package oracle.stellent.ridc.convenience.usersecurity.impl;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import oracle.stellent.ridc.IdcClientException;
import oracle.stellent.ridc.common.log.ILog;
import oracle.stellent.ridc.common.log.LogFactory;
import oracle.stellent.ridc.convenience.usersecurity.IAccessResolver;
import oracle.stellent.ridc.convenience.usersecurity.ITrace;
import oracle.stellent.ridc.i18n.locale.RIDCMessages;
import oracle.stellent.ridc.model.DataBinder;
import oracle.stellent.ridc.model.DataObject;
import oracle.stellent.ridc.model.DataResultSet;
import oracle.stellent.ridc.model.impl.DataFactoryImpl;
import oracle.stellent.ridc.model.serialize.HdaBinderSerializer;

/* loaded from: classes3.dex */
public class AccessResolverAcl implements IAccessResolver {
    protected AliasCache m_aliasCache;
    protected CSEnvCache m_csEnvCache;
    protected ILog m_log = LogFactory.getLog(getClass());

    public AccessResolverAcl(CSEnvCache cSEnvCache) {
        this.m_csEnvCache = null;
        this.m_aliasCache = null;
        this.m_csEnvCache = cSEnvCache;
        this.m_aliasCache = new AliasCache(cSEnvCache);
    }

    private Set<String> getUserRoles(Map<String, Map<String, Integer>> map) {
        Map<String, Integer> map2;
        HashSet hashSet = new HashSet();
        return (map == null || (map2 = map.get("role")) == null) ? hashSet : map2.keySet();
    }

    private Map<String, Map<String, Integer>> parseUserAttribInfo(DataBinder dataBinder, ITrace iTrace) throws IdcClientException {
        String str;
        HashMap hashMap = new HashMap();
        String user = this.m_csEnvCache.getServiceCallUtils().getUser(dataBinder);
        if (user == null || user.length() < 1) {
            throw new IdcClientException(RIDCMessages.convenience_usersecurity_username_cannot_be_null_or_empty());
        }
        DataResultSet resultSet = dataBinder.getResultSet("UserAttribInfo");
        if (resultSet == null) {
            if (iTrace != null) {
                HdaBinderSerializer hdaBinderSerializer = new HdaBinderSerializer("UTF-8", new DataFactoryImpl());
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    hdaBinderSerializer.serializeBinder(byteArrayOutputStream, dataBinder);
                    str = byteArrayOutputStream.toString();
                } catch (IOException unused) {
                    str = "cannot get binder";
                }
                iTrace.addTrace(ITrace.Kind.acl, String.format("UserAttribInfo resultset missing in binder\n%s", str));
            }
            throw new IdcClientException(RIDCMessages.convenience_usersecurity_userattribinfo_not_found());
        }
        for (DataObject dataObject : resultSet.getRows()) {
            if (user.equals(dataObject.get("dUserName"))) {
                String str2 = dataObject.get("AttributeInfo");
                if (str2 == null) {
                    return hashMap;
                }
                String str3 = "";
                int i = 0;
                String str4 = "";
                for (String str5 : str2.split(",")) {
                    if (i == 0) {
                        str3 = str5;
                    } else if (i == 1) {
                        str4 = str5;
                    } else if (i == 2) {
                        if (!hashMap.containsKey(str3)) {
                            hashMap.put(str3, new HashMap());
                        }
                        ((Map) hashMap.get(str3)).put(str4, Integer.valueOf(str5));
                    }
                    i = (i + 1) % 3;
                }
            }
        }
        return hashMap;
    }

    @Override // oracle.stellent.ridc.convenience.usersecurity.IAccessResolver
    public void clearCache() {
        clearCache(null);
    }

    @Override // oracle.stellent.ridc.convenience.usersecurity.IAccessResolver
    public void clearCache(ITrace iTrace) {
        this.m_aliasCache.clearCache(iTrace);
    }

    @Override // oracle.stellent.ridc.convenience.usersecurity.IAccessResolver
    @Deprecated
    public Integer resolveAccessLevel(DataObject dataObject, DataBinder dataBinder) {
        try {
            return resolveAccessLevel(dataObject, dataBinder, null);
        } catch (IdcClientException e) {
            this.m_log.log(e.getMessage(), ILog.Level.ERROR);
            return null;
        }
    }

    @Override // oracle.stellent.ridc.convenience.usersecurity.IAccessResolver
    public Integer resolveAccessLevel(DataObject dataObject, DataBinder dataBinder, ITrace iTrace) throws IdcClientException {
        if (!this.m_csEnvCache.isUsingAcl(iTrace)) {
            return null;
        }
        if (dataObject == null) {
            throw new IdcClientException(RIDCMessages.convenience_usersecurity_null_dataobject_not_allowed());
        }
        if (dataBinder == null) {
            throw new IdcClientException(RIDCMessages.convenience_usersecurity_null_databinder_not_allowed());
        }
        String user = this.m_csEnvCache.getServiceCallUtils().getUser(dataBinder);
        if (user == null || user.length() < 1) {
            throw new IdcClientException(RIDCMessages.convenience_usersecurity_username_cannot_be_null_or_empty());
        }
        if (iTrace != null) {
            iTrace.addTraceStartSection(ITrace.Kind.acl, String.format("resolveAccessLevel() in AccessResolverAcl", new Object[0]));
        }
        if (!this.m_csEnvCache.isInSpecialAuthGroups(dataObject.get("dSecurityGroup"), iTrace)) {
            if (iTrace != null) {
                iTrace.addTraceEndSection();
            }
            return null;
        }
        AclListInfo aclListInfo = new AclListInfo(this.m_csEnvCache, dataObject, iTrace);
        if (!aclListInfo.isAclListChecked(iTrace)) {
            if (iTrace != null) {
                iTrace.addTraceEndSection();
            }
            return null;
        }
        Integer valueOf = Integer.valueOf(aclListInfo.getUserListAccess(user));
        if (iTrace != null) {
            iTrace.addTrace(ITrace.Kind.acl, String.format("User (&'%s') access = %s", user, valueOf));
        }
        for (String str : aclListInfo.getAliasNames()) {
            if (this.m_aliasCache.isUserInAlias(user, str, iTrace)) {
                valueOf = Integer.valueOf(valueOf.intValue() | aclListInfo.getAliasListAccess(str, iTrace));
            }
        }
        Iterator<String> it = getUserRoles(parseUserAttribInfo(dataBinder, iTrace)).iterator();
        while (it.hasNext()) {
            valueOf = Integer.valueOf(valueOf.intValue() | aclListInfo.getRoleListAccess(it.next(), iTrace));
        }
        if (iTrace != null) {
            iTrace.addTrace(ITrace.Kind.acl, String.format("ACL access = %s", valueOf));
            iTrace.addTraceEndSection();
        }
        return valueOf;
    }
}
