users.valueIterator();
        while (valueIterator.hasNext()) {
            User user = (User) valueIterator.next();
            if (user.getName().equals(str)) {
                return user;
            }
        }
        LOG.debug(new StringBuffer().append("user ").append(str).append(" not found").toString());
        return null;
    }

    public synchronized User getUser(int i) {
        User user = (User) this.users.get(i);
        if (user == null) {
            LOG.debug(new StringBuffer().append("user with uid ").append(i).append(" not found").toString());
        }
        return user;
    }

    public synchronized User[] getUsers() {
        User[] userArr = new User[this.users.size()];
        int i = 0;
        Iterator valueIterator = this.users.valueIterator();
        while (valueIterator.hasNext()) {
            userArr[i] = (User) valueIterator.next();
            i++;
        }
        return userArr;
    }

    public synchronized void addGroup(String str) {
        int i = this.nextGroupId + 1;
        this.nextGroupId = i;
        Group group = new Group(str, i);
        this.groups.put(group.getId(), group);
    }

    public synchronized boolean hasGroup(String str) {
        Iterator valueIterator = this.groups.valueIterator();
        while (valueIterator.hasNext()) {
            if (((Group) valueIterator.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public synchronized Group getGroup(String str) {
        Iterator valueIterator = this.groups.valueIterator();
        while (valueIterator.hasNext()) {
            Group group = (Group) valueIterator.next();
            if (group.getName().equals(str)) {
                return group;
            }
        }
        return null;
    }

    public synchronized Group getGroup(int i) {
        return (Group) this.groups.get(i);
    }

    public synchronized String[] getGroups() {
        ArrayList arrayList = new ArrayList(this.groups.size());
        Iterator valueIterator = this.groups.valueIterator();
        while (valueIterator.hasNext()) {
            arrayList.add(((Group) valueIterator.next()).getName());
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        return strArr;
    }

    public synchronized boolean hasAdminPrivileges(User user) {
        return user.hasGroup(DBA_GROUP);
    }

    public synchronized boolean hasUser(String str) {
        Iterator valueIterator = this.users.valueIterator();
        while (valueIterator.hasNext()) {
            if (((User) valueIterator.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public synchronized void save(DBBroker dBBroker) throws EXistException {
        LOG.debug("storing acl file");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<auth>");
        stringBuffer.append("<groups last-id=\"");
        stringBuffer.append(Integer.toString(this.nextGroupId));
        stringBuffer.append("\">");
        Iterator valueIterator = this.groups.valueIterator();
        while (valueIterator.hasNext()) {
            stringBuffer.append(((Group) valueIterator.next()).toString());
        }
        stringBuffer.append("</groups>");
        stringBuffer.append("<users last-id=\"");
        stringBuffer.append(Integer.toString(this.nextUserId));
        stringBuffer.append("\">");
        Iterator valueIterator2 = this.users.valueIterator();
        while (valueIterator2.hasNext()) {
            stringBuffer.append(((User) valueIterator2.next()).toString());
        }
        stringBuffer.append("</users>");
        stringBuffer.append("</auth>");
        dBBroker.flush();
        dBBroker.sync(1);
        try {
            dBBroker.setUser(getUser(DBA_USER));
            DocumentImpl addDocument = dBBroker.getCollection(SYSTEM).addDocument(dBBroker, ACL_FILE, stringBuffer.toString(), true);
            addDocument.setPermissions(504);
            dBBroker.saveCollection(addDocument.getCollection());
            dBBroker.flush();
            dBBroker.sync(1);
        } catch (TriggerException e) {
            throw new EXistException(e.getMessage());
        } catch (PermissionDeniedException e2) {
            throw new EXistException(e2.getMessage());
        } catch (LockException e3) {
            throw new EXistException(e3.getMessage());
        } catch (SAXException e4) {
            throw new EXistException(e4.getMessage());
        }
    }

    public synchronized void setUser(User user) {
        if (user.getUID() < 0) {
            int i = this.nextUserId + 1;
            this.nextUserId = i;
            user.setUID(i);
        }
        this.users.put(user.getUID(), user);
        Iterator groups = user.getGroups();
        while (groups.hasNext()) {
            String str = (String) groups.next();
            if (!hasGroup(str)) {
                addGroup(str);
            }
        }
        DBBroker dBBroker = null;
        try {
            try {
                dBBroker = this.pool.get();
                save(dBBroker);
                createUserHome(dBBroker, user);
                this.pool.release(dBBroker);
            } catch (EXistException e) {
                LOG.debug("error while creating user", e);
                this.pool.release(dBBroker);
            } catch (PermissionDeniedException e2) {
                LOG.debug("error while create home collection", e2);
                this.pool.release(dBBroker);
            }
        } catch (Throwable th) {
            this.pool.release(dBBroker);
            throw th;
        }
    }

    private void createUserHome(DBBroker dBBroker, User user) throws EXistException, PermissionDeniedException {
        if (user.getHome() == null) {
            return;
        }
        dBBroker.setUser(getUser(DBA_USER));
        Collection orCreateCollection = dBBroker.getOrCreateCollection(user.getHome());
        orCreateCollection.getPermissions().setOwner(user.getName());
        orCreateCollection.getPermissions().setGroup(user.getPrimaryGroup());
        dBBroker.saveCollection(orCreateCollection);
    }

    public BrokerPool getBrokerPool() {
        return this.brokerPool;
    }

    public void setBrokerPool(BrokerPool brokerPool) {
        this.brokerPool = brokerPool;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$exist$security$SecurityManager == null) {
            cls = class$("org.exist.security.SecurityManager");
            class$org$exist$security$SecurityManager = cls;
        } else {
            cls = class$org$exist$security$SecurityManager;
        }
        LOG = Logger.getLogger(cls);
    }
}
