package oracle.security.jazn.spi.xml;

import java.io.IOException;
import java.io.Writer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNObjectExistsException;
import oracle.security.jazn.JAZNObjectNotFoundException;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.policy.JAZNPolicy;
import oracle.security.jazn.policy.RoleAdminPermission;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmPrincipal;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.util.FormattedWriter;
import oracle.security.jazn.util.Misc;
import oracle.security.jazn.util.Resources;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/jazn/spi/xml/XMLRoleManager.class */
public class XMLRoleManager extends PersistableObject implements RoleManager {
    private ResourceBundle _res;
    private XMLRealm _realm;
    private HashMap _roles;
    private byte[] _lock;

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLRoleManager(JAZNConfig jAZNConfig, XMLRealm xMLRealm) {
        super(jAZNConfig);
        this._res = Misc.getResourceBundle();
        this._lock = new byte[0];
        this._realm = xMLRealm;
        this._roles = new HashMap();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void init(Node node) throws JAZNException {
        NodeList childNodes = node.getChildNodes();
        this._roles = new HashMap(childNodes.getLength());
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1 && item.getNodeName().equalsIgnoreCase("role")) {
                XMLRealmRole xMLRealmRole = new XMLRealmRole(getJAZNConfig(), this._realm);
                xMLRealmRole.init(item);
                this._roles.put(xMLRealmRole.getNickName(), xMLRealmRole);
            }
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void setRealm(Realm realm) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void initialize(Hashtable hashtable) throws JAZNException {
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void refresh() {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public Realm getRealm() {
        return this._realm;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getRoles() throws JAZNException {
        return new HashSet(this._roles.values());
    }

    public Map getRoleMap() throws JAZNException {
        return this._roles;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public int getRoleCount() throws JAZNException {
        return getRoleMap().size();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public RealmRole getRole(String str) throws JAZNException {
        return (RealmRole) getRoleMap().get(XMLRealmPrincipal.getNickName(str));
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getGrantees(RealmRole realmRole, boolean z) throws JAZNException {
        HashSet hashSet = new HashSet();
        if (realmRole == null || !(realmRole instanceof XMLRealmRole)) {
            return hashSet;
        }
        XMLRealmRole xMLRealmRole = (XMLRealmRole) realmRole;
        List userGrantees = xMLRealmRole.getUserGrantees();
        List roleGrantees = xMLRealmRole.getRoleGrantees();
        hashSet.addAll(userGrantees);
        hashSet.addAll(roleGrantees);
        if (!z) {
            ListIterator listIterator = roleGrantees.listIterator();
            while (listIterator.hasNext()) {
                hashSet.addAll(getGrantees((XMLRealmRole) listIterator.next(), false));
            }
        }
        return hashSet;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getGrantedRoles(RealmPrincipal realmPrincipal, boolean z) throws JAZNException {
        HashSet hashSet = new HashSet();
        if (realmPrincipal == null || !(realmPrincipal instanceof XMLRealmPrincipal)) {
            return hashSet;
        }
        List grantedRoles = ((XMLRealmPrincipal) realmPrincipal).getGrantedRoles();
        hashSet.addAll(grantedRoles);
        if (!z) {
            ListIterator listIterator = grantedRoles.listIterator();
            while (listIterator.hasNext()) {
                hashSet.addAll(getGrantedRoles((XMLRealmRole) listIterator.next(), false));
            }
        }
        return hashSet;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public RealmRole createRole(String str) throws JAZNException {
        return createRole(str, null, null, false);
    }

    public RealmRole createRole(String str, String str2, String str3, boolean z) throws JAZNException {
        if (getRole(str) != null) {
            throw new JAZNObjectExistsException(this._res.getString(Resources.Key.ROLE_EXISTS));
        }
        XMLRealmRole xMLRealmRole = new XMLRealmRole(getJAZNConfig(), this._realm, str, str2, str3, z);
        synchronized (this._lock) {
            getRoleMap().put(xMLRealmRole.getNickName(), xMLRealmRole);
            conditionalPersist();
        }
        return xMLRealmRole;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void dropRole(RealmRole realmRole) throws JAZNException {
        dropRole(((XMLRealmRole) realmRole).getNickName());
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void dropRole(String str) throws JAZNException {
        dropRole(str, false);
    }

    public void dropRole(String str, boolean z) throws JAZNException {
        XMLRealmRole xMLRealmRole = (XMLRealmRole) getRole(str);
        if (xMLRealmRole == null) {
            throw new JAZNObjectNotFoundException();
        }
        if (z) {
            Collection values = this._roles.values();
            if (values != null) {
                XMLRealmRole[] xMLRealmRoleArr = (XMLRealmRole[]) values.toArray(new XMLRealmRole[]{xMLRealmRole});
                for (int i = 0; i < xMLRealmRoleArr.length; i++) {
                    if (xMLRealmRoleArr[i].removeRoleGrantee(xMLRealmRole)) {
                    }
                    if (xMLRealmRoleArr[i].getGrantedRoles().remove(xMLRealmRole)) {
                    }
                }
            }
            JAZNPolicy policy = getJAZNConfig().getPolicy();
            if (policy instanceof XMLJAZNPolicy) {
                ((XMLJAZNPolicy) policy).dropGrantee(new Grantee(xMLRealmRole), true);
            }
        }
        synchronized (this._lock) {
            getRoleMap().remove(XMLRealmPrincipal.getNickName(str));
            conditionalPersist();
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void grantRole(RealmPrincipal realmPrincipal, RealmRole realmRole) throws JAZNException {
        if (!(realmPrincipal instanceof XMLRealmPrincipal) || !(realmRole instanceof XMLRealmRole) || realmPrincipal == null || realmRole == null) {
            return;
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new RoleAdminPermission(realmRole));
        }
        if ((realmPrincipal instanceof RealmRole) && getGrantees((RealmRole) realmPrincipal, false).contains(realmRole)) {
            throw new IllegalArgumentException();
        }
        XMLRealmPrincipal xMLRealmPrincipal = (XMLRealmPrincipal) realmPrincipal;
        XMLRealmRole xMLRealmRole = (XMLRealmRole) realmRole;
        xMLRealmPrincipal.addGrantedRole(xMLRealmRole);
        if (xMLRealmPrincipal instanceof XMLRealmUser) {
            xMLRealmRole.addUserGrantee((XMLRealmUser) xMLRealmPrincipal);
        } else if (xMLRealmPrincipal instanceof XMLRealmRole) {
            xMLRealmRole.addRoleGrantee((XMLRealmRole) xMLRealmPrincipal);
        }
        conditionalPersist();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void revokeRole(RealmPrincipal realmPrincipal, RealmRole realmRole) throws JAZNException {
        if (!(realmPrincipal instanceof XMLRealmPrincipal) || !(realmRole instanceof XMLRealmRole) || realmPrincipal == null || realmRole == null) {
            return;
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new RoleAdminPermission(realmRole));
        }
        XMLRealmPrincipal xMLRealmPrincipal = (XMLRealmPrincipal) realmPrincipal;
        XMLRealmRole xMLRealmRole = (XMLRealmRole) realmRole;
        xMLRealmPrincipal.removeGrantedRole(xMLRealmRole);
        if (xMLRealmPrincipal instanceof XMLRealmUser) {
            xMLRealmRole.removeUserGrantee((XMLRealmUser) xMLRealmPrincipal);
        } else if (xMLRealmPrincipal instanceof XMLRealmRole) {
            xMLRealmRole.removeRoleGrantee((XMLRealmRole) xMLRealmPrincipal);
        }
        conditionalPersist();
    }

    private XMLRealmManager getXMLRealmManager() {
        return this._realm.getXMLRealmManager();
    }

    public String toString() {
        return new StringBuffer().append("[XMLRoleManager realm=").append(this._realm.getName()).append("]").toString();
    }

    public void writeXML(Writer writer) throws IOException {
        writeXML(0, writer);
    }

    public void writeXML(int i, Writer writer) throws IOException {
        if (i < 0 || writer == null) {
            throw new IllegalArgumentException();
        }
        FormattedWriter formattedWriter = new FormattedWriter(writer, i);
        formattedWriter.writeln("<roles>");
        synchronized (this._lock) {
            ArrayList arrayList = topologicalRoleSort(this._roles);
            for (int i2 = 0; i2 < arrayList.size(); i2++) {
                ((XMLRealmRole) this._roles.get((String) arrayList.get(i2))).writeXML(i + 1, writer);
            }
        }
        formattedWriter.writeln("</roles>");
    }

    private static ArrayList topologicalRoleSort(HashMap hashMap) {
        ArrayList arrayList = new ArrayList(hashMap.size());
        HashMap hashMap2 = new HashMap(hashMap.size());
        for (String str : hashMap.keySet()) {
            hashMap2.put(str, new Integer(((XMLRealmRole) hashMap.get(str)).getRoleGrantees().size()));
        }
        while (hashMap2.size() > 0) {
            ArrayList arrayList2 = new ArrayList(hashMap.size());
            HashMap hashMap3 = (HashMap) hashMap2.clone();
            for (String str2 : hashMap2.keySet()) {
                if (((Integer) hashMap2.get(str2)).intValue() == 0) {
                    arrayList.add(str2);
                    arrayList2.add(str2);
                    hashMap3.remove(str2);
                }
            }
            for (String str3 : ((HashMap) hashMap3.clone()).keySet()) {
                XMLRealmRole xMLRealmRole = (XMLRealmRole) hashMap.get(str3);
                for (int i = 0; i < arrayList2.size(); i++) {
                    Iterator it = xMLRealmRole.getRoleGrantees().iterator();
                    while (it.hasNext()) {
                        if (((XMLRealmRole) it.next()).getNickName().equals((String) arrayList2.get(i))) {
                            hashMap3.put(str3, new Integer(((Integer) hashMap3.get(str3)).intValue() - 1));
                        }
                    }
                }
            }
            hashMap2 = (HashMap) hashMap3.clone();
        }
        return arrayList;
    }
}
