package fr.osug.ipag.sphere.client.util;

import fr.osug.ipag.sphere.object.AccessRightsBean;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Iterator;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:fr/osug/ipag/sphere/client/util/SphereAccessRights.class */
public class SphereAccessRights {
    private static SphereAccessRights instance;
    private static final Log log = fr.osug.ipag.sphere.client.api.SphereLogger.getInstance().getLogDev();
    private static AccessRightsBean accessRights = null;
    private static String loggedUser = null;
    private static UserRole userRole = UserRole.user;
    private static Boolean restrictedUser = false;
    private static Boolean useDayInHash = false;
    private static Boolean useIpInHash = false;
    private static String clientSalt = null;
    private static BigInteger clientSaltMd5 = null;

    /* loaded from: input_file:fr/osug/ipag/sphere/client/util/SphereAccessRights$AccessRight.class */
    public enum AccessRight {
        none,
        full,
        all,
        select,
        insert,
        update,
        delete,
        selectAll,
        insertAll,
        updateAll,
        deleteAll
    }

    /* loaded from: input_file:fr/osug/ipag/sphere/client/util/SphereAccessRights$AccessRightsException.class */
    public class AccessRightsException extends Exception {
        private static final long serialVersionUID = 1;

        public AccessRightsException(String str) {
            super(str);
        }
    }

    /* loaded from: input_file:fr/osug/ipag/sphere/client/util/SphereAccessRights$UserGroup.class */
    public enum UserGroup {
        superuser,
        poweruser,
        mainuser,
        user,
        everyone,
        publicuser
    }

    /* loaded from: input_file:fr/osug/ipag/sphere/client/util/SphereAccessRights$UserRole.class */
    public enum UserRole {
        user,
        admin,
        manager,
        producer,
        dev,
        sandbox,
        guest,
        data_distribution,
        workflow_producer
    }

    public SphereAccessRights() {
        init();
    }

    protected void init() {
    }

    public static SphereAccessRights getInstance() {
        if (instance == null) {
            instance = new SphereAccessRights();
        }
        return instance;
    }

    public void checkUserACL(String str, String str2) throws AccessRightsException {
        checkUserACL(str, AccessRight.valueOf(str2));
    }

    public void checkUserACL(String str, AccessRight accessRight) throws AccessRightsException {
        if (accessRights == null) {
            throw new AccessRightsException("Cannot check " + accessRight.toString() + " on resource " + str + ". Access rights not initialized.");
        }
        if (str == null || accessRight == null) {
            throw new AccessRightsException("No resource or right to check.");
        }
        if (!checkACL(userRole, str, accessRight).booleanValue()) {
            throw new AccessRightsException(userRole + " " + accessRight.toString() + " not allowed on resource " + str + ".");
        }
    }

    public Boolean checkACL(UserRole userRole2, String str, AccessRight accessRight) {
        if (userRole2 == null || str == null || accessRight == null) {
            return false;
        }
        Boolean bool = false;
        Boolean valueOf = Boolean.valueOf(accessRight.name().endsWith("All"));
        ArrayList arrayList = new ArrayList();
        for (AccessRightsBean.Group group : accessRights.getGroups()) {
            Iterator it = group.getEntities().iterator();
            while (it.hasNext()) {
                if (((AccessRightsBean.GroupEntity) it.next()).getRole().equals(userRole2.toString())) {
                    arrayList.add(UserGroup.valueOf(group.getId()));
                }
            }
        }
        for (AccessRightsBean.Resource resource : accessRights.getResources()) {
            if (resource.getId().equals(str)) {
                for (AccessRightsBean.ResourceGrant resourceGrant : resource.getGrants()) {
                    if ((resourceGrant.getRole() != null && resourceGrant.getRole().equals(userRole2.toString())) || (resourceGrant.getGroup() != null && arrayList.contains(UserGroup.valueOf(resourceGrant.getGroup())))) {
                        Iterator it2 = resourceGrant.getRights().iterator();
                        while (true) {
                            if (it2.hasNext()) {
                                AccessRightsBean.ResourceRight resourceRight = (AccessRightsBean.ResourceRight) it2.next();
                                if (resourceRight.getValue().equals(AccessRight.none.toString())) {
                                    bool = false;
                                    break;
                                }
                                if (resourceRight.getValue().equals(accessRight.toString()) || ((!valueOf.booleanValue() && resourceRight.getValue().equals(AccessRight.all.toString())) || resourceRight.getValue().equals(AccessRight.full.toString()))) {
                                    bool = true;
                                }
                            }
                        }
                    }
                }
            }
        }
        return bool;
    }

    public Boolean hasAccessRight(String str, String str2) {
        return hasAccessRight(str, AccessRight.valueOf(str2));
    }

    public Boolean hasAccessRight(String str, AccessRight accessRight) {
        try {
            checkUserACL(str, accessRight);
            return true;
        } catch (AccessRightsException e) {
            return false;
        }
    }

    public AccessRightsBean getAccessRights() {
        return accessRights;
    }

    public void setAccessRights(AccessRightsBean accessRightsBean) {
        accessRights = accessRightsBean;
    }

    public String getLoggedUser() {
        return loggedUser;
    }

    public void setLoggedUser(String str) {
        loggedUser = str;
    }

    public UserRole getUserRole() {
        return userRole;
    }

    public void setUserRole(UserRole userRole2) {
        userRole = userRole2;
    }

    public String getClientSalt() {
        return clientSalt;
    }

    public void setClientSalt(String str) {
        clientSalt = str;
        clientSaltMd5 = new BigInteger(DigestUtils.md5(str));
        if (useDayInHash.booleanValue()) {
            clientSaltMd5 = clientSaltMd5.add(BigInteger.valueOf(Calendar.getInstance().get(6)));
        }
    }

    public BigInteger getClientSaltMd5() {
        return clientSaltMd5;
    }

    public void setClientSaltMd5(BigInteger bigInteger) {
        clientSaltMd5 = bigInteger;
    }

    public Boolean getUseDayInHash() {
        return useDayInHash;
    }

    public void setUseDayInHash(Boolean bool) {
        useDayInHash = bool;
    }

    public Boolean isRestrictedUser() {
        return restrictedUser;
    }

    public void setRestrictedUser(Boolean bool) {
        restrictedUser = bool;
    }

    public Boolean getUseIpInHash() {
        return useIpInHash;
    }

    public void setUseIpInHash(Boolean bool) {
        useIpInHash = bool;
    }
}
