package com.ibm.wps.command.xml.items;

import com.ibm.logging.IRecordType;
import com.ibm.pvctools.wpsdebug.common.configurator.WpsXmlAccessConstants;
import com.ibm.wps.command.xml.ConfigItem;
import com.ibm.wps.command.xml.XmlCommandException;
import com.ibm.wps.command.xml.XmlFormatException;
import com.ibm.wps.command.xml.XmlUtils;
import com.ibm.wps.puma.Principal;
import com.ibm.wps.services.authorization.AccessControl;
import com.ibm.wps.services.authorization.ObjectType;
import com.ibm.wps.services.authorization.Permission;
import com.ibm.wps.services.authorization.PermissionCollection;
import com.ibm.wps.services.authorization.PermissionSet;
import com.ibm.wps.util.DataBackendException;
import com.ibm.wps.util.ObjectID;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.w3c.dom.Element;

/* loaded from: input_file:plugins/com.ibm.wps_4.2.0.1/wps.jar:com/ibm/wps/command/xml/items/AclData.class */
class AclData {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-B88, (C) Copyright IBM Corp. 2001, 2002 - All Rights reserved.";
    private static final String UNKNOWN_SUBJECT = "unknown";
    ConfigItem item;
    ObjectType subjectType;
    String subjectName;
    Permission permission;
    String update;

    AclData(ObjectType objectType, String str, Permission permission, ConfigItem configItem) {
        this.item = null;
        this.subjectType = null;
        this.subjectName = null;
        this.permission = null;
        this.update = null;
        this.subjectType = objectType;
        this.subjectName = str;
        this.permission = permission;
        this.item = configItem;
    }

    private AclData(Element element, ConfigItem configItem) throws XmlFormatException {
        this.item = null;
        this.subjectType = null;
        this.subjectName = null;
        this.permission = null;
        this.update = null;
        this.item = configItem;
        this.update = element.getAttribute("update");
        String attribute = element.getAttribute("subjecttype");
        if (attribute == null) {
            throw new XmlFormatException("Missing attribute 'subjecttype'", configItem, null);
        }
        this.subjectType = ObjectType.fromString(attribute.toUpperCase());
        if (this.subjectType == null) {
            throw new XmlFormatException(new StringBuffer().append("Invalid value '").append(attribute).append("'for attribute 'subjecttype'").toString(), configItem, null);
        }
        this.subjectName = element.getAttribute("subjectid");
        if (this.subjectName.length() == 0) {
            throw new XmlFormatException("Missing attribute 'subjectid'", configItem, null);
        }
        String attribute2 = element.getAttribute(WpsXmlAccessConstants.PERMISSION);
        if (attribute2 == null) {
            throw new XmlFormatException("Missing attribute 'permission'", configItem, null);
        }
        this.permission = Permission.fromString(attribute2.toUpperCase());
        if (this.permission == null) {
            throw new XmlFormatException(new StringBuffer().append("Invalid value '").append(attribute2).append("'for attribute 'permission'").toString(), configItem, null);
        }
    }

    static AclData[] initAclData(Element element, ConfigItem configItem) throws XmlFormatException {
        List childrenByTagName = XmlUtils.getChildrenByTagName(element, WpsXmlAccessConstants.ACCESS_RIGHT);
        int size = childrenByTagName.size();
        AclData[] aclDataArr = new AclData[size];
        for (int i = 0; i < size; i++) {
            aclDataArr[i] = new AclData((Element) childrenByTagName.get(i), configItem);
        }
        return aclDataArr;
    }

    static AclData[] loadAclData(ObjectType objectType, ObjectID objectID, ConfigItem configItem) throws DataBackendException {
        ArrayList arrayList = new ArrayList();
        loadAclData(AccessControl.getEntitledSubjects(ObjectType.ANONYMOUS_USER, objectType, objectID), configItem, arrayList, ObjectType.ANONYMOUS_USER);
        loadAclData(AccessControl.getEntitledSubjects(ObjectType.USER_GROUP, objectType, objectID), configItem, arrayList, ObjectType.USER_GROUP);
        loadAclData(AccessControl.getEntitledSubjects(ObjectType.USER, objectType, objectID), configItem, arrayList, ObjectType.USER);
        return (AclData[]) arrayList.toArray(new AclData[0]);
    }

    private static void loadAclData(PermissionCollection permissionCollection, ConfigItem configItem, List list, ObjectType objectType) throws DataBackendException {
        String name;
        Iterator it = permissionCollection.iterator();
        while (it.hasNext()) {
            ObjectID objectID = (ObjectID) it.next();
            PermissionSet permissions = permissionCollection.getPermissions(objectID);
            if (objectType == ObjectType.ANONYMOUS_USER) {
                name = "any";
            } else {
                name = configItem.configData.userMapping.getName(objectID, objectType);
                if (name == null) {
                    configItem.configData.msgLog.text(IRecordType.TYPE_PUBLIC, configItem, "export", new StringBuffer().append("Unknown principal id: ").append(objectID).toString());
                    name = UNKNOWN_SUBJECT;
                }
            }
            if (permissions.hasExplicitPermission(Permission.DELEGATE)) {
                list.add(new AclData(objectType, name, Permission.DELEGATE, configItem));
            }
            if (permissions.hasExplicitPermission(Permission.MANAGE)) {
                list.add(new AclData(objectType, name, Permission.MANAGE, configItem));
            }
            if (permissions.hasExplicitPermission(Permission.EDIT)) {
                list.add(new AclData(objectType, name, Permission.EDIT, configItem));
            }
            if (permissions.hasExplicitPermission(Permission.VIEW)) {
                list.add(new AclData(objectType, name, Permission.VIEW, configItem));
            }
            if (permissions.hasExplicitPermission(Permission.COPY)) {
                list.add(new AclData(objectType, name, Permission.COPY, configItem));
            }
            if (permissions.hasExplicitPermission(Permission.EXTERNAL)) {
                list.add(new AclData(objectType, name, Permission.EXTERNAL, configItem));
            }
        }
    }

    Element export() {
        Element createElement = this.item.configData.outputDocument.createElement(WpsXmlAccessConstants.ACCESS_RIGHT);
        createElement.setAttribute("update", "set");
        createElement.setAttribute("subjecttype", this.subjectType.toString().toLowerCase());
        createElement.setAttribute("subjectid", this.subjectName);
        createElement.setAttribute(WpsXmlAccessConstants.PERMISSION, this.permission.toString().toLowerCase());
        return createElement;
    }

    void update(ObjectType objectType, ObjectID objectID) throws XmlCommandException, DataBackendException {
        if (isValid()) {
            Principal principal = getPrincipal();
            if (principal != null) {
                if (this.update.equals("set")) {
                    AccessControl.setPermission(principal, this.permission, objectType, objectID, true);
                    return;
                } else {
                    if (this.update.equals("remove")) {
                        AccessControl.setPermission(principal, this.permission, objectType, objectID, false);
                        return;
                    }
                    return;
                }
            }
            if (objectType == ObjectType.USER) {
                this.item.outputWarning(new StringBuffer().append("User '").append(this.subjectName).append("' not found for access-right").toString());
            } else if (objectType == ObjectType.USER_GROUP) {
                this.item.outputWarning(new StringBuffer().append("User-Group '").append(this.subjectName).append("' not found for access-right").toString());
            } else {
                this.item.outputWarning(new StringBuffer().append("Principal '").append(this.subjectName).append("' not found for access-right").toString());
            }
        }
    }

    private boolean isValid() {
        return !UNKNOWN_SUBJECT.equals(this.subjectName);
    }

    private Principal getPrincipal() throws XmlFormatException {
        return this.subjectType == ObjectType.ANONYMOUS_USER ? AccessControl.ANY_ANONYMOUS_USER : this.item.configData.userMapping.getPrincipal(this.subjectName, this.subjectType);
    }

    public String toString() {
        return new StringBuffer().append("[ ").append(this.subjectType).append("/").append(this.subjectName).append(": ").append(this.permission).append(" ]").toString();
    }
}
