package org.apache.directory.fortress.core.impl;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Constraint;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.SDSet;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.UserRole;
import org.apache.directory.fortress.core.model.Warning;
import org.apache.directory.fortress.core.util.VUtil;
import org.apache.directory.fortress.core.util.time.Time;
import org.apache.directory.fortress.core.util.time.Validator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/fortress-core-2.0.5.jar:org/apache/directory/fortress/core/impl/DSDChecker.class */
public class DSDChecker implements Validator {
    private static final String CLS_NM = DSDChecker.class.getName();
    private static final Logger LOG = LoggerFactory.getLogger(CLS_NM);

    @Override // org.apache.directory.fortress.core.util.time.Validator
    public int validate(Session session, Constraint constraint, Time time, VUtil.ConstraintType constraintType) throws SecurityException {
        Set<SDSet> dsdCache;
        int i = 0;
        List<UserRole> roles = session.getRoles();
        if (roles == null || roles.size() == 0) {
            return 0;
        }
        String contextId = session.isGroupSession() ? session.getGroup().getContextId() : session.getUser().getContextId();
        String groupName = session.isGroupSession() ? session.getGroupName() : session.getUserId();
        String str = session.isGroupSession() ? "groupName" : "userId";
        Set<String> inheritedRoles = RoleUtil.getInstance().getInheritedRoles(roles, contextId);
        if (inheritedRoles != null && inheritedRoles.size() > 1 && (dsdCache = SDUtil.getInstance().getDsdCache(inheritedRoles, contextId)) != null && dsdCache.size() > 0) {
            for (SDSet sDSet : dsdCache) {
                Iterator<UserRole> it = roles.iterator();
                int i2 = 0;
                Set<String> members = sDSet.getMembers();
                while (it.hasNext()) {
                    UserRole next = it.next();
                    if (members.contains(next.getName())) {
                        i2++;
                        if (i2 >= sDSet.getCardinality().intValue()) {
                            it.remove();
                            String str2 = "validate " + str + " [" + groupName + "] failed activation of assignedRole [" + next.getName() + "] validates DSD Set Name:" + sDSet.getName() + " Cardinality:" + sDSet.getCardinality();
                            LOG.warn(str2);
                            i = 2055;
                            session.setWarning(new ObjectFactory().createWarning(GlobalErrIds.ACTV_FAILED_DSD, str2, Warning.Type.ROLE, next.getName()));
                        }
                    } else {
                        Iterator<String> it2 = RoleUtil.getInstance().getAscendants(next.getName(), contextId).iterator();
                        while (true) {
                            if (it2.hasNext()) {
                                String next2 = it2.next();
                                if (members.contains(next2)) {
                                    i2++;
                                    if (i2 >= sDSet.getCardinality().intValue()) {
                                        String str3 = "validate " + str + " [" + groupName + "] assignedRole [" + next.getName() + "] parentRole [" + next2 + "] validates DSD Set Name:" + sDSet.getName() + " Cardinality:" + sDSet.getCardinality();
                                        i = 2055;
                                        it.remove();
                                        session.setWarning(new ObjectFactory().createWarning(GlobalErrIds.ACTV_FAILED_DSD, str3, Warning.Type.ROLE, next.getName()));
                                        LOG.warn(str3);
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        return i;
    }
}
