package com.liferay.portal.security.pacl.checker;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import java.io.StringReader;
import java.security.Permission;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import net.sf.jsqlparser.parser.CCJSqlParserManager;
import net.sf.jsqlparser.parser.JSqlParser;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.Statement;
import net.sf.jsqlparser.statement.create.table.CreateTable;
import net.sf.jsqlparser.statement.delete.Delete;
import net.sf.jsqlparser.statement.drop.Drop;
import net.sf.jsqlparser.statement.insert.Insert;
import net.sf.jsqlparser.statement.replace.Replace;
import net.sf.jsqlparser.statement.select.Select;
import net.sf.jsqlparser.statement.truncate.Truncate;
import net.sf.jsqlparser.statement.update.Update;
import net.sf.jsqlparser.test.tablesfinder.TablesNamesFinder;

/* loaded from: input_file:WEB-INF/lib/portal-impl.jar:com/liferay/portal/security/pacl/checker/SQLChecker.class */
public class SQLChecker extends BaseChecker {
    private static Log _log = LogFactoryUtil.getLog(SQLChecker.class);
    private Set<String> _allTableNames;
    private Set<String> _createTableNames;
    private Set<String> _deleteTableNames;
    private Set<String> _dropTableNames;
    private Set<String> _insertTableNames;
    private JSqlParser _jSqlParser = new CCJSqlParserManager();
    private Set<String> _replaceTableNames;
    private Set<String> _selectTableNames;
    private Set<String> _truncateTableNames;
    private Set<String> _updateTableNames;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/portal-impl.jar:com/liferay/portal/security/pacl/checker/SQLChecker$TableNamesFinder.class */
    public class TableNamesFinder extends TablesNamesFinder {
        public TableNamesFinder() {
            this.tables = new ArrayList();
        }

        public List<String> getTableNames(Delete delete) {
            this.tables.add(delete.getTable().getName());
            delete.getWhere().accept(this);
            return this.tables;
        }

        public List<String> getTableNames(Insert insert) {
            this.tables.add(insert.getTable().getName());
            insert.getItemsList().accept(this);
            return this.tables;
        }

        public List<String> getTableNames(Replace replace) {
            this.tables.add(replace.getTable().getName());
            replace.getItemsList().accept(this);
            return this.tables;
        }

        public List<String> getTableNames(Select select) {
            select.getSelectBody().accept(this);
            return this.tables;
        }

        public List<String> getTableNames(Update update) {
            this.tables.add(update.getTable().getName());
            update.getWhere().accept(this);
            return this.tables;
        }
    }

    @Override // com.liferay.portal.security.pacl.checker.Checker
    public void afterPropertiesSet() {
        initTableNames();
    }

    @Override // com.liferay.portal.security.pacl.checker.Checker
    public void checkPermission(Permission permission) {
        throw new UnsupportedOperationException();
    }

    public boolean hasSQL(String str) {
        try {
            Statement parse = this._jSqlParser.parse(new StringReader(str));
            if (parse instanceof CreateTable) {
                return hasSQL((CreateTable) parse);
            }
            if (parse instanceof Select) {
                return hasSQL((Select) parse);
            }
            if (parse instanceof Delete) {
                return hasSQL((Delete) parse);
            }
            if (parse instanceof Drop) {
                return hasSQL((Drop) parse);
            }
            if (parse instanceof Insert) {
                return hasSQL((Insert) parse);
            }
            if (parse instanceof Replace) {
                return hasSQL((Replace) parse);
            }
            if (parse instanceof Select) {
                return hasSQL((Select) parse);
            }
            if (parse instanceof Truncate) {
                return hasSQL((Truncate) parse);
            }
            if (parse instanceof Update) {
                return hasSQL((Update) parse);
            }
            return false;
        } catch (Exception unused) {
            _log.error("Unable to parse SQL " + str);
            return false;
        }
    }

    protected boolean hasSQL(CreateTable createTable) {
        return isAllowedTable(createTable.getTable(), this._createTableNames);
    }

    protected boolean hasSQL(Delete delete) {
        return isAllowedTables(new TableNamesFinder().getTableNames(delete), this._deleteTableNames);
    }

    protected boolean hasSQL(Drop drop) {
        return isAllowedTable(drop.getName(), this._dropTableNames);
    }

    protected boolean hasSQL(Insert insert) {
        return isAllowedTables(new TableNamesFinder().getTableNames(insert), this._insertTableNames);
    }

    protected boolean hasSQL(Replace replace) {
        return isAllowedTables(new TableNamesFinder().getTableNames(replace), this._replaceTableNames);
    }

    protected boolean hasSQL(Select select) {
        return isAllowedTables(new TableNamesFinder().getTableNames(select), this._selectTableNames);
    }

    protected boolean hasSQL(Truncate truncate) {
        return isAllowedTable(truncate.getTable(), this._truncateTableNames);
    }

    protected boolean hasSQL(Update update) {
        return isAllowedTables(new TableNamesFinder().getTableNames(update), this._updateTableNames);
    }

    protected void initTableNames() {
        this._allTableNames = getPropertySet("security-manager-sql-tables-all");
        this._createTableNames = getPropertySet("security-manager-sql-tables-create");
        this._deleteTableNames = getPropertySet("security-manager-sql-tables-delete");
        this._dropTableNames = getPropertySet("security-manager-sql-tables-drop");
        this._insertTableNames = getPropertySet("security-manager-sql-tables-insert");
        this._replaceTableNames = getPropertySet("security-manager-sql-tables-replace");
        this._selectTableNames = getPropertySet("security-manager-sql-tables-select");
        this._truncateTableNames = getPropertySet("security-manager-sql-tables-truncate");
        this._updateTableNames = getPropertySet("security-manager-sql-tables-update");
    }

    protected boolean isAllowedTable(String str, Set<String> set) {
        return this._allTableNames.contains(str) || set.contains(str);
    }

    protected boolean isAllowedTable(Table table, Set<String> set) {
        return isAllowedTable(table.getName(), set);
    }

    protected boolean isAllowedTables(List<String> list, Set<String> set) {
        Iterator<String> it2 = list.iterator();
        while (it2.hasNext()) {
            if (!isAllowedTable(it2.next(), set)) {
                return false;
            }
        }
        return true;
    }
}
