package net.lukemurphey.nsia.trustBoundary;

import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.regex.Pattern;
import net.lukemurphey.nsia.AccessControlDescriptor;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.Authentication;
import net.lukemurphey.nsia.ClientData;
import net.lukemurphey.nsia.GeneralizedException;
import net.lukemurphey.nsia.InputValidationException;
import net.lukemurphey.nsia.InsufficientPermissionException;
import net.lukemurphey.nsia.LocalPasswordAuthentication;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NoSessionException;
import net.lukemurphey.nsia.NotFoundException;
import net.lukemurphey.nsia.NumericalOverflowException;
import net.lukemurphey.nsia.PasswordAuthenticationValidator;
import net.lukemurphey.nsia.RightDescriptor;
import net.lukemurphey.nsia.SessionManagement;
import net.lukemurphey.nsia.SessionStatus;
import net.lukemurphey.nsia.UserManagement;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;

/* loaded from: input_file:net/lukemurphey/nsia/trustBoundary/ApiSessionManagement.class */
public class ApiSessionManagement extends ApiHandler {
    public ApiSessionManagement(Application application) {
        super(application);
    }

    public String authenticate(String str, String str2) throws GeneralizedException {
        return authenticate(str, str2, null);
    }

    public String authenticate(String str, String str2, ClientData clientData) throws GeneralizedException {
        if (str == null || str.length() == 0) {
            if (clientData == null) {
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
                return null;
            }
            this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            return null;
        }
        if (!Pattern.compile(UserManagement.USERNAME_REGEX).matcher(str).matches()) {
            if (clientData == null) {
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
            } else {
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            return null;
        }
        if (str.length() > 32) {
            if (clientData == null) {
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
            } else {
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_LENGTH_EXCESSIVE, new EventLogField(EventLogField.FieldName.LENGTH, str.length()), new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            return null;
        }
        try {
            Authentication.AuthenticationResult authenticate = new LocalPasswordAuthentication(this.appRes).authenticate(str, new PasswordAuthenticationValidator(str2), clientData);
            if (authenticate.getAuthenticationStatus() == 5) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 6) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_USERNAME_BLOCKED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_USERNAME_BLOCKED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 4) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 1) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_WRONG, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_WRONG, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 2) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 3) {
                if (clientData == null) {
                    this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_INVALID, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                this.appRes.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_INVALID, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() != 0) {
                this.appRes.logEvent(EventLogMessage.EventType.INTERNAL_ERROR, new EventLogField(EventLogField.FieldName.MESSAGE, "Invalid authentication result code"));
                return null;
            }
            EventLogMessage eventLogMessage = new EventLogMessage(EventLogMessage.EventType.AUTHENTICATION_SUCCESS, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            try {
                SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(authenticate.getSessionIdentifier());
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()));
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            } catch (Exception e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e);
            }
            if (clientData != null) {
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            this.appRes.logEvent(eventLogMessage);
            return authenticate.getSessionIdentifier();
        } catch (NoSuchAlgorithmException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (SQLException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new GeneralizedException();
        } catch (InputValidationException e4) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e4);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new GeneralizedException();
        } catch (NumericalOverflowException e6) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e6);
            throw new GeneralizedException();
        }
    }

    public boolean terminateSession(String str) throws GeneralizedException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_NULL) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_INVALID_TERMINATION_ATTEMPT, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
                return false;
            }
            try {
                if (!this.sessionManagement.terminateSession(str)) {
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_INVALID_TERMINATION_ATTEMPT, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
                    return false;
                }
                try {
                    UserManagement.UserDescriptor userDescriptor = this.userManagement.getUserDescriptor(sessionInfo.getUserId());
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_ENDED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, userDescriptor.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, userDescriptor.getUserID()), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                    return true;
                } catch (NotFoundException e) {
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_ENDED, new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()));
                    return true;
                }
            } catch (SQLException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
                throw new GeneralizedException();
            } catch (InputValidationException e3) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
                return false;
            } catch (NoDatabaseConnectionException e4) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e4);
                throw new GeneralizedException();
            }
        } catch (SQLException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e5);
            throw new GeneralizedException();
        } catch (InputValidationException e6) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            return false;
        } catch (NoDatabaseConnectionException e7) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e7);
            throw new GeneralizedException();
        }
    }

    public boolean terminateSession(String str, long j) throws GeneralizedException, InsufficientPermissionException, NoSessionException {
        checkRight(str, "Users.Sessions.Delete");
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(j);
            if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_NULL) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_INVALID_TERMINATION_ATTEMPT, new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, j));
                return false;
            }
            try {
                if (!this.sessionManagement.terminateSession(j)) {
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_INVALID_TERMINATION_ATTEMPT, new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, j));
                    return false;
                }
                try {
                    UserManagement.UserDescriptor userDescriptor = this.userManagement.getUserDescriptor(sessionInfo.getUserId());
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_ENDED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, userDescriptor.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, userDescriptor.getUserID()), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                    return true;
                } catch (NotFoundException e) {
                    this.appRes.logEvent(EventLogMessage.EventType.SESSION_ENDED, new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                    return true;
                }
            } catch (SQLException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
                throw new GeneralizedException();
            } catch (InputValidationException e3) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e3);
                return false;
            } catch (NoDatabaseConnectionException e4) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e4);
                throw new GeneralizedException();
            }
        } catch (SQLException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e5);
            throw new GeneralizedException();
        } catch (InputValidationException e6) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e6);
            return false;
        } catch (NoDatabaseConnectionException e7) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e7);
            throw new GeneralizedException();
        }
    }

    public int getSessionStatus(String str) throws GeneralizedException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_EXPIRED) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_INACTIVITY_EXPIRED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            } else if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_HIJACKED) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_HIJACKED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            } else if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_INACTIVE) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_INACTIVITY_EXPIRED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            } else if (sessionInfo.getSessionStatus() == SessionStatus.SESSION_LIFETIME_EXCEEDED) {
                this.appRes.logEvent(EventLogMessage.EventType.SESSION_MAX_TIME_EXCEEDED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            }
            return sessionInfo.getSessionStatus().getStatusId();
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (InputValidationException e2) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e3);
            throw new GeneralizedException();
        }
    }

    public String refreshSessionIdentifier(String str) throws GeneralizedException {
        return refreshSessionIdentifier(str, true);
    }

    public String refreshSessionIdentifier(String str, boolean z) throws GeneralizedException {
        try {
            return this.sessionManagement.refreshSessionIdentifier(str, z);
        } catch (NoSuchAlgorithmException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e);
            throw new GeneralizedException();
        } catch (SQLException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
            throw new GeneralizedException();
        } catch (InputValidationException e3) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e4) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e4);
            throw new GeneralizedException();
        }
    }

    public int disableUserSessions(String str, int i) throws NoSessionException, GeneralizedException, InsufficientPermissionException {
        checkSession(str);
        SessionManagement.SessionInfo sessionInfo = null;
        try {
            try {
                SessionManagement.SessionInfo sessionInfo2 = this.sessionManagement.getSessionInfo(str);
                RightDescriptor userRight = this.accessControl.getUserRight(sessionInfo2.getUserId(), "Users.Sessions.Delete", true);
                UserManagement.UserDescriptor userDescriptor = this.userManagement.getUserDescriptor(sessionInfo2.getUserId());
                String str2 = null;
                if (userDescriptor != null) {
                    str2 = userDescriptor.getUserName();
                }
                if (userRight == null) {
                    return -1;
                }
                if (userRight.getRight() == AccessControlDescriptor.Action.PERMIT) {
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.OPERATION, "Discard user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, i));
                    return this.sessionManagement.disableUserSessions(i);
                }
                if (userRight.getRight() == AccessControlDescriptor.Action.DENY) {
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.OPERATION, "Discard user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, i));
                    throw new InsufficientPermissionException();
                }
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.OPERATION, "Discard user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, i));
                throw new InsufficientPermissionException();
            } catch (NotFoundException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e);
                throw new GeneralizedException();
            }
        } catch (SQLException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
            throw new GeneralizedException();
        } catch (InputValidationException e3) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            return -1;
        } catch (NoDatabaseConnectionException e4) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e4);
            throw new GeneralizedException();
        } catch (NotFoundException e5) {
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.OPERATION, "Discard user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, i));
            throw new InsufficientPermissionException();
        }
    }

    @Override // net.lukemurphey.nsia.trustBoundary.ApiHandler
    public UserManagement.UserDescriptor getUserInfo(String str) throws GeneralizedException, NoSessionException {
        return super.getUserInfo(str);
    }

    public SessionManagement.SessionInfo[] getUserSessions(String str) throws NoSessionException, GeneralizedException, InsufficientPermissionException {
        checkSession(str);
        SessionManagement.SessionInfo sessionInfo = null;
        try {
            SessionManagement.SessionInfo sessionInfo2 = this.sessionManagement.getSessionInfo(str);
            try {
                RightDescriptor userRight = this.accessControl.getUserRight(sessionInfo2.getUserId(), "Users.Sessions.View", true);
                UserManagement.UserDescriptor userDescriptor = this.userManagement.getUserDescriptor(sessionInfo2.getUserId());
                String str2 = null;
                if (userDescriptor != null) {
                    str2 = userDescriptor.getUserName();
                }
                if (userDescriptor.isUnrestricted()) {
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()));
                } else {
                    if (userRight == null) {
                        return null;
                    }
                    if (userRight.getRight() != AccessControlDescriptor.Action.PERMIT) {
                        if (userRight.getRight() == AccessControlDescriptor.Action.DENY) {
                            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()));
                            throw new InsufficientPermissionException();
                        }
                        this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()));
                        throw new InsufficientPermissionException();
                    }
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo2.getUserId()));
                }
            } catch (NotFoundException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e);
                throw new GeneralizedException();
            }
        } catch (SQLException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
            throw new GeneralizedException();
        } catch (InputValidationException e3) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
        } catch (NoDatabaseConnectionException e4) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e4);
            throw new GeneralizedException();
        } catch (NotFoundException e5) {
            if (0 != 0) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            } else {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.OPERATION, "Enumerate user sessions"), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, "Unknown"));
            }
            throw new InsufficientPermissionException();
        }
        try {
            return this.sessionManagement.getCurrentSessions();
        } catch (SQLException e6) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e6);
            throw new GeneralizedException();
        } catch (InputValidationException e7) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e7);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e8) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e8);
            throw new GeneralizedException();
        }
    }
}
