package org.deegree.security.drm;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.deegree.framework.util.StringPair;
import org.deegree.security.GeneralSecurityException;
import org.deegree.security.UnauthorizedException;
import org.deegree.security.drm.model.Group;
import org.deegree.security.drm.model.Privilege;
import org.deegree.security.drm.model.Right;
import org.deegree.security.drm.model.RightSet;
import org.deegree.security.drm.model.RightType;
import org.deegree.security.drm.model.Role;
import org.deegree.security.drm.model.SecurableObject;
import org.deegree.security.drm.model.SecuredObject;
import org.deegree.security.drm.model.Service;
import org.deegree.security.drm.model.User;
import org.springframework.beans.factory.support.PropertiesBeanDefinitionReader;

/* loaded from: input_file:cismet-deegree-2.3.8.jar:org/deegree/security/drm/SecurityTransaction.class */
public class SecurityTransaction extends SecurityAccess {
    private Role adminRole;
    private long timestamp;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityTransaction(User user, SecurityRegistry securityRegistry, Role role) {
        super(user, securityRegistry);
        this.adminRole = role;
        this.timestamp = System.currentTimeMillis();
    }

    public Role[] addRoles(Role[] roleArr, Role role) {
        HashSet hashSet = new HashSet(roleArr.length + 1);
        hashSet.add(role);
        for (Role role2 : roleArr) {
            hashSet.add(role2);
        }
        return (Role[]) hashSet.toArray(new Role[hashSet.size()]);
    }

    public void clean() throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        this.registry.clean(this);
    }

    public void deregisterGroup(Group group) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.DELETE, group);
        try {
            this.registry.deregisterRole(this, this.registry.getRoleByName(this, "$G:" + group.getName()));
        } catch (UnknownException e) {
        }
        this.registry.deregisterGroup(this, group);
    }

    public void deregisterRole(Role role) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.DELETE, role);
        try {
            this.registry.deregisterRole(this, this.registry.getRoleByName(this, "$R:" + role.getName()));
        } catch (UnknownException e) {
        }
        this.registry.deregisterRole(this, role);
    }

    public void deregisterSecuredObject(SecuredObject securedObject) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.DELETE, securedObject);
        try {
            this.registry.deregisterRole(this, this.registry.getRoleByName(this, "$O:" + securedObject.getName()));
        } catch (UnknownException e) {
        }
        this.registry.deregisterSecuredObject(this, securedObject);
    }

    public void deregisterUser(User user) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.DELETE, user);
        try {
            this.registry.deregisterRole(this, this.registry.getRoleByName(this, "$U:" + user.getName()));
        } catch (UnknownException e) {
            e.printStackTrace();
        }
        this.registry.deregisterUser(this, user);
    }

    public long getTimestamp() {
        return this.timestamp;
    }

    public Group registerGroup(String str, String str2) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForPrivilege(Privilege.ADDGROUP);
        if (str.startsWith(PropertiesBeanDefinitionReader.CONSTRUCTOR_ARG_PREFIX)) {
            throw new GeneralSecurityException("Groupname '" + str + "' is invalid. The '$'-character is for internal use only.");
        }
        Group registerGroup = this.registry.registerGroup(this, str, str2);
        if (this.user.getID() != 1) {
            Role registerRole = this.registry.registerRole(this, "$G:" + str);
            this.registry.setRolesForUser(this, this.user, addRoles(this.registry.getRolesForUser(this, this.user), registerRole));
            this.registry.setRights(this, registerGroup, registerRole, new Right[]{new Right(registerGroup, RightType.DELETE), new Right(registerGroup, RightType.UPDATE), new Right(registerGroup, RightType.GRANT)});
        }
        this.registry.setRights(this, registerGroup, this.adminRole, new Right[]{new Right(registerGroup, RightType.DELETE), new Right(registerGroup, RightType.UPDATE), new Right(registerGroup, RightType.GRANT)});
        return registerGroup;
    }

    public Role registerRole(String str) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForPrivilege(Privilege.ADDROLE);
        if (str.startsWith(PropertiesBeanDefinitionReader.CONSTRUCTOR_ARG_PREFIX)) {
            throw new GeneralSecurityException("Rolename '" + str + "' is invalid. The '$'-character is for internal use only.");
        }
        Role registerRole = this.registry.registerRole(this, str);
        if (this.user.getID() != 1) {
            Role registerRole2 = this.registry.registerRole(this, "$R:" + str);
            this.registry.setRolesForUser(this, this.user, addRoles(this.registry.getRolesForUser(this, this.user), registerRole2));
            this.registry.setRights(this, registerRole, registerRole2, new Right[]{new Right(registerRole, RightType.DELETE), new Right(registerRole, RightType.UPDATE), new Right(registerRole, RightType.GRANT)});
        }
        this.registry.setRights(this, registerRole, this.adminRole, new Right[]{new Right(registerRole, RightType.DELETE), new Right(registerRole, RightType.UPDATE), new Right(registerRole, RightType.GRANT)});
        return registerRole;
    }

    public SecuredObject registerSecuredObject(String str, String str2, String str3) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForPrivilege(Privilege.ADDOBJECT);
        if (str2.startsWith(PropertiesBeanDefinitionReader.CONSTRUCTOR_ARG_PREFIX)) {
            throw new GeneralSecurityException("Objectname '" + str2 + "' is invalid. The '$'-character is for internal use only.");
        }
        SecuredObject registerSecuredObject = this.registry.registerSecuredObject(this, str, str2, str3);
        if (this.user.getID() != 1) {
            Role registerRole = this.registry.registerRole(this, "$O:" + str2);
            this.registry.setRolesForUser(this, this.user, addRoles(this.registry.getRolesForUser(this, this.user), registerRole));
            this.registry.setRights(this, registerSecuredObject, registerRole, new Right[]{new Right(registerSecuredObject, RightType.DELETE), new Right(registerSecuredObject, RightType.UPDATE), new Right(registerSecuredObject, RightType.GRANT)});
        }
        this.registry.setRights(this, registerSecuredObject, this.adminRole, new Right[]{new Right(registerSecuredObject, RightType.DELETE), new Right(registerSecuredObject, RightType.UPDATE), new Right(registerSecuredObject, RightType.GRANT)});
        return registerSecuredObject;
    }

    public User registerUser(String str, String str2, String str3, String str4, String str5) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForPrivilege(Privilege.ADDUSER);
        if (str.startsWith(PropertiesBeanDefinitionReader.CONSTRUCTOR_ARG_PREFIX)) {
            throw new GeneralSecurityException("Username '" + str + "' is invalid. The '$'-character is for internal use only.");
        }
        User registerUser = this.registry.registerUser(this, str, str2, str3, str4, str5);
        if (this.user.getID() != 1) {
            Role registerRole = this.registry.registerRole(this, "$U:" + str);
            this.registry.setRolesForUser(this, registerUser, addRoles(this.registry.getRolesForUser(this, registerUser), registerRole));
            this.registry.setRights(this, registerUser, registerRole, new Right[]{new Right(registerUser, RightType.DELETE), new Right(registerUser, RightType.UPDATE), new Right(registerUser, RightType.GRANT)});
        }
        this.registry.setRights(this, registerUser, this.adminRole, new Right[]{new Right(registerUser, RightType.DELETE), new Right(registerUser, RightType.UPDATE), new Right(registerUser, RightType.GRANT)});
        return registerUser;
    }

    public void updateUser(User user) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.UPDATE, user);
        this.registry.updateUser(this, user);
    }

    public void setGroupsForGroup(Group group, Group[] groupArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        Group[] groups = group.getGroups(this);
        HashSet hashSet = new HashSet(groups.length);
        for (Group group2 : groups) {
            hashSet.add(group2);
        }
        HashSet hashSet2 = new HashSet(groups.length);
        for (Group group3 : groupArr) {
            hashSet2.add(group3);
        }
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            if (!hashSet2.contains((Group) it2.next())) {
                checkForRight(RightType.GRANT, group);
            }
        }
        Iterator it3 = hashSet2.iterator();
        while (it3.hasNext()) {
            if (!hashSet.contains((Group) it3.next())) {
                checkForRight(RightType.GRANT, group);
            }
        }
        this.registry.setGroupsForGroup(this, group, groupArr);
    }

    public void setGroupsForUser(User user, Group[] groupArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        Group[] groups = user.getGroups(this);
        HashSet hashSet = new HashSet(groups.length);
        for (Group group : groups) {
            hashSet.add(group);
        }
        HashSet hashSet2 = new HashSet(groups.length);
        for (Group group2 : groupArr) {
            hashSet2.add(group2);
        }
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            Group group3 = (Group) it2.next();
            if (!hashSet2.contains(group3)) {
                checkForRight(RightType.GRANT, group3);
            }
        }
        Iterator it3 = hashSet2.iterator();
        while (it3.hasNext()) {
            Group group4 = (Group) it3.next();
            if (!hashSet.contains(group4)) {
                checkForRight(RightType.GRANT, group4);
            }
        }
        this.registry.setGroupsForUser(this, user, groupArr);
    }

    public void setGroupsInGroup(Group group, Group[] groupArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.GRANT, group);
        this.registry.setGroupsInGroup(this, group, groupArr);
    }

    public void setGroupsWithRole(Role role, Group[] groupArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.GRANT, role);
        this.registry.setGroupsWithRole(this, role, groupArr);
    }

    public void setPrivilegesForRole(Role role, Privilege[] privilegeArr) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        Privilege[] privileges = this.user.getPrivileges(this);
        HashSet hashSet = new HashSet(privileges.length);
        for (Privilege privilege : privileges) {
            hashSet.add(privilege);
        }
        for (int i = 0; i < privilegeArr.length; i++) {
            if (!hashSet.contains(privilegeArr[i])) {
                throw new GeneralSecurityException("The requested operation requires the privilege '" + privilegeArr[i].getName() + "'.");
            }
        }
        this.registry.setPrivilegesForRole(this, role, privilegeArr);
    }

    public void setRights(SecurableObject securableObject, Role role, Right[] rightArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.UPDATE, role);
        checkForRight(RightType.GRANT, securableObject);
        this.registry.setRights(this, securableObject, role, rightArr);
    }

    public void setRights(SecurableObject[] securableObjectArr, Role role, Right right) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.UPDATE, role);
        for (SecurableObject securableObject : securableObjectArr) {
            checkForRight(RightType.GRANT, securableObject);
        }
        this.registry.setRights(this, securableObjectArr, role, right);
    }

    public void addRights(SecurableObject securableObject, Role role, Right[] rightArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.UPDATE, role);
        checkForRight(RightType.GRANT, securableObject);
        this.registry.setRights(this, securableObject, role, new RightSet(this.registry.getRights(this, securableObject, role)).merge(new RightSet(rightArr)).toArray(securableObject));
    }

    public void addRights(SecurableObject securableObject, Role role, RightType[] rightTypeArr) throws UnauthorizedException, GeneralSecurityException {
        Right[] rightArr = new Right[rightTypeArr.length];
        for (int i = 0; i < rightArr.length; i++) {
            rightArr[i] = new Right(securableObject, rightTypeArr[i]);
        }
        addRights(securableObject, role, rightArr);
    }

    public void removeRights(SecurableObject securableObject, Role role, RightType[] rightTypeArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.UPDATE, role);
        checkForRight(RightType.GRANT, securableObject);
        Right[] rights = this.registry.getRights(this, securableObject, role);
        ArrayList arrayList = new ArrayList(20);
        for (int i = 0; i < rights.length; i++) {
            RightType type = rights[i].getType();
            boolean z = true;
            for (RightType rightType : rightTypeArr) {
                if (type.equals(rightType)) {
                    z = true;
                }
            }
            if (!z) {
                arrayList.add(rights[i]);
            }
        }
        this.registry.setRights(this, securableObject, role, (Right[]) arrayList.toArray(new Right[arrayList.size()]));
    }

    public void setUsersInGroup(Group group, User[] userArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.GRANT, group);
        this.registry.setUsersInGroup(this, group, userArr);
    }

    public void setUsersWithRole(Role role, User[] userArr) throws GeneralSecurityException, UnauthorizedException {
        SecurityAccessManager.getInstance().verify(this);
        checkForRight(RightType.GRANT, role);
        this.registry.setUsersWithRole(this, role, userArr);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            User[] allUsers = getAllUsers();
            stringBuffer.append("\n\nSecurityAccess @ " + System.currentTimeMillis());
            stringBuffer.append("\n\n").append(allUsers.length).append(" registered users:\n");
            for (User user : allUsers) {
                stringBuffer.append(user.toString(this)).append("\n");
            }
            Group[] allGroups = getAllGroups();
            stringBuffer.append("\n").append(allGroups.length).append(" registered groups:\n");
            for (Group group : allGroups) {
                stringBuffer.append(group.toString(this)).append("\n");
            }
            Role[] allRoles = getAllRoles();
            stringBuffer.append("\n").append(allRoles.length).append(" registered roles:\n");
            for (Role role : allRoles) {
                stringBuffer.append(role.toString(this)).append("\n");
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return stringBuffer.toString();
    }

    public Service registerService(String str, String str2, List<StringPair> list, String str3) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        checkForPrivilege(Privilege.ADDOBJECT);
        return this.registry.registerService(this, str, str2, list, str3);
    }

    public void deregisterService(Service service) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        this.registry.deregisterService(this, service);
    }

    public void updateService(Service service, Service service2) throws ReadWriteLockInvalidException, GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        this.registry.updateService(this, service, service2);
    }

    public void renameObject(Service service, String str, String str2) throws ReadWriteLockInvalidException, GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        this.registry.renameObject(this, service, str, str2);
    }

    public void editService(Service service, String str, String str2) throws GeneralSecurityException {
        SecurityAccessManager.getInstance().verify(this);
        this.registry.editService(this, service, str, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void renew() {
        this.timestamp = System.currentTimeMillis();
    }
}
