package org.wso2.carbon.apimgt.rest.api.util.utils;

import java.util.ArrayList;
import java.util.Arrays;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.APIIdentifier;
import org.wso2.carbon.apimgt.api.model.APIProduct;
import org.wso2.carbon.apimgt.api.model.APIProductIdentifier;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.api.model.SubscribedAPI;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.rest.api.common.RestApiCommonUtil;
import org.wso2.carbon.apimgt.rest.api.util.MethodTimeLogger;
import org.wso2.carbon.apimgt.rest.api.util.RestApiConstants;

/* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils.class */
public class RestAPIStoreUtils {
    private static final Log log;
    private static boolean isStoreCacheEnabled;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAccessAllowedForApplication_aroundBody0((Application) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAccessAllowedForAPIProduct_aroundBody10((APIProduct) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAllowedForSubscription_aroundBody12((APIProduct) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserOwnerOfApplication_aroundBody2((Application) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAccessAllowedForSubscription_aroundBody4((SubscribedAPI) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAccessAllowedForAPIByUUID_aroundBody6((String) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/utils/RestAPIStoreUtils$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(RestAPIStoreUtils.isUserAccessAllowedForAPI_aroundBody8((APIIdentifier) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(RestAPIStoreUtils.class);
        String firstProperty = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty("CacheConfigurations.EnableScopeCache");
        isStoreCacheEnabled = firstProperty != null && Boolean.parseBoolean(firstProperty);
    }

    public static boolean isUserAccessAllowedForApplication(Application application) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, (Object) null, (Object) null, application);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{application, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessAllowedForApplication_aroundBody0(application, makeJP);
    }

    public static boolean isUserOwnerOfApplication(Application application) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, (Object) null, (Object) null, application);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{application, makeJP}).linkClosureAndJoinPoint(65536))) : isUserOwnerOfApplication_aroundBody2(application, makeJP);
    }

    public static boolean isUserAccessAllowedForSubscription(SubscribedAPI subscribedAPI) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, (Object) null, (Object) null, subscribedAPI);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{subscribedAPI, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessAllowedForSubscription_aroundBody4(subscribedAPI, makeJP);
    }

    public static boolean isUserAccessAllowedForAPIByUUID(String str, String str2) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, (Object) null, (Object) null, str, str2);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{str, str2, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessAllowedForAPIByUUID_aroundBody6(str, str2, makeJP);
    }

    public static boolean isUserAccessAllowedForAPI(APIIdentifier aPIIdentifier) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, (Object) null, (Object) null, aPIIdentifier);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{aPIIdentifier, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessAllowedForAPI_aroundBody8(aPIIdentifier, makeJP);
    }

    public static boolean isUserAccessAllowedForAPIProduct(APIProduct aPIProduct) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, (Object) null, (Object) null, aPIProduct);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{aPIProduct, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessAllowedForAPIProduct_aroundBody10(aPIProduct, makeJP);
    }

    public static boolean isUserAllowedForSubscription(APIProduct aPIProduct, String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_6, (Object) null, (Object) null, aPIProduct, str);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure13(new Object[]{aPIProduct, str, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAllowedForSubscription_aroundBody12(aPIProduct, str, makeJP);
    }

    static final boolean isUserAccessAllowedForApplication_aroundBody0(Application application, JoinPoint joinPoint) {
        String loggedInUserGroupId;
        if (application == null) {
            return false;
        }
        String groupId = application.getGroupId();
        if (application.getSubscriber() != null && isUserOwnerOfApplication(application)) {
            return true;
        }
        if (StringUtils.isEmpty(groupId) || (loggedInUserGroupId = RestApiUtil.getLoggedInUserGroupId()) == null) {
            return false;
        }
        ArrayList arrayList = new ArrayList(Arrays.asList(groupId.split(",")));
        for (String str : loggedInUserGroupId.split(",")) {
            if (arrayList.contains(str)) {
                return true;
            }
        }
        return false;
    }

    static final boolean isUserOwnerOfApplication_aroundBody2(Application application, JoinPoint joinPoint) {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        if (application.getSubscriber().getName().equals(loggedInUsername)) {
            return true;
        }
        if (!application.getSubscriber().getName().toLowerCase().equals(loggedInUsername.toLowerCase())) {
            return false;
        }
        String firstProperty = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty("APIStore.CompareCaseInsensitively");
        return StringUtils.isNotEmpty(firstProperty) && Boolean.valueOf(firstProperty).booleanValue();
    }

    static final boolean isUserAccessAllowedForSubscription_aroundBody4(SubscribedAPI subscribedAPI, JoinPoint joinPoint) {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        Application application = subscribedAPI.getApplication();
        APIIdentifier apiId = subscribedAPI.getApiId();
        APIProductIdentifier productId = subscribedAPI.getProductId();
        if (apiId != null && application != null) {
            try {
                if (!isUserAccessAllowedForAPI(apiId)) {
                    return false;
                }
                if (isUserAccessAllowedForApplication(application)) {
                    return true;
                }
            } catch (APIManagementException e) {
                throw new APIManagementException("Failed to retrieve the API " + apiId.toString() + " to check user " + loggedInUsername + " has access to the subscription " + subscribedAPI.getUUID(), e);
            }
        }
        if (productId == null || application == null) {
            return false;
        }
        APIProduct aPIProduct = RestApiCommonUtil.getLoggedInUserConsumer().getAPIProduct(productId);
        return isUserAllowedForSubscription(aPIProduct, loggedInUsername) && isUserAccessAllowedForAPIProduct(aPIProduct) && isUserAccessAllowedForApplication(application);
    }

    static final boolean isUserAccessAllowedForAPIByUUID_aroundBody6(String str, String str2, JoinPoint joinPoint) {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        try {
            RestApiCommonUtil.getLoggedInUserConsumer().getLightweightAPIByUUID(str, str2);
            return true;
        } catch (APIManagementException e) {
            if (!RestApiUtil.isDueToAuthorizationFailure(e)) {
                throw new APIManagementException("Failed to retrieve the API " + str + " to check user " + loggedInUsername + " has access to the API", e);
            }
            log.info("user " + loggedInUsername + " failed to access the API " + str + " due to an authorization failure");
            return false;
        }
    }

    static final boolean isUserAccessAllowedForAPI_aroundBody8(APIIdentifier aPIIdentifier, JoinPoint joinPoint) {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        try {
            RestApiCommonUtil.getLoggedInUserConsumer().getLightweightAPIByUUID(aPIIdentifier.getUUID(), ApiMgtDAO.getInstance().getOrganizationByAPIUUID(aPIIdentifier.getUUID()));
            return true;
        } catch (APIManagementException e) {
            if (!RestApiUtil.isDueToAuthorizationFailure(e)) {
                throw new APIManagementException("Failed to retrieve the API " + aPIIdentifier + " to check user " + loggedInUsername + " has access to the API", e);
            }
            log.info("user " + loggedInUsername + " failed to access the API " + aPIIdentifier + " due to an authorization failure");
            return false;
        }
    }

    static final boolean isUserAccessAllowedForAPIProduct_aroundBody10(APIProduct aPIProduct, JoinPoint joinPoint) {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        String loggedInUserTenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
        if (log.isDebugEnabled()) {
            log.debug("isUserAccessAllowedForAPIProduct():- productId: " + aPIProduct.getUuid() + ", visibility: " + aPIProduct.getVisibility() + " username:" + loggedInUsername + " tenantDomain:" + loggedInUserTenantDomain);
        }
        if ("public".equals(aPIProduct.getVisibility())) {
            return true;
        }
        return "restricted".equals(aPIProduct.getVisibility()) ? APIUtil.isRoleExistForUser(loggedInUsername, aPIProduct.getVisibleRoles()) && loggedInUserTenantDomain.equals(aPIProduct.getTenantDomain()) : "private".equals(aPIProduct.getVisibility()) && loggedInUserTenantDomain.equals(aPIProduct.getTenantDomain()) && !"wso2.anonymous.user".equals(loggedInUsername);
    }

    static final boolean isUserAllowedForSubscription_aroundBody12(APIProduct aPIProduct, String str, JoinPoint joinPoint) {
        String subscriptionAvailability = aPIProduct.getSubscriptionAvailability();
        String subscriptionAvailableTenants = aPIProduct.getSubscriptionAvailableTenants();
        String loggedInUserTenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
        if (log.isDebugEnabled()) {
            log.debug("isUserAllowedForSubscription():- productId: " + aPIProduct.getUuid() + ", subscriptionAvailability: " + subscriptionAvailability + " subscriptionAllowedTenants: " + subscriptionAvailableTenants + " username:" + str + " tenantDomain:" + loggedInUserTenantDomain);
        }
        boolean z = false;
        if (loggedInUserTenantDomain.equals(aPIProduct.getTenantDomain())) {
            z = true;
        } else if ("all_tenants".equals(subscriptionAvailability)) {
            z = true;
        } else if ("specific_tenants".equals(subscriptionAvailability) && subscriptionAvailableTenants != null) {
            String[] split = subscriptionAvailableTenants.split(",");
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str2 = split[i];
                if (str2 != null && loggedInUserTenantDomain.equals(str2.trim())) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("RestAPIStoreUtils.java", RestAPIStoreUtils.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAccessAllowedForApplication", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.Application", RestApiConstants.RESOURCE_APPLICATION, "", "boolean"), 76);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserOwnerOfApplication", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.Application", RestApiConstants.RESOURCE_APPLICATION, "", "boolean"), 112);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAccessAllowedForSubscription", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.SubscribedAPI", "subscribedAPI", "org.wso2.carbon.apimgt.api.APIManagementException", "boolean"), 134);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAccessAllowedForAPIByUUID", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "java.lang.String:java.lang.String", "apiId:organization", "org.wso2.carbon.apimgt.api.APIManagementException", "boolean"), 182);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAccessAllowedForAPI", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.APIIdentifier", "apiId", "org.wso2.carbon.apimgt.api.APIManagementException", "boolean"), 213);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAccessAllowedForAPIProduct", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.APIProduct", "product", "org.wso2.carbon.apimgt.api.APIManagementException", "boolean"), 242);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "isUserAllowedForSubscription", "org.wso2.carbon.apimgt.rest.api.util.utils.RestAPIStoreUtils", "org.wso2.carbon.apimgt.api.model.APIProduct:java.lang.String", "product:user", "", "boolean"), 265);
    }
}
