package com.supermap.services.security.deprecated700;

import ch.qos.logback.classic.ClassicConstants;
import com.supermap.services.util.IterableUtil;
import com.supermap.services.util.LogUtil;
import com.supermap.services.util.ResourceManager;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.authc.credential.DefaultPasswordService;
import org.apache.shiro.authc.credential.PasswordService;
import org.ini4j.Ini;
import org.ini4j.InvalidFileFormatException;
import org.ini4j.Profile;
import org.slf4j.cal10n.LocLogger;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager.class */
public class Manager {
    private static volatile Manager b;
    private Map<String, User> d;
    private Map<String, Role> e;
    private Ini f;
    private boolean h;
    private static ResourceManager a = new ResourceManager("com.supermap.services.rest.SecurityResource");
    private static LocLogger c = LogUtil.getLocLogger(Manager.class, a);
    private PasswordService g = new DefaultPasswordService();
    private ReentrantReadWriteLock i = new ReentrantReadWriteLock();
    private Lock j = this.i.readLock();
    private Lock k = this.i.writeLock();
    private Map<String, AuthorizeSetting> l = new HashMap();
    private InstanceAuthorisationNameEditer m = new InstanceAuthorisationNameEditer();
    private volatile Map<String, AuthorizeSetting> n = new HashMap();

    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager$ComponentNameDecider.class */
    private static class ComponentNameDecider implements InstanceAuthorisationNameEditingDecider {
        private String a;
        private String b;

        public ComponentNameDecider(String str, String str2) {
            this.a = str + '/';
            this.b = (str2 == null ? "todelete" : str2) + '/';
        }

        @Override // com.supermap.services.security.deprecated700.Manager.InstanceAuthorisationNameEditingDecider
        public String getNewName(String str) {
            if (str.startsWith(this.a)) {
                return str.replace(this.a, this.b);
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager$InstanceAuthorisationNameEditer.class */
    public class InstanceAuthorisationNameEditer {
        private InstanceAuthorisationNameEditer() {
        }

        public void update(final InstanceAuthorisationNameEditingDecider instanceAuthorisationNameEditingDecider, final boolean z) {
            final HashMap hashMap = new HashMap();
            IterableUtil.iterate(Manager.this.l.keySet(), new IterableUtil.Visitor<String>() { // from class: com.supermap.services.security.deprecated700.Manager.InstanceAuthorisationNameEditer.1
                @Override // com.supermap.services.util.IterableUtil.Visitor
                public boolean visit(String str) {
                    String newName = instanceAuthorisationNameEditingDecider.getNewName(str);
                    if (newName == null) {
                        return false;
                    }
                    hashMap.put(str, newName);
                    return false;
                }
            });
            IterableUtil.iterate(hashMap.entrySet(), new IterableUtil.Visitor<Map.Entry<String, String>>() { // from class: com.supermap.services.security.deprecated700.Manager.InstanceAuthorisationNameEditer.2
                @Override // com.supermap.services.util.IterableUtil.Visitor
                public boolean visit(Map.Entry<String, String> entry) {
                    String key = entry.getKey();
                    String value = entry.getValue();
                    AuthorizeSetting authorizeSetting = (AuthorizeSetting) Manager.this.l.remove(key);
                    if (authorizeSetting == null || z) {
                        return false;
                    }
                    Manager.this.l.put(value, authorizeSetting);
                    return false;
                }
            });
            Profile.Section f = Manager.this.f();
            Set keySet = f.keySet();
            for (String str : (String[]) keySet.toArray(new String[keySet.size()])) {
                String newName = instanceAuthorisationNameEditingDecider.getNewName(str);
                if (newName != null) {
                    String str2 = (String) f.remove(str);
                    if (!z) {
                        f.put(newName, str2);
                    }
                }
            }
            Manager.this.c();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager$InstanceAuthorisationNameEditingDecider.class */
    public interface InstanceAuthorisationNameEditingDecider {
        String getNewName(String str);
    }

    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager$InterfaceNameDecider.class */
    private static class InterfaceNameDecider implements InstanceAuthorisationNameEditingDecider {
        private String a;
        private String b;

        public InterfaceNameDecider(String str, String str2) {
            this.a = '/' + str;
            this.b = '/' + (str2 == null ? "todelete" : str2);
        }

        @Override // com.supermap.services.security.deprecated700.Manager.InstanceAuthorisationNameEditingDecider
        public String getNewName(String str) {
            if (str.endsWith(this.a)) {
                return str.replace(this.a, this.b);
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/deprecated700/Manager$StringArrayCompartor.class */
    public static class StringArrayCompartor {
        List<String> a;
        List<String> b;
        List<String> c = new ArrayList();
        List<String> d = new ArrayList();

        StringArrayCompartor(String[] strArr, String[] strArr2) {
            this.a = strArr != null ? Arrays.asList(strArr) : new ArrayList<>();
            this.b = strArr2 != null ? Arrays.asList(strArr2) : new ArrayList<>();
        }

        public void executeCompare() {
            if (CollectionUtils.isEmpty(this.a)) {
                this.c.addAll(this.b);
                return;
            }
            if (CollectionUtils.isEmpty(this.b)) {
                this.d.addAll(this.a);
                return;
            }
            ArrayList<String> arrayList = new ArrayList();
            arrayList.addAll(this.a);
            arrayList.addAll(this.b);
            for (String str : arrayList) {
                if (!this.a.contains(str)) {
                    this.c.add(str);
                }
                if (!this.b.contains(str)) {
                    this.d.add(str);
                }
            }
        }

        List<String> a() {
            return this.c;
        }

        List<String> b() {
            return this.d;
        }
    }

    public static void setInstance(Manager manager) {
        b = manager;
    }

    public static Manager getInstance() {
        return b;
    }

    public Manager(File file) {
        a(file);
    }

    public void reload(File file) {
        a(file);
    }

    private void a(File file) {
        Ini b2 = b(file);
        this.f = b2;
        this.e = a(b2, SubjectType.ROLE);
        this.d = a(b2, SubjectType.USER);
        this.h = d();
        Map<String, AuthorizeSetting> a2 = a(b2, SubjectType.INSTANCES);
        this.n = a(a2);
        this.l = a2;
        a();
        c();
    }

    private Map<String, AuthorizeSetting> a(Map<String, AuthorizeSetting> map) {
        final HashMap hashMap = new HashMap();
        IterableUtil.iterate(map.entrySet(), new IterableUtil.Visitor<Map.Entry<String, AuthorizeSetting>>() { // from class: com.supermap.services.security.deprecated700.Manager.1
            @Override // com.supermap.services.util.IterableUtil.Visitor
            public boolean visit(Map.Entry<String, AuthorizeSetting> entry) {
                hashMap.put(entry.getKey(), new AuthorizeSetting(entry.getValue()));
                return false;
            }
        });
        return hashMap;
    }

    private void a() {
        Set<Map.Entry<String, Role>> entrySet = this.e.entrySet();
        Collection<User> values = this.d.values();
        for (Map.Entry<String, Role> entry : entrySet) {
            String key = entry.getKey();
            Role value = entry.getValue();
            ArrayList arrayList = new ArrayList();
            for (User user : values) {
                if (user.roles != null && a(user.roles).contains(key)) {
                    arrayList.add(user.name);
                }
            }
            value.users = arrayList.isEmpty() ? null : a((Collection<String>) arrayList);
        }
    }

    private <T> Map<String, T> a(Ini ini, SubjectType subjectType) {
        HashMap hashMap = new HashMap();
        Profile.Section section = (Profile.Section) ini.get(a(subjectType));
        if (section == null) {
            return hashMap;
        }
        for (Map.Entry entry : section.entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            if (str != null && !"".equals(str) && str2 != null && (!"SYSTEM_INTERFACE_VIEW".equals(str) || !SubjectType.ROLE.equals(subjectType))) {
                Object a2 = a(str, str2, subjectType);
                if (a2 != null) {
                    hashMap.put(str, a2);
                }
            }
        }
        return hashMap;
    }

    private <T> T a(String str, String str2, SubjectType subjectType) {
        User a2;
        if (SubjectType.USER.equals(subjectType)) {
            a2 = a(str, str2);
        } else if (SubjectType.ROLE.equals(subjectType)) {
            a2 = c(str);
        } else {
            if (!SubjectType.INSTANCES.equals(subjectType)) {
                throw new IllegalStateException(a.getMessage((ResourceManager) SecurityResource.MANAGER_SUBJECTTYPE_UNSUPPORT, subjectType));
            }
            a2 = a(str2);
        }
        return (T) a2;
    }

    private Object a(String str) {
        AuthorizeSetting authorizeSetting = new AuthorizeSetting();
        if (StringUtils.isEmpty(str)) {
            return authorizeSetting;
        }
        if (str.contains(";")) {
            String[] split = str.split(";");
            if (split == null || split.length == 0) {
                return authorizeSetting;
            }
            try {
                authorizeSetting.type = AuthorizeType.valueOf(StringUtils.trim(split[0]));
                if (split.length >= 2) {
                    List<String> b2 = b(split[1]);
                    authorizeSetting.permittedRoles = (String[]) b2.toArray(new String[b2.size()]);
                }
                if (split.length >= 3) {
                    List<String> b3 = b(split[2]);
                    authorizeSetting.deniedRoles = (String[]) b3.toArray(new String[b3.size()]);
                }
            } catch (RuntimeException e) {
                c.debug(e.getMessage(), e);
                return authorizeSetting;
            }
        } else {
            String[] split2 = StringUtils.split(str, ',');
            if (split2 == null || split2.length == 0) {
                return authorizeSetting;
            }
            try {
                authorizeSetting.type = AuthorizeType.valueOf(StringUtils.trim(split2[0]));
                LinkedList linkedList = new LinkedList();
                for (int i = 1; i < split2.length; i++) {
                    String trim = StringUtils.trim(split2[i]);
                    if (this.e.containsKey(trim)) {
                        linkedList.add(trim);
                    }
                }
                authorizeSetting.permittedRoles = (String[]) linkedList.toArray(new String[linkedList.size()]);
            } catch (RuntimeException e2) {
                c.debug(e2.getMessage(), e2);
                return authorizeSetting;
            }
        }
        return authorizeSetting;
    }

    private List<String> b(String str) {
        LinkedList linkedList = new LinkedList();
        for (String str2 : StringUtils.split(str, ',')) {
            String trim = StringUtils.trim(str2);
            if (this.e.containsKey(trim)) {
                linkedList.add(trim);
            }
        }
        return linkedList;
    }

    private User a(String str, String str2) {
        User user = new User();
        user.name = str;
        String[] split = str2.split(",");
        user.password = split[0];
        if (split.length > 1) {
            int length = split.length - 1;
            String[] strArr = new String[length];
            System.arraycopy(split, 1, strArr, 0, length);
            user.roles = strArr;
        } else {
            user.roles = new String[0];
        }
        user.description = a(str, SubjectType.USER);
        return user;
    }

    private Role c(String str) {
        Role role = new Role();
        role.name = str;
        role.description = a(str, SubjectType.ROLE);
        return role;
    }

    private static String[] a(Collection<String> collection) {
        String[] strArr = new String[collection.size()];
        collection.toArray(strArr);
        return strArr;
    }

    private static List<String> a(String[] strArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(strArr));
        return arrayList;
    }

    private String a(String str, SubjectType subjectType) {
        return (String) b().get(b(str, subjectType));
    }

    private String b(String str, SubjectType subjectType) {
        return new StringBuffer().append(a(subjectType)).append('[').append(str).append(']').toString();
    }

    private static String a(SubjectType subjectType) {
        String str;
        if (SubjectType.USER.equals(subjectType)) {
            str = "users";
        } else if (SubjectType.ROLE.equals(subjectType)) {
            str = "roles";
        } else if (SubjectType.URLRULE.equals(subjectType)) {
            str = "urls";
        } else if (SubjectType.DESCRIPTION.equals(subjectType)) {
            str = "descs";
        } else if (SubjectType.URLID.equals(subjectType)) {
            str = "urlIDs";
        } else {
            if (!SubjectType.INSTANCES.equals(subjectType)) {
                throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_SUBJECTTYPE_UNSUPPORT, subjectType));
            }
            str = "instances";
        }
        return str;
    }

    public List<String> listUsers() {
        try {
            this.j.lock();
            return new ArrayList(this.d.keySet());
        } finally {
            this.j.unlock();
        }
    }

    public User getUser(String str) {
        a((Object) str, "userName");
        try {
            this.j.lock();
            return this.d.get(str);
        } finally {
            this.j.unlock();
        }
    }

    public void addUser(User user) {
        a(user);
        user.password = this.g.encryptPassword(user.password);
        try {
            this.k.lock();
            if (this.d.get(user.name) != null) {
                throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_USER_EXISTS, user.name));
            }
            Profile.Section section = (Profile.Section) this.f.get(a(SubjectType.USER));
            if (section == null) {
                section = this.f.add(a(SubjectType.USER));
            }
            section.put(user.name, a((Object) user));
            b(user.name, user.description, SubjectType.USER);
            c();
            this.d.put(user.name, user.copy());
            b(user.roles, user.name, true);
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    private Profile.Section b() {
        String a2 = a(SubjectType.DESCRIPTION);
        Profile.Section section = (Profile.Section) this.f.get(a2);
        if (section == null) {
            section = this.f.add(a2);
        }
        return section;
    }

    private void b(String str, String str2, SubjectType subjectType) {
        Profile.Section b2 = b();
        String b3 = b(str, subjectType);
        if (StringUtils.isEmpty(str2)) {
            b2.remove(b3);
        } else {
            b2.put(b3, str2);
        }
    }

    public void removeUser(String str) {
        a((Object) str, "userName");
        User user = getUser(str);
        if (user == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_USER_NOT_EXISTS, str));
        }
        a(user, (User) null);
        try {
            this.k.lock();
            ((Profile.Section) this.f.get(a(SubjectType.USER))).remove(str);
            b().remove(b(str, SubjectType.USER));
            c();
            this.d.remove(str);
            b(user.roles, str, false);
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    public void alterUser(String str, User user) {
        a(user);
        User user2 = getUser(str);
        if (user2 == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_USER_NOT_EXISTS, str));
        }
        a(user2, user);
        try {
            this.k.lock();
            a(str, user, true);
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    private static void a(User user, User user2) {
        if (user.isRole("SYSTEM")) {
            if (user2 == null) {
                throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKSYSTEMUSER_REMOVE_SYSTEMUSER, user.name));
            }
            if (!StringUtils.equals(user.name, user2.name) || !Arrays.equals(user.roles, user2.roles)) {
                throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKSYSTEMUSER_ALTER_SYSTEMUSER, user.name));
            }
        }
    }

    public void alterUserPassword(String str, String str2, String str3) {
        a((Object) str, "userName");
        a((Object) str2, "newPassword");
        User user = getUser(str);
        if (user == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_USER_NOT_EXISTS, str));
        }
        if (!this.g.passwordsMatch(str3, user.password)) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_ALTERUSERPASSWORD_ILLEGALARGUMENTEXCEPTION, new Object[0]));
        }
        User copy = user.copy();
        copy.password = str2;
        alterUser(str, copy);
    }

    public List<String> listRoles() {
        try {
            this.j.lock();
            return new ArrayList(this.e.keySet());
        } finally {
            this.j.unlock();
        }
    }

    public List<Role> getAllRoles() {
        try {
            this.j.lock();
            return new ArrayList(this.e.values());
        } finally {
            this.j.unlock();
        }
    }

    public Role getRole(String str) {
        try {
            this.j.lock();
            Role role = this.e.get(str);
            Map<String, AuthorizeSetting> instanceAuthorisations = getInstanceAuthorisations();
            this.j.unlock();
            if (role != null) {
                role = role.copy();
                role.permissions = a(str, instanceAuthorisations);
            }
            return role;
        } catch (Throwable th) {
            this.j.unlock();
            throw th;
        }
    }

    public RolePermissions getRolePermissions(String str) {
        if (this.e.get(str) == null) {
            return null;
        }
        try {
            this.j.lock();
            return a(str, getInstanceAuthorisations());
        } finally {
            this.j.unlock();
        }
    }

    private RolePermissions a(String str, Map<String, AuthorizeSetting> map) {
        RolePermissions rolePermissions = new RolePermissions();
        rolePermissions.instanceAccessPermissions = b(str, map);
        return rolePermissions;
    }

    private MixedPermissions b(String str, Map<String, AuthorizeSetting> map) {
        if ("ADMIN".equals(str)) {
            return new MixedPermissions();
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        for (Map.Entry<String, AuthorizeSetting> entry : map.entrySet()) {
            String key = entry.getKey();
            AuthorizeSetting value = entry.getValue();
            if (value != null) {
                switch (value.type) {
                    case PUBLIC:
                        arrayList3.add(key);
                        break;
                    case AUTHENTICATED:
                        if (a(str, value.deniedRoles)) {
                            arrayList2.add(key);
                            break;
                        } else {
                            arrayList3.add(key);
                            break;
                        }
                    case PRIVATE:
                        if (a(str, value.deniedRoles)) {
                            arrayList2.add(key);
                        }
                        if (a(str, value.permittedRoles) && !arrayList2.contains(key)) {
                            arrayList.add(key);
                            break;
                        }
                        break;
                }
            }
        }
        MixedPermissions mixedPermissions = new MixedPermissions();
        mixedPermissions.permitted = (String[]) arrayList.toArray(new String[arrayList.size()]);
        mixedPermissions.denied = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
        return mixedPermissions;
    }

    private static boolean a(String str, String[] strArr) {
        return strArr != null && Arrays.asList(strArr).contains(str);
    }

    public void addRole(Role role) {
        a(role);
        if (getRole(role.name) != null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_ROLE_EXISTS, role.name));
        }
        try {
            this.k.lock();
            this.e.put(role.name, role.copy());
            a(role.users, role.name, true);
            b(role.name, role.description, SubjectType.ROLE);
            c();
        } finally {
            this.k.unlock();
        }
    }

    private void a(String[] strArr, String str, boolean z) {
        if (strArr == null) {
            return;
        }
        for (String str2 : strArr) {
            User user = getUser(str2);
            if (user != null) {
                User copy = user.copy();
                HashSet hashSet = new HashSet();
                if (copy.roles != null) {
                    hashSet.addAll(Arrays.asList(copy.roles));
                }
                if (z) {
                    hashSet.add(str);
                } else {
                    hashSet.remove(str);
                }
                copy.roles = a((Collection<String>) hashSet);
                a(str2, copy, false);
            }
        }
    }

    private void a(String str, String[] strArr, String[] strArr2, boolean z) {
        if (strArr2 == null && strArr == null) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        List arrayList3 = strArr2 == null ? new ArrayList() : a(strArr2);
        List arrayList4 = strArr == null ? new ArrayList() : a(strArr);
        if (strArr2 == null) {
            arrayList.addAll(arrayList4);
        } else if (strArr == null) {
            arrayList2.addAll(arrayList3);
        } else {
            ArrayList<String> arrayList5 = new ArrayList();
            arrayList5.addAll(arrayList3);
            arrayList5.addAll(arrayList4);
            for (String str2 : arrayList5) {
                if (!arrayList3.contains(str2)) {
                    arrayList.add(str2);
                }
                if (!arrayList4.contains(str2)) {
                    arrayList2.add(str2);
                }
            }
        }
        if (z) {
            a(a((Collection<String>) arrayList), str, true);
            a(a((Collection<String>) arrayList2), str, false);
        } else {
            b(a((Collection<String>) arrayList), str, true);
            b(a((Collection<String>) arrayList2), str, false);
        }
    }

    private void b(String[] strArr, String str, boolean z) {
        if (strArr == null) {
            return;
        }
        for (String str2 : strArr) {
            Role role = getRole(str2);
            if (role != null) {
                Role copy = role.copy();
                HashSet hashSet = new HashSet();
                if (copy.users != null) {
                    hashSet.addAll(Arrays.asList(copy.users));
                }
                if (z) {
                    hashSet.add(str);
                } else {
                    hashSet.remove(str);
                }
                copy.users = a((Collection<String>) hashSet);
                this.e.put(str2, copy);
            }
        }
    }

    public void removeRole(String str) {
        a((Object) str, "roleName");
        d(str);
        Role role = getRole(str);
        if (role == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_ROLE_NOT_EXISTS, str));
        }
        try {
            this.k.lock();
            this.e.remove(str);
            a(role.users, str, false);
            Profile.Section section = (Profile.Section) this.f.get(a(SubjectType.ROLE));
            Profile.Section b2 = b();
            section.remove(str);
            b2.remove(b(str, SubjectType.ROLE));
            c();
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    private static void d(String str) {
        if ("ADMIN".equals(str) || "PUBLISHER".equals(str) || "PORTAL_USER".equals(str) || "USER".equals(str)) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_REMOVE_ROLE_ASSERTNOT_DEFAULT, str));
        }
    }

    public void alterRole(String str, Role role) {
        a(role);
        b(str, role.users);
        if (getRole(str) == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_ROLE_NOT_EXISTS, str));
        }
        try {
            this.k.lock();
            a(str, role);
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    private void b(String str, String[] strArr) {
        boolean z = false;
        if (strArr != null && strArr.length > 0) {
            for (int i = 0; i < strArr.length; i++) {
                if (!StringUtils.isEmpty(strArr[i]) && getUser(strArr[i]).isRole("SYSTEM")) {
                    z = true;
                }
            }
        }
        if (("ADMIN".equalsIgnoreCase(str) && !z) || (!"ADMIN".equalsIgnoreCase(str) && z)) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKUSERROLE_ALTERROLE_SYSTEMUSER, new Object[0]));
        }
    }

    private void a(String str, User user, boolean z) {
        User copy = getUser(str).copy();
        if (!copy.password.equals(user.password)) {
            user.password = this.g.encryptPassword(user.password);
        }
        Profile.Section section = (Profile.Section) this.f.get(a(SubjectType.USER));
        this.d.put(user.name, user.copy());
        section.put(user.name, a((Object) user));
        b(user.name, user.description, SubjectType.USER);
        c();
        if (z) {
            a(str, user.roles, copy.roles, false);
        }
    }

    private void a(String str, Role role) {
        Role copy = getRole(str).copy();
        a(str, role.users, copy.users, true);
        a(str, (copy.permissions == null || copy.permissions.instanceAccessPermissions == null) ? new MixedPermissions() : copy.permissions.instanceAccessPermissions, (role.permissions == null || role.permissions.instanceAccessPermissions == null) ? new MixedPermissions() : role.permissions.instanceAccessPermissions);
        this.e.put(role.name, role.copy());
        b(role.name, role.description, SubjectType.ROLE);
        c();
    }

    private void a(String str, MixedPermissions mixedPermissions, MixedPermissions mixedPermissions2) {
        StringArrayCompartor stringArrayCompartor = new StringArrayCompartor(mixedPermissions.permitted, mixedPermissions2.permitted);
        stringArrayCompartor.executeCompare();
        List<String> a2 = stringArrayCompartor.a();
        List<String> b2 = stringArrayCompartor.b();
        StringArrayCompartor stringArrayCompartor2 = new StringArrayCompartor(mixedPermissions.denied, mixedPermissions2.denied);
        stringArrayCompartor2.executeCompare();
        List<String> a3 = stringArrayCompartor2.a();
        List<String> b3 = stringArrayCompartor2.b();
        HashSet<String> hashSet = new HashSet();
        hashSet.addAll(a2);
        hashSet.addAll(b2);
        hashSet.addAll(a3);
        hashSet.addAll(b3);
        Map<String, AuthorizeSetting> instanceAuthorisations = getInstanceAuthorisations();
        for (String str2 : hashSet) {
            AuthorizeSetting authorizeSetting = instanceAuthorisations.get(str2);
            if (authorizeSetting == null) {
                authorizeSetting = new AuthorizeSetting();
            }
            ArrayList arrayList = new ArrayList(Arrays.asList(authorizeSetting.permittedRoles));
            ArrayList arrayList2 = new ArrayList(Arrays.asList(authorizeSetting.deniedRoles));
            if (a2.contains(str2) && !arrayList.contains(str)) {
                arrayList.add(str);
            }
            if (b2.contains(str2)) {
                arrayList.remove(str);
            }
            if (a3.contains(str2) && !arrayList2.contains(str)) {
                arrayList2.add(str);
            }
            if (b3.contains(str2)) {
                arrayList2.remove(str);
            }
            authorizeSetting.permittedRoles = (String[]) arrayList.toArray(new String[arrayList.size()]);
            authorizeSetting.deniedRoles = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
            if (authorizeSetting.type == AuthorizeType.PUBLIC && authorizeSetting.deniedRoles != null && authorizeSetting.deniedRoles.length > 0) {
                authorizeSetting.type = AuthorizeType.AUTHENTICATED;
            }
            updateInstanceAuthorisation(str2, authorizeSetting);
        }
    }

    public boolean isSecurityEnabled() {
        return this.h;
    }

    public void setSecurityEnabled(boolean z) {
        try {
            this.k.lock();
            this.h = z;
            Profile.Section e = e();
            e.put("config", Config.class.getCanonicalName());
            e.put("config.enabled", Boolean.valueOf(z));
            c();
        } finally {
            this.k.unlock();
        }
    }

    public boolean isAdminExistsOrNot() {
        return getSystemUser() != null;
    }

    public User getSystemUser() {
        try {
            this.j.lock();
            for (User user : this.d.values()) {
                if (user.roles != null && (a(user.roles).contains("SYSTEM") || a(user.roles).contains("SYSTEM".toLowerCase()))) {
                    return user;
                }
            }
            this.j.unlock();
            return null;
        } finally {
            this.j.unlock();
        }
    }

    public void addAdminUser(String str, String str2) {
        User user = new User();
        user.name = str;
        user.password = str2;
        user.roles = new String[]{"ADMIN", "SYSTEM"};
        addUser(user);
    }

    private static Ini b(File file) {
        Ini ini = null;
        try {
            ini = new Ini();
            ini.getConfig().setComment(false);
            ini.setFile(file);
            ini.load();
        } catch (InvalidFileFormatException e) {
            c.warn(a.getMessage((ResourceManager) SecurityResource.MANAGER_LOADINI_SHIRO_CONFIGFILE_FORMATEXCEPTION, file.getAbsolutePath(), e.getMessage()));
            c.debug(e.getMessage(), e);
        } catch (IOException e2) {
            c.warn(a.getMessage((ResourceManager) SecurityResource.MANAGER_LOADINI_SHIRO_CONFIGFILE_IOEXCEPTION, file.getAbsolutePath(), e2.getMessage()));
            c.debug(e2.getMessage(), e2);
        }
        return ini;
    }

    private static void a(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_ASSERTNOTNULL_PARAM_NULL, str));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void c() {
        try {
            this.f.store();
        } catch (IOException e) {
            c.warn(a.getMessage((ResourceManager) SecurityResource.MANAGER_STOREINI_IOEXCEPTION, new Object[0]));
            c.debug(e.getMessage(), e);
        }
    }

    private void a(User user) {
        a(user, ClassicConstants.USER_MDC_KEY);
        if (user.name == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKUSER_USER_NAME_NULL, new Object[0]));
        }
        if (user.password == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKUSER_USER_PASSWORD_NULL, new Object[0]));
        }
    }

    private void a(Role role) {
        a(role, "role");
        if (role.name == null) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKROLE_ROLE_NAME_NULL, new Object[0]));
        }
        if ("SYSTEM".equals(role.name)) {
            throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_CHECKROLE_ROLE_NOT_SYSTEM, new Object[0]));
        }
    }

    private String a(Object obj) {
        StringBuilder sb = new StringBuilder();
        if (obj instanceof User) {
            User user = (User) obj;
            sb.append(user.password);
            if (user.roles != null && user.roles.length > 0) {
                for (String str : user.roles) {
                    sb.append(",");
                    sb.append(str);
                }
            }
        } else {
            if (obj instanceof Role) {
                throw new IllegalArgumentException("process Role DefinitionString function has moved to rolePermissionUtils.addRole or alterRole.");
            }
            if (!obj.getClass().isArray() || !String.class.equals(obj.getClass().getComponentType())) {
                throw new IllegalArgumentException(a.getMessage((ResourceManager) SecurityResource.MANAGER_SUBJECTTYPE_UNSUPPORT, obj.getClass()));
            }
            String[] strArr = (String[]) obj;
            for (int i = 0; i < strArr.length; i++) {
                String str2 = strArr[i];
                if (str2 != null) {
                    sb.append(str2);
                    if (i != strArr.length - 1) {
                        sb.append(",");
                    }
                }
            }
        }
        return sb.toString();
    }

    public String generateUUID() {
        return UUID.randomUUID().toString();
    }

    private boolean d() {
        return "true".equalsIgnoreCase((String) e().get("config.enabled"));
    }

    private Profile.Section e() {
        Profile.Section section = (Profile.Section) this.f.get("main");
        if (section == null) {
            section = this.f.add("main");
        }
        return section;
    }

    public List<String> listRolesByInstance(String str) {
        ArrayList arrayList = new ArrayList();
        for (Role role : this.e.values()) {
            if (role.containInstance(str)) {
                arrayList.add(role.name);
            }
        }
        return arrayList;
    }

    public List<String> listRolesByNotInstance(String str) {
        ArrayList arrayList = new ArrayList();
        for (Role role : this.e.values()) {
            if (!role.containInstance(str) && !role.name.equals("ADMIN")) {
                arrayList.add(role.name);
            }
        }
        return arrayList;
    }

    public void updateInstanceAuthorisation(String str, AuthorizeSetting authorizeSetting) {
        this.k.lock();
        try {
            AuthorizeSetting authorizeSetting2 = authorizeSetting == null ? new AuthorizeSetting() : new AuthorizeSetting(authorizeSetting);
            a(authorizeSetting2);
            this.l.put(str, authorizeSetting2);
            this.n = a(this.l);
            f().put(str, b(authorizeSetting2));
            c();
            this.k.unlock();
        } catch (Throwable th) {
            this.k.unlock();
            throw th;
        }
    }

    private void a(AuthorizeSetting authorizeSetting) {
        if (authorizeSetting.permittedRoles == null) {
            authorizeSetting.permittedRoles = new String[0];
        }
        if (authorizeSetting.deniedRoles == null) {
            authorizeSetting.deniedRoles = new String[0];
        }
        LinkedList linkedList = new LinkedList();
        for (String str : authorizeSetting.permittedRoles) {
            if (this.e.containsKey(str) && !linkedList.contains(str)) {
                linkedList.add(str);
            }
        }
        authorizeSetting.permittedRoles = (String[]) linkedList.toArray(new String[linkedList.size()]);
        LinkedList linkedList2 = new LinkedList();
        for (String str2 : authorizeSetting.deniedRoles) {
            if (this.e.containsKey(str2) && !linkedList2.contains(str2)) {
                if ("ADMIN".equals(str2)) {
                    c.debug(a.getMessage((ResourceManager) SecurityResource.MANAGER_ADMIN_CANNOTDENIED, new Object[0]));
                } else {
                    linkedList2.add(str2);
                }
            }
        }
        authorizeSetting.deniedRoles = (String[]) linkedList2.toArray(new String[linkedList2.size()]);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Profile.Section f() {
        Profile.Section section = (Profile.Section) this.f.get(a(SubjectType.INSTANCES));
        if (section == null) {
            section = this.f.add(a(SubjectType.INSTANCES));
        }
        return section;
    }

    private String b(AuthorizeSetting authorizeSetting) {
        StringBuilder sb = new StringBuilder();
        sb.append((authorizeSetting.type == null ? AuthorizeType.PUBLIC : authorizeSetting.type).toString());
        sb.append(";");
        if (authorizeSetting.permittedRoles != null) {
            for (int i = 0; i < authorizeSetting.permittedRoles.length; i++) {
                if (this.e.containsKey(authorizeSetting.permittedRoles[i])) {
                    if (i == 0) {
                        sb.append(authorizeSetting.permittedRoles[i]);
                    } else {
                        sb.append(',').append(authorizeSetting.permittedRoles[i]);
                    }
                }
            }
        }
        sb.append(";");
        if (authorizeSetting.deniedRoles != null) {
            for (int i2 = 0; i2 < authorizeSetting.deniedRoles.length; i2++) {
                if (this.e.containsKey(authorizeSetting.deniedRoles[i2])) {
                    if (i2 == 0) {
                        sb.append(authorizeSetting.deniedRoles[i2]);
                    } else {
                        sb.append(',').append(authorizeSetting.deniedRoles[i2]);
                    }
                }
            }
        }
        return sb.toString();
    }

    public void deleteInstanceAuthorisation(String str) {
        this.k.lock();
        try {
            if (this.l.containsKey(str)) {
                this.l.remove(str);
                this.n = a(this.l);
                f().remove(str);
            }
            c();
        } finally {
            this.k.unlock();
        }
    }

    public void renameComponent(String str, String str2) {
        this.k.lock();
        try {
            this.m.update(new ComponentNameDecider(str, str2), false);
            this.n = a(this.l);
        } finally {
            this.k.unlock();
        }
    }

    public void renameInterface(String str, String str2) {
        this.k.lock();
        try {
            this.m.update(new InterfaceNameDecider(str, str2), false);
            this.n = a(this.l);
        } finally {
            this.k.unlock();
        }
    }

    public void deleteComponent(String str) {
        this.k.lock();
        try {
            this.m.update(new ComponentNameDecider(str, null), true);
            this.n = a(this.l);
        } finally {
            this.k.unlock();
        }
    }

    public void deleteInterface(String str) {
        this.k.lock();
        try {
            this.m.update(new InterfaceNameDecider(str, null), true);
            this.n = a(this.l);
        } finally {
            this.k.unlock();
        }
    }

    public Map<String, AuthorizeSetting> getInstanceAuthorisations() {
        Map<String, AuthorizeSetting> a2;
        if (this.j.tryLock()) {
            try {
                a2 = a(this.l);
            } finally {
                this.j.unlock();
            }
        } else {
            a2 = a(this.n);
        }
        return a2;
    }

    public PasswordService getPasswordService() {
        return this.g;
    }
}
