package com.ibm.isclite.common.util;

import com.ibm.isc.datastore.DatastoreConstants;
import com.ibm.isc.datastore.DatastoreException;
import com.ibm.isc.datastore.runtime.Catalog;
import com.ibm.isc.datastore.runtime.NavigationNode;
import com.ibm.isc.wccm.registry.AccessControl;
import com.ibm.isclite.runtime.Constants;
import com.ibm.isclite.runtime.ConstantsExt;
import com.ibm.isclite.runtime.CoreException;
import com.ibm.isclite.runtime.resourcepermissions.accesscontrol.CategoryAccessControl;
import com.ibm.isclite.runtime.resourcepermissions.accesscontrol.PageAccessControl;
import com.ibm.isclite.service.ServiceManager;
import com.ibm.isclite.service.datastore.categories.NoSuchCategoryException;
import com.ibm.isclite.service.datastore.component.ComponentService;
import com.ibm.isclite.service.datastore.navigation.NavigationService;
import com.ibm.isclite.service.datastore.portletentities.PortletEntityService;
import com.ibm.isclite.service.datastore.portletentities.PortletEntityWrapper;
import com.ibm.isclite.service.security.SecurityService;
import com.ibm.isclite.service.security.roles.RoleServiceUtil;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.portlet.PortletRequest;
import javax.portlet.PortletSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ibm/isclite/common/util/SecurityUtil.class */
public class SecurityUtil implements ComponentListener {
    private static String CLASSNAME = SecurityUtil.class.getName();
    private static Logger logger = Logger.getLogger(CLASSNAME);
    public static final String ISCADMINS_ROLE = "iscadmins";
    public static final String ISCUSERS_ROLE = "iscusers";

    public static boolean isUserInRole(HttpServletRequest httpServletRequest, String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "isUserInRole");
        }
        boolean isUserInRole = RoleServiceUtil.isUserInRole(str, httpServletRequest);
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "isUserInRole", Boolean.valueOf(isUserInRole));
        }
        return isUserInRole;
    }

    public static boolean isUserInRole(PortletRequest portletRequest, String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "isUserInRole");
        }
        boolean isUserInRole = RoleServiceUtil.isUserInRole(str, portletRequest);
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "isUserInRole", Boolean.valueOf(isUserInRole));
        }
        return isUserInRole;
    }

    @Override // com.ibm.isclite.common.util.ComponentListener
    public void cleanMaps(String str, String str2) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "cleanMaps");
            logger.logp(Level.FINEST, CLASSNAME, "cleanMaps", " warname= " + str + " appid= " + str2);
        }
        SecurityService securityService = null;
        try {
            securityService = (SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService);
        } catch (CoreException e) {
        }
        if (securityService != null) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "cleanMaps", " call SecurityService.cleanModuleCache(" + str2 + ")");
            }
            securityService.clearModuleCache(str2);
        }
    }

    public static boolean isPageAccessable(Object obj, String str) throws CoreException {
        String str2 = null;
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "isPageAccessable", "pageid:" + str + " req:" + obj);
        }
        if (obj instanceof HttpServletRequest) {
            HttpSession session = ((HttpServletRequest) obj).getSession(false);
            if (session == null) {
                throw new CoreException("request object did not return valid session");
            }
            str2 = session.getId();
        }
        if (obj instanceof PortletRequest) {
            PortletSession portletSession = ((PortletRequest) obj).getPortletSession(false);
            if (portletSession == null) {
                throw new CoreException("request object did not return valid session");
            }
            str2 = portletSession.getId();
        }
        if (str2 == null) {
            throw new CoreException("request object is not a valid HttpServletRequest or PortletRequest object");
        }
        SecurityService securityService = (SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService);
        NavigationNode findNode = TaskbarUtil.findNode(str, str2);
        if (findNode == null) {
            throw new CoreException("Node for pageid " + str + " not found");
        }
        return securityService.userInRole(obj, findNode);
    }

    public static PortletEntityWrapper isIWidgetAccessable(Object obj, String str, String str2, String str3) throws CoreException {
        String str4 = null;
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "isIWidgetAccessable", "portletname:" + str + " modRef:" + str3 + " req:" + obj);
        }
        if (obj instanceof HttpServletRequest) {
            HttpSession session = ((HttpServletRequest) obj).getSession(false);
            if (session == null) {
                throw new CoreException("request object did not return valid session");
            }
            str4 = session.getId();
        }
        if (obj instanceof PortletRequest) {
            PortletSession portletSession = ((PortletRequest) obj).getPortletSession(false);
            if (portletSession == null) {
                throw new CoreException("request object did not return valid session");
            }
            str4 = portletSession.getId();
        }
        if (str4 == null) {
            throw new CoreException("request object is not a valid HttpServletRequest or PortletRequest object");
        }
        try {
            return ((PortletEntityService) ServiceManager.getService(ConstantsExt.PORTLETENTITIES_SERVICE)).getPortletEntity(str3, null, str, str2, str4);
        } catch (DatastoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isIWidgetAccessable", e.getMessage());
            throw new CoreException(e);
        }
    }

    public static PortletEntityWrapper isPortletAccessable(Object obj, String str, String str2, String str3, String str4) throws CoreException {
        String str5 = null;
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "isPortletAccessable", "portletname:" + str + " portletUniqueName:" + str2 + " portletAppID:" + str3 + " req:" + obj);
        }
        if (obj instanceof HttpServletRequest) {
            HttpSession session = ((HttpServletRequest) obj).getSession(false);
            if (session == null) {
                throw new CoreException("request object did not return valid session");
            }
            str5 = session.getId();
        }
        if (obj instanceof PortletRequest) {
            PortletSession portletSession = ((PortletRequest) obj).getPortletSession(false);
            if (portletSession == null) {
                throw new CoreException("request object did not return valid session");
            }
            str5 = portletSession.getId();
        }
        if (str5 == null) {
            throw new CoreException("request object is not a valid HttpServletRequest or PortletRequest object");
        }
        try {
            return ((PortletEntityService) ServiceManager.getService(ConstantsExt.PORTLETENTITIES_SERVICE)).getPortletEntity(str4, str3, str, str2, str5);
        } catch (DatastoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isPortletAccessable", e.getMessage());
            throw new CoreException(e);
        }
    }

    public static boolean isPortletAccessable(Object obj, String str, String str2) throws CoreException {
        String str3 = null;
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "isPortletAccessable", "portletname:" + str + " appid:" + str2 + " req:" + obj);
        }
        if (obj instanceof HttpServletRequest) {
            HttpSession session = ((HttpServletRequest) obj).getSession(false);
            if (session == null) {
                throw new CoreException("request object did not return valid session");
            }
            str3 = session.getId();
        }
        if (obj instanceof PortletRequest) {
            PortletSession portletSession = ((PortletRequest) obj).getPortletSession(false);
            if (portletSession == null) {
                throw new CoreException("request object did not return valid session");
            }
            str3 = portletSession.getId();
        }
        if (str3 == null) {
            throw new CoreException("request object is not a valid HttpServletRequest or PortletRequest object");
        }
        String str4 = null;
        try {
            ComponentService componentService = (ComponentService) ServiceManager.getService(DatastoreConstants.ComponentService);
            PortletEntityService portletEntityService = (PortletEntityService) ServiceManager.getService(ConstantsExt.PORTLETENTITIES_SERVICE);
            if (0 == 0) {
                str4 = componentService.getCompName(str2);
            }
            return portletEntityService.getPortletEntity(str, str2, str4, str3) != null;
        } catch (DatastoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isPortletAccessable", e.getMessage());
            throw new CoreException(e);
        }
    }

    public static boolean isRoleDefaultForNavNode(String str, String str2, String str3) {
        try {
            for (PageAccessControl pageAccessControl : ((SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService)).getPagePermissions(str2, str3)) {
                if (pageAccessControl.getApplicationRole().equals(str)) {
                    return pageAccessControl.isDefaultRole();
                }
            }
            if (!logger.isLoggable(Level.FINE)) {
                return false;
            }
            logger.logp(Level.WARNING, CLASSNAME, "isRoleDefaultForNavNode", "Probably role: " + str + " has not been peristed for the node: " + str2 + ", yet. Return false (role is not default for the page)");
            return false;
        } catch (CoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isRoleDefaultForNavNode", "Cannot get Security Service", (Throwable) e);
            return false;
        }
    }

    public static boolean isRoleDefaultForCategory(String str, String str2, String str3) {
        try {
            for (CategoryAccessControl categoryAccessControl : ((SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService)).getCategoryPermissions(str2, str3)) {
                if (categoryAccessControl.getApplicationRole().equals(str)) {
                    return categoryAccessControl.isDefaultRole();
                }
            }
            if (!logger.isLoggable(Level.FINE)) {
                return false;
            }
            logger.logp(Level.WARNING, CLASSNAME, "isRoleDefaultForNavNode", "Probably role: " + str + " has not been peristed for the category: " + str2 + ", yet. Return false (role is not default for the category)");
            return false;
        } catch (CoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isRoleDefaultForNavNode", "Cannot get Security Service", (Throwable) e);
            return false;
        } catch (NoSuchCategoryException e2) {
            logger.logp(Level.WARNING, CLASSNAME, "isRoleDefaultForNavNode", "Cannot get Category", (Throwable) e2);
            return false;
        }
    }

    public static List getDefaultRoles() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("iscadmins");
        return arrayList;
    }

    public static boolean hasReSizeAccess(NavigationNode navigationNode, HttpSession httpSession) {
        boolean z = false;
        if (navigationNode == null) {
            return false;
        }
        String nodeID = navigationNode.getNodeID();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "hasPrivilgedUserEditorAccess", "Navigation Node uniqueName is " + nodeID);
        }
        SecurityService securityService = null;
        try {
            securityService = (SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService);
        } catch (CoreException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "hasPrivilgedUserEditorAccess", "Problem getting SecurityService:\n" + e.getMessage());
        }
        if (!securityService.isSecurityEnabled()) {
            return true;
        }
        for (PageAccessControl pageAccessControl : securityService.getPagePermissions(nodeID, httpSession)) {
            List userAppRoles = securityService.getUserAppRoles(httpSession);
            String applicationRole = pageAccessControl.getApplicationRole();
            String roleType = pageAccessControl.getRoleType();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "hasPrivilgedUserEditorAccess", "appRole " + applicationRole + "roleType " + roleType);
            }
            if (roleType.equals(Constants.PORTALACTIONSET_EDITOR) || roleType.equals(Constants.PORTALACTIONSET_PRIVUSER) || roleType.equals(Constants.PORTALACTIONSET_MANAGER)) {
                if (userAppRoles != null && userAppRoles.contains(applicationRole)) {
                    z = true;
                }
            }
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "hasPrivilgedUserEditorAccess", " is " + z);
        }
        return z;
    }

    public static boolean hasReSizeAccess(NavigationNode navigationNode, String str) {
        NavigationService navigationService = null;
        try {
            navigationService = (NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE);
        } catch (CoreException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "hasPrivilgedUserEditorAccess", "CoreException while getting the navigationService:" + e);
        }
        return hasReSizeAccess(navigationNode, navigationService.getSession(str));
    }

    public static String getUserRoleAccess(NavigationNode navigationNode, String str) {
        if (navigationNode == null) {
            return null;
        }
        String nodeID = navigationNode.getNodeID();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "getUserAccessRole()", "Navigation Node uniqueName is " + nodeID);
        }
        SecurityService securityService = null;
        try {
            securityService = (SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService);
        } catch (CoreException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "getUserAccessRole()", "Problem getting SecurityService:\n" + e.getMessage());
        }
        if (!securityService.isSecurityEnabled()) {
            return Constants.PORTALACTIONSET_MANAGER;
        }
        String str2 = null;
        List pagePermissions = securityService.getPagePermissions(nodeID, str);
        List userAppRoles = securityService.getUserAppRoles(str);
        if (userAppRoles != null) {
            Iterator it = pagePermissions.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                PageAccessControl pageAccessControl = (PageAccessControl) it.next();
                String applicationRole = pageAccessControl.getApplicationRole();
                String roleType = pageAccessControl.getRoleType();
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "getUserAccessRole()", "appRole " + applicationRole + "roleType " + roleType);
                }
                if (userAppRoles.contains(applicationRole)) {
                    if (roleType.equals(Constants.PORTALACTIONSET_MANAGER)) {
                        str2 = Constants.PORTALACTIONSET_MANAGER;
                        break;
                    }
                    if (roleType.equals(Constants.PORTALACTIONSET_EDITOR)) {
                        str2 = Constants.PORTALACTIONSET_EDITOR;
                        break;
                    }
                    if (roleType.equals(Constants.PORTALACTIONSET_PRIVUSER)) {
                        str2 = Constants.PORTALACTIONSET_PRIVUSER;
                        break;
                    }
                    if (roleType.equals(Constants.PORTALACTIONSET_USER)) {
                        str2 = Constants.PORTALACTIONSET_USER;
                    }
                }
            }
        } else {
            logger.logp(Level.WARNING, CLASSNAME, "Cannot get user app roles from session.  Session may be invalidated ", "sessionId " + str);
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "getUserAccessRole()", "Role access is " + str2);
        }
        return str2;
    }

    public static String getUserRoleAccessOnCatalog(Catalog catalog, String str) {
        SecurityService securityService = null;
        try {
            securityService = (SecurityService) ServiceManager.getService(DatastoreConstants.SecurityService);
        } catch (CoreException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "getUserRoleAccessOnCatalog()", "Problem getting SecurityService:\n" + e.getMessage());
        }
        if (!securityService.isSecurityEnabled()) {
            return Constants.PORTALACTIONSET_MANAGER;
        }
        String str2 = null;
        ArrayList arrayList = new ArrayList();
        List userAppRoles = securityService.getUserAppRoles(str);
        Iterator<AccessControl> it = catalog.getAccessControlList().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AccessControl next = it.next();
            if (userAppRoles.contains(next.getApplicationRole())) {
                String roleType = next.getRoleType();
                if (roleType.equals(Constants.PORTALACTIONSET_MANAGER)) {
                    arrayList.add(Constants.PORTALACTIONSET_MANAGER);
                    break;
                }
                if (roleType.equals(Constants.PORTALACTIONSET_EDITOR)) {
                    arrayList.add(Constants.PORTALACTIONSET_EDITOR);
                } else if (roleType.equals(Constants.PORTALACTIONSET_PRIVUSER)) {
                    arrayList.add(Constants.PORTALACTIONSET_PRIVUSER);
                } else if (roleType.equals(Constants.PORTALACTIONSET_USER)) {
                    arrayList.add(Constants.PORTALACTIONSET_USER);
                }
            }
        }
        if (arrayList != null) {
            if (arrayList.contains(Constants.PORTALACTIONSET_MANAGER)) {
                str2 = Constants.PORTALACTIONSET_MANAGER;
            } else if (arrayList.contains(Constants.PORTALACTIONSET_EDITOR)) {
                str2 = Constants.PORTALACTIONSET_EDITOR;
            } else if (arrayList.contains(Constants.PORTALACTIONSET_PRIVUSER)) {
                str2 = Constants.PORTALACTIONSET_PRIVUSER;
            } else if (arrayList.contains(Constants.PORTALACTIONSET_USER)) {
                str2 = Constants.PORTALACTIONSET_USER;
            }
        }
        return str2;
    }
}
