package org.exist.security;

import it.unimi.dsi.fastutil.Int2ObjectRBTreeMap;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.log4j.Category;
import org.exist.EXistException;
import org.exist.Parser;
import org.exist.collections.Collection;
import org.exist.dom.DocumentImpl;
import org.exist.storage.BrokerPool;
import org.exist.storage.DBBroker;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/exist/security/SecurityManager.class */
public class SecurityManager {
    public static final String ACL_FILE = "users.xml";
    public static final String DBA_GROUP = "dba";
    public static final String DBA_USER = "admin";
    public static final String GUEST_GROUP = "guest";
    public static final String GUEST_USER = "guest";
    public static final String SYSTEM = "/db/system";
    private static final Category LOG;
    private BrokerPool pool;
    private Int2ObjectRBTreeMap groups = new Int2ObjectRBTreeMap();
    private Int2ObjectRBTreeMap users = new Int2ObjectRBTreeMap();
    private int nextUserId;
    private int nextGroupId;
    static Class class$org$exist$security$SecurityManager;

    public SecurityManager(BrokerPool brokerPool, DBBroker dBBroker) {
        this.nextUserId = 0;
        this.nextGroupId = 0;
        this.pool = brokerPool;
        try {
            if (dBBroker.getCollection(SYSTEM) == null) {
                Collection orCreateCollection = dBBroker.getOrCreateCollection(SYSTEM);
                dBBroker.saveCollection(orCreateCollection);
                orCreateCollection.setPermissions(504);
            }
            Document document = dBBroker.getDocument("/db/system/users.xml");
            if ((document != null ? document.getDocumentElement() : null) == null) {
                LOG.debug("creating system users");
                User user = new User(DBA_USER, null);
                user.addGroup(DBA_GROUP);
                int i = this.nextUserId + 1;
                this.nextUserId = i;
                user.setUID(i);
                this.users.put(user.getUID(), user);
                User user2 = new User("guest", "guest", "guest");
                int i2 = this.nextUserId + 1;
                this.nextUserId = i2;
                user2.setUID(i2);
                this.users.put(user2.getUID(), user2);
                addGroup(DBA_GROUP);
                addGroup("guest");
                save(dBBroker);
            } else {
                LOG.debug("loading acl");
                NodeList childNodes = document.getDocumentElement().getChildNodes();
                for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
                    if (childNodes.item(i3).getNodeType() == 1) {
                        Element element = (Element) childNodes.item(i3);
                        if (element.getTagName().equals("users")) {
                            try {
                                this.nextUserId = Integer.parseInt(element.getAttribute("last-id"));
                            } catch (NumberFormatException e) {
                            }
                            NodeList elementsByTagName = element.getElementsByTagName(Permission.USER_STRING);
                            for (int i4 = 0; i4 < elementsByTagName.getLength(); i4++) {
                                User user3 = new User((Element) elementsByTagName.item(i4));
                                this.users.put(user3.getUID(), user3);
                            }
                        } else if (element.getTagName().equals("groups")) {
                            try {
                                this.nextGroupId = Integer.parseInt(element.getAttribute("last-id"));
                            } catch (NumberFormatException e2) {
                            }
                            NodeList elementsByTagName2 = element.getElementsByTagName(Permission.GROUP_STRING);
                            for (int i5 = 0; i5 < elementsByTagName2.getLength(); i5++) {
                                Group group = new Group((Element) elementsByTagName2.item(i5));
                                this.groups.put(group.getId(), group);
                            }
                        }
                    }
                }
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            LOG.debug(new StringBuffer().append("loading acl failed: ").append(e3.getMessage()).toString());
        }
    }

    public synchronized void deleteUser(String str) throws PermissionDeniedException {
        deleteUser(getUser(str));
    }

    public synchronized void deleteUser(User user) throws PermissionDeniedException {
        if (user == null) {
            return;
        }
        if (user.getName().equals(DBA_USER) || user.getName().equals("guest")) {
            throw new PermissionDeniedException(new StringBuffer().append("user ").append(user.getName()).append(" is required by the system. It cannot be removed.").toString());
        }
        User user2 = (User) this.users.remove(user.getUID());
        if (user2 != null) {
            LOG.debug(new StringBuffer().append("user ").append(user2.getName()).append(" removed").toString());
        } else {
            LOG.debug(new StringBuffer().append("user ").append(user2.getName()).append(" not found").toString());
        }
        DBBroker dBBroker = null;
        try {
            try {
                dBBroker = this.pool.get();
                save(dBBroker);
                this.pool.release(dBBroker);
            } catch (EXistException e) {
                e.printStackTrace();
                this.pool.release(dBBroker);
            }
        } catch (Throwable th) {
            this.pool.release(dBBroker);
            throw th;
        }
    }

    public synchronized User getUser(String str) {
        for (User user : this.users.values()) {
            if (user.getName().equals(str)) {
                return user;
            }
        }
        LOG.debug(new StringBuffer().append("user ").append(str).append(" not found").toString());
        return null;
    }

    public synchronized User getUser(int i) {
        User user = (User) this.users.get(i);
        if (user == null) {
            LOG.debug(new StringBuffer().append("user with uid ").append(i).append(" not found").toString());
        }
        return user;
    }

    public synchronized User[] getUsers() {
        User[] userArr = new User[this.users.size()];
        int i = 0;
        Iterator it = this.users.values().iterator();
        while (it.hasNext()) {
            userArr[i] = (User) it.next();
            i++;
        }
        return userArr;
    }

    public synchronized void addGroup(String str) {
        int i = this.nextGroupId + 1;
        this.nextGroupId = i;
        Group group = new Group(str, i);
        this.groups.put(group.getId(), group);
    }

    public synchronized boolean hasGroup(String str) {
        Iterator it = this.groups.values().iterator();
        while (it.hasNext()) {
            if (((Group) it.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public synchronized Group getGroup(String str) {
        for (Group group : this.groups.values()) {
            if (group.getName().equals(str)) {
                return group;
            }
        }
        return null;
    }

    public synchronized Group getGroup(int i) {
        return (Group) this.groups.get(i);
    }

    public synchronized String[] getGroups() {
        ArrayList arrayList = new ArrayList(this.groups.size());
        Iterator it = this.groups.values().iterator();
        while (it.hasNext()) {
            arrayList.add(((Group) it.next()).getName());
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        return strArr;
    }

    public synchronized boolean hasAdminPrivileges(User user) {
        return user.hasGroup(DBA_GROUP);
    }

    public synchronized boolean hasUser(String str) {
        Iterator it = this.users.values().iterator();
        while (it.hasNext()) {
            if (((User) it.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public synchronized void save(DBBroker dBBroker) throws EXistException {
        LOG.debug("storing acl file");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<auth>");
        stringBuffer.append("<groups last-id=\"");
        stringBuffer.append(Integer.toString(this.nextGroupId));
        stringBuffer.append("\">");
        Iterator it = this.groups.values().iterator();
        while (it.hasNext()) {
            stringBuffer.append(((Group) it.next()).toString());
        }
        stringBuffer.append("</groups>");
        stringBuffer.append("<users last-id=\"");
        stringBuffer.append(Integer.toString(this.nextUserId));
        stringBuffer.append("\">");
        Iterator it2 = this.users.values().iterator();
        while (it2.hasNext()) {
            stringBuffer.append(((User) it2.next()).toString());
        }
        stringBuffer.append("</users>");
        stringBuffer.append("</auth>");
        dBBroker.flush();
        dBBroker.sync();
        try {
            DocumentImpl parse = new Parser(dBBroker, getUser(DBA_USER), true, true).parse(stringBuffer.toString(), "/db/system/users.xml");
            parse.setPermissions(504);
            dBBroker.saveCollection(parse.getCollection());
        } catch (IOException e) {
            e.printStackTrace();
        } catch (PermissionDeniedException e2) {
            e2.printStackTrace();
        } catch (SAXException e3) {
            e3.printStackTrace();
        }
        dBBroker.flush();
        dBBroker.sync();
    }

    public synchronized void setUser(User user) {
        if (user.getUID() < 0) {
            int i = this.nextUserId + 1;
            this.nextUserId = i;
            user.setUID(i);
        }
        this.users.put(user.getUID(), user);
        Iterator groups = user.getGroups();
        while (groups.hasNext()) {
            String str = (String) groups.next();
            if (!hasGroup(str)) {
                addGroup(str);
            }
        }
        DBBroker dBBroker = null;
        try {
            try {
                dBBroker = this.pool.get();
                save(dBBroker);
                createUserHome(dBBroker, user);
                this.pool.release(dBBroker);
            } catch (EXistException e) {
                LOG.debug("error while creating user", e);
                this.pool.release(dBBroker);
            } catch (PermissionDeniedException e2) {
                LOG.debug("error while create home collection", e2);
                this.pool.release(dBBroker);
            }
        } catch (Throwable th) {
            this.pool.release(dBBroker);
            throw th;
        }
    }

    private void createUserHome(DBBroker dBBroker, User user) throws EXistException, PermissionDeniedException {
        if (user.getHome() == null) {
            return;
        }
        Collection orCreateCollection = dBBroker.getOrCreateCollection(user.getHome());
        orCreateCollection.getPermissions().setOwner(user.getName());
        orCreateCollection.getPermissions().setGroup(user.getPrimaryGroup());
        dBBroker.saveCollection(orCreateCollection);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$exist$security$SecurityManager == null) {
            cls = class$("org.exist.security.SecurityManager");
            class$org$exist$security$SecurityManager = cls;
        } else {
            cls = class$org$exist$security$SecurityManager;
        }
        LOG = Category.getInstance(cls.getName());
    }
}
