package com.apusic.security.jacc;

import com.apusic.security.PrincipalImpl;
import com.apusic.security.realm.GenericPrincipal;
import com.apusic.security.realm.SecurityRealm;
import com.apusic.util.SimpleCache;
import com.apusic.web.session.ManagerBase;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/apusic/security/jacc/ApplicationPolicy.class */
public class ApplicationPolicy extends Policy {
    private List<PolicyEntry> policyEntries = new ArrayList();
    private SimpleCache<ProtectionDomain, PermissionCollection> pdMapping = SimpleCache.make(ManagerBase.SESSION_LIST_INIT_SIZE);
    private String realmName;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/apusic/security/jacc/ApplicationPolicy$PolicyEntry.class */
    public static class PolicyEntry {
        Permission[] permissions;
        Principal[] principals;

        private PolicyEntry() {
        }
    }

    @Override // java.security.Policy
    public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
        PermissionCollection permissionCollection = this.pdMapping.get(protectionDomain);
        if (permissionCollection != null) {
            return permissionCollection.implies(permission);
        }
        PermissionCollection permissions = getPermissions(protectionDomain);
        if (permissions == null) {
            return false;
        }
        this.pdMapping.put(protectionDomain, permissions);
        return permissions.implies(permission);
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(ProtectionDomain protectionDomain) {
        Permissions permissions = new Permissions();
        if (protectionDomain == null) {
            return permissions;
        }
        getPermissions(permissions, protectionDomain.getPrincipals());
        PermissionCollection permissions2 = protectionDomain.getPermissions();
        if (permissions2 != null) {
            Enumeration<Permission> elements = permissions2.elements();
            while (elements.hasMoreElements()) {
                permissions.add(elements.nextElement());
            }
        }
        return permissions;
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        return getPermissions(new Permissions(), null);
    }

    private Permissions getPermissions(Permissions permissions, Principal[] principalArr) {
        Iterator<PolicyEntry> it = this.policyEntries.iterator();
        while (it.hasNext()) {
            addPermissions(permissions, principalArr, it.next());
        }
        return permissions;
    }

    private void addPermissions(Permissions permissions, Principal[] principalArr, PolicyEntry policyEntry) {
        boolean z = false;
        Principal[] principalArr2 = policyEntry.principals;
        if (principalArr2 == null || principalArr2.length == 0) {
            z = true;
        } else if (principalArr != null && principalArr.length != 0) {
            int length = principalArr2.length;
            int i = 0;
            loop0: while (true) {
                if (i >= length) {
                    break;
                }
                Principal principal = principalArr2[i];
                if (principal.getName().equalsIgnoreCase("everyone")) {
                    z = true;
                } else {
                    for (Principal principal2 : principalArr) {
                        if (!(principal instanceof Group)) {
                            if (principal.equals(principal2)) {
                                z = true;
                                break loop0;
                            }
                        } else if (principal2 instanceof GenericPrincipal) {
                            if (((GenericPrincipal) principal2).hasRole(principal.getName())) {
                                z = true;
                                break loop0;
                            }
                        } else if (!(principal2 instanceof PrincipalImpl)) {
                            if (principal2 instanceof X500Principal) {
                                if (this.realmName == null) {
                                    if (principal2.getName().indexOf(principal.getName()) != -1) {
                                        z = true;
                                        break loop0;
                                    }
                                } else {
                                    Group group = SecurityRealm.getRealm(this.realmName).getGroup(principal.getName());
                                    if (group != null && group.isMember(principal2)) {
                                        z = true;
                                        break loop0;
                                    }
                                }
                            } else {
                                continue;
                            }
                        } else {
                            if ("apusic_all".equals(principal.getName()) && !"*anonymous*".equals(principal2.getName())) {
                                z = true;
                                break loop0;
                            }
                            Group group2 = SecurityRealm.getRealm(((PrincipalImpl) principal2).getRealmName()).getGroup(principal.getName());
                            if (group2 != null && group2.isMember(principal2)) {
                                z = true;
                                break loop0;
                            }
                        }
                    }
                }
                if (z) {
                    break;
                } else {
                    i++;
                }
            }
        }
        if (z) {
            for (Permission permission : policyEntry.permissions) {
                permissions.add(permission);
            }
        }
    }

    @Override // java.security.Policy
    public void refresh() {
        this.pdMapping.clear();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addPermissions(Permissions permissions, Collection<? extends Principal> collection) {
        PolicyEntry policyEntry = new PolicyEntry();
        int i = 0;
        Enumeration<Permission> elements = permissions.elements();
        while (elements.hasMoreElements()) {
            i++;
            elements.nextElement();
        }
        policyEntry.permissions = new Permission[i];
        int i2 = 0;
        Enumeration<Permission> elements2 = permissions.elements();
        while (elements2.hasMoreElements()) {
            int i3 = i2;
            i2++;
            policyEntry.permissions[i3] = elements2.nextElement();
        }
        if (collection != null && collection.size() != 0) {
            policyEntry.principals = new Principal[collection.size()];
            policyEntry.principals = (Principal[]) collection.toArray(policyEntry.principals);
        }
        this.policyEntries.add(policyEntry);
    }

    public void setRealName(String str) {
        this.realmName = str;
    }
}
