package com.evermind.server;

import com.evermind.net.AccessRegionSet;
import com.evermind.net.AddressContainer;
import com.evermind.security.Group;
import com.evermind.security.User;
import com.evermind.security.UserManager;
import com.evermind.server.deployment.SecurityRole;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:com/evermind/server/RuntimeSecurityRole.class */
public class RuntimeSecurityRole {
    private UserManager manager;
    private Set roles;
    private boolean impliesAll;
    private Group[] groups;
    private User[] users;
    private AccessRegionSet accessMask;
    private RuntimeSecurityRole[] subRoles;

    public RuntimeSecurityRole(UserManager userManager, Set set) {
        if (userManager == null) {
            throw new NullPointerException("UserManager was null");
        }
        if (set == null) {
            throw new NullPointerException("Roles where null");
        }
        this.manager = userManager;
        this.roles = set;
    }

    public boolean impliesUser(User user, AddressContainer addressContainer) {
        if (user == null) {
            user = ApplicationServer.instance.getUserManager().getAnonymousUser();
            if (user == null) {
                return false;
            }
        }
        if (this.accessMask != null) {
            if (addressContainer == null) {
                addressContainer = ThreadState.getCurrentState().getAddressContainer();
            }
            if (addressContainer != null && !this.accessMask.allow(addressContainer.getInetAddress())) {
                return false;
            }
        }
        if (this.impliesAll) {
            return true;
        }
        if (user instanceof RoleUser) {
            if (this.roles != null && this.roles.contains(((RoleUser) user).getRole())) {
                return true;
            }
            try {
                Collection users = getUsers();
                List<String> users2 = ((RoleUser) user).getRole().getUsers();
                Iterator it = users.iterator();
                boolean z = false;
                for (String str : users2) {
                    z = false;
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (((User) it.next()).getName().equals(this.manager.getUser(str).getName())) {
                            z = true;
                            break;
                        }
                    }
                    if (!z) {
                        return false;
                    }
                }
                if (z) {
                    return true;
                }
            } catch (Exception e) {
            }
            if (this.groups == null) {
                initPrincipals();
                if (this.impliesAll) {
                    return true;
                }
            }
        }
        if (this.groups == null) {
            initPrincipals();
            if (this.accessMask != null) {
                if (addressContainer == null) {
                    addressContainer = ThreadState.getCurrentState().getAddressContainer();
                }
                if (addressContainer != null && !this.accessMask.allow(addressContainer.getInetAddress())) {
                    return false;
                }
            }
            if (this.impliesAll) {
                return true;
            }
        }
        for (int i = 0; i < this.groups.length; i++) {
            if (user.isMemberOf(this.groups[i])) {
                return true;
            }
        }
        for (int i2 = 0; i2 < this.users.length; i2++) {
            if (user.equals(this.users[i2])) {
                return true;
            }
        }
        if (this.subRoles == null) {
            return false;
        }
        for (int i3 = 0; i3 < this.subRoles.length; i3++) {
            if (this.subRoles[i3].impliesUser(user, addressContainer)) {
                return true;
            }
        }
        return false;
    }

    public void initPrincipals() {
        Group group;
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        Iterator it = this.roles.iterator();
        ArrayList arrayList = new ArrayList();
        while (it.hasNext()) {
            SecurityRole securityRole = (SecurityRole) it.next();
            if (securityRole != null) {
                if (securityRole.impliesAll()) {
                    if (securityRole.getAccessMask() == null) {
                        this.impliesAll = true;
                        return;
                    } else if (this.roles.size() == 1) {
                        this.accessMask = securityRole.getAccessMask();
                        this.impliesAll = true;
                        return;
                    }
                } else if (securityRole.getAccessMask() != null) {
                    if (this.roles.size() == 1) {
                        this.accessMask = securityRole.getAccessMask();
                    } else {
                        HashSet hashSet3 = new HashSet();
                        hashSet3.add(securityRole);
                        arrayList.add(new RuntimeSecurityRole(this.manager, hashSet3));
                        it.remove();
                    }
                }
                hashSet.addAll(securityRole.getUsers());
                hashSet2.addAll(securityRole.getGroups());
            }
        }
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        if (hashSet.isEmpty() && hashSet2.isEmpty()) {
            for (SecurityRole securityRole2 : this.roles) {
                if (securityRole2.getAccessMask() == null) {
                    hashSet2.add(securityRole2.getName());
                } else if (this.roles.size() > 1) {
                    HashSet hashSet4 = new HashSet();
                    hashSet4.add(securityRole2);
                    arrayList.add(new RuntimeSecurityRole(this.manager, hashSet4));
                } else {
                    hashSet2.add(securityRole2.getName());
                    this.accessMask = securityRole2.getAccessMask();
                }
            }
        }
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            User user = this.manager.getUser(it2.next().toString());
            if (user != null) {
                arrayList2.add(user);
            }
        }
        for (Object obj : hashSet2) {
            if (obj != null && (group = this.manager.getGroup(obj.toString())) != null) {
                arrayList3.add(group);
            }
        }
        this.groups = (Group[]) arrayList3.toArray(new Group[arrayList3.size()]);
        this.users = (User[]) arrayList2.toArray(new User[arrayList2.size()]);
        if (arrayList.size() > 0) {
            this.subRoles = (RuntimeSecurityRole[]) arrayList.toArray(new RuntimeSecurityRole[arrayList.size()]);
        }
    }

    public Collection getGroups() {
        if (this.groups == null) {
            initPrincipals();
        }
        return Arrays.asList(this.groups);
    }

    public Collection getUsers() {
        if (this.groups == null) {
            initPrincipals();
        }
        return Arrays.asList(this.users);
    }

    public Set getRoles() {
        return this.roles;
    }

    public void setImpliesAll(boolean z) {
        this.impliesAll = z;
    }

    public boolean impliesAll() {
        if (this.accessMask != null) {
            return false;
        }
        return this.impliesAll;
    }
}
