package org.apache.jetspeed.layout.impl;

import java.util.LinkedList;
import java.util.Map;
import java.util.StringTokenizer;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.ajax.AJAXException;
import org.apache.jetspeed.ajax.AjaxAction;
import org.apache.jetspeed.ajax.AjaxBuilder;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.JetspeedPermission;
import org.apache.jetspeed.security.PermissionManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.impl.TransientRole;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jetspeed/layout/impl/SecurityPermissionAction.class */
public class SecurityPermissionAction extends BasePortletAction implements AjaxAction, AjaxBuilder, Constants {
    protected static final Logger log = LoggerFactory.getLogger(SecurityPermissionAction.class);
    protected PermissionManager pm;

    public SecurityPermissionAction(String str, String str2, PermissionManager permissionManager, PortletActionSecurityBehavior portletActionSecurityBehavior) {
        super(str, str2, portletActionSecurityBehavior);
        this.pm = null;
        this.pm = permissionManager;
    }

    public boolean run(RequestContext requestContext, Map map) throws AJAXException {
        String actionParameter;
        int removePermission;
        boolean z = true;
        try {
            map.put(Constants.ACTION, "permissions");
            actionParameter = getActionParameter(requestContext, "method");
        } catch (Exception e) {
            log.error("exception administering portal permissions", e);
            map.put(Constants.REASON, e.toString());
            z = false;
        }
        if (actionParameter == null) {
            throw new RuntimeException("Method not provided");
        }
        map.put("method", actionParameter);
        if (false == checkAccess(requestContext, JetspeedActions.EDIT)) {
            map.put(Constants.REASON, "Insufficient access to administer portal permissions");
            return false;
        }
        if (actionParameter.equals("add")) {
            removePermission = addPermission(requestContext, map);
        } else if (actionParameter.equals("update")) {
            removePermission = updatePermission(requestContext, map);
        } else {
            if (!actionParameter.equals("remove")) {
                map.put(Constants.REASON, "Unsupported portal permissions method: " + actionParameter);
                return false;
            }
            removePermission = removePermission(requestContext, map);
        }
        map.put("count", Integer.toString(removePermission));
        map.put("resource", getActionParameter(requestContext, "resource"));
        map.put(Constants.TYPE, getActionParameter(requestContext, Constants.TYPE));
        map.put("actions", getActionParameter(requestContext, "actions"));
        map.put(Constants.ROLES, getActionParameter(requestContext, Constants.ROLES));
        map.put(Constants.STATUS, "success");
        return z;
    }

    protected int addPermission(RequestContext requestContext, Map map) throws AJAXException {
        try {
            String actionParameter = getActionParameter(requestContext, Constants.TYPE);
            if (actionParameter == null) {
                throw new AJAXException("Missing 'type' parameter");
            }
            String actionParameter2 = getActionParameter(requestContext, "resource");
            if (actionParameter2 == null) {
                throw new AJAXException("Missing 'resource' parameter");
            }
            String actionParameter3 = getActionParameter(requestContext, "actions");
            if (actionParameter3 == null) {
                throw new AJAXException("Missing 'actions' parameter");
            }
            JetspeedPermission newPermission = this.pm.newPermission(actionParameter, actionParameter2, actionParameter3);
            if (this.pm.permissionExists(newPermission)) {
                throw new AJAXException("Permission " + actionParameter2 + " already exists");
            }
            this.pm.addPermission(newPermission);
            return updateRoles(newPermission, getActionParameter(requestContext, Constants.ROLES));
        } catch (SecurityException e) {
            throw new AJAXException(e.toString(), e);
        }
    }

    protected int updatePermission(RequestContext requestContext, Map map) throws AJAXException {
        try {
            String actionParameter = getActionParameter(requestContext, Constants.TYPE);
            if (actionParameter == null) {
                throw new AJAXException("Missing 'type' parameter");
            }
            String actionParameter2 = getActionParameter(requestContext, "resource");
            if (actionParameter2 == null) {
                throw new AJAXException("Missing 'resource' parameter");
            }
            String actionParameter3 = getActionParameter(requestContext, "actions");
            if (actionParameter3 == null) {
                throw new AJAXException("Missing 'actions' parameter");
            }
            String actionParameter4 = getActionParameter(requestContext, "oldactions");
            if (actionParameter4 == null) {
                actionParameter4 = actionParameter3;
            }
            JetspeedPermission newPermission = this.pm.newPermission(actionParameter, actionParameter2, actionParameter3);
            if (!actionParameter4.equals(actionParameter3)) {
                this.pm.updatePermission(newPermission);
            }
            return updateRoles(newPermission, getActionParameter(requestContext, Constants.ROLES));
        } catch (SecurityException e) {
            throw new AJAXException(e.toString(), e);
        }
    }

    protected int updateRoles(JetspeedPermission jetspeedPermission, String str) throws SecurityException {
        int i = 0;
        LinkedList linkedList = new LinkedList();
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                linkedList.add(new TransientRole(stringTokenizer.nextToken()));
                i++;
            }
        }
        this.pm.grantPermissionOnlyTo(jetspeedPermission, "role", linkedList);
        return i;
    }

    protected int removePermission(RequestContext requestContext, Map map) throws AJAXException {
        try {
            String actionParameter = getActionParameter(requestContext, Constants.TYPE);
            if (actionParameter == null) {
                throw new AJAXException("Missing 'type' parameter");
            }
            String actionParameter2 = getActionParameter(requestContext, "resource");
            if (actionParameter2 == null) {
                throw new AJAXException("Missing 'resource' parameter");
            }
            String actionParameter3 = getActionParameter(requestContext, "actions");
            if (actionParameter3 == null) {
                throw new AJAXException("Missing 'actions' parameter");
            }
            JetspeedPermission newPermission = this.pm.newPermission(actionParameter, actionParameter2, actionParameter3);
            if (!this.pm.permissionExists(newPermission)) {
                return 0;
            }
            this.pm.removePermission(newPermission);
            return 1;
        } catch (SecurityException e) {
            throw new AJAXException(e.toString(), e);
        }
    }
}
