package org.apache.directory.fortress.web.control;

import java.security.Principal;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.fortress.core.AccessMgr;
import org.apache.directory.fortress.core.DelAccessMgr;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.model.UserRole;
import org.apache.directory.fortress.core.model.Warning;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.realm.J2eePolicyMgr;
import org.apache.log4j.Logger;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;

/* loaded from: input_file:WEB-INF/classes/org/apache/directory/fortress/web/control/SecUtils.class */
public class SecUtils {
    private static final Logger LOG = Logger.getLogger(SecUtils.class.getName());
    private static final String PERMS_CACHED = "perms.cached";
    public static final boolean IS_PERM_CACHED;

    public static Session getSession(Component component) {
        return ((WicketSession) component.getSession()).getSession();
    }

    public static Session createSession(AccessMgr accessMgr, String str) {
        try {
            Session createSession = accessMgr.createSession(new User(str), true);
            LOG.debug("RBAC Session successfully created for userId: " + createSession.getUserId());
            return createSession;
        } catch (SecurityException e) {
            String str2 = "createSession caught SecurityException=" + e;
            LOG.error(str2);
            throw new RuntimeException(str2);
        }
    }

    public static void loadPermissionsIntoSession(DelAccessMgr delAccessMgr, Session session) {
        try {
            ((WicketSession) WicketSession.get()).setSession(session);
            ((WicketSession) WicketSession.get()).setPermissions(delAccessMgr.sessionPermissions(session));
            LOG.debug("Session successfully created for userId: " + session.getUserId());
        } catch (SecurityException e) {
            String str = "loadPermissionsIntoSession caught SecurityException=" + e;
            LOG.error(str);
            throw new RuntimeException(str);
        }
    }

    public static List<Permission> getPermissions(Component component) {
        try {
            return ((WicketSession) component.getSession()).getPermissions();
        } catch (Exception e) {
            String str = "getPermissions caught Exception=" + e;
            LOG.error(str);
            throw new RuntimeException(str);
        }
    }

    public static void getPermissions(Component component, AccessMgr accessMgr) {
        try {
            if (IS_PERM_CACHED) {
                ((WicketSession) WicketSession.get()).setPermissions(accessMgr.sessionPermissions(((WicketSession) component.getSession()).getSession()));
            }
        } catch (SecurityException e) {
            String str = "getPermissions caught SecurityException=" + e;
            LOG.error(str);
            throw new RuntimeException(str);
        }
    }

    public static boolean isAuthorized(String str, HttpServletRequest httpServletRequest) {
        boolean z = false;
        if (httpServletRequest.isUserInRole(str)) {
            z = true;
        }
        return z;
    }

    public static boolean isFound(Permission permission, Component component) {
        List<Permission> permissions = getPermissions(component);
        return CollectionUtils.isNotEmpty(permissions) && permissions.contains(permission);
    }

    public static boolean checkAccess(Component component, AccessMgr accessMgr, String str, String str2, String str3) throws SecurityException {
        WicketSession wicketSession = (WicketSession) component.getSession();
        return accessMgr.checkAccess(wicketSession.getSession(), new Permission(str, str2, str3));
    }

    public static void initializeSession(Component component, J2eePolicyMgr j2eePolicyMgr, AccessMgr accessMgr, String str) throws SecurityException {
        Session session = null;
        if (j2eePolicyMgr == null || accessMgr == null) {
            throw new SecurityException(205, "initializeSession failed - verify the injection of fortress spring beans into your application");
        }
        try {
            if (StringUtils.isNotEmpty(str)) {
                session = j2eePolicyMgr.deserialize(str);
            }
            if (session != null) {
                synchronized (((WicketSession) WicketSession.get())) {
                    if (getSession(component) == null) {
                        LOG.info("realmSession user: " + session.getUserId());
                        ((WicketSession) WicketSession.get()).setSession(session);
                        getPermissions(component, accessMgr);
                    }
                }
            }
        } catch (SecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static boolean addActiveRole(Component component, AjaxRequestTarget ajaxRequestTarget, AccessMgr accessMgr, String str) {
        boolean z = false;
        try {
            WicketSession wicketSession = (WicketSession) component.getSession();
            wicketSession.getSession().setWarnings(null);
            accessMgr.addActiveRole(wicketSession.getSession(), new UserRole(str));
            List<Warning> warnings = wicketSession.getSession().getWarnings();
            if (CollectionUtils.isNotEmpty(warnings)) {
                for (Warning warning : warnings) {
                    LOG.info("Warning: " + warning.getMsg() + " errCode: " + warning.getId() + " name: " + warning.getName() + " type: " + warning.getType().toString());
                    if (warning.getType() == Warning.Type.ROLE && warning.getName().equalsIgnoreCase(str)) {
                        String str2 = warning.getMsg() + " code: " + warning.getId();
                        LOG.error(str2);
                        ajaxRequestTarget.appendJavaScript(";alert('" + str2 + "');");
                        return false;
                    }
                }
            }
            getPermissions(component, accessMgr);
            z = true;
            LOG.info("Activate role name: " + str + " successful");
        } catch (SecurityException e) {
            String str3 = "Role selection " + str + " activation failed because of ";
            String str4 = e.getErrorId() == 5097 ? str3 + "Dynamic SoD rule violation" : e.getErrorId() == 2011 ? str3 + "Role already active in Session" : str3 + "System error: " + e + ", errId=" + e.getErrorId();
            LOG.error(str4);
            ajaxRequestTarget.appendJavaScript(";alert('" + str4 + "');");
        }
        return z;
    }

    public static boolean dropActiveRole(Component component, AjaxRequestTarget ajaxRequestTarget, AccessMgr accessMgr, String str) {
        boolean z = false;
        try {
            accessMgr.dropActiveRole(((WicketSession) component.getSession()).getSession(), new UserRole(str));
            getPermissions(component, accessMgr);
            z = true;
            LOG.info("Fortress dropActiveRole roleName: " + str + " was successful");
        } catch (SecurityException e) {
            String str2 = "Role selection " + str + " deactivation failed because of ";
            String str3 = e.getErrorId() == 2022 ? str2 + "Role not active in session" : str2 + "System error: " + e + ", errId=" + e.getErrorId();
            LOG.error(str3);
            ajaxRequestTarget.appendJavaScript(";alert('" + str3 + "');");
        }
        return z;
    }

    public static void enableFortress(Component component, HttpServletRequest httpServletRequest, J2eePolicyMgr j2eePolicyMgr, AccessMgr accessMgr) throws SecurityException {
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (!(userPrincipal != null) || isLoggedIn(component)) {
            return;
        }
        initializeSession(component, j2eePolicyMgr, accessMgr, userPrincipal.toString());
    }

    public static boolean isLoggedIn(Component component) {
        boolean z = false;
        if (getSession(component) != null) {
            z = true;
        }
        return z;
    }

    public static Permission getPermFromId(String str) {
        Permission permission = null;
        String[] split = str.split("\\.");
        if (split.length > 1) {
            permission = new Permission(split[0], split[1]);
        }
        return permission;
    }

    static {
        IS_PERM_CACHED = Config.getInstance().getProperty(PERMS_CACHED) != null && Config.getInstance().getProperty(PERMS_CACHED).equalsIgnoreCase("true");
    }
}
