package edu.ucsb.nceas.metacat;

import edu.ucsb.nceas.metacat.database.DBConnection;
import edu.ucsb.nceas.metacat.database.DBConnectionPool;
import edu.ucsb.nceas.metacat.properties.PropertyService;
import edu.ucsb.nceas.metacat.util.DocumentUtil;
import edu.ucsb.nceas.metacat.util.MetacatUtil;
import edu.ucsb.nceas.utilities.PropertyNotFoundException;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.apache.log4j.Logger;

/* loaded from: input_file:edu/ucsb/nceas/metacat/PermissionController.class */
public class PermissionController {
    private String docId;
    private boolean hasSubTreeAccessControl = false;
    private Vector subTreeList = new Vector();
    private long TOPLEVELSTARTNODEID = 0;
    private static Logger logMetacat = Logger.getLogger(PermissionController.class);

    public PermissionController(String str) throws McdbException {
        this.docId = null;
        this.docId = DocumentUtil.getSmartDocId(str);
    }

    public PermissionController(String str, boolean z) {
        this.docId = null;
        if (z) {
            this.docId = DocumentUtil.getDocIdFromAccessionNumber(str);
        } else {
            this.docId = str;
        }
    }

    public boolean hasSubTreeAccessControl() {
        return this.hasSubTreeAccessControl;
    }

    public boolean hasPermission(String str, String[] strArr, String str2) throws SQLException {
        int intValue = AccessControlList.intValue(str2);
        if (str == null && (strArr == null || strArr.length == 0)) {
            return true;
        }
        String[] createUsersPackage = createUsersPackage(str, strArr);
        return (isAccessDocument(this.docId) && intValue == 2) ? hasPermission(createUsersPackage, this.docId, 7) : hasPermission(createUsersPackage, this.docId, intValue);
    }

    private boolean hasPermission(String[] strArr, String str, int i) throws SQLException {
        long j = this.TOPLEVELSTARTNODEID;
        try {
            if (containDocumentOwner(strArr, str)) {
                return true;
            }
            return isAllowFirst(strArr, str, j) ? !hasExplicitDenyRule(strArr, str, i, j) && hasAllowRule(strArr, str, i, j) : hasAllowRule(strArr, str, i, j);
        } catch (Exception e) {
            logMetacat.warn("There is a exception in hasPermission method: " + e.getMessage());
            return false;
        }
    }

    private boolean hasPermissionForInlineData(String str, String[] strArr, String str2, String str3) throws Exception {
        if (containDocumentOwner(createUsersPackage(str, strArr), this.docId)) {
            return true;
        }
        return new PermissionController(str3, false).hasPermission(str, strArr, str2);
    }

    public boolean hasPermissionForSubTreeNode(String str, String[] strArr, String str2, long j) throws McdbException {
        boolean z = true;
        Enumeration elements = hasUnaccessableSubTree(str, strArr, str2).elements();
        while (true) {
            if (!elements.hasMoreElements()) {
                break;
            }
            SubTree subTree = (SubTree) elements.nextElement();
            long startNodeId = subTree.getStartNodeId();
            long endNodeId = subTree.getEndNodeId();
            if (j >= startNodeId && j <= endNodeId) {
                z = false;
                break;
            }
        }
        return z;
    }

    public Hashtable hasUnaccessableSubTree(String str, String[] strArr, String str2) throws McdbException {
        Hashtable hashtable = new Hashtable();
        int intValue = AccessControlList.intValue(str2);
        if (str == null && (strArr == null || strArr.length == 0)) {
            return hashtable;
        }
        String[] createUsersPackage = createUsersPackage(str, strArr);
        try {
            if (containDocumentOwner(createUsersPackage, this.docId)) {
                return hashtable;
            }
            for (int i = 0; i < this.subTreeList.size(); i++) {
                SubTree subTree = (SubTree) this.subTreeList.elementAt(i);
                long startNodeId = subTree.getStartNodeId();
                try {
                    if (isAllowFirst(createUsersPackage, this.docId, startNodeId)) {
                        if (hasExplicitDenyRule(createUsersPackage, this.docId, intValue, startNodeId)) {
                            if (!hashtable.containsKey(new Long(startNodeId))) {
                                hashtable.put(new Long(startNodeId), subTree);
                            }
                        } else if (!hasAllowRule(createUsersPackage, this.docId, intValue, startNodeId) && !hashtable.containsKey(new Long(startNodeId))) {
                            hashtable.put(new Long(startNodeId), subTree);
                        }
                    } else if (!hasAllowRule(createUsersPackage, this.docId, intValue, startNodeId) && !hashtable.containsKey(new Long(startNodeId))) {
                        hashtable.put(new Long(startNodeId), subTree);
                    }
                } catch (Exception e) {
                    logMetacat.error("error in PermissionControl.hasUnaccessableSubTree " + e.getMessage());
                    throw new McdbException(e);
                }
            }
            return mergeEquivalentSubtree(hashtable);
        } catch (SQLException e2) {
            throw new McdbException(e2);
        }
    }

    private Hashtable mergeEquivalentSubtree(Hashtable hashtable) {
        Hashtable hashtable2 = new Hashtable();
        boolean z = false;
        if (hashtable == null || hashtable.isEmpty()) {
            return hashtable2;
        }
        Enumeration elements = hashtable.elements();
        while (elements.hasMoreElements()) {
            SubTree subTree = (SubTree) elements.nextElement();
            String subTreeId = subTree.getSubTreeId();
            long startNodeId = subTree.getStartNodeId();
            long endNodeId = subTree.getEndNodeId();
            Enumeration elements2 = hashtable.elements();
            while (true) {
                if (!elements2.hasMoreElements()) {
                    break;
                }
                SubTree subTree2 = (SubTree) elements2.nextElement();
                subTree2.getSubTreeId();
                long startNodeId2 = subTree2.getStartNodeId();
                long endNodeId2 = subTree2.getEndNodeId();
                if (startNodeId > startNodeId2 && endNodeId < endNodeId2) {
                    z = true;
                    logMetacat.info("the subtree: " + subTreeId + " need to be get rid of from unaccessable subtree list becuase it is a subtree of another subtree in the list");
                    break;
                }
            }
            if (!z) {
                hashtable2.put(new Long(startNodeId), subTree);
            }
            z = false;
        }
        return hashtable2;
    }

    /* JADX WARN: Finally extract failed */
    private boolean isAccessDocument(String str) throws SQLException {
        String docIdFromString = DocumentUtil.getDocIdFromString(str);
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i = -1;
        try {
            try {
                dBConnection = DBConnectionPool.getDBConnection("PermissionControl.isAccessDoc");
                i = dBConnection.getCheckOutSerialNumber();
                preparedStatement = dBConnection.prepareStatement("select doctype from xml_documents where docid like '" + docIdFromString + "'");
                preparedStatement.execute();
                ResultSet resultSet = preparedStatement.getResultSet();
                String str2 = null;
                if (resultSet.next()) {
                    str2 = resultSet.getString(1);
                }
                preparedStatement.close();
                if (str2 != null) {
                    if (MetacatUtil.getOptionList(PropertyService.getProperty("xml.accessdoctype")).contains(str2)) {
                        try {
                            preparedStatement.close();
                            DBConnectionPool.returnDBConnection(dBConnection, i);
                            return true;
                        } finally {
                        }
                    }
                }
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    return false;
                } finally {
                }
            } catch (Throwable th) {
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    throw th;
                } catch (Throwable th2) {
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    throw th2;
                }
            }
        } catch (PropertyNotFoundException e) {
            throw new SQLException("PermissionControl.isAccessDocument Error checking on document " + docIdFromString + ". " + e.getMessage());
        } catch (SQLException e2) {
            throw new SQLException("PermissionControl.isAccessDocument Error checking on document " + docIdFromString + ". " + e2.getMessage());
        }
    }

    /* JADX WARN: Finally extract failed */
    private boolean containDocumentOwner(String[] strArr, String str) throws SQLException {
        int length = strArr.length;
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i = -1;
        try {
            try {
                dBConnection = DBConnectionPool.getDBConnection("PermissionControl.containDocOnwer");
                i = dBConnection.getCheckOutSerialNumber();
                preparedStatement = dBConnection.prepareStatement("SELECT 'x' FROM xml_documents WHERE docid = ? AND lower(user_owner) = ?");
                for (int i2 = 0; i2 < length; i2++) {
                    preparedStatement.setString(1, str);
                    preparedStatement.setString(2, strArr[i2]);
                    logMetacat.info("the principle stack is : " + strArr[i2]);
                    preparedStatement.execute();
                    if (preparedStatement.getResultSet().next()) {
                        preparedStatement.close();
                        logMetacat.info("find the owner");
                        try {
                            preparedStatement.close();
                            DBConnectionPool.returnDBConnection(dBConnection, i);
                            return true;
                        } finally {
                        }
                    }
                }
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    return false;
                } finally {
                }
            } catch (Throwable th) {
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    throw th;
                } catch (Throwable th2) {
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    throw th2;
                }
            }
        } catch (SQLException e) {
            preparedStatement.close();
            throw new SQLException("PermissionControl.hasPermission(). Error checking ownership for " + strArr[0] + " on document #" + str + ". " + e.getMessage());
        }
    }

    private boolean isAllowFirst(String[] strArr, String str, long j) throws SQLException, Exception {
        String str2;
        PreparedStatement preparedStatement = null;
        boolean z = false;
        if (j == this.TOPLEVELSTARTNODEID) {
            z = true;
            str2 = "SELECT perm_order FROM xml_access WHERE lower(principal_name) = ? AND docid = ? AND startnodeid is NULL";
        } else {
            str2 = "SELECT perm_order FROM xml_access WHERE lower(principal_name)= ? AND docid = ? AND startnodeid = ?";
        }
        try {
            try {
                DBConnection dBConnection = DBConnectionPool.getDBConnection("AccessControlList.isAllowFirst");
                int checkOutSerialNumber = dBConnection.getCheckOutSerialNumber();
                PreparedStatement prepareStatement = dBConnection.prepareStatement(str2);
                for (String str3 : strArr) {
                    prepareStatement.setString(1, str3);
                    prepareStatement.setString(2, str);
                    if (!z) {
                        prepareStatement.setLong(3, j);
                    }
                    prepareStatement.execute();
                    ResultSet resultSet = prepareStatement.getResultSet();
                    if (resultSet.next()) {
                        if (resultSet.getString(1).equalsIgnoreCase(AccessControlInterface.ALLOWFIRST)) {
                            prepareStatement.close();
                            try {
                                prepareStatement.close();
                                DBConnectionPool.returnDBConnection(dBConnection, checkOutSerialNumber);
                                return true;
                            } finally {
                            }
                        }
                        prepareStatement.close();
                        try {
                            prepareStatement.close();
                            DBConnectionPool.returnDBConnection(dBConnection, checkOutSerialNumber);
                            return false;
                        } finally {
                        }
                    }
                }
                try {
                    prepareStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, checkOutSerialNumber);
                    throw new Exception("There is no permission record for user" + strArr[0] + "at document " + str);
                } finally {
                    DBConnectionPool.returnDBConnection(dBConnection, checkOutSerialNumber);
                }
            } catch (SQLException e) {
                throw e;
            }
        } catch (Throwable th) {
            try {
                preparedStatement.close();
                DBConnectionPool.returnDBConnection(null, -1);
                throw th;
            } catch (Throwable th2) {
                DBConnectionPool.returnDBConnection(null, -1);
                throw th2;
            }
        }
    }

    public Vector<AccessControlForSingleFile> getAccessControl() throws SQLException, Exception {
        String str;
        Vector<AccessControlForSingleFile> vector = new Vector<>();
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i = -1;
        boolean z = false;
        if (0 == this.TOPLEVELSTARTNODEID) {
            z = true;
            str = "SELECT principal_name, permission, perm_type, perm_order FROM xml_access WHERE docid = ? AND startnodeid is NULL";
        } else {
            str = "SELECT principal_name, permission, perm_type, perm_order FROM xml_access WHERE docid = ? AND startnodeid = ?";
        }
        try {
            try {
                dBConnection = DBConnectionPool.getDBConnection("AccessControlList.getPermissions");
                i = dBConnection.getCheckOutSerialNumber();
                preparedStatement = dBConnection.prepareStatement(str);
                preparedStatement.setString(1, this.docId);
                if (!z) {
                    preparedStatement.setLong(2, 0L);
                }
                preparedStatement.execute();
                ResultSet resultSet = preparedStatement.getResultSet();
                while (resultSet.next()) {
                    String string = resultSet.getString(1);
                    String string2 = resultSet.getString(2);
                    vector.add(new AccessControlForSingleFile(this.docId, string, AccessControlList.txtValue(Integer.parseInt(string2)), resultSet.getString(3), resultSet.getString(4)));
                }
                preparedStatement.close();
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    return vector;
                } catch (Throwable th) {
                    DBConnectionPool.returnDBConnection(dBConnection, i);
                    throw th;
                }
            } catch (SQLException e) {
                throw e;
            }
        } catch (Throwable th2) {
            try {
                preparedStatement.close();
                DBConnectionPool.returnDBConnection(dBConnection, i);
                throw th2;
            } catch (Throwable th3) {
                DBConnectionPool.returnDBConnection(dBConnection, i);
                throw th3;
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private boolean hasAllowRule(String[] strArr, String str, int i, long j) throws SQLException, Exception {
        boolean z;
        String str2;
        boolean z2 = false;
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i2 = -1;
        if (j == this.TOPLEVELSTARTNODEID) {
            z = true;
            str2 = "SELECT permission FROM xml_access WHERE docid = ? AND lower(principal_name) = ? AND perm_type = ? AND startnodeid is NULL";
        } else {
            z = false;
            str2 = "SELECT permission FROM xml_access WHERE docid = ? AND lower(principal_name) = ? AND perm_type = ? AND startnodeid = ?";
        }
        try {
            try {
                dBConnection = DBConnectionPool.getDBConnection("AccessControlList.hasAllowRule");
                i2 = dBConnection.getCheckOutSerialNumber();
                preparedStatement = dBConnection.prepareStatement(str2);
                preparedStatement.setString(1, str);
                preparedStatement.setString(3, "allow");
                if (!z) {
                    preparedStatement.setLong(4, j);
                }
                for (String str3 : strArr) {
                    preparedStatement.setString(2, str3);
                    preparedStatement.execute();
                    ResultSet resultSet = preparedStatement.getResultSet();
                    while (resultSet.next()) {
                        if ((resultSet.getInt(1) & i) == i) {
                            z2 = true;
                        }
                    }
                }
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i2);
                    return z2;
                } catch (Throwable th) {
                    DBConnectionPool.returnDBConnection(dBConnection, i2);
                    throw th;
                }
            } catch (Throwable th2) {
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i2);
                    throw th2;
                } catch (Throwable th3) {
                    DBConnectionPool.returnDBConnection(dBConnection, i2);
                    throw th3;
                }
            }
        } catch (SQLException e) {
            throw e;
        } catch (Exception e2) {
            throw e2;
        }
    }

    /* JADX WARN: Finally extract failed */
    private boolean hasExplicitDenyRule(String[] strArr, String str, int i, long j) throws SQLException {
        boolean z;
        String str2;
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i2 = -1;
        if (j == this.TOPLEVELSTARTNODEID) {
            z = true;
            str2 = "SELECT permission FROM xml_access WHERE docid = ? AND lower(principal_name) = ? AND perm_type = ? AND startnodeid is NULL";
        } else {
            z = false;
            str2 = "SELECT permission FROM xml_access WHERE docid = ? AND lower(principal_name) = ? AND perm_type = ? AND startnodeid = ?";
        }
        try {
            try {
                dBConnection = DBConnectionPool.getDBConnection("PermissionControl.hasExplicitDeny");
                i2 = dBConnection.getCheckOutSerialNumber();
                preparedStatement = dBConnection.prepareStatement(str2);
                preparedStatement.setString(1, str);
                preparedStatement.setString(3, "deny");
                if (!z) {
                    preparedStatement.setLong(4, j);
                }
                for (String str3 : strArr) {
                    preparedStatement.setString(2, str3);
                    preparedStatement.execute();
                    ResultSet resultSet = preparedStatement.getResultSet();
                    while (resultSet.next()) {
                        if ((resultSet.getInt(1) & i) == i) {
                            preparedStatement.close();
                            try {
                                preparedStatement.close();
                                DBConnectionPool.returnDBConnection(dBConnection, i2);
                                return true;
                            } finally {
                            }
                        }
                    }
                }
                try {
                    preparedStatement.close();
                    DBConnectionPool.returnDBConnection(dBConnection, i2);
                    return false;
                } finally {
                }
            } catch (SQLException e) {
                throw e;
            }
        } catch (Throwable th) {
            try {
                preparedStatement.close();
                DBConnectionPool.returnDBConnection(dBConnection, i2);
                throw th;
            } catch (Throwable th2) {
                DBConnectionPool.returnDBConnection(dBConnection, i2);
                throw th2;
            }
        }
    }

    private String[] createUsersPackage(String str, String[] strArr) {
        String[] strArr2;
        if (strArr != null) {
            if (str.equalsIgnoreCase(AccessControlInterface.PUBLIC)) {
                int length = strArr.length + 1;
                strArr2 = new String[length];
                strArr2[0] = AccessControlInterface.PUBLIC;
                for (int i = 1; i < length; i++) {
                    if (strArr[i - 1] != null) {
                        strArr2[i] = strArr[i - 1].toLowerCase();
                    }
                }
            } else {
                int length2 = strArr.length + 2;
                strArr2 = new String[length2];
                if (str != null) {
                    strArr2[0] = str.toLowerCase();
                    logMetacat.info("after transfer to lower case(not null): " + strArr2[0]);
                } else {
                    strArr2[0] = str;
                    strArr2[0] = str.toLowerCase();
                    logMetacat.info("after transfer to lower case(null): " + strArr2[0]);
                }
                strArr2[1] = AccessControlInterface.PUBLIC;
                for (int i2 = 2; i2 < length2; i2++) {
                    if (strArr[i2 - 2] != null) {
                        strArr2[i2] = strArr[i2 - 2].toLowerCase();
                    }
                }
            }
        } else if (str.equalsIgnoreCase(AccessControlInterface.PUBLIC)) {
            strArr2 = new String[]{AccessControlInterface.PUBLIC};
        } else {
            strArr2 = new String[2];
            if (str != null) {
                strArr2[0] = str.toLowerCase();
            } else {
                strArr2[0] = str;
            }
            strArr2[1] = AccessControlInterface.PUBLIC;
        }
        return strArr2;
    }

    public static Hashtable<String, String> getUnReadableInlineDataIdList(String str, String str2, String[] strArr, boolean z) throws Exception {
        return getUnAccessableInlineDataIdList(str, str2, strArr, AccessControlInterface.READSTRING, z);
    }

    public static Hashtable<String, String> getUnWritableInlineDataIdList(String str, String str2, String[] strArr, boolean z) throws Exception {
        return getUnAccessableInlineDataIdList(str, str2, strArr, AccessControlInterface.WRITESTRING, z);
    }

    private static Hashtable<String, String> getUnAccessableInlineDataIdList(String str, String str2, String[] strArr, String str3, boolean z) throws SQLException, McdbException, Exception {
        Hashtable<String, String> hashtable = new Hashtable<>();
        if (str2 == null) {
            return hashtable;
        }
        Hashtable allInlineDataIdList = getAllInlineDataIdList(str);
        Enumeration keys = allInlineDataIdList.keys();
        while (keys.hasMoreElements()) {
            String str4 = (String) keys.nextElement();
            String str5 = (String) allInlineDataIdList.get(str4);
            if (!new PermissionController(str, false).hasPermissionForInlineData(str2, strArr, str3, str5)) {
                if (z) {
                    logMetacat.info("Put subtree id " + str4 + " and inline data file name " + str5 + " into un" + str3 + " hash");
                    hashtable.put(str4, str5);
                } else {
                    logMetacat.info("Put subtree id " + str4 + " and inline data file name " + DocumentUtil.getInlineDataIdWithoutRev(str5) + " into un" + str3 + " hash");
                    hashtable.put(str4, DocumentUtil.getInlineDataIdWithoutRev(str5));
                }
            }
        }
        return hashtable;
    }

    private static Hashtable getAllInlineDataIdList(String str) throws SQLException {
        Hashtable hashtable = new Hashtable();
        PreparedStatement preparedStatement = null;
        DBConnection dBConnection = null;
        int i = -1;
        try {
            dBConnection = DBConnectionPool.getDBConnection("PermissionControl.getDataSetId");
            i = dBConnection.getCheckOutSerialNumber();
            preparedStatement = dBConnection.prepareStatement("SELECT subtreeid, docid FROM xml_access WHERE accessfileid = ? AND subtreeid  IS NOT NULL");
            preparedStatement.setString(1, str);
            preparedStatement.execute();
            ResultSet resultSet = preparedStatement.getResultSet();
            while (resultSet.next()) {
                String string = resultSet.getString(1);
                String string2 = resultSet.getString(2);
                if (string != null && !string.trim().equals("") && string2 != null && !string2.trim().equals("")) {
                    hashtable.put(string, string2);
                }
            }
            try {
                preparedStatement.close();
                DBConnectionPool.returnDBConnection(dBConnection, i);
                return hashtable;
            } catch (Throwable th) {
                DBConnectionPool.returnDBConnection(dBConnection, i);
                throw th;
            }
        } catch (Throwable th2) {
            try {
                preparedStatement.close();
                DBConnectionPool.returnDBConnection(dBConnection, i);
                throw th2;
            } catch (Throwable th3) {
                DBConnectionPool.returnDBConnection(dBConnection, i);
                throw th3;
            }
        }
    }
}
