package org.eclipse.dirigible.core.security.service;

import java.io.ByteArrayInputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.nio.charset.StandardCharsets;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.sql.DataSource;
import org.eclipse.dirigible.api.v3.security.UserFacade;
import org.eclipse.dirigible.commons.api.helpers.GsonHelper;
import org.eclipse.dirigible.core.security.api.AccessException;
import org.eclipse.dirigible.core.security.api.ISecurityCoreService;
import org.eclipse.dirigible.core.security.definition.AccessArtifact;
import org.eclipse.dirigible.core.security.definition.AccessDefinition;
import org.eclipse.dirigible.core.security.definition.RoleDefinition;
import org.eclipse.dirigible.database.persistence.PersistenceManager;
import org.eclipse.dirigible.database.sql.SqlFactory;

@Singleton
/* loaded from: input_file:WEB-INF/lib/dirigible-core-security-3.2.7.jar:org/eclipse/dirigible/core/security/service/SecurityCoreService.class */
public class SecurityCoreService implements ISecurityCoreService {

    @Inject
    private DataSource dataSource;

    @Inject
    private PersistenceManager<RoleDefinition> rolesPersistenceManager;

    @Inject
    private PersistenceManager<AccessDefinition> accessPersistenceManager;
    private static final List<AccessDefinition> CACHE = Collections.synchronizedList(new ArrayList());

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public RoleDefinition createRole(String str, String str2, String str3) throws AccessException {
        RoleDefinition roleDefinition = new RoleDefinition();
        roleDefinition.setName(str);
        roleDefinition.setLocation(str2);
        roleDefinition.setDescription(str3);
        roleDefinition.setCreatedBy(UserFacade.getName());
        roleDefinition.setCreatedAt(new Timestamp(new Date().getTime()));
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                this.rolesPersistenceManager.insert(connection, roleDefinition);
                if (connection != null) {
                    connection.close();
                }
                return roleDefinition;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public RoleDefinition getRole(String str) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                RoleDefinition find = this.rolesPersistenceManager.find(connection, RoleDefinition.class, str);
                if (connection != null) {
                    connection.close();
                }
                return find;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public boolean existsRole(String str) throws AccessException {
        return getRole(str) != null;
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public void removeRole(String str) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                this.rolesPersistenceManager.delete(connection, RoleDefinition.class, str);
                if (connection != null) {
                    connection.close();
                }
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public void updateRole(String str, String str2, String str3) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                RoleDefinition role = getRole(str);
                role.setLocation(str2);
                role.setDescription(str3);
                this.rolesPersistenceManager.update(connection, role);
                if (connection != null) {
                    connection.close();
                }
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<RoleDefinition> getRoles() throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                List<RoleDefinition> findAll = this.rolesPersistenceManager.findAll(connection, RoleDefinition.class);
                if (connection != null) {
                    connection.close();
                }
                return findAll;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public RoleDefinition[] parseRoles(String str) {
        return (RoleDefinition[]) GsonHelper.GSON.fromJson(str, RoleDefinition[].class);
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public RoleDefinition[] parseRoles(byte[] bArr) {
        return (RoleDefinition[]) GsonHelper.GSON.fromJson((Reader) new InputStreamReader(new ByteArrayInputStream(bArr), StandardCharsets.UTF_8), RoleDefinition[].class);
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public String serializeRoles(RoleDefinition[] roleDefinitionArr) {
        return GsonHelper.GSON.toJson(roleDefinitionArr);
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public AccessDefinition createAccessDefinition(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws AccessException {
        AccessDefinition accessDefinition = new AccessDefinition();
        accessDefinition.setLocation(str);
        accessDefinition.setScope(str2 != null ? str2 : "HTTP");
        accessDefinition.setPath(str3);
        accessDefinition.setMethod(str4);
        accessDefinition.setRole(str5);
        accessDefinition.setDescription(str6);
        accessDefinition.setHash(str7);
        accessDefinition.setCreatedBy(UserFacade.getName());
        accessDefinition.setCreatedAt(new Timestamp(new Date().getTime()));
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                this.accessPersistenceManager.insert(connection, accessDefinition);
                clearCache();
                if (connection != null) {
                    connection.close();
                }
                return accessDefinition;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public AccessDefinition getAccessDefinition(long j) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                AccessDefinition find = this.accessPersistenceManager.find(connection, AccessDefinition.class, Long.valueOf(j));
                if (connection != null) {
                    connection.close();
                }
                return find;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public AccessDefinition getAccessDefinition(String str, String str2, String str3, String str4) throws AccessException {
        Connection connection = null;
        try {
            try {
                String str5 = str != null ? str : "HTTP";
                Connection connection2 = this.dataSource.getConnection();
                List<AccessDefinition> query = this.accessPersistenceManager.query(connection2, AccessDefinition.class, SqlFactory.getNative(connection2).select().column("*").from("DIRIGIBLE_SECURITY_ACCESS").where("ACCESS_SCOPE = ?").where("ACCESS_PATH = ?").where("ACCESS_ROLE = ?").where("ACCESS_METHOD = ?").toString(), str5, str2, str4, str3);
                if (query.isEmpty()) {
                    if (connection2 != null) {
                        connection2.close();
                    }
                    return null;
                }
                if (query.size() > 1) {
                    throw new AccessException(MessageFormat.format("Security Access duplication for Scope: [{0}], Path: [{1}] and Method: [{2}] with Role: [{3}]", str5, str2, str3, str4));
                }
                AccessDefinition accessDefinition = query.get(0);
                if (connection2 != null) {
                    connection2.close();
                }
                return accessDefinition;
            } catch (Throwable th) {
                if (0 != 0) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public boolean existsAccessDefinition(String str, String str2, String str3, String str4) throws AccessException {
        return getAccessDefinition(str, str2, str3, str4) != null;
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public void removeAccessDefinition(long j) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                this.accessPersistenceManager.delete(connection, AccessDefinition.class, Long.valueOf(j));
                if (connection != null) {
                    connection.close();
                }
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public void updateAccessDefinition(long j, String str, String str2, String str3, String str4, String str5, String str6, String str7) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                AccessDefinition accessDefinition = getAccessDefinition(j);
                accessDefinition.setLocation(str);
                accessDefinition.setScope(str2 != null ? str2 : "HTTP");
                accessDefinition.setPath(str3);
                accessDefinition.setMethod(str4);
                accessDefinition.setRole(str5);
                accessDefinition.setDescription(str6);
                accessDefinition.setHash(str7);
                this.accessPersistenceManager.update(connection, accessDefinition);
                clearCache();
                if (connection != null) {
                    connection.close();
                }
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<AccessDefinition> getAccessDefinitions() throws AccessException {
        if (!CACHE.isEmpty()) {
            return Collections.unmodifiableList(CACHE);
        }
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                List<AccessDefinition> findAll = this.accessPersistenceManager.findAll(connection, AccessDefinition.class);
                CACHE.addAll(findAll);
                List<AccessDefinition> unmodifiableList = Collections.unmodifiableList(findAll);
                if (connection != null) {
                    connection.close();
                }
                return unmodifiableList;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<AccessDefinition> getAccessDefinitionsByPath(String str, String str2) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                List<AccessDefinition> query = this.accessPersistenceManager.query(connection, AccessDefinition.class, SqlFactory.getNative(connection).select().column("*").from("DIRIGIBLE_SECURITY_ACCESS").where("ACCESS_SCOPE = ?").where("ACCESS_PATH = ?").toString(), str, str2);
                if (connection != null) {
                    connection.close();
                }
                return query;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<AccessDefinition> getAccessDefinitionsByPathAndMethod(String str, String str2, String str3) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                List<AccessDefinition> query = this.accessPersistenceManager.query(connection, AccessDefinition.class, SqlFactory.getNative(connection).select().column("*").from("DIRIGIBLE_SECURITY_ACCESS").where("ACCESS_SCOPE = ?").where("ACCESS_PATH = ?").where(SqlFactory.getNative(connection).expression().and("ACCESS_METHOD = ?").or("ACCESS_METHOD = ?").toString()).toString(), str, str2, str3, "*");
                if (connection != null) {
                    connection.close();
                }
                return query;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public boolean isAccessAllowed(String str, String str2, String str3, String str4) throws AccessException {
        Connection connection = null;
        try {
            try {
                connection = this.dataSource.getConnection();
                boolean z = !this.accessPersistenceManager.query(connection, AccessDefinition.class, SqlFactory.getNative(connection).select().column("*").from("DIRIGIBLE_SECURITY_ACCESS").where("ACCESS_SCOPE = ?").where("ACCESS_PATH = ?").where("ACCESS_ROLE = ?").where(SqlFactory.getNative(connection).expression().and("ACCESS_METHOD = ?").or("ACCESS_METHOD = ?").toString()).toString(), str, str2, str4, str3, "*").isEmpty();
                if (connection != null) {
                    connection.close();
                }
                return z;
            } catch (Throwable th) {
                if (connection != null) {
                    connection.close();
                }
                throw th;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<AccessDefinition> parseAccessDefinitions(String str) {
        return AccessArtifact.parse(str).divide();
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public List<AccessDefinition> parseAccessDefinitions(byte[] bArr) {
        return AccessArtifact.parse(bArr).divide();
    }

    @Override // org.eclipse.dirigible.core.security.api.ISecurityCoreService
    public String serializeAccessDefinitions(List<AccessDefinition> list) {
        return AccessArtifact.combine(list).serialize();
    }

    public void clearCache() {
        CACHE.clear();
    }

    public void dropModifiedAccessDefinitions(String str, String str2) throws AccessException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                PreparedStatement prepareStatement = connection2.prepareStatement(SqlFactory.getNative(connection2).delete().from("DIRIGIBLE_SECURITY_ACCESS").where("ACCESS_LOCATION = ? AND ACCESS_HASH <> ?").toString());
                try {
                    prepareStatement.setString(1, str);
                    prepareStatement.setString(2, str2);
                    prepareStatement.executeUpdate();
                    prepareStatement.close();
                    if (connection2 != null) {
                        connection2.close();
                    }
                } catch (Throwable th) {
                    prepareStatement.close();
                    throw th;
                }
            } catch (Throwable th2) {
                if (0 != 0) {
                    connection.close();
                }
                throw th2;
            }
        } catch (SQLException e) {
            throw new AccessException(e);
        }
    }
}
