package org.apache.fulcrum.security.impl.db;

import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import org.apache.fulcrum.security.BaseSecurityService;
import org.apache.fulcrum.security.TurbineSecurity;
import org.apache.fulcrum.security.entity.Group;
import org.apache.fulcrum.security.entity.Permission;
import org.apache.fulcrum.security.entity.Role;
import org.apache.fulcrum.security.entity.User;
import org.apache.fulcrum.security.impl.db.entity.BaseTurbineRolePermissionPeer;
import org.apache.fulcrum.security.impl.db.entity.BaseTurbineUserGroupRolePeer;
import org.apache.fulcrum.security.impl.db.entity.TurbineGroup;
import org.apache.fulcrum.security.impl.db.entity.TurbineGroupPeer;
import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
import org.apache.fulcrum.security.impl.db.entity.TurbinePermissionPeer;
import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
import org.apache.fulcrum.security.impl.db.entity.TurbineRolePeer;
import org.apache.fulcrum.security.impl.db.entity.TurbineRolePermissionPeer;
import org.apache.fulcrum.security.impl.db.entity.TurbineUserGroupRolePeer;
import org.apache.fulcrum.security.impl.db.entity.UserPeer;
import org.apache.fulcrum.security.util.AccessControlList;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
import org.apache.fulcrum.security.util.GroupSet;
import org.apache.fulcrum.security.util.PermissionSet;
import org.apache.fulcrum.security.util.RoleSet;
import org.apache.fulcrum.security.util.UnknownEntityException;
import org.apache.log4j.Category;
import org.apache.torque.om.BaseObject;
import org.apache.torque.util.Criteria;

/* loaded from: input_file:WEB-INF/lib/fulcrum-3.0-b2-dev.jar:org/apache/fulcrum/security/impl/db/DBSecurityService.class */
public class DBSecurityService extends BaseSecurityService {
    Category category = Category.getInstance(getClass().getName());
    public static final String USER_PEER_CLASS_KEY = "userPeer.class";
    public static final String USER_PEER_CLASS_DEFAULT = USER_PEER_CLASS_DEFAULT;
    public static final String USER_PEER_CLASS_DEFAULT = USER_PEER_CLASS_DEFAULT;

    @Override // org.apache.fulcrum.security.SecurityService
    public AccessControlList getACL(User user) throws DataBackendException, UnknownEntityException {
        try {
            if (!TurbineSecurity.accountExists(user)) {
                throw new UnknownEntityException(new StringBuffer().append("The account '").append(user.getUserName()).append("' does not exist").toString());
            }
            try {
                Hashtable hashtable = new Hashtable();
                Hashtable hashtable2 = new Hashtable();
                lockShared();
                Iterator elements = getAllGroups().elements();
                while (elements.hasNext()) {
                    Group group = (Group) elements.next();
                    RoleSet retrieveSet = TurbineRolePeer.retrieveSet(user, group);
                    hashtable.put(group, retrieveSet);
                    PermissionSet permissionSet = new PermissionSet();
                    Iterator elements2 = retrieveSet.elements();
                    while (elements2.hasNext()) {
                        permissionSet.add(TurbinePermissionPeer.retrieveSet((Role) elements2.next()));
                    }
                    hashtable2.put(group, permissionSet);
                }
                return getAclInstance(hashtable, hashtable2);
            } catch (Exception e) {
                throw new DataBackendException(new StringBuffer().append("Failed to build ACL for user '").append(user.getUserName()).append("'").toString(), e);
            }
        } finally {
            unlockShared();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void grant(User user, Group group, Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean accountExists = TurbineSecurity.accountExists(user);
                boolean checkExists = checkExists(group);
                boolean checkExists2 = checkExists(role);
                if (accountExists && checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(TurbineUserGroupRolePeer.USER_ID, ((BaseObject) user).getPrimaryKey());
                    criteria.add(TurbineUserGroupRolePeer.GROUP_ID, ((BaseObject) group).getPrimaryKey());
                    criteria.add(TurbineUserGroupRolePeer.ROLE_ID, ((TurbineRole) role).getPrimaryKey());
                    TurbineUserGroupRolePeer.doInsert(criteria);
                    return;
                }
                if (!accountExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getUserName()).append("'").toString());
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("grant(User,Group,Role) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void revoke(User user, Group group, Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean accountExists = TurbineSecurity.accountExists(user);
                boolean checkExists = checkExists(group);
                boolean checkExists2 = checkExists(role);
                if (accountExists && checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(TurbineUserGroupRolePeer.USER_ID, ((BaseObject) user).getPrimaryKey());
                    criteria.add(TurbineUserGroupRolePeer.GROUP_ID, ((BaseObject) group).getPrimaryKey());
                    criteria.add(TurbineUserGroupRolePeer.ROLE_ID, ((TurbineRole) role).getPrimaryKey());
                    TurbineUserGroupRolePeer.doDelete(criteria);
                    return;
                }
                if (!accountExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getUserName()).append("'").toString());
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("revoke(User,Role,Group) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void revokeAll(User user) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!TurbineSecurity.accountExists(user)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown user '").append(user.getUserName()).append('\'').toString());
                }
                TurbineUserGroupRolePeer.deleteAll(BaseTurbineUserGroupRolePeer.TABLE_NAME, TurbineUserGroupRolePeer.USER_ID, ((BigDecimal) ((BaseObject) user).getPrimaryKey().getValue()).intValue());
            } catch (Exception e) {
                throw new DataBackendException("revokeAll(User) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void grant(Role role, Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean checkExists = checkExists(role);
                boolean checkExists2 = checkExists(permission);
                if (checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(TurbineRolePermissionPeer.ROLE_ID, ((TurbineRole) role).getPrimaryKey());
                    criteria.add(TurbineRolePermissionPeer.PERMISSION_ID, ((BaseObject) permission).getPrimaryKey());
                    TurbineUserGroupRolePeer.doInsert(criteria);
                    return;
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("grant(Role,Permission) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void revoke(Role role, Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                boolean checkExists = checkExists(role);
                boolean checkExists2 = checkExists(permission);
                if (checkExists && checkExists2) {
                    Criteria criteria = new Criteria();
                    criteria.add(TurbineRolePermissionPeer.ROLE_ID, ((TurbineRole) role).getPrimaryKey());
                    criteria.add(TurbineRolePermissionPeer.PERMISSION_ID, ((BaseObject) permission).getPrimaryKey());
                    TurbineRolePermissionPeer.doDelete(criteria);
                    return;
                }
                if (!checkExists) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                if (!checkExists2) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission.getName()).append("'").toString());
                }
            } catch (Exception e) {
                throw new DataBackendException("revoke(Role,Permission) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void revokeAll(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
                }
                TurbineRolePermissionPeer.deleteAll(BaseTurbineRolePermissionPeer.TABLE_NAME, TurbineRolePermissionPeer.ROLE_ID, ((BigDecimal) ((TurbineRole) role).getPrimaryKey().getValue()).intValue());
            } catch (Exception e) {
                throw new DataBackendException("revokeAll(Role) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public GroupSet getGroups(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(TurbineGroupPeer.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new GroupSet(TurbineGroupPeer.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getGroups(Criteria) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public RoleSet getRoles(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(TurbineRolePeer.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new RoleSet(TurbineRolePeer.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getRoles(Criteria) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public PermissionSet getPermissions(Criteria criteria) throws DataBackendException {
        Criteria criteria2 = new Criteria();
        for (String str : criteria.keySet()) {
            criteria2.put(TurbinePermissionPeer.getColumnName(str), criteria.get(str));
        }
        new ArrayList(0);
        try {
            return new PermissionSet(TurbinePermissionPeer.doSelect(criteria));
        } catch (Exception e) {
            throw new DataBackendException("getPermissions(Criteria) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public PermissionSet getPermissions(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockShared();
                if (checkExists(role)) {
                    return TurbinePermissionPeer.retrieveSet(role);
                }
                throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role.getName()).append("'").toString());
            } catch (Exception e) {
                throw new DataBackendException("getPermissions(Role) failed", e);
            }
        } finally {
            unlockShared();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public void saveGroup(Group group) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(group)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
            }
            TurbineGroupPeer.doUpdate(TurbineGroupPeer.buildCriteria((TurbineGroup) group));
        } catch (Exception e) {
            throw new DataBackendException("saveGroup(Group) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public void saveRole(Role role) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(role)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
            }
            TurbineRolePeer.doUpdate(TurbineRolePeer.buildCriteria((TurbineRole) role));
        } catch (Exception e) {
            throw new DataBackendException("saveRole(Role) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public void savePermission(Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            if (!checkExists(permission)) {
                throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
            }
            TurbinePermissionPeer.doUpdate(TurbinePermissionPeer.buildCriteria((TurbinePermission) permission));
        } catch (Exception e) {
            throw new DataBackendException("savePermission(Permission) failed", e);
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public Group getNewGroup(String str) {
        try {
            return getGroupInstance(str);
        } catch (UnknownEntityException e) {
            return null;
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public Role getNewRole(String str) {
        try {
            return getRoleInstance(str);
        } catch (UnknownEntityException e) {
            return null;
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public Permission getNewPermission(String str) {
        try {
            return getPermissionInstance(str);
        } catch (UnknownEntityException e) {
            return null;
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized Group addGroup(Group group) throws DataBackendException, EntityExistsException {
        try {
            try {
                lockExclusive();
                if (checkExists(group)) {
                    throw new EntityExistsException(new StringBuffer().append("Group '").append(group).append("' already exists").toString());
                }
                TurbineGroupPeer.doInsert(TurbineGroupPeer.buildCriteria((TurbineGroup) group));
                Criteria criteria = new Criteria();
                criteria.add(TurbineGroupPeer.NAME, group.getName());
                List doSelect = TurbineGroupPeer.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Group group2 = (Group) doSelect.get(0);
                getAllGroups().add(group2);
                return group2;
            } catch (Exception e) {
                throw new DataBackendException("addGroup(Group) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized Role addRole(Role role) throws DataBackendException, EntityExistsException {
        try {
            try {
                lockExclusive();
                if (checkExists(role)) {
                    throw new EntityExistsException(new StringBuffer().append("Role '").append(role).append("' already exists").toString());
                }
                TurbineRolePeer.doInsert(TurbineRolePeer.buildCriteria((TurbineRole) role));
                Criteria criteria = new Criteria();
                criteria.add(TurbineRolePeer.NAME, role.getName());
                List doSelect = TurbineRolePeer.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Role role2 = (Role) doSelect.get(0);
                getAllRoles().add(role2);
                return role2;
            } catch (Exception e) {
                throw new DataBackendException("addRole(Role) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized Permission addPermission(Permission permission) throws DataBackendException, EntityExistsException {
        try {
            try {
                lockExclusive();
                if (checkExists(permission)) {
                    throw new EntityExistsException(new StringBuffer().append("Permission '").append(permission).append("' already exists").toString());
                }
                TurbinePermissionPeer.doInsert(TurbinePermissionPeer.buildCriteria((TurbinePermission) permission));
                Criteria criteria = new Criteria();
                criteria.add(TurbinePermissionPeer.NAME, permission.getName());
                List doSelect = TurbinePermissionPeer.doSelect(criteria);
                if (doSelect.size() != 1) {
                    throw new DataBackendException(new StringBuffer().append("Internal error - query returned ").append(doSelect.size()).append(" rows").toString());
                }
                Permission permission2 = (Permission) doSelect.get(0);
                getAllPermissions().add(permission2);
                return permission2;
            } catch (Exception e) {
                throw new DataBackendException("addPermission(Permission) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void removeGroup(Group group) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(group)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
                }
                TurbineGroupPeer.doDelete(TurbineGroupPeer.buildCriteria((TurbineGroup) group));
                getAllGroups().remove(group);
            } catch (Exception e) {
                this.category.error("Failed to delete a Group");
                this.category.error(e);
                throw new DataBackendException("removeGroup(Group) failed", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void removeRole(Role role) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
                }
                revokeAll(role);
                TurbineRolePeer.doDelete(TurbineRolePeer.buildCriteria((TurbineRole) role));
                getAllRoles().remove(role);
            } catch (Exception e) {
                throw new DataBackendException("removeRole(Role)", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void removePermission(Permission permission) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(permission)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
                }
                TurbinePermissionPeer.doDelete(TurbinePermissionPeer.buildCriteria((TurbinePermission) permission));
                getAllPermissions().remove(permission);
            } catch (Exception e) {
                throw new DataBackendException("removePermission(Permission)", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void renameGroup(Group group, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(group)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown group '").append(group).append("'").toString());
                }
                group.setName(str);
                TurbineGroupPeer.doUpdate(TurbineGroupPeer.buildCriteria((TurbineGroup) group));
            } catch (Exception e) {
                throw new DataBackendException("renameGroup(Group,String)", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void renameRole(Role role, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(role)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown role '").append(role).append("'").toString());
                }
                role.setName(str);
                TurbineRolePeer.doUpdate(TurbineRolePeer.buildCriteria((TurbineRole) role));
            } catch (Exception e) {
                throw new DataBackendException("renameRole(Role,String)", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    @Override // org.apache.fulcrum.security.SecurityService
    public synchronized void renamePermission(Permission permission, String str) throws DataBackendException, UnknownEntityException {
        try {
            try {
                lockExclusive();
                if (!checkExists(permission)) {
                    throw new UnknownEntityException(new StringBuffer().append("Unknown permission '").append(permission).append("'").toString());
                }
                permission.setName(str);
                TurbinePermissionPeer.doUpdate(TurbinePermissionPeer.buildCriteria((TurbinePermission) permission));
            } catch (Exception e) {
                throw new DataBackendException("renamePermission(Permission,name)", e);
            }
        } finally {
            unlockExclusive();
        }
    }

    public Class getUserPeerClass() throws UnknownEntityException {
        try {
            return Class.forName(getConfiguration().getString("userPeer.class", USER_PEER_CLASS_DEFAULT));
        } catch (Exception e) {
            throw new UnknownEntityException("Failed create a Class object for UserPeer implementation", e);
        }
    }

    public UserPeer getUserPeerInstance() throws UnknownEntityException {
        try {
            return (UserPeer) getUserPeerClass().newInstance();
        } catch (Exception e) {
            throw new UnknownEntityException("Failed instantiate an UserPeer implementation object", e);
        }
    }

    protected boolean checkExists(Group group) throws DataBackendException, Exception {
        return TurbineGroupPeer.checkExists(group);
    }

    protected boolean checkExists(Role role) throws DataBackendException, Exception {
        return TurbineRolePeer.checkExists(role);
    }

    protected boolean checkExists(Permission permission) throws DataBackendException, Exception {
        return TurbinePermissionPeer.checkExists(permission);
    }
}
