package org.nakedobjects.runtime.authorization.standard.file;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.apache.log4j.Logger;
import org.nakedobjects.applib.Identifier;
import org.nakedobjects.metamodel.commons.ensure.Assert;
import org.nakedobjects.metamodel.commons.exceptions.NakedObjectException;
import org.nakedobjects.metamodel.commons.resource.ResourceStreamSource;
import org.nakedobjects.metamodel.config.NakedObjectConfiguration;
import org.nakedobjects.metamodel.spec.identifier.IdentifierFactory;
import org.nakedobjects.runtime.authorization.standard.AuthorizorAbstract;

/* loaded from: input_file:org/nakedobjects/runtime/authorization/standard/file/FileAuthorizor.class */
public class FileAuthorizor extends AuthorizorAbstract {
    private static final Logger LOG = Logger.getLogger(FileAuthorizor.class);
    private static final String NONE = "";
    private static final String RO = "-ro";
    private static final String RW = "-rw";
    private final Map<String, List<String>> whiteListMap;
    private final Map<String, List<String>> blackListMap;
    private final ResourceStreamSource resourceStreamSource;
    private final boolean learn;
    private final String whiteListResourceName;
    private final InputStream whiteListInputResource;
    private final String blackListResourceName;
    private final InputStream blackListInputResource;
    private boolean printedWarning;
    private boolean printedDebug;

    public FileAuthorizor(NakedObjectConfiguration nakedObjectConfiguration) {
        super(nakedObjectConfiguration);
        this.whiteListMap = new HashMap();
        this.blackListMap = new HashMap();
        this.resourceStreamSource = getConfiguration().getResourceStreamSource();
        this.whiteListResourceName = getConfiguration().getString(FileAuthorizationConstants.WHITELIST_RESOURCE_KEY, FileAuthorizationConstants.WHITELIST_RESOURCE_DEFAULT);
        Assert.assertTrue(this.whiteListResourceName.length() > 0);
        this.whiteListInputResource = this.resourceStreamSource.readResource(this.whiteListResourceName);
        this.learn = getConfiguration().getBoolean("nakedobjects.authorization.learn", false);
        if (this.whiteListInputResource == null) {
            throw new NakedObjectException("Cannot read whitelist authorization file: " + this.whiteListResourceName);
        }
        this.blackListResourceName = getConfiguration().getString(FileAuthorizationConstants.BLACKLIST_RESOURCE, "");
        if (this.blackListResourceName.length() <= 0) {
            this.blackListInputResource = null;
            return;
        }
        this.blackListInputResource = this.resourceStreamSource.readResource(this.blackListResourceName);
        if (this.blackListInputResource == null) {
            throw new NakedObjectException("Cannot read blacklist authorization file: " + this.blackListResourceName);
        }
    }

    public void init() {
        if (this.learn) {
            return;
        }
        cacheAuthorizationDetails(this.whiteListMap, this.whiteListInputResource);
        if (this.blackListInputResource != null) {
            cacheAuthorizationDetails(this.blackListMap, this.blackListInputResource);
        }
    }

    private void cacheAuthorizationDetails(Map<String, List<String>> map, InputStream inputStream) {
        try {
            if (LOG.isInfoEnabled()) {
                LOG.info("loading authorization details from " + this.whiteListResourceName);
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return;
                }
                tokenizeLine(map, readLine);
            }
        } catch (Exception e) {
            throw new NakedObjectException(e);
        }
    }

    private void tokenizeLine(Map<String, List<String>> map, String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ":", false);
        Assert.assertTrue(stringTokenizer.countTokens() == 2);
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        map.put(memberFromString(nextToken.trim()).toIdentityString(Identifier.CLASS_MEMBERNAME_PARMS), tokenizeRoles(nextToken2));
    }

    private Identifier memberFromString(String str) {
        return IdentifierFactory.fromIdentityString(str);
    }

    private List<String> tokenizeRoles(String str) {
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, "|", false);
        while (stringTokenizer.hasMoreTokens()) {
            arrayList.add(stringTokenizer.nextToken().trim());
        }
        return arrayList;
    }

    public void shutdown() {
        if (this.learn) {
            writeMap();
        }
    }

    @Override // org.nakedobjects.runtime.authorization.standard.Authorizor
    public boolean isUsableInRole(String str, Identifier identifier) {
        return isAuthorized(str, identifier, new String[]{"", RW});
    }

    @Override // org.nakedobjects.runtime.authorization.standard.Authorizor
    public boolean isVisibleInRole(String str, Identifier identifier) {
        return isAuthorized(str, identifier, new String[]{"", RO, RW});
    }

    private boolean isAuthorized(String str, Identifier identifier, String[] strArr) {
        return this.learn ? learn(str, identifier) : isWhiteListed(str, identifier, strArr) && !isBlackListed(str, identifier, strArr);
    }

    private boolean isWhiteListed(String str, Identifier identifier, String[] strArr) {
        return isListed(this.whiteListMap, str, identifier, strArr);
    }

    private boolean isBlackListed(String str, Identifier identifier, String[] strArr) {
        return isListed(this.blackListMap, str, identifier, strArr);
    }

    private boolean isListed(Map<String, List<String>> map, String str, Identifier identifier, String[] strArr) {
        if (map.isEmpty()) {
            return false;
        }
        return isQualifiedMatch(map, str, identifier.toIdentityString(Identifier.CLASS), strArr) || isQualifiedMatch(map, str, identifier.toIdentityString(Identifier.CLASS_MEMBERNAME), strArr) || isQualifiedMatch(map, str, identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARMS), strArr);
    }

    private boolean isQualifiedMatch(Map<String, List<String>> map, String str, String str2, String[] strArr) {
        if (!map.containsKey(str2)) {
            return false;
        }
        List<String> list = map.get(str2);
        for (String str3 : strArr) {
            if (list.contains(str + str3)) {
                return true;
            }
        }
        return false;
    }

    private boolean learn(String str, Identifier identifier) {
        String identityString = identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARMS);
        if (this.whiteListMap.containsKey(identityString)) {
            List<String> list = this.whiteListMap.get(identityString);
            if (!list.contains(str)) {
                list.add(str);
            }
        } else {
            this.whiteListMap.put(identityString, Arrays.asList(str));
        }
        writeMap();
        return true;
    }

    private void writeMap() {
        try {
            OutputStream writeResource = this.resourceStreamSource.writeResource(this.whiteListResourceName);
            if (writeResource == null && !this.printedWarning) {
                LOG.warn("unable to write out authorisation details");
                this.printedWarning = true;
                return;
            }
            if (LOG.isDebugEnabled() && !this.printedDebug) {
                LOG.debug("writing authorisation details to " + this.whiteListResourceName);
                this.printedDebug = true;
            }
            BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(writeResource));
            Set<Map.Entry<String, List<String>>> entrySet = this.whiteListMap.entrySet();
            for (int i = 0; i < entrySet.size(); i++) {
                Map.Entry entry = (Map.Entry) entrySet.toArray()[i];
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append((String) entry.getKey()).append(":");
                List list = (List) entry.getValue();
                for (int i2 = 0; i2 < list.size(); i2++) {
                    stringBuffer.append((String) list.get(i2));
                    if (i2 < list.size() - 1) {
                        stringBuffer.append("|");
                    }
                }
                bufferedWriter.write(stringBuffer.toString());
                bufferedWriter.newLine();
            }
            bufferedWriter.flush();
            bufferedWriter.close();
        } catch (IOException e) {
            throw new NakedObjectException(e);
        }
    }
}
