package org.alfresco.jlan.server.auth.acl;

import java.util.Enumeration;
import org.alfresco.jlan.debug.Debug;
import org.alfresco.jlan.server.SrvSession;
import org.alfresco.jlan.server.config.InvalidConfigurationException;
import org.alfresco.jlan.server.config.ServerConfiguration;
import org.alfresco.jlan.server.core.SharedDevice;
import org.alfresco.jlan.server.core.SharedDeviceList;
import org.springframework.extensions.config.ConfigElement;
import org.springframework.extensions.directives.DirectiveConstants;

/* loaded from: input_file:WEB-INF/lib/alfresco-jlan-embed-5.0.c.jar:org/alfresco/jlan/server/auth/acl/DefaultAccessControlManager.class */
public class DefaultAccessControlManager implements AccessControlManager {
    private AccessControlFactory m_factory = new AccessControlFactory();
    private boolean m_debug;

    @Override // org.alfresco.jlan.server.auth.acl.AccessControlManager
    public int checkAccessControl(SrvSession srvSession, SharedDevice sharedDevice) {
        if (!sharedDevice.hasAccessControls()) {
            if (!hasDebug()) {
                return 2;
            }
            srvSession.debugPrintln("Check access control for " + sharedDevice.getName() + ", no ACLs");
            return 2;
        }
        AccessControlList accessControls = sharedDevice.getAccessControls();
        int i = -1;
        if (hasDebug()) {
            srvSession.debugPrintln("Check access control for " + sharedDevice.getName() + ", ACLs=" + accessControls.numberOfControls());
        }
        for (int i2 = 0; i2 < accessControls.numberOfControls(); i2++) {
            AccessControl controlAt = accessControls.getControlAt(i2);
            int allowsAccess = controlAt.allowsAccess(srvSession, sharedDevice, this);
            if (hasDebug()) {
                srvSession.debugPrintln("  Check access ACL=" + controlAt + ", access=" + AccessControl.asAccessString(allowsAccess));
            }
            if (allowsAccess != -1) {
                i = allowsAccess;
            }
        }
        if (i == -1) {
            i = accessControls.getDefaultAccessLevel();
            if (hasDebug()) {
                srvSession.debugPrintln("Access defaulted=" + AccessControl.asAccessString(i) + ", share=" + sharedDevice);
            }
        } else if (hasDebug()) {
            srvSession.debugPrintln("Access allowed=" + AccessControl.asAccessString(i) + ", share=" + sharedDevice);
        }
        return i;
    }

    @Override // org.alfresco.jlan.server.auth.acl.AccessControlManager
    public SharedDeviceList filterShareList(SrvSession srvSession, SharedDeviceList sharedDeviceList) {
        if (sharedDeviceList == null || sharedDeviceList.numberOfShares() == 0) {
            return sharedDeviceList;
        }
        if (hasDebug()) {
            srvSession.debugPrintln("Filter share list for " + srvSession + ", shares=" + sharedDeviceList);
        }
        SharedDeviceList sharedDeviceList2 = new SharedDeviceList();
        Enumeration<SharedDevice> enumerateShares = sharedDeviceList.enumerateShares();
        while (enumerateShares.hasMoreElements()) {
            SharedDevice nextElement = enumerateShares.nextElement();
            if (!nextElement.hasAccessControls()) {
                sharedDeviceList2.addShare(nextElement);
            } else if (checkAccessControl(srvSession, nextElement) != 0) {
                sharedDeviceList2.addShare(nextElement);
            }
        }
        if (hasDebug()) {
            srvSession.debugPrintln("Filtered share list " + sharedDeviceList2);
        }
        return sharedDeviceList2;
    }

    @Override // org.alfresco.jlan.server.auth.acl.AccessControlManager
    public void initialize(ServerConfiguration serverConfiguration, ConfigElement configElement) throws InvalidConfigurationException {
        if (configElement.getChild("debug") != null) {
            setDebug(true);
        }
        addAccessControlType(new UserAccessControlParser());
        addAccessControlType(new ProtocolAccessControlParser());
        addAccessControlType(new DomainAccessControlParser());
        addAccessControlType(new IpAddressAccessControlParser());
        addAccessControlType(new GidAccessControlParser());
        addAccessControlType(new UidAccessControlParser());
        ConfigElement child = configElement.getChild("rule");
        if (child == null || !child.hasChildren()) {
            return;
        }
        for (ConfigElement configElement2 : child.getChildren()) {
            if (configElement2.getValue() == null || configElement2.getValue().length() == 0) {
                throw new InvalidConfigurationException("Empty rule definition");
            }
            try {
                Object newInstance = Class.forName(configElement2.getValue()).newInstance();
                if (newInstance instanceof AccessControlParser) {
                    addAccessControlType((AccessControlParser) newInstance);
                }
            } catch (ClassNotFoundException e) {
                throw new InvalidConfigurationException("Rule class not found, " + configElement2.getValue());
            } catch (IllegalAccessException e2) {
                throw new InvalidConfigurationException("Error creating rule object, " + configElement2.getValue() + DirectiveConstants.COMMA + e2.toString());
            } catch (InstantiationException e3) {
                throw new InvalidConfigurationException("Error creating rule object, " + configElement2.getValue() + DirectiveConstants.COMMA + e3.toString());
            }
        }
    }

    @Override // org.alfresco.jlan.server.auth.acl.AccessControlManager
    public AccessControl createAccessControl(String str, ConfigElement configElement) throws ACLParseException, InvalidACLTypeException {
        return this.m_factory.createAccessControl(str, configElement);
    }

    @Override // org.alfresco.jlan.server.auth.acl.AccessControlManager
    public void addAccessControlType(AccessControlParser accessControlParser) {
        if (hasDebug()) {
            Debug.println("AccessControlManager Add rule type " + accessControlParser.getType());
        }
        this.m_factory.addParser(accessControlParser);
    }

    public final boolean hasDebug() {
        return this.m_debug;
    }

    public final void setDebug(boolean z) {
        this.m_debug = z;
    }
}
