package net.lukemurphey.nsia.trustBoundary;

import java.sql.SQLException;
import net.lukemurphey.nsia.AccessControlDescriptor;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.GeneralizedException;
import net.lukemurphey.nsia.InputValidationException;
import net.lukemurphey.nsia.InsufficientPermissionException;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NoSessionException;
import net.lukemurphey.nsia.NotFoundException;
import net.lukemurphey.nsia.ObjectPermissionDescriptor;
import net.lukemurphey.nsia.RightDescriptor;
import net.lukemurphey.nsia.SessionManagement;
import net.lukemurphey.nsia.SessionStatus;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;

/* loaded from: input_file:net/lukemurphey/nsia/trustBoundary/ApiAccessControl.class */
public class ApiAccessControl extends ApiHandler {
    public ApiAccessControl(Application application) {
        super(application);
    }

    public ObjectPermissionDescriptor getUserPermissions(String str, int i, long j, boolean z) throws GeneralizedException, NoSessionException, InsufficientPermissionException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo == null) {
                throw new NoSessionException(SessionStatus.SESSION_NULL);
            }
            SessionStatus sessionStatus = sessionInfo.getSessionStatus();
            if (sessionStatus != SessionStatus.SESSION_ACTIVE) {
                throw new NoSessionException(sessionStatus);
            }
            if (sessionInfo.getUserId() != i) {
                checkRead(str, j, "Get permissions for user " + i + " relative to object ID " + j);
            }
            try {
                return this.accessControl.getUserPermissions(i, j, z);
            } catch (SQLException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
                throw new GeneralizedException();
            } catch (NoDatabaseConnectionException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
                throw new GeneralizedException();
            }
        } catch (SQLException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new GeneralizedException();
        } catch (InputValidationException e4) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new GeneralizedException();
        }
    }

    public ObjectPermissionDescriptor getGroupPermissions(String str, int i, long j) throws GeneralizedException, InsufficientPermissionException, NoSessionException {
        checkRead(str, j, "Get group permissions for group " + i + " against object ID " + j);
        try {
            return this.accessControl.getGroupPermissions(i, j);
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public long setPermissions(String str, ObjectPermissionDescriptor objectPermissionDescriptor) throws GeneralizedException, NoSessionException, InsufficientPermissionException {
        if (objectPermissionDescriptor == null) {
            return -1L;
        }
        checkControl(str, objectPermissionDescriptor.getObjectId(), "Set ACL");
        try {
            long permissions = this.accessControl.setPermissions(objectPermissionDescriptor);
            if (permissions >= 0) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET, new EventLogField(EventLogField.FieldName.OBJECT_ID, permissions));
            } else {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET_FAILED);
            }
            return permissions;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean deleteUserPermissions(String str, long j, long j2) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkControl(str, j2, "Remove permissions for user " + j);
        try {
            if (this.accessControl.deleteUserPermissions(j, j2)) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.OBJECT_ID, j2), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, j));
                return true;
            }
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.OBJECT_ID, j2), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, j));
            return false;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean deleteGroupPermissions(String str, long j, long j2) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkControl(str, j2, "Remove permissions for group " + j);
        try {
            if (this.accessControl.deleteGroupPermissions(j, j2)) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.OBJECT_ID, j2), new EventLogField(EventLogField.FieldName.GROUP_ID, j));
                return true;
            }
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.OBJECT_ID, j2), new EventLogField(EventLogField.FieldName.GROUP_ID, j));
            return false;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean deleteGroupRight(String str, long j, String str2) throws GeneralizedException, InsufficientPermissionException, NoSessionException {
        checkRight(str, "Users.Rights.Edit");
        try {
            if (this.accessControl.deleteGroupRight(j, str2)) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.RIGHT, str2), new EventLogField(EventLogField.FieldName.GROUP_ID, j));
                return true;
            }
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.RIGHT, str2), new EventLogField(EventLogField.FieldName.GROUP_ID, j));
            return false;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean deleteUserRight(String str, long j, String str2) throws GeneralizedException, InsufficientPermissionException, NoSessionException {
        checkRight(str, "Users.Rights.Edit");
        try {
            if (this.accessControl.deleteUserRight(j, str2)) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.RIGHT, str2), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, j));
                return true;
            }
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.RIGHT, str2), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, j));
            return false;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean setRight(String str, RightDescriptor rightDescriptor) throws NoSessionException, GeneralizedException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo == null) {
                throw new NoSessionException(SessionStatus.SESSION_NULL);
            }
            SessionStatus sessionStatus = sessionInfo.getSessionStatus();
            if (sessionStatus != SessionStatus.SESSION_ACTIVE) {
                throw new NoSessionException(sessionStatus);
            }
            if (sessionInfo.getUserId() == rightDescriptor.getSubjectId()) {
                rightDescriptor.getSubjectType();
                AccessControlDescriptor.Subject subject = AccessControlDescriptor.Subject.USER;
            }
            try {
                if (!this.accessControl.setRight(rightDescriptor)) {
                    return false;
                }
                String str2 = rightDescriptor.getRight() == AccessControlDescriptor.Action.DENY ? "deny" : "allow";
                if (rightDescriptor.getSubjectType() == AccessControlDescriptor.Subject.USER) {
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.VALUE, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, rightDescriptor.getSubjectId()));
                    return true;
                }
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.VALUE, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, sessionInfo.getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()), new EventLogField(EventLogField.FieldName.GROUP_ID, rightDescriptor.getSubjectId()));
                return true;
            } catch (SQLException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
                throw new GeneralizedException();
            } catch (NoDatabaseConnectionException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
                throw new GeneralizedException();
            }
        } catch (SQLException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new GeneralizedException();
        } catch (InputValidationException e4) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new GeneralizedException();
        }
    }

    public RightDescriptor[] getUserRights(String str, int i, boolean z) throws GeneralizedException, NoSessionException, InsufficientPermissionException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo == null) {
                throw new NoSessionException(SessionStatus.SESSION_NULL);
            }
            SessionStatus sessionStatus = sessionInfo.getSessionStatus();
            if (sessionStatus != SessionStatus.SESSION_ACTIVE) {
                throw new NoSessionException(sessionStatus);
            }
            if (sessionInfo.getUserId() != i) {
                checkRight(str, "Users.Rights.View");
            }
            try {
                return this.accessControl.getUserRights(i, z);
            } catch (SQLException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
                throw new GeneralizedException();
            } catch (NoDatabaseConnectionException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
                throw new GeneralizedException();
            }
        } catch (SQLException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new GeneralizedException();
        } catch (InputValidationException e4) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new GeneralizedException();
        }
    }

    public RightDescriptor getUserRight(String str, int i, String str2, boolean z) throws GeneralizedException, NoSessionException, InsufficientPermissionException, NotFoundException {
        try {
            SessionManagement.SessionInfo sessionInfo = this.sessionManagement.getSessionInfo(str);
            if (sessionInfo == null) {
                throw new NoSessionException(SessionStatus.SESSION_NULL);
            }
            SessionStatus sessionStatus = sessionInfo.getSessionStatus();
            if (sessionStatus != SessionStatus.SESSION_ACTIVE) {
                throw new NoSessionException(sessionStatus);
            }
            if (sessionInfo.getUserId() != i) {
                checkRight(str, "Users.Rights.View");
            }
            try {
                return this.accessControl.getUserRight(i, str2, z);
            } catch (SQLException e) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
                throw new GeneralizedException();
            } catch (NoDatabaseConnectionException e2) {
                this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
                throw new GeneralizedException();
            }
        } catch (SQLException e3) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new GeneralizedException();
        } catch (InputValidationException e4) {
            this.appRes.logEvent(EventLogMessage.EventType.SESSION_ID_ILLEGAL, new EventLogField(EventLogField.FieldName.SESSION_ID, str));
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e5) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new GeneralizedException();
        }
    }

    public RightDescriptor getGroupRight(String str, int i, String str2) throws GeneralizedException, InsufficientPermissionException, NoSessionException, NotFoundException {
        checkRight(str, "Users.Rights.View");
        try {
            return this.accessControl.getGroupRight(i, str2);
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public boolean setPermissions(String str, RightDescriptor rightDescriptor) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (rightDescriptor == null) {
            return false;
        }
        checkRight(str, rightDescriptor.getRightName());
        try {
            if (this.accessControl.setPermissions(rightDescriptor)) {
                if (rightDescriptor.isUser()) {
                    this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, rightDescriptor.getSubjectId()));
                    return true;
                }
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.GROUP_ID, rightDescriptor.getSubjectId()));
                return true;
            }
            if (rightDescriptor.isUser()) {
                this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, rightDescriptor.getSubjectId()));
                return false;
            }
            this.appRes.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_UNSET_FAILED, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.GROUP_ID, rightDescriptor.getSubjectId()));
            return false;
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }

    public ObjectPermissionDescriptor[] getAllAclEntries(String str, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkControl(str, j, "Retrieve ACLs");
        try {
            return this.accessControl.getAllAclEntries(j);
        } catch (SQLException e) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            this.appRes.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e2);
            throw new GeneralizedException();
        }
    }
}
