package oracle.security.jazn.spi.xml;

import java.io.IOException;
import java.io.Writer;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.ResourceBundle;
import java.util.Set;
import javax.security.auth.Subject;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNInitException;
import oracle.security.jazn.Persistable;
import oracle.security.jazn.policy.GlobalPolicy;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.policy.JAZNPolicy;
import oracle.security.jazn.policy.PolicyManager;
import oracle.security.jazn.policy.RealmPolicy;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.spi.JAZNProvider;
import oracle.security.jazn.util.FormattedWriter;
import oracle.security.jazn.util.Misc;
import oracle.security.jazn.util.Resources;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/jazn/spi/xml/XMLJAZNPolicy.class */
public class XMLJAZNPolicy implements JAZNPolicy, PolicyManager, GlobalPolicy, Persistable {
    private ResourceBundle _res;
    private JAZNConfig _config;
    private List _grantEntries;
    private boolean _isValid;

    public XMLJAZNPolicy() {
        this(null, null);
    }

    public XMLJAZNPolicy(JAZNConfig jAZNConfig) {
        this._res = Misc.getResourceBundle();
        this._grantEntries = new ArrayList();
        this._config = jAZNConfig == null ? JAZNConfig.getJAZNConfig() : jAZNConfig;
    }

    public XMLJAZNPolicy(JAZNConfig jAZNConfig, Node node) {
        this._res = Misc.getResourceBundle();
        this._grantEntries = new ArrayList();
        this._config = jAZNConfig == null ? JAZNConfig.getJAZNConfig() : jAZNConfig;
        init(node);
    }

    public void init(Node node) {
        try {
            NodeList childNodes = node.getChildNodes();
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeName().equalsIgnoreCase("grant")) {
                    this._grantEntries.add(new XMLGrantEntry(this._config, item));
                }
            }
            this._isValid = true;
        } catch (Exception e) {
            throw new JAZNInitException(e.getMessage(), e);
        }
    }

    @Override // oracle.security.jazn.policy.PolicyManager
    public GlobalPolicy getGlobalPolicy() throws JAZNException {
        return this;
    }

    @Override // oracle.security.jazn.policy.PolicyManager
    public RealmPolicy getRealmPolicy(Realm realm) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    private final JAZNConfig getJAZNConfig() {
        return this._config;
    }

    private final JAZNProvider getJAZNProvider() {
        return this._config.getJAZNProvider();
    }

    private final boolean isValid() {
        return this._isValid;
    }

    private final Collection getPolicyEntries() {
        return this._grantEntries;
    }

    @Override // oracle.security.jazn.policy.GlobalPolicy
    public Collection getGrantees() throws JAZNException {
        if (!isValid()) {
            throw new IllegalStateException();
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = getPolicyEntries().iterator();
        while (it.hasNext()) {
            arrayList.add(((XMLGrantee) ((XMLGrantEntry) it.next()).getGrantee()).getGrantee());
        }
        return arrayList;
    }

    @Override // oracle.security.jazn.policy.GlobalPolicy
    public boolean createGrantee(Grantee grantee) throws JAZNException {
        if (!isValid()) {
            throw new IllegalStateException();
        }
        Collection policyEntries = getPolicyEntries();
        Iterator it = policyEntries.iterator();
        while (it.hasNext()) {
            if (((XMLGrantee) ((XMLGrantEntry) it.next()).getGrantee()).getGrantee().equals(grantee)) {
                return false;
            }
        }
        boolean add = policyEntries.add(new XMLGrantEntry(getJAZNConfig(), new XMLGrantee(getJAZNConfig(), grantee), null));
        if (add) {
            conditionalPersist();
        }
        return add;
    }

    @Override // oracle.security.jazn.policy.GlobalPolicy
    public boolean dropGrantee(Grantee grantee, boolean z) throws JAZNException {
        if (!isValid()) {
            throw new IllegalStateException();
        }
        Iterator it = getPolicyEntries().iterator();
        boolean z2 = false;
        while (it.hasNext()) {
            Grantee grantee2 = ((XMLGrantee) ((XMLGrantEntry) it.next()).getGrantee()).getGrantee();
            if (z) {
                if (grantee.implies(grantee2)) {
                    it.remove();
                    z2 = true;
                }
            } else if (grantee2.equals(grantee)) {
                it.remove();
                conditionalPersist();
                return true;
            }
        }
        if (!z || !z2) {
            return false;
        }
        conditionalPersist();
        return true;
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public void grant(Grantee grantee, Permission permission) throws JAZNException {
        if (!isValid()) {
            throw new IllegalStateException();
        }
        if (grantee == null || permission == null) {
            throw new IllegalArgumentException();
        }
        PermissionCollection permissions = getPermissions(grantee);
        if (permissions != null) {
            Enumeration<Permission> elements = permissions.elements();
            while (elements.hasMoreElements()) {
                if (permission.equals(elements.nextElement())) {
                    throw new IllegalArgumentException(this._res.getString(Resources.Key.POLICY_DUPLICATE_GRANT));
                }
            }
        }
        Collection policyEntries = getPolicyEntries();
        XMLPermissionCollection xMLPermissionCollection = new XMLPermissionCollection(getJAZNConfig());
        xMLPermissionCollection.add(permission);
        XMLGrantEntry xMLGrantEntry = new XMLGrantEntry(getJAZNConfig(), new XMLGrantee(getJAZNConfig(), grantee), xMLPermissionCollection);
        boolean z = true;
        Iterator it = policyEntries.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XMLGrantEntry xMLGrantEntry2 = (XMLGrantEntry) it.next();
            if (((XMLGrantee) xMLGrantEntry2.getGrantee()).getGrantee().equals(grantee)) {
                ((XMLPermissionCollection) xMLGrantEntry2.getPermissions()).add(permission);
                z = false;
                break;
            }
        }
        if (z) {
            policyEntries.add(xMLGrantEntry);
        }
        conditionalPersist();
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public void revoke(Grantee grantee, Permission permission) throws JAZNException {
        if (!isValid()) {
            throw new IllegalStateException();
        }
        boolean z = false;
        Iterator it = getPolicyEntries().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            XMLGrantEntry xMLGrantEntry = (XMLGrantEntry) it.next();
            if (((XMLGrantee) xMLGrantEntry.getGrantee()).getGrantee().equals(grantee)) {
                z = ((XMLPermissionCollection) xMLGrantEntry.getPermissions()).remove(permission);
                break;
            }
        }
        if (z) {
            conditionalPersist();
        }
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public PermissionCollection getPermissions(Grantee grantee, Class cls) throws JAZNException {
        PermissionCollection permissions = getPermissions(grantee);
        if (cls == null) {
            return permissions;
        }
        Permissions permissions2 = null;
        Enumeration<Permission> elements = permissions.elements();
        while (elements.hasMoreElements()) {
            Permission nextElement = elements.nextElement();
            if (cls.isInstance(nextElement)) {
                if (permissions2 == null) {
                    permissions2 = new Permissions();
                }
                permissions2.add(nextElement);
            }
        }
        return permissions2;
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public boolean hasPermission(Grantee grantee, Permission permission) throws JAZNException {
        return getPermissions(grantee).implies(permission);
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public PermissionCollection getPermissions(Subject subject, CodeSource codeSource) {
        new Permissions();
        return getPermissions(new Grantee(subject == null ? null : subject.getPrincipals(), codeSource));
    }

    public PermissionCollection getPermissions(Grantee grantee) {
        Permissions permissions = new Permissions();
        for (XMLGrantEntry xMLGrantEntry : getPolicyEntries()) {
            if (xMLGrantEntry.getGrantee().implies(grantee)) {
                Enumeration<Permission> elements = xMLGrantEntry.getPermissions().elements();
                while (elements.hasMoreElements()) {
                    permissions.add(elements.nextElement());
                }
            }
        }
        return permissions;
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        return getPermissions(new Grantee(null, codeSource));
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public PermissionCollection getPermissions(ProtectionDomain protectionDomain) {
        if (protectionDomain == null) {
            return new Permissions();
        }
        HashSet hashSet = null;
        Principal[] principals = protectionDomain.getPrincipals();
        if (principals != null && principals.length != 0) {
            hashSet = new HashSet();
            for (Principal principal : principals) {
                hashSet.add(principal);
            }
        }
        return getPermissions(new Grantee(hashSet, protectionDomain.getCodeSource()));
    }

    public Permissions getPermissions(Permissions permissions, CodeSource codeSource, Principal[] principalArr) {
        int size;
        synchronized (this._grantEntries) {
            size = this._grantEntries.size();
        }
        for (int i = 0; i < size; i++) {
            boolean z = false;
            synchronized (this._grantEntries) {
                XMLGrantEntry xMLGrantEntry = (XMLGrantEntry) this._grantEntries.get(i);
                Grantee grantee = xMLGrantEntry.getGrantee();
                if (((Boolean) AccessController.doPrivileged(new PrivilegedAction(this, grantee.getCodeSource(), codeSource) { // from class: oracle.security.jazn.spi.xml.XMLJAZNPolicy.1
                    private final CodeSource val$policyCS;
                    private final CodeSource val$csCopy;
                    private final XMLJAZNPolicy this$0;

                    {
                        this.this$0 = this;
                        this.val$policyCS = r5;
                        this.val$csCopy = codeSource;
                    }

                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return this.val$policyCS == null ? Boolean.TRUE : new Boolean(this.val$policyCS.implies(this.val$csCopy));
                    }
                })).booleanValue()) {
                    Set principals = grantee.getPrincipals();
                    if (principals.size() == 0) {
                        z = true;
                    } else if (principalArr.length != 0) {
                        Iterator it = principals.iterator();
                        while (it.hasNext()) {
                            boolean activePSImpliesPolicyPr = activePSImpliesPolicyPr(principalArr, (XMLPrincipal) it.next());
                            z = activePSImpliesPolicyPr;
                            if (!activePSImpliesPolicyPr) {
                                break;
                            }
                        }
                    }
                    if (z) {
                        Enumeration<Permission> elements = xMLGrantEntry.getPermissions().elements();
                        while (elements.hasMoreElements()) {
                            permissions.add(elements.nextElement());
                        }
                    }
                }
            }
        }
        return permissions;
    }

    private boolean activePSImpliesPolicyPr(Principal[] principalArr, XMLPrincipal xMLPrincipal) {
        for (int i = 0; i < principalArr.length; i++) {
            if ((xMLPrincipal.getPrincipalClass().equals("*") || xMLPrincipal.getPrincipalClass().equals(principalArr[i].getClass().getName())) && (xMLPrincipal.getPrincipalName().equals("*") || xMLPrincipal.getPrincipalName().equals(principalArr[i].getName()))) {
                return true;
            }
        }
        return false;
    }

    @Override // oracle.security.jazn.policy.JAZNPolicy
    public void refresh() {
    }

    @Override // oracle.security.jazn.Persistable
    public synchronized void setDirtyBit() {
        getJAZNProvider().setDirtyBit();
    }

    @Override // oracle.security.jazn.Persistable
    public synchronized void setDirtyBit(boolean z) {
        getJAZNProvider().setDirtyBit(z);
    }

    @Override // oracle.security.jazn.Persistable
    public synchronized boolean isDirty() {
        return getJAZNProvider().isDirty();
    }

    public synchronized int getPersistenceMode() {
        return getJAZNConfig().getPersistenceMode();
    }

    synchronized void conditionalPersist() throws JAZNException {
        if (getPersistenceMode() == 2) {
            persist();
        } else {
            setDirtyBit();
        }
    }

    @Override // oracle.security.jazn.Persistable
    public synchronized void persist() throws JAZNException {
        getJAZNProvider().persist();
    }

    public void writeXML(Writer writer) throws IOException {
        writeXML(0, writer);
    }

    public void writeXML(int i, Writer writer) throws IOException {
        if (i < 0 || writer == null) {
            throw new IllegalArgumentException();
        }
        FormattedWriter formattedWriter = new FormattedWriter(writer, i);
        formattedWriter.writeCommentLn("JAZN Policy Data");
        formattedWriter.writeln("<jazn-policy>");
        Iterator it = getPolicyEntries().iterator();
        while (it.hasNext()) {
            ((XMLGrantEntry) it.next()).writeXML(i + 1, writer);
        }
        formattedWriter.writeln("</jazn-policy>");
    }
}
