package org.apache.qpid.server.security.access.plugins;

import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.configuration.Configuration;
import org.apache.qpid.AMQConnectionException;
import org.apache.qpid.framing.AMQMethodBody;
import org.apache.qpid.framing.AMQShortString;
import org.apache.qpid.framing.BasicPublishBody;
import org.apache.qpid.protocol.AMQConstant;
import org.apache.qpid.server.exchange.Exchange;
import org.apache.qpid.server.handler.ExchangeBoundHandler;
import org.apache.qpid.server.protocol.AMQProtocolSession;
import org.apache.qpid.server.security.access.ACLManager;
import org.apache.qpid.server.security.access.ACLPlugin;
import org.apache.qpid.server.security.access.AccessResult;
import org.apache.qpid.server.security.access.Permission;
import org.apache.qpid.server.security.access.PrincipalPermissions;

/* loaded from: input_file:org/apache/qpid/server/security/access/plugins/SimpleXML.class */
public class SimpleXML implements ACLPlugin {
    private final AccessResult GRANTED = new AccessResult(this, AccessResult.AccessStatus.GRANTED);
    private Map<String, PrincipalPermissions> _users = new ConcurrentHashMap();

    /* renamed from: org.apache.qpid.server.security.access.plugins.SimpleXML$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/qpid/server/security/access/plugins/SimpleXML$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$qpid$server$security$access$Permission = new int[Permission.values().length];

        static {
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.ACCESS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.BIND.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.CONSUME.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.CREATE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.PUBLISH.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.PURGE.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.DELETE.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$access$Permission[Permission.UNBIND.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
        }
    }

    @Override // org.apache.qpid.server.security.access.ACLPlugin
    public void setConfiguaration(Configuration configuration) {
        processConfig(configuration);
    }

    private void processConfig(Configuration configuration) {
        processPublish(configuration);
        processConsume(configuration);
        processCreate(configuration);
    }

    private void processPublish(Configuration configuration) {
        Configuration subset = configuration.subset("security.access_control_list.publish");
        for (String str : subset.getStringArray("users.user")) {
            grant(Permission.PUBLISH, str, new Object[0]);
        }
        int i = 0;
        Configuration subset2 = subset.subset("exchanges.exchange(0)");
        while (true) {
            Configuration configuration2 = subset2;
            if (configuration2.isEmpty()) {
                return;
            }
            AMQShortString aMQShortString = new AMQShortString(configuration2.getString("name"));
            int i2 = 0;
            Configuration subset3 = configuration2.subset("routing_keys.routing_key(0)");
            while (true) {
                Configuration configuration3 = subset3;
                if (configuration3.isEmpty()) {
                    break;
                }
                AMQShortString aMQShortString2 = new AMQShortString(configuration3.getString("value"));
                for (String str2 : configuration3.getStringArray("users.user")) {
                    grant(Permission.PUBLISH, str2, aMQShortString, aMQShortString2);
                }
                i2++;
                subset3 = configuration2.subset("routing_keys.routing_key(" + i2 + ")");
            }
            for (String str3 : configuration2.getStringArray("exchange(" + i + ").users.user")) {
                grant(Permission.PUBLISH, str3, aMQShortString);
            }
            i++;
            subset2 = subset.subset("exchanges.exchange(" + i + ")");
        }
    }

    private void grant(Permission permission, String str, Object... objArr) {
        PrincipalPermissions principalPermissions = this._users.get(str);
        if (principalPermissions == null) {
            principalPermissions = new PrincipalPermissions(str);
        }
        this._users.put(str, principalPermissions);
        principalPermissions.grant(permission, objArr);
    }

    private void processConsume(Configuration configuration) {
        Configuration subset = configuration.subset("security.access_control_list.consume");
        int i = 0;
        Configuration subset2 = subset.subset("queues.queue(0)");
        while (true) {
            Configuration configuration2 = subset2;
            if (configuration2.isEmpty()) {
                break;
            }
            AMQShortString aMQShortString = new AMQShortString(configuration2.getString("name"));
            boolean containsKey = configuration2.containsKey("temporary");
            boolean containsKey2 = configuration2.containsKey("own_queues");
            for (String str : configuration2.getStringArray("users.user")) {
                grant(Permission.CONSUME, str, aMQShortString, Boolean.valueOf(containsKey), Boolean.valueOf(containsKey2));
            }
            i++;
            subset2 = subset.subset("queues.queue(" + i + ")");
        }
        for (String str2 : subset.getStringArray("users.user")) {
            grant(Permission.CONSUME, str2, new Object[0]);
        }
    }

    private void processCreate(Configuration configuration) {
        Configuration configuration2;
        Configuration subset = configuration.subset("security.access_control_list.create");
        int i = 0;
        Configuration subset2 = subset.subset("queues.queue(0)");
        while (true) {
            configuration2 = subset2;
            if (configuration2.isEmpty()) {
                break;
            }
            AMQShortString aMQShortString = new AMQShortString(configuration2.getString("name"));
            boolean containsKey = configuration2.containsKey("temporary");
            int i2 = 0;
            Configuration subset3 = configuration2.subset("exchanges.exchange(0)");
            while (true) {
                Configuration configuration3 = subset3;
                if (configuration3.isEmpty()) {
                    break;
                }
                AMQShortString aMQShortString2 = new AMQShortString(configuration3.getString("name"));
                AMQShortString aMQShortString3 = new AMQShortString(configuration3.getString("routing_key"));
                for (String str : configuration3.getStringArray("users.user")) {
                    Permission permission = Permission.CREATE;
                    Object[] objArr = new Object[4];
                    objArr[0] = Boolean.valueOf(containsKey);
                    objArr[1] = aMQShortString.equals("") ? null : aMQShortString;
                    objArr[2] = aMQShortString2.equals("") ? null : aMQShortString2;
                    objArr[3] = aMQShortString3.equals("") ? null : aMQShortString3;
                    grant(permission, str, objArr);
                }
                i2++;
                subset3 = configuration2.subset("exchanges.exchange(" + i2 + ")");
            }
            for (String str2 : configuration2.getStringArray("users.user")) {
                grant(Permission.CREATE, str2, Boolean.valueOf(containsKey), aMQShortString);
            }
            i++;
            subset2 = subset.subset("queues.queue(" + i + ")");
        }
        int i3 = 0;
        Configuration subset4 = subset.subset("exchanges.exchange(0)");
        while (true) {
            Configuration configuration4 = subset4;
            if (configuration4.isEmpty()) {
                break;
            }
            Object aMQShortString4 = new AMQShortString(configuration4.getString("name"));
            Object aMQShortString5 = new AMQShortString(configuration4.getString("class"));
            for (String str3 : configuration4.getStringArray("users.user")) {
                grant(Permission.CREATE, str3, aMQShortString4, aMQShortString5);
            }
            i3++;
            subset4 = configuration2.subset("exchanges.exchange(" + i3 + ")");
        }
        for (String str4 : subset.getStringArray("users.user")) {
            grant(Permission.CREATE, str4, new Object[0]);
        }
    }

    @Override // org.apache.qpid.server.security.access.ACLPlugin
    public String getPluginName() {
        return "Simple";
    }

    @Override // org.apache.qpid.server.security.access.ACLPlugin
    public AccessResult authorise(AMQProtocolSession aMQProtocolSession, Permission permission, AMQMethodBody aMQMethodBody, Object... objArr) throws AMQConnectionException {
        if (ACLManager.getLogger().isInfoEnabled()) {
            ACLManager.getLogger().info("Simple Authorisation processing user:" + aMQProtocolSession.getAuthorizedID() + " for :" + permission.toString() + " on " + aMQMethodBody.getClass().getSimpleName() + ((objArr == null || objArr.length == 0) ? "" : "-" + AllowAll.accessablesToString(objArr)));
        }
        PrincipalPermissions principalPermissions = this._users.get(aMQProtocolSession.getAuthorizedID().getName());
        if (principalPermissions != null) {
            switch (AnonymousClass1.$SwitchMap$org$apache$qpid$server$security$access$Permission[permission.ordinal()]) {
                case 1:
                    return this.GRANTED;
                case ExchangeBoundHandler.QUEUE_NOT_FOUND /* 2 */:
                    if (objArr.length == 3 && principalPermissions.authorise(Permission.BIND, aMQMethodBody, objArr[0], objArr[1], objArr[2])) {
                        return this.GRANTED;
                    }
                    break;
                case ExchangeBoundHandler.NO_BINDINGS /* 3 */:
                    if (objArr.length == 1 && principalPermissions.authorise(Permission.CONSUME, objArr[0])) {
                        return this.GRANTED;
                    }
                    break;
                case ExchangeBoundHandler.QUEUE_NOT_BOUND /* 4 */:
                    if (principalPermissions.authorise(Permission.CREATE, aMQMethodBody)) {
                        return this.GRANTED;
                    }
                    break;
                case ExchangeBoundHandler.NO_QUEUE_BOUND_WITH_RK /* 5 */:
                    if (objArr.length == 1 && (objArr[0] instanceof Exchange) && principalPermissions.authorise(Permission.PUBLISH, ((Exchange) objArr[0]).getName(), ((BasicPublishBody) aMQMethodBody).getRoutingKey())) {
                        return this.GRANTED;
                    }
                    break;
            }
        }
        throw aMQMethodBody.getConnectionException(AMQConstant.ACCESS_REFUSED, "");
    }
}
