package org.opencrx.kernel.backend;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.jdo.JDOHelper;
import javax.jdo.PersistenceManager;
import org.opencrx.security.realm1.jmi1.PrincipalGroup;
import org.opencrx.security.realm1.jmi1.User;
import org.openmdx.base.exception.ServiceException;
import org.openmdx.base.marshalling.Marshaller;
import org.openmdx.base.naming.Path;
import org.openmdx.base.persistence.spi.PersistenceManagers;
import org.openmdx.security.authorization1.jmi1.Policy;
import org.openmdx.security.realm1.jmi1.Principal;
import org.openmdx.security.realm1.jmi1.Realm;

/* loaded from: input_file:org/opencrx/kernel/backend/SecureObject.class */
public class SecureObject extends AbstractImpl {
    public static final int MODE_LOCAL = 0;
    public static final int MODE_RECURSIVE = 1;

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$AclMarshaller.class */
    public interface AclMarshaller extends Marshaller {
        AclMarshaller clone(PersistenceManager persistenceManager);
    }

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$AddOwningGroupMarshaller.class */
    public static class AddOwningGroupMarshaller implements AclMarshaller {
        private final PrincipalGroup group;

        public AddOwningGroupMarshaller(PrincipalGroup principalGroup) {
            this.group = principalGroup;
        }

        @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
        public AclMarshaller clone(PersistenceManager persistenceManager) {
            return new AddOwningGroupMarshaller((PrincipalGroup) persistenceManager.getObjectById(this.group.refGetPath()));
        }

        public Object marshal(Object obj) throws ServiceException {
            if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                org.opencrx.kernel.base.jmi1.SecureObject secureObject = (org.opencrx.kernel.base.jmi1.SecureObject) obj;
                if (!secureObject.getOwningGroup().contains(this.group)) {
                    secureObject.getOwningGroup().add(this.group);
                }
            }
            return obj;
        }

        public Object unmarshal(Object obj) {
            throw new UnsupportedOperationException();
        }
    }

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$RemoveOwningGroupMarshaller.class */
    public static class RemoveOwningGroupMarshaller implements AclMarshaller {
        private final PrincipalGroup group;

        public RemoveOwningGroupMarshaller(PrincipalGroup principalGroup) {
            this.group = principalGroup;
        }

        @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
        public AclMarshaller clone(PersistenceManager persistenceManager) {
            return new RemoveOwningGroupMarshaller((PrincipalGroup) persistenceManager.getObjectById(this.group.refGetPath()));
        }

        public Object marshal(Object obj) throws ServiceException {
            if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                org.opencrx.kernel.base.jmi1.SecureObject secureObject = (org.opencrx.kernel.base.jmi1.SecureObject) obj;
                if (secureObject.getOwningGroup().contains(this.group)) {
                    secureObject.getOwningGroup().remove(this.group);
                }
            }
            return obj;
        }

        public Object unmarshal(Object obj) {
            throw new UnsupportedOperationException();
        }
    }

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$ReplaceOwningGroupMarshaller.class */
    public static class ReplaceOwningGroupMarshaller implements AclMarshaller {
        protected final List<PrincipalGroup> groups;

        public ReplaceOwningGroupMarshaller(List<PrincipalGroup> list) {
            this.groups = list;
        }

        @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
        public AclMarshaller clone(PersistenceManager persistenceManager) {
            ArrayList arrayList = new ArrayList();
            Iterator<PrincipalGroup> it = this.groups.iterator();
            while (it.hasNext()) {
                arrayList.add((PrincipalGroup) persistenceManager.getObjectById(it.next().refGetPath()));
            }
            return new ReplaceOwningGroupMarshaller(arrayList);
        }

        public Object marshal(Object obj) throws ServiceException {
            if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                org.opencrx.kernel.base.jmi1.SecureObject secureObject = (org.opencrx.kernel.base.jmi1.SecureObject) obj;
                if (!this.groups.containsAll(secureObject.getOwningGroup()) || !secureObject.getOwningGroup().containsAll(this.groups)) {
                    secureObject.getOwningGroup().clear();
                    secureObject.getOwningGroup().addAll(this.groups);
                }
            }
            return obj;
        }

        public Object unmarshal(Object obj) {
            throw new UnsupportedOperationException();
        }
    }

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$SetAccessLevelMarshaller.class */
    public static class SetAccessLevelMarshaller implements AclMarshaller {
        private final short accessLevelBrowse;
        private final short accessLevelUpdate;
        private final short accessLevelDelete;

        public SetAccessLevelMarshaller(short s, short s2, short s3) {
            this.accessLevelBrowse = s;
            this.accessLevelUpdate = s2;
            this.accessLevelDelete = s3;
        }

        public Object marshal(Object obj) throws ServiceException {
            if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                org.opencrx.kernel.base.jmi1.SecureObject secureObject = (org.opencrx.kernel.base.jmi1.SecureObject) obj;
                if (secureObject.getAccessLevelBrowse() != this.accessLevelBrowse) {
                    secureObject.setAccessLevelBrowse(this.accessLevelBrowse);
                }
                if (secureObject.getAccessLevelUpdate() != this.accessLevelUpdate) {
                    secureObject.setAccessLevelUpdate(this.accessLevelUpdate);
                }
                if (secureObject.getAccessLevelDelete() != this.accessLevelDelete) {
                    secureObject.setAccessLevelDelete(this.accessLevelDelete);
                }
            }
            return obj;
        }

        @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
        public AclMarshaller clone(PersistenceManager persistenceManager) {
            return this;
        }

        public Object unmarshal(Object obj) {
            throw new UnsupportedOperationException();
        }
    }

    /* loaded from: input_file:org/opencrx/kernel/backend/SecureObject$SetOwningUserMarshaller.class */
    public static class SetOwningUserMarshaller implements AclMarshaller {
        private final User user;

        public SetOwningUserMarshaller(User user) {
            this.user = user;
        }

        @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
        public AclMarshaller clone(PersistenceManager persistenceManager) {
            return new SetOwningUserMarshaller((User) persistenceManager.getObjectById(this.user.refGetPath()));
        }

        public Object marshal(Object obj) throws ServiceException {
            if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                org.opencrx.kernel.base.jmi1.SecureObject secureObject = (org.opencrx.kernel.base.jmi1.SecureObject) obj;
                if (this.user != null && !this.user.equals(secureObject.getOwningUser())) {
                    secureObject.setOwningUser(this.user);
                }
            }
            return obj;
        }

        public Object unmarshal(Object obj) {
            throw new UnsupportedOperationException();
        }
    }

    public static void register() {
        registerImpl(new SecureObject());
    }

    public static SecureObject getInstance() throws ServiceException {
        return (SecureObject) getInstance(SecureObject.class);
    }

    protected SecureObject() {
    }

    public Principal findPrincipal(String str, Realm realm) {
        try {
            return (Principal) JDOHelper.getPersistenceManager(realm).getObjectById(realm.refGetPath().getDescendant(new String[]{"principal", (String) PersistenceManagers.toPrincipalChain(str).get(0)}));
        } catch (Exception e) {
            return null;
        }
    }

    public Principal findPrincipal(String str, Path path, PersistenceManager persistenceManager) throws ServiceException {
        return findPrincipal(str, (Realm) persistenceManager.getObjectById(path));
    }

    public Realm getRealm(PersistenceManager persistenceManager, String str, String str2) {
        return (Realm) persistenceManager.getObjectById(new Path("xri://@openmdx*org.openmdx.security.realm1").getDescendant(new String[]{"provider", str, "segment", "Root", "realm", str2}));
    }

    public Policy getPolicy(PersistenceManager persistenceManager, String str, String str2) {
        return (Policy) persistenceManager.getObjectById(new Path("xri://@openmdx*org.openmdx.security.authorization1").getDescendant(new String[]{"provider", str, "segment", "Root", "policy", str2}));
    }

    public PrincipalGroup initPrincipalGroup(String str, PersistenceManager persistenceManager, String str2, String str3) {
        Realm realm = getRealm(persistenceManager, str2, str3);
        PrincipalGroup findPrincipal = findPrincipal(str, realm);
        if (findPrincipal != null) {
            return findPrincipal;
        }
        persistenceManager.currentTransaction().begin();
        PrincipalGroup principalGroup = (PrincipalGroup) persistenceManager.newInstance(PrincipalGroup.class);
        principalGroup.setDescription(str3 + "\\\\" + str);
        realm.addPrincipal(str, principalGroup);
        persistenceManager.currentTransaction().commit();
        return principalGroup;
    }

    /* JADX WARN: Removed duplicated region for block: B:75:0x01d1 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void applyAcls(org.opencrx.kernel.base.jmi1.SecureObject r10, org.opencrx.kernel.backend.SecureObject.AclMarshaller r11, java.lang.Short r12, java.lang.String r13, java.util.List<java.lang.String> r14, int r15, java.util.Map<java.lang.String, java.util.Set<java.lang.String>> r16) {
        /*
            Method dump skipped, instructions count: 503
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.opencrx.kernel.backend.SecureObject.applyAcls(org.opencrx.kernel.base.jmi1.SecureObject, org.opencrx.kernel.backend.SecureObject$AclMarshaller, java.lang.Short, java.lang.String, java.util.List, int, java.util.Map):void");
    }

    public void setOwningUser(org.opencrx.kernel.base.jmi1.SecureObject secureObject, User user, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, new SetOwningUserMarshaller(user), Short.valueOf(s), "setOwningUser", list, 0, map);
    }

    public void addOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, PrincipalGroup principalGroup, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        addOwningGroup(secureObject, principalGroup, new AddOwningGroupMarshaller(principalGroup), s, list, map);
    }

    public void addOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, PrincipalGroup principalGroup, AclMarshaller aclMarshaller, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, aclMarshaller, Short.valueOf(s), "addOwningGroup", list, 0, map);
    }

    public void replaceOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, List<PrincipalGroup> list, short s, List<String> list2, Map<String, Set<String>> map) throws ServiceException {
        replaceOwningGroup(secureObject, list, new ReplaceOwningGroupMarshaller(list), s, list2, map);
    }

    public void replaceOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, List<PrincipalGroup> list, AclMarshaller aclMarshaller, short s, List<String> list2, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, aclMarshaller, Short.valueOf(s), "replaceOwningGroup", list2, 0, map);
    }

    public void removeOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, PrincipalGroup principalGroup, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        removeOwningGroup(secureObject, principalGroup, new RemoveOwningGroupMarshaller(principalGroup), s, list, map);
    }

    public void removeOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, PrincipalGroup principalGroup, AclMarshaller aclMarshaller, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, aclMarshaller, Short.valueOf(s), "removeOwningGroup", list, 0, map);
    }

    public void removeAllOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject, short s, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, new AclMarshaller() { // from class: org.opencrx.kernel.backend.SecureObject.1
            public Object marshal(Object obj) throws ServiceException {
                if (obj instanceof org.opencrx.kernel.base.jmi1.SecureObject) {
                    ((org.opencrx.kernel.base.jmi1.SecureObject) obj).getOwningGroup().clear();
                }
                return obj;
            }

            public Object unmarshal(Object obj) {
                throw new UnsupportedOperationException();
            }

            @Override // org.opencrx.kernel.backend.SecureObject.AclMarshaller
            public AclMarshaller clone(PersistenceManager persistenceManager) {
                return this;
            }
        }, Short.valueOf(s), "removeAllOwningGroup", list, 0, map);
    }

    public void setAccessLevel(org.opencrx.kernel.base.jmi1.SecureObject secureObject, short s, short s2, short s3, short s4, List<String> list, Map<String, Set<String>> map) throws ServiceException {
        applyAcls(secureObject, new SetAccessLevelMarshaller(s, s2, s3), Short.valueOf(s4), "setAccessLevel", list, 0, map);
    }

    public void assertOwningGroup(org.opencrx.kernel.base.jmi1.SecureObject secureObject) throws ServiceException {
    }

    public Path getLoginRealmIdentity(String str) {
        return getRealmIdentity(str, Contracts.CALCULATION_RULE_NAME_DEFAULT);
    }

    public static Path getRealmIdentity(String str, String str2) {
        return new Path("xri://@openmdx*org.openmdx.security.realm1").getDescendant(new String[]{"provider", str, "segment", "Root", "realm", str2});
    }

    public static Path getPolicyIdentity(String str, String str2) {
        return new Path("xri://@openmdx*org.openmdx.security.authorization1").getDescendant(new String[]{"provider", str, "segment", "Root", "policy", str2});
    }

    public void updateSecureObject(org.opencrx.kernel.base.jmi1.SecureObject secureObject) throws ServiceException {
    }
}
