package com.synametrics.sradef.config;

import com.synametrics.commons.util.HostInfo;
import com.synametrics.commons.util.TGlob;
import com.synametrics.commons.util.TokenHolder;
import com.synametrics.commons.util.config.ConfigurationAdapter;
import com.synametrics.commons.util.logging.LoggingFW;
import com.synametrics.sradef.contract.SecurityDelegate;
import java.io.File;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Vector;
import org.apache.tools.ant.types.selectors.FilenameSelector;
import org.apache.tools.mail.MailMessage;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/synametrics/sradef/config/SecurityManager.class */
public class SecurityManager extends ConfigurationAdapter {
    public static final String PUBLIC_ROLE = "public";
    private static SecurityManager singleton = null;
    private static final String CONFIG_FILE_NAME = String.valueOf(StaticConfig.getInstance().getConfigFolder()) + "umap.dat";
    private boolean rolesEnabled = false;
    private SecurityDelegate securityDelegate = null;
    private List<SecurityHolder> users = new Vector(10);
    private List<RoleHolder> roles = new Vector(10);
    private List<UserRoleHolder> userRoles = new Vector(10);

    /* loaded from: input_file:com/synametrics/sradef/config/SecurityManager$RoleHolder.class */
    public class RoleHolder {
        private String roleName;
        private int level;

        public RoleHolder() {
        }

        public String getRoleName() {
            return this.roleName;
        }

        public int getLevel() {
            return this.level;
        }

        public String toString() {
            return String.valueOf(this.roleName) + " - " + this.level;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/synametrics/sradef/config/SecurityManager$SecurityHolder.class */
    public class SecurityHolder {
        private String name;
        private String password;
        private String allowedIP;
        private int level;
        private boolean encrypted;

        SecurityHolder() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getPassword() {
            return this.encrypted ? TGlob.decryptPassword(this.password, 32) : this.password;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean isAllowedIP(String str) {
            return SecurityManager.searchForAllowedIP(this.allowedIP, str);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setPassword(String str) {
            if (this.encrypted) {
                this.password = TGlob.encryptPassword(str, 32);
            } else {
                this.password = str;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/synametrics/sradef/config/SecurityManager$UserRoleHolder.class */
    public class UserRoleHolder {
        private String userName;
        private String roleName;

        UserRoleHolder() {
        }
    }

    private SecurityManager() {
        readConfig();
    }

    public void addRole(String str, int i) {
        RoleHolder roleHolder = new RoleHolder();
        roleHolder.roleName = str;
        roleHolder.level = i;
        this.roles.add(roleHolder);
    }

    public void addUser(String str, String str2, String str3, int i) {
        addUser(str, str2, str3, i, true);
    }

    public void addUser(String str, String str2, String str3, int i, boolean z) {
        SecurityHolder user = getUser(str);
        if (user == null) {
            user = new SecurityHolder();
            this.users.add(user);
        }
        user.encrypted = z;
        user.name = str;
        user.allowedIP = str3 == null ? "" : str3;
        user.level = i;
        user.setPassword(str2);
    }

    public boolean alterIPRestriction(String str, String str2) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                if (str2 != null) {
                    securityHolder.allowedIP = str2.trim();
                    return true;
                }
                securityHolder.allowedIP = "";
                return true;
            }
        }
        return false;
    }

    public boolean alterIPRestriction(int i, String str) {
        boolean z = false;
        for (int i2 = 0; i2 < this.users.size(); i2++) {
            SecurityHolder securityHolder = this.users.get(i2);
            if (securityHolder.level == i) {
                if (str != null) {
                    securityHolder.allowedIP = str.trim();
                } else {
                    securityHolder.allowedIP = "";
                }
                z = true;
            }
        }
        return z;
    }

    public boolean alterPwd(String str, String str2, String str3) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                securityHolder.setPassword(str2);
                if (str3 != null) {
                    securityHolder.allowedIP = str3.trim();
                    return true;
                }
                securityHolder.allowedIP = "";
                return true;
            }
        }
        return false;
    }

    public boolean alterUserId(String str, String str2) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                securityHolder.name = str2;
                return true;
            }
        }
        return false;
    }

    public int checkUser(String str, String str2, String str3) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equalsIgnoreCase(str) && securityHolder.getPassword().equals(str2) && (str3 == null || str3.length() <= 0 || securityHolder.isAllowedIP(str3))) {
                int i2 = securityHolder.level;
                if (this.rolesEnabled) {
                    List<RoleHolder> rolesForUser = getRolesForUser(securityHolder.name);
                    for (int i3 = 0; i3 < rolesForUser.size(); i3++) {
                        i2 |= rolesForUser.get(i).level;
                    }
                }
                return i2;
            }
        }
        if (this.securityDelegate != null) {
            return this.securityDelegate.check(str, str2, str3);
        }
        return -1;
    }

    public void ensurePublicRole() {
        if (this.rolesEnabled) {
            boolean z = false;
            if (getRoleLevel(PUBLIC_ROLE) == -1) {
                addRole(PUBLIC_ROLE, 0);
                z = true;
            }
            for (int i = 0; i < this.users.size(); i++) {
                List<RoleHolder> rolesForUser = getRolesForUser(this.users.get(i).name);
                boolean z2 = false;
                int i2 = 0;
                while (true) {
                    if (i2 >= rolesForUser.size()) {
                        break;
                    }
                    if (rolesForUser.get(i2).roleName.equals(PUBLIC_ROLE)) {
                        z2 = true;
                        break;
                    }
                    i2++;
                }
                if (!z2) {
                    UserRoleHolder userRoleHolder = new UserRoleHolder();
                    userRoleHolder.roleName = PUBLIC_ROLE;
                    userRoleHolder.userName = this.users.get(i).name;
                    this.userRoles.add(userRoleHolder);
                    z = true;
                }
            }
            if (z) {
                saveConfig();
            }
        }
    }

    public static SecurityManager getInstance() {
        if (singleton == null) {
            singleton = new SecurityManager();
        }
        return singleton;
    }

    public List<String> getAllRoles() {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.roles.size(); i++) {
            arrayList.add(this.roles.get(i).toString());
        }
        return arrayList;
    }

    public String[] getAllUsers() {
        String[] strArr = new String[this.users.size()];
        for (int i = 0; i < this.users.size(); i++) {
            strArr[i] = this.users.get(i).name;
        }
        return strArr;
    }

    public String getConfigFileName() {
        return CONFIG_FILE_NAME;
    }

    public String getIPRestriction(String str) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                return securityHolder.allowedIP == null ? "" : securityHolder.allowedIP;
            }
        }
        return this.securityDelegate != null ? this.securityDelegate.getAllowedIP(str) : "";
    }

    public String getIPRestriction(int i) {
        for (int i2 = 0; i2 < this.users.size(); i2++) {
            SecurityHolder securityHolder = this.users.get(i2);
            if (securityHolder.level == i) {
                return securityHolder.allowedIP == null ? "" : securityHolder.allowedIP;
            }
        }
        return "";
    }

    public String getPassword(String str) {
        return getPassword(str, true);
    }

    public String getPassword(String str, boolean z) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (z) {
                if (securityHolder.name.equals(str)) {
                    return securityHolder.getPassword();
                }
            } else if (securityHolder.name.equalsIgnoreCase(str)) {
                return securityHolder.getPassword();
            }
        }
        if (this.securityDelegate != null) {
            return this.securityDelegate.getPassword(str);
        }
        return null;
    }

    private RoleHolder getRole(String str) {
        for (int i = 0; i < this.roles.size(); i++) {
            if (this.roles.get(i).roleName.equalsIgnoreCase(str)) {
                return this.roles.get(i);
            }
        }
        return null;
    }

    public int getRoleLevel(String str) {
        for (int i = 0; i < this.roles.size(); i++) {
            if (this.roles.get(i).roleName.equalsIgnoreCase(str)) {
                return this.roles.get(i).level;
            }
        }
        return -1;
    }

    public List<RoleHolder> getRolesForUser(String str) {
        RoleHolder role;
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.userRoles.size(); i++) {
            if (this.userRoles.get(i).userName.equals(str) && (role = getRole(this.userRoles.get(i).roleName)) != null) {
                arrayList.add(role);
            }
        }
        return arrayList;
    }

    public int getUserCountForALevel(int i) {
        int i2 = 0;
        for (int i3 = 0; i3 < this.users.size(); i3++) {
            if (this.users.get(i3).level == i) {
                i2++;
            }
        }
        return i2;
    }

    public int getUserLevel(String str) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                return securityHolder.level;
            }
        }
        return -1;
    }

    private SecurityHolder getUser(String str) {
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (securityHolder.name.equals(str)) {
                return securityHolder;
            }
        }
        return null;
    }

    public boolean initializeSecurity(String str, String str2, boolean z) {
        File file = new File(CONFIG_FILE_NAME);
        if (file.exists() && z) {
            file.delete();
        }
        if (new File(CONFIG_FILE_NAME).exists()) {
            return false;
        }
        addUser(str, str2, "", 1);
        saveConfig();
        return true;
    }

    public boolean isRolesEnabled() {
        return this.rolesEnabled;
    }

    private boolean readConfig() {
        Node goDeepAndGetElementNode;
        if (!new File(CONFIG_FILE_NAME).exists() || !readConfigFile(CONFIG_FILE_NAME)) {
            return false;
        }
        this.rolesEnabled = getEmbeddedNodeValue("rolesEnabled", "false").equals("true");
        try {
            NodeList childNodes = goDeepAndGetElementNode("users", 2).getChildNodes();
            HashSet hashSet = new HashSet();
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1) {
                    Element element = (Element) item;
                    if (element.hasAttribute(FilenameSelector.NAME_KEY) && element.hasAttribute("password") && element.hasAttribute("encrypted") && element.hasAttribute("level")) {
                        SecurityHolder securityHolder = new SecurityHolder();
                        securityHolder.name = element.getAttribute(FilenameSelector.NAME_KEY);
                        securityHolder.password = element.getAttribute("password");
                        securityHolder.level = Integer.parseInt(element.getAttribute("level"));
                        securityHolder.encrypted = element.getAttribute("encrypted").equalsIgnoreCase("true");
                        if (element.hasAttribute("allowedIP")) {
                            securityHolder.allowedIP = element.getAttribute("allowedIP");
                        } else {
                            securityHolder.allowedIP = "";
                        }
                        if (hashSet.contains(securityHolder.name)) {
                            LoggingFW.log(20000, this, "Skipping " + securityHolder.name + ". It is a duplicate.");
                        } else {
                            hashSet.add(securityHolder.name);
                            this.users.add(securityHolder);
                        }
                    } else {
                        LoggingFW.log(30000, this, "Incomplete parameter node found in XML. Will skip it");
                    }
                }
            }
            if (!this.rolesEnabled || (goDeepAndGetElementNode = goDeepAndGetElementNode("roles", 2)) == null) {
                return true;
            }
            NodeList childNodes2 = goDeepAndGetElementNode.getChildNodes();
            for (int i2 = 0; i2 < childNodes2.getLength(); i2++) {
                Node item2 = childNodes2.item(i2);
                if (item2.getNodeType() == 1) {
                    Element element2 = (Element) item2;
                    if (element2.hasAttribute("roleName") && element2.hasAttribute("level")) {
                        RoleHolder roleHolder = new RoleHolder();
                        roleHolder.roleName = element2.getAttribute("roleName");
                        roleHolder.level = Integer.parseInt(element2.getAttribute("level"));
                        this.roles.add(roleHolder);
                    } else {
                        LoggingFW.log(30000, this, "Incomplete parameter node found in XML. Will skip it");
                    }
                }
            }
            return true;
        } catch (Exception e) {
            LoggingFW.log(40000, this, e.getMessage());
            return false;
        }
    }

    public void reloadCache() {
        singleton = new SecurityManager();
    }

    public boolean removeDuplicateUsers() {
        HashSet hashSet = new HashSet();
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            if (hashSet.contains(securityHolder.name)) {
                arrayList.add(securityHolder.name);
            } else {
                hashSet.add(securityHolder.name);
            }
        }
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            removeUser((String) arrayList.get(i2));
        }
        return arrayList.size() > 0;
    }

    public boolean removeUser(String str) {
        int i = -1;
        int i2 = 0;
        while (true) {
            if (i2 >= this.users.size()) {
                break;
            }
            if (this.users.get(i2).name.equals(str)) {
                i = i2;
                break;
            }
            i2++;
        }
        for (int size = this.userRoles.size() - 1; size >= 0; size--) {
            if (this.userRoles.get(size).userName.equals(str)) {
                this.userRoles.remove(size);
            }
        }
        if (i < 0) {
            return false;
        }
        this.users.remove(i);
        return true;
    }

    public boolean saveConfig() {
        LoggingFW.log(10000, this, "About to a save profile. File name is " + CONFIG_FILE_NAME);
        this.document = createNewDocument();
        Element createElement = this.document.createElement("userMapping");
        this.document.appendChild(createElement);
        addElementWithValue(createElement, "rolesEnabled", new StringBuilder().append(this.rolesEnabled).toString(), 1);
        Node createElement2 = this.document.createElement("users");
        createElement.appendChild(extraPadding(1));
        createElement.appendChild(createElement2);
        for (int i = 0; i < this.users.size(); i++) {
            SecurityHolder securityHolder = this.users.get(i);
            Element createElement3 = this.document.createElement("user");
            if (!securityHolder.encrypted) {
                String str = securityHolder.password;
                securityHolder.encrypted = true;
                securityHolder.setPassword(str);
            }
            createElement3.setAttribute(FilenameSelector.NAME_KEY, securityHolder.name);
            createElement3.setAttribute("password", securityHolder.password);
            createElement3.setAttribute("allowedIP", securityHolder.allowedIP == null ? "" : securityHolder.allowedIP);
            createElement3.setAttribute("level", new StringBuilder().append(securityHolder.level).toString());
            createElement3.setAttribute("encrypted", new StringBuilder().append(securityHolder.encrypted).toString());
            createElement2.appendChild(extraPadding(2));
            createElement2.appendChild(createElement3);
        }
        createElement2.appendChild(extraPadding(1));
        if (this.rolesEnabled) {
            Node createElement4 = this.document.createElement("roles");
            createElement.appendChild(extraPadding(1));
            createElement.appendChild(createElement4);
            for (int i2 = 0; i2 < this.roles.size(); i2++) {
                RoleHolder roleHolder = this.roles.get(i2);
                Element createElement5 = this.document.createElement("role");
                createElement5.setAttribute("roleName", roleHolder.roleName);
                createElement5.setAttribute("level", new StringBuilder().append(roleHolder.level).toString());
                createElement4.appendChild(extraPadding(2));
                createElement4.appendChild(createElement5);
            }
            createElement4.appendChild(extraPadding(1));
            Node createElement6 = this.document.createElement("userRoles");
            createElement.appendChild(extraPadding(1));
            createElement.appendChild(createElement6);
            for (int i3 = 0; i3 < this.userRoles.size(); i3++) {
                UserRoleHolder userRoleHolder = this.userRoles.get(i3);
                Element createElement7 = this.document.createElement("userRole");
                createElement7.setAttribute("roleName", userRoleHolder.roleName);
                createElement7.setAttribute("userName", userRoleHolder.userName);
                createElement6.appendChild(extraPadding(2));
                createElement6.appendChild(createElement7);
            }
            createElement6.appendChild(extraPadding(1));
        }
        createElement.appendChild(extraPadding(0));
        saveDocument(CONFIG_FILE_NAME);
        return true;
    }

    public static boolean searchForAllowedIP(String str, String str2) {
        if (str2 == null || str2.length() == 0 || str2.startsWith("127.0.0.") || str2.startsWith("0:0:0:0:0:0:0:1") || str == null || str.trim().length() == 0) {
            return true;
        }
        if (str.indexOf(MailMessage.DEFAULT_HOST) >= 0 && HostInfo.isValidLocalIP(str2)) {
            return true;
        }
        if (str.indexOf("intranet") >= 0 && (str2.startsWith("192.168.") || str2.startsWith("10."))) {
            return true;
        }
        TokenHolder tokenHolder = new TokenHolder(str, "|");
        for (int i = 0; i < tokenHolder.getTokenCount(); i++) {
            String tokenAt = tokenHolder.getTokenAt(i);
            if (tokenAt.endsWith("*")) {
                if (str2.indexOf(tokenAt.substring(0, tokenAt.length() - 1)) == 0) {
                    return true;
                }
            } else if (tokenAt.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    public void setRolesEnabled(boolean z) {
        this.rolesEnabled = z;
    }

    public void setSecurityDelegate(SecurityDelegate securityDelegate) {
        this.securityDelegate = securityDelegate;
    }
}
