package com.github.veithen.maven.hermetic;

import java.io.File;
import java.io.FileOutputStream;
import java.io.FilePermission;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.lang.management.ManagementPermission;
import java.lang.reflect.ReflectPermission;
import java.net.NetPermission;
import java.net.SocketPermission;
import java.security.SecurityPermission;
import java.util.Iterator;
import java.util.Properties;
import java.util.PropertyPermission;
import javax.management.MBeanPermission;
import javax.management.MBeanServerPermission;
import javax.management.MBeanTrustPermission;
import org.apache.maven.artifact.Artifact;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.MavenProject;

@Mojo(name = "generate-policy", defaultPhase = LifecyclePhase.GENERATE_TEST_RESOURCES, threadSafe = true)
/* loaded from: input_file:com/github/veithen/maven/hermetic/GeneratePolicyMojo.class */
public final class GeneratePolicyMojo extends AbstractMojo {

    @Parameter(property = "project", readonly = true, required = true)
    private MavenProject project;

    @Parameter(property = "session", readonly = true, required = true)
    private MavenSession session;

    @Parameter(defaultValue = "${project.build.directory}/test.policy", required = true)
    private File outputFile;

    @Parameter
    private boolean skip;

    public void execute() throws MojoExecutionException, MojoFailureException {
        if (this.skip || this.project.getPackaging().equals("pom")) {
            return;
        }
        this.outputFile.getParentFile().mkdirs();
        try {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new FileOutputStream(this.outputFile), "utf-8");
            Throwable th = null;
            try {
                PolicyWriter policyWriter = new PolicyWriter(outputStreamWriter);
                policyWriter.start();
                policyWriter.writePermission(new FilePermission(new File(System.getProperty("java.home"), "-").getAbsolutePath(), "read"));
                policyWriter.writePermission(new FilePermission(new File(System.getProperty("maven.home"), "-").getAbsolutePath(), "read"));
                policyWriter.writePermission(new FilePermission(this.session.getRequest().getUserToolchainsFile().getAbsolutePath(), "read"));
                policyWriter.writePermission(new FilePermission(new File(this.session.getSettings().getLocalRepository(), "-").getAbsolutePath(), "read"));
                for (MavenProject mavenProject : this.session.getProjects()) {
                    File file = mavenProject.getArtifact().getFile();
                    if (file != null) {
                        policyWriter.writePermission(new FilePermission(file.getAbsolutePath(), "read"));
                    }
                    Iterator it = mavenProject.getAttachedArtifacts().iterator();
                    while (it.hasNext()) {
                        policyWriter.writePermission(new FilePermission(((Artifact) it.next()).getFile().getAbsolutePath(), "read"));
                    }
                }
                policyWriter.writePermission(new FilePermission(new File(this.project.getBasedir(), "-").getAbsolutePath(), "read"));
                policyWriter.writePermission(new FilePermission(this.project.getBuild().getDirectory(), "read,write"));
                policyWriter.writePermission(new FilePermission(new File(this.project.getBuild().getDirectory(), "-").getAbsolutePath(), "read,write,delete"));
                policyWriter.writePermission(new RuntimePermission("*"));
                policyWriter.writePermission(new ManagementPermission("monitor"));
                policyWriter.writePermission(new ReflectPermission("*"));
                policyWriter.writePermission(new NetPermission("*"));
                policyWriter.writePermission(new SocketPermission("localhost", "connect,listen,accept,resolve"));
                policyWriter.writePermission(new SecurityPermission("*"));
                policyWriter.writePermission(new PropertyPermission("*", "read,write"));
                policyWriter.writePermission(new MBeanPermission("*", "*"));
                policyWriter.writePermission(new MBeanServerPermission("*"));
                policyWriter.writePermission(new MBeanTrustPermission("*"));
                policyWriter.writePermission("javax.xml.bind.JAXBPermission", "*", null);
                policyWriter.writePermission("javax.xml.ws.WebServicePermission", "publishEndpoint", null);
                policyWriter.writePermission("org.osgi.framework.AdminPermission", "*", "*");
                policyWriter.writePermission("org.osgi.framework.ServicePermission", "*", "register,get");
                policyWriter.end();
                if (outputStreamWriter != null) {
                    if (0 != 0) {
                        try {
                            outputStreamWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        outputStreamWriter.close();
                    }
                }
                Properties properties = this.project.getProperties();
                String property = properties.getProperty("argLine");
                StringBuilder sb = new StringBuilder();
                if (property != null) {
                    sb.append(property);
                    sb.append(" ");
                }
                sb.append("-Djava.security.manager -Djava.security.policy=");
                sb.append(this.outputFile.getAbsolutePath().replace('\\', '/'));
                properties.setProperty("argLine", sb.toString());
            } finally {
            }
        } catch (IOException e) {
            throw new MojoFailureException(String.format("Failed to write %s", this.outputFile), e);
        }
    }
}
