package org.gridlab.gridsphere.services.core.security.acl.impl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import org.gridlab.gridsphere.core.persistence.PersistenceManagerException;
import org.gridlab.gridsphere.core.persistence.PersistenceManagerFactory;
import org.gridlab.gridsphere.core.persistence.PersistenceManagerRdbms;
import org.gridlab.gridsphere.portlet.PortletGroup;
import org.gridlab.gridsphere.portlet.PortletLog;
import org.gridlab.gridsphere.portlet.PortletRequest;
import org.gridlab.gridsphere.portlet.PortletRole;
import org.gridlab.gridsphere.portlet.User;
import org.gridlab.gridsphere.portlet.impl.SportletGroup;
import org.gridlab.gridsphere.portlet.impl.SportletLog;
import org.gridlab.gridsphere.portlet.impl.SportletRoleInfo;
import org.gridlab.gridsphere.portlet.service.PortletServiceUnavailableException;
import org.gridlab.gridsphere.portlet.service.spi.PortletServiceConfig;
import org.gridlab.gridsphere.portlet.service.spi.PortletServiceProvider;
import org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService;
import org.gridlab.gridsphere.services.core.security.acl.GroupEntry;
import org.gridlab.gridsphere.services.core.security.acl.GroupRequest;

/* loaded from: input_file:org/gridlab/gridsphere/services/core/security/acl/impl/AccessControlManagerServiceImpl.class */
public class AccessControlManagerServiceImpl implements PortletServiceProvider, AccessControlManagerService {
    private static PortletLog log;
    private static AccessControlManagerServiceImpl instance;
    private static PersistenceManagerRdbms pm;
    private String jdoGroupRequest;
    private String jdoPortletGroup;
    static Class class$org$gridlab$gridsphere$services$core$security$acl$impl$AccessControlManagerServiceImpl;
    static Class class$org$gridlab$gridsphere$services$core$security$acl$impl$GroupRequestImpl;
    static Class class$org$gridlab$gridsphere$portlet$impl$SportletGroup;
    static Class class$org$gridlab$gridsphere$portlet$PortletRole;

    public AccessControlManagerServiceImpl() {
        Class cls;
        Class cls2;
        if (class$org$gridlab$gridsphere$services$core$security$acl$impl$GroupRequestImpl == null) {
            cls = class$("org.gridlab.gridsphere.services.core.security.acl.impl.GroupRequestImpl");
            class$org$gridlab$gridsphere$services$core$security$acl$impl$GroupRequestImpl = cls;
        } else {
            cls = class$org$gridlab$gridsphere$services$core$security$acl$impl$GroupRequestImpl;
        }
        this.jdoGroupRequest = cls.getName();
        if (class$org$gridlab$gridsphere$portlet$impl$SportletGroup == null) {
            cls2 = class$("org.gridlab.gridsphere.portlet.impl.SportletGroup");
            class$org$gridlab$gridsphere$portlet$impl$SportletGroup = cls2;
        } else {
            cls2 = class$org$gridlab$gridsphere$portlet$impl$SportletGroup;
        }
        this.jdoPortletGroup = cls2.getName();
    }

    public static synchronized AccessControlManagerServiceImpl getInstance() {
        return instance;
    }

    public void init(PortletServiceConfig portletServiceConfig) throws PortletServiceUnavailableException {
        pm = PersistenceManagerFactory.createGridSphereRdbms();
    }

    public void destroy() {
        log.info("Calling destroy()");
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public GroupRequest createGroupEntry() {
        GroupRequestImpl groupRequestImpl = new GroupRequestImpl();
        saveGroupEntry(groupRequestImpl);
        return groupRequestImpl;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public GroupRequest editGroupEntry(GroupEntry groupEntry) {
        return (GroupRequest) getGroupEntry(groupEntry.getID());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroupEntries() {
        return selectGroupEntries("");
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroupEntries(User user) {
        return selectGroupEntries(new StringBuffer().append("where groupRequest.sportletUser.oid='").append(user.getID()).append("'").toString());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroupEntries(PortletGroup portletGroup) {
        return selectGroupEntries(new StringBuffer().append("where groupRequest.sportletGroup.oid='").append(portletGroup.getID()).append("'").toString());
    }

    private List selectGroupEntries(String str) {
        try {
            return pm.restoreList(new StringBuffer().append("select groupRequest from ").append(this.jdoGroupRequest).append(" groupRequest ").append(str).toString());
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving access right", e);
            return new ArrayList();
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public GroupEntry getGroupEntry(String str) {
        return selectGroupRequestImpl(new StringBuffer().append("where groupRequest.oid='").append(str).append("'").toString());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public GroupEntry getGroupEntry(User user, PortletGroup portletGroup) {
        return getGroupRequestImpl(user, portletGroup);
    }

    private GroupRequestImpl getGroupRequestImpl(User user, PortletGroup portletGroup) {
        return selectGroupRequestImpl(new StringBuffer().append(" where groupRequest.sportletUser.oid='").append(user.getID()).append("'").append(" and groupRequest.sportletGroup.oid='").append(portletGroup.getID()).append("'").toString());
    }

    private GroupRequestImpl selectGroupRequestImpl(String str) {
        try {
            return (GroupRequestImpl) pm.restore(new StringBuffer().append("select groupRequest from ").append(this.jdoGroupRequest).append(" groupRequest ").append(str).toString());
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving access right", e);
            return null;
        }
    }

    private boolean existsGroupEntry(GroupEntry groupEntry) {
        try {
            return pm.restore(new StringBuffer().append("select groupRequest.oid from ").append(this.jdoGroupRequest).append(" groupRequest where groupRequest.oid='").append(((GroupRequestImpl) groupEntry).getOid()).append("'").toString()) != null;
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving access right", e);
            return false;
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void saveGroupEntry(GroupEntry groupEntry) {
        try {
            pm.saveOrUpdate(groupEntry);
        } catch (PersistenceManagerException e) {
            log.error("Error creating access right", e);
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void deleteGroupEntry(GroupEntry groupEntry) {
        try {
            pm.delete(groupEntry);
        } catch (PersistenceManagerException e) {
            log.error("Error deleting access right", e);
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void deleteGroupEntries(User user) {
        Iterator it = getGroupEntries(user).iterator();
        while (it.hasNext()) {
            deleteGroupEntry((GroupEntry) it.next());
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroups() {
        try {
            return pm.restoreList(new StringBuffer().append("select grp from ").append(this.jdoPortletGroup).append(" grp ").toString());
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving portlet groups", e);
            return new Vector();
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletGroup getGroupByName(String str) {
        return selectSportletGroup(new StringBuffer().append("where grp.Name='").append(str).append("'").toString());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletGroup getGroup(String str) {
        return selectSportletGroup(new StringBuffer().append("where grp.oid='").append(str).append("'").toString());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletGroup getCoreGroup() {
        return selectSportletGroup("where grp.Core=true");
    }

    private SportletGroup selectSportletGroup(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("select grp from ");
        stringBuffer.append(this.jdoPortletGroup);
        stringBuffer.append(" grp ");
        stringBuffer.append(str);
        String stringBuffer2 = stringBuffer.toString();
        log.debug(stringBuffer2);
        try {
            return (SportletGroup) pm.restore(stringBuffer2);
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving portlet group", e);
            return null;
        }
    }

    public boolean existsGroupWithName(String str) {
        return getGroupByName(str) != null;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletGroup createGroup(SportletGroup sportletGroup) {
        try {
            pm.saveOrUpdate(sportletGroup);
        } catch (PersistenceManagerException e) {
            log.error(new StringBuffer().append("Error creating portlet group ").append(sportletGroup.getName()).toString(), e);
        }
        return sportletGroup;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void deleteGroup(PortletGroup portletGroup) {
        try {
            pm.delete(portletGroup);
        } catch (PersistenceManagerException e) {
            log.error("Error deleting portlet group", e);
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getUsers(PortletGroup portletGroup) {
        try {
            return pm.restoreList(new StringBuffer().append("select groupRequest.sportletUser from ").append(this.jdoGroupRequest).append(" groupRequest where groupRequest.sportletGroup.oid='").append(portletGroup.getID()).append("'").toString());
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving access right", e);
            return new Vector();
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getUsers(PortletGroup portletGroup, PortletRole portletRole) {
        Vector vector = new Vector();
        for (User user : getUsers(portletGroup)) {
            if (hasRoleInGroup(user, portletGroup, portletRole)) {
                vector.add(user);
            }
        }
        return vector;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean isUserInGroup(User user, PortletGroup portletGroup) {
        return getGroupEntry(user, portletGroup) != null;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroups(User user) {
        try {
            return pm.restoreList(new StringBuffer().append("select groupRequest.sportletGroup from ").append(this.jdoGroupRequest).append(" groupRequest where groupRequest.sportletUser.oid='").append(user.getID()).append("'").toString());
        } catch (PersistenceManagerException e) {
            log.error("Error retrieving access right", e);
            return new Vector();
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getGroupsNotMemberOf(User user) {
        Vector vector = new Vector();
        if (!hasSuperRole(user)) {
            Iterator it = getGroups(user).iterator();
            while (it.hasNext()) {
                if (!isUserInGroup(user, (PortletGroup) it.next())) {
                    vector.add(user);
                }
            }
        }
        return vector;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletRole getRoleInGroup(User user, PortletGroup portletGroup) {
        GroupEntry groupEntry = getGroupEntry(user, portletGroup);
        return groupEntry == null ? getRoleByName(PortletRole.GUEST.getName()) : groupEntry.getRole();
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasRequiredRole(PortletRequest portletRequest, String str, boolean z) {
        Map map = (Map) portletRequest.getAttribute("org.gridlab.gridsphere.portlet.groups");
        boolean z2 = false;
        if (map == null) {
            return false;
        }
        for (PortletGroup portletGroup : map.keySet()) {
            for (SportletRoleInfo sportletRoleInfo : portletGroup.getPortletRoleList()) {
                if (sportletRoleInfo.getPortletClass().equals(str)) {
                    z2 = true;
                    PortletRole portletRole = (PortletRole) map.get(portletGroup);
                    if (portletRole.compare(portletRole, getRoleByName(sportletRoleInfo.getRole())) >= 0 && (!z || portletRole.compare(portletRole, getAdminRole()) >= 0)) {
                        return true;
                    }
                }
            }
        }
        return !z2;
    }

    public boolean hasRequiredRole(User user, String str, boolean z) {
        List groups = getGroups(user);
        boolean z2 = false;
        for (PortletGroup portletGroup : getGroups()) {
            for (SportletRoleInfo sportletRoleInfo : portletGroup.getPortletRoleList()) {
                if (sportletRoleInfo.getPortletClass().equals(str)) {
                    z2 = true;
                    if (groups.contains(portletGroup)) {
                        PortletRole roleInGroup = getRoleInGroup(user, portletGroup);
                        if (roleInGroup.compare(roleInGroup, getRoleByName(sportletRoleInfo.getRole())) >= 0 && (!z || roleInGroup.compare(roleInGroup, getAdminRole()) >= 0)) {
                            return true;
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        return !z2;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void addGroupEntry(User user, PortletGroup portletGroup, PortletRole portletRole) {
        GroupRequestImpl groupRequestImpl = getGroupRequestImpl(user, portletGroup);
        if (groupRequestImpl != null) {
            deleteGroupEntry(groupRequestImpl);
        }
        GroupRequestImpl groupRequestImpl2 = new GroupRequestImpl();
        groupRequestImpl2.setUser(user);
        groupRequestImpl2.setGroup(portletGroup);
        groupRequestImpl2.setRole(portletRole);
        saveGroupEntry(groupRequestImpl2);
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasRoleInGroup(User user, PortletGroup portletGroup, PortletRole portletRole) {
        return getRoleInGroup(user, portletGroup).equals(portletRole);
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasAdminRoleInGroup(User user, PortletGroup portletGroup) {
        return hasRoleInGroup(user, portletGroup, getAdminRole());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasUserRoleInGroup(User user, PortletGroup portletGroup) {
        return hasRoleInGroup(user, portletGroup, getUserRole());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasGuestRoleInGroup(User user, PortletGroup portletGroup) {
        return hasRoleInGroup(user, portletGroup, getGuestRole());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getUsersWithSuperRole() {
        List<User> users = getUsers(getCoreGroup());
        Vector vector = new Vector();
        for (User user : users) {
            if (hasRoleInGroup(user, getCoreGroup(), getSuperRole())) {
                vector.add(user);
            }
        }
        return vector;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getUsers(PortletRole portletRole) {
        ArrayList arrayList = new ArrayList();
        for (PortletGroup portletGroup : getGroups()) {
            for (User user : getUsers(portletGroup)) {
                if (hasRoleInGroup(user, portletGroup, portletRole)) {
                    arrayList.add(user);
                }
            }
        }
        return arrayList;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void grantSuperRole(User user) {
        addGroupEntry(user, getCoreGroup(), getSuperRole());
    }

    public PortletRole getSuperRole() {
        return getRoleByName(PortletRole.SUPER.getName());
    }

    public PortletRole getAdminRole() {
        return getRoleByName(PortletRole.ADMIN.getName());
    }

    public PortletRole getUserRole() {
        return getRoleByName(PortletRole.USER.getName());
    }

    public PortletRole getGuestRole() {
        return getRoleByName(PortletRole.GUEST.getName());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public boolean hasSuperRole(User user) {
        return hasRoleInGroup(user, getCoreGroup(), getSuperRole());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public List getRoles() {
        Class cls;
        List list = null;
        try {
            PersistenceManagerRdbms persistenceManagerRdbms = pm;
            StringBuffer append = new StringBuffer().append("select prole from ");
            if (class$org$gridlab$gridsphere$portlet$PortletRole == null) {
                cls = class$("org.gridlab.gridsphere.portlet.PortletRole");
                class$org$gridlab$gridsphere$portlet$PortletRole = cls;
            } else {
                cls = class$org$gridlab$gridsphere$portlet$PortletRole;
            }
            list = persistenceManagerRdbms.restoreList(append.append(cls.getName()).append(" prole").toString());
        } catch (PersistenceManagerException e) {
            log.error("Error deleting role", e);
        }
        return list;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void deleteRole(PortletRole portletRole) {
        try {
            pm.delete(portletRole);
        } catch (PersistenceManagerException e) {
            log.error("Error deleting role", e);
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletRole getRole(String str) {
        Class cls;
        PortletRole portletRole = null;
        try {
            PersistenceManagerRdbms persistenceManagerRdbms = pm;
            StringBuffer append = new StringBuffer().append("select prole from ");
            if (class$org$gridlab$gridsphere$portlet$PortletRole == null) {
                cls = class$("org.gridlab.gridsphere.portlet.PortletRole");
                class$org$gridlab$gridsphere$portlet$PortletRole = cls;
            } else {
                cls = class$org$gridlab$gridsphere$portlet$PortletRole;
            }
            portletRole = (PortletRole) persistenceManagerRdbms.restore(append.append(cls.getName()).append(" prole where prole.oid='").append(str).append("'").toString());
        } catch (PersistenceManagerException e) {
            log.error(new StringBuffer().append("Error retrieving role ").append(str).toString(), e);
        }
        return portletRole;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletRole getRoleByName(String str) {
        Class cls;
        PortletRole portletRole = null;
        try {
            PersistenceManagerRdbms persistenceManagerRdbms = pm;
            StringBuffer append = new StringBuffer().append("select prole from ");
            if (class$org$gridlab$gridsphere$portlet$PortletRole == null) {
                cls = class$("org.gridlab.gridsphere.portlet.PortletRole");
                class$org$gridlab$gridsphere$portlet$PortletRole = cls;
            } else {
                cls = class$org$gridlab$gridsphere$portlet$PortletRole;
            }
            portletRole = (PortletRole) persistenceManagerRdbms.restore(append.append(cls.getName()).append(" prole where prole.Name='").append(str).append("'").toString());
        } catch (PersistenceManagerException e) {
            log.error(new StringBuffer().append("Error retrieving role ").append(str).toString(), e);
        }
        return portletRole;
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public PortletRole getRoleByPriority(int i) {
        return getRoleByName(PortletRole.toPortletRole(i).getName());
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void saveRole(PortletRole portletRole) {
        try {
            pm.saveOrUpdate(portletRole);
        } catch (PersistenceManagerException e) {
            log.error("Error saving portlet role: ", e);
        }
    }

    @Override // org.gridlab.gridsphere.services.core.security.acl.AccessControlManagerService
    public void createRole(String str, int i) {
        try {
            pm.saveOrUpdate(new PortletRole(str, i));
        } catch (PersistenceManagerException e) {
            log.error(new StringBuffer().append("Error creating portlet role: ").append(str).toString(), e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$gridlab$gridsphere$services$core$security$acl$impl$AccessControlManagerServiceImpl == null) {
            cls = class$("org.gridlab.gridsphere.services.core.security.acl.impl.AccessControlManagerServiceImpl");
            class$org$gridlab$gridsphere$services$core$security$acl$impl$AccessControlManagerServiceImpl = cls;
        } else {
            cls = class$org$gridlab$gridsphere$services$core$security$acl$impl$AccessControlManagerServiceImpl;
        }
        log = SportletLog.getInstance(cls);
        instance = new AccessControlManagerServiceImpl();
        pm = null;
    }
}
