package org.apache.uima.ducc.ws.utils;

import java.io.File;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import org.apache.uima.ducc.common.internationalization.Messages;
import org.apache.uima.ducc.common.utils.AlienFile;
import org.apache.uima.ducc.common.utils.DuccLogger;
import org.apache.uima.ducc.common.utils.DuccPropertiesResolver;
import org.apache.uima.ducc.common.utils.LinuxUtils;
import org.apache.uima.ducc.common.utils.id.DuccId;
import org.apache.uima.ducc.orchestrator.authentication.DuccWebAdministrators;
import org.apache.uima.ducc.ws.registry.IServicesRegistry;
import org.apache.uima.ducc.ws.registry.ServicesRegistry;
import org.apache.uima.ducc.ws.registry.ServicesRegistryMapPayload;
import org.apache.uima.ducc.ws.server.DuccCookies;
import org.apache.uima.ducc.ws.server.DuccWebSessionManager;
import org.eclipse.jetty.server.Request;

/* loaded from: input_file:org/apache/uima/ducc/ws/utils/HandlersHelper.class */
public class HandlersHelper {
    private static DuccLogger duccLogger = DuccLogger.getLogger(HandlersHelper.class);
    private static Messages messages = Messages.getInstance();
    private static DuccId jobid = null;
    public static DuccWebAdministrators duccWebAdministrators = DuccWebAdministrators.getInstance();
    public static DuccWebSessionManager duccWebSessionManager = DuccWebSessionManager.getInstance();

    /* loaded from: input_file:org/apache/uima/ducc/ws/utils/HandlersHelper$AuthorizationStatus.class */
    public enum AuthorizationStatus {
        LoggedInOwner,
        LoggedInAdministrator,
        LoggedInNotOwner,
        LoggedInNotAdministrator,
        NotLoggedIn
    }

    /* loaded from: input_file:org/apache/uima/ducc/ws/utils/HandlersHelper$DataAccessPermission.class */
    public enum DataAccessPermission {
        None,
        Read,
        Write
    }

    private static boolean match(String str, String str2) {
        duccLogger.trace("match", jobid, new Object[]{messages.fetch("enter")});
        boolean z = false;
        if (str != null && str2 != null && str.trim().equals(str2.trim())) {
            z = true;
        }
        duccLogger.trace("match", jobid, new Object[]{messages.fetch("exit")});
        return z;
    }

    public static AuthorizationStatus getAuthorizationStatus(HttpServletRequest httpServletRequest, String str) {
        duccLogger.trace("getAuthorizationStatus", (DuccId) null, new Object[]{messages.fetch("enter")});
        AuthorizationStatus authorizationStatus = AuthorizationStatus.NotLoggedIn;
        try {
            String str2 = "";
            boolean isAuthentic = duccWebSessionManager.isAuthentic(httpServletRequest);
            String userId = duccWebSessionManager.getUserId(httpServletRequest);
            if (!isAuthentic) {
                str2 = "user " + userId + " is not authenticated";
                authorizationStatus = AuthorizationStatus.NotLoggedIn;
            } else if (!match(str, userId)) {
                switch (DuccCookies.getRole(httpServletRequest)) {
                    case User:
                        str2 = "user " + userId + " is not resource owner " + str;
                        authorizationStatus = AuthorizationStatus.LoggedInNotOwner;
                        break;
                    case Administrator:
                        if (!duccWebAdministrators.isAdministrator(userId)) {
                            str2 = "user " + userId + " is not administrator ";
                            authorizationStatus = AuthorizationStatus.LoggedInNotAdministrator;
                            break;
                        } else {
                            str2 = "user " + userId + " is administrator";
                            authorizationStatus = AuthorizationStatus.LoggedInAdministrator;
                            break;
                        }
                }
            } else {
                str2 = "user " + userId + " is resource owner";
                authorizationStatus = AuthorizationStatus.LoggedInOwner;
            }
            duccLogger.debug("getAuthorizationStatus", (DuccId) null, new Object[]{messages.fetch(str2)});
        } catch (Exception e) {
            duccLogger.error("getAuthorizationStatus", (DuccId) null, e, new Object[0]);
        }
        duccLogger.trace("getAuthorizationStatus", (DuccId) null, new Object[]{messages.fetch("exit")});
        return authorizationStatus;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    public static boolean isUserAuthorized(HttpServletRequest httpServletRequest, String str) {
        duccLogger.trace("isUserAuthorized", jobid, new Object[]{messages.fetch("enter")});
        boolean z = false;
        try {
            switch (getAuthorizationStatus(httpServletRequest, str)) {
                case LoggedInOwner:
                case LoggedInAdministrator:
                    z = true;
                    break;
            }
        } catch (Exception e) {
            duccLogger.error("isUserAuthorized", jobid, e, new Object[0]);
        }
        duccLogger.trace("isUserAuthorized", jobid, new Object[]{messages.fetch("exit")});
        return z;
    }

    private static DuccId getDuccId(Properties properties) {
        DuccId duccId = null;
        String str = null;
        try {
            str = properties.getProperty(IServicesRegistry.numeric_id);
            duccId = new DuccId(new Long(str).longValue());
        } catch (Exception e) {
            duccLogger.error("getDuccId", duccId, new Object[]{str});
        }
        return duccId;
    }

    private static boolean isServiceOwner(String str, Properties properties) {
        String property;
        boolean z = false;
        if (str != null && properties != null && (property = properties.getProperty(IServicesRegistry.user)) != null && str.trim().equals(property.trim())) {
            z = true;
            duccLogger.debug("isServiceOwner", getDuccId(properties), new Object[]{"user=" + str + " true"});
        }
        return z;
    }

    private static boolean isServiceAdministrator(String str, Properties properties) {
        String property;
        boolean z = false;
        if (str != null && properties != null && (property = properties.getProperty(IServicesRegistry.administrators)) != null) {
            String[] split = property.split("\\s+");
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (str.trim().equals(split[i].trim())) {
                    z = true;
                    duccLogger.debug("isServiceAdministrator", getDuccId(properties), new Object[]{"user=" + str + " true"});
                    break;
                }
                i++;
            }
        }
        return z;
    }

    private static boolean isDuccAdministrator(String str, Properties properties) {
        boolean z = false;
        if (str != null) {
            z = DuccWebAdministrators.getInstance().isAdministrator(str);
            if (z) {
                duccLogger.debug("isDuccAdministrator", getDuccId(properties), new Object[]{"user=" + str + " " + z + " (forced)"});
            }
        }
        return z;
    }

    public static boolean isFileReadable(String str, String str2) {
        boolean z = false;
        try {
            if (new AlienFile(str, str2).getString() != null) {
                z = true;
            }
        } catch (Exception e) {
            duccLogger.debug("isFileReadable", jobid, e, new Object[0]);
        }
        return z;
    }

    private static boolean isServiceFileAccessForRead(String str, Properties properties) {
        String property;
        boolean z = false;
        if (str == null) {
            str = System.getProperty("user.name");
        }
        if (str != null && properties != null && (property = properties.getProperty(IServicesRegistry.user)) != null) {
            String securityHome = getSecurityHome(property.trim());
            if (securityHome != null) {
                if (!securityHome.endsWith(File.separator)) {
                    securityHome = securityHome + File.separator;
                }
                z = isFileReadable(str, securityHome + ".ducc" + File.separator + "db.access");
                if (z) {
                    duccLogger.debug("isServiceFileAccessForRead", getDuccId(properties), new Object[]{"user=" + str + " " + z});
                }
            }
        }
        return z;
    }

    public static String getSecurityHome(String str) {
        String str2 = DuccPropertiesResolver.get("ducc.runmode");
        boolean z = str2 != null && str2.equals("Test");
        String str3 = null;
        String str4 = DuccPropertiesResolver.get("ducc.security.home");
        if (str4 != null && !str4.isEmpty()) {
            str3 = str4 + File.separator + (z ? System.getProperty("user.name") : str);
        }
        if (str3 == null) {
            str3 = z ? System.getProperty("user.home") : LinuxUtils.getUserHome(str);
        }
        return str3;
    }

    public static DataAccessPermission getServiceAuthorization(Request request) {
        duccLogger.trace("getServiceAuthorization", jobid, new Object[]{messages.fetch("enter")});
        DataAccessPermission dataAccessPermission = DataAccessPermission.None;
        if (request != null) {
            try {
                String userId = duccWebSessionManager.getUserId(request);
                ServicesRegistryMapPayload findService = ServicesRegistry.getInstance().findService(request.getParameter("name"));
                if (findService != null) {
                    Properties properties = findService.svc;
                    Properties properties2 = findService.meta;
                    if (isServiceOwner(userId, properties2)) {
                        dataAccessPermission = DataAccessPermission.Write;
                    } else if (isServiceAdministrator(userId, properties)) {
                        dataAccessPermission = DataAccessPermission.Write;
                    } else if (isServiceFileAccessForRead(userId, properties2)) {
                        dataAccessPermission = DataAccessPermission.Read;
                    }
                }
            } catch (Exception e) {
                duccLogger.error("getServiceAuthorization", jobid, e, new Object[0]);
            }
        }
        duccLogger.trace("getServiceAuthorization", jobid, new Object[]{messages.fetch("exit")});
        return dataAccessPermission;
    }

    public static DataAccessPermission getResourceAuthorization(String str, String str2) {
        duccLogger.trace("getServiceAuthorization", jobid, new Object[]{messages.fetch("enter")});
        DataAccessPermission dataAccessPermission = DataAccessPermission.None;
        try {
            if (str == str2) {
                dataAccessPermission = DataAccessPermission.Read;
            } else {
                String securityHome = getSecurityHome(str.trim());
                if (securityHome != null) {
                    if (!securityHome.endsWith(File.separator)) {
                        securityHome = securityHome + File.separator;
                    }
                    if (isFileReadable(str2, securityHome + ".ducc" + File.separator + "db.access")) {
                        dataAccessPermission = DataAccessPermission.Read;
                        duccLogger.debug("getServiceAuthorization", jobid, new Object[]{"owner=" + str + " user=" + str2 + " " + dataAccessPermission});
                    }
                }
            }
        } catch (Exception e) {
            duccLogger.error("getServiceAuthorization", jobid, e, new Object[0]);
        }
        duccLogger.trace("getServiceAuthorization", jobid, new Object[]{messages.fetch("exit")});
        return dataAccessPermission;
    }

    public static boolean isResourceAuthorized(String str, String str2) {
        boolean z = false;
        switch (getResourceAuthorization(str, str2)) {
            case Read:
            case Write:
                z = true;
                break;
        }
        return z;
    }
}
