package net.lukemurphey.nsia.web.views;

import java.io.IOException;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Map;
import java.util.Vector;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.lukemurphey.nsia.AccessControl;
import net.lukemurphey.nsia.AccessControlDescriptor;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.GeneralizedException;
import net.lukemurphey.nsia.GroupManagement;
import net.lukemurphey.nsia.InputValidationException;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NoSessionException;
import net.lukemurphey.nsia.NotFoundException;
import net.lukemurphey.nsia.RightDescriptor;
import net.lukemurphey.nsia.UserManagement;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;
import net.lukemurphey.nsia.web.Link;
import net.lukemurphey.nsia.web.Menu;
import net.lukemurphey.nsia.web.RequestContext;
import net.lukemurphey.nsia.web.SessionMessages;
import net.lukemurphey.nsia.web.Shortcuts;
import net.lukemurphey.nsia.web.StandardViewList;
import net.lukemurphey.nsia.web.URLInvalidException;
import net.lukemurphey.nsia.web.View;
import net.lukemurphey.nsia.web.ViewFailedException;
import net.lukemurphey.nsia.web.ViewNotFoundException;
import net.lukemurphey.nsia.web.templates.DialogTemplateDirective;
import net.lukemurphey.nsia.web.templates.TemplateLoader;
import net.lukemurphey.nsia.web.views.Dialog;

/* loaded from: input_file:net/lukemurphey/nsia/web/views/RightsEditView.class */
public class RightsEditView extends View {
    public static final String VIEW_NAME = "rights_editor";

    /* loaded from: input_file:net/lukemurphey/nsia/web/views/RightsEditView$Right.class */
    public static class Right {
        private String name;
        private String description;
        private boolean permitted;

        protected Right(String str, String str2, boolean z) {
            this.name = str;
            this.description = str2;
            this.permitted = z;
        }

        public boolean isPermitted() {
            return this.permitted;
        }

        public String getName() {
            return this.name;
        }

        public String getDescription() {
            return this.description;
        }
    }

    /* loaded from: input_file:net/lukemurphey/nsia/web/views/RightsEditView$RightsCategory.class */
    public static class RightsCategory {
        private Vector<Right> rights = new Vector<>();
        private String name;
        private int index;

        public RightsCategory(String str, Vector<Right> vector, int i) {
            this.name = str;
            this.rights.addAll(vector);
            this.index = i;
        }

        public Collection<Right> getRights() {
            return this.rights;
        }

        public String getName() {
            return this.name;
        }

        public int getIndex() {
            return this.index;
        }
    }

    /* loaded from: input_file:net/lukemurphey/nsia/web/views/RightsEditView$Tab.class */
    public enum Tab {
        USER_MANAGEMENT,
        GROUP_MANAGEMENT,
        SITE_GROUP_MANAGEMENT,
        SYSTEM_CONFIGURATION;

        public static Tab getFromOrdinal(int i) {
            for (Tab tab : valuesCustom()) {
                if (tab.ordinal() == i) {
                    return tab;
                }
            }
            return USER_MANAGEMENT;
        }

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static Tab[] valuesCustom() {
            Tab[] valuesCustom = values();
            int length = valuesCustom.length;
            Tab[] tabArr = new Tab[length];
            System.arraycopy(valuesCustom, 0, tabArr, 0, length);
            return tabArr;
        }
    }

    public RightsEditView() {
        super("Rights", VIEW_NAME, Pattern.compile("User|Group", 2), Pattern.compile("[0-9]+"));
    }

    public static String getURL(UserManagement.UserDescriptor userDescriptor) throws URLInvalidException {
        return new RightsEditView().createURL("User", Integer.valueOf(userDescriptor.getUserID()));
    }

    public static String getURL(GroupManagement.GroupDescriptor groupDescriptor) throws URLInvalidException {
        return new RightsEditView().createURL("Group", Integer.valueOf(groupDescriptor.getGroupId()));
    }

    private Right getRight(String str, String str2, int i, AccessControlDescriptor.Subject subject, AccessControl accessControl) throws SQLException, NoDatabaseConnectionException, NotFoundException {
        return new Right(str, str2, getRightDescriptor(str, str2, i, subject, accessControl).getRight() == AccessControlDescriptor.Action.PERMIT);
    }

    private RightDescriptor getRightDescriptor(String str, String str2, int i, AccessControlDescriptor.Subject subject, AccessControl accessControl) throws SQLException, NoDatabaseConnectionException, NotFoundException {
        return subject == AccessControlDescriptor.Subject.USER ? accessControl.getUserRight(i, str, false) : accessControl.getGroupRight(i, str);
    }

    private boolean setRight(HttpServletRequest httpServletRequest, String str, int i, AccessControlDescriptor.Subject subject, AccessControl accessControl, RequestContext requestContext) throws NoSessionException, GeneralizedException, ViewFailedException {
        AccessControlDescriptor.Action action;
        String str2;
        if (httpServletRequest.getParameter(str) != null) {
            action = AccessControlDescriptor.Action.PERMIT;
            str2 = "allow";
        } else {
            action = AccessControlDescriptor.Action.DENY;
            str2 = "deny";
        }
        RightDescriptor rightDescriptor = new RightDescriptor(action, subject, i, str);
        try {
            if (!accessControl.setRight(rightDescriptor)) {
                return false;
            }
            if (rightDescriptor.getSubjectType() == AccessControlDescriptor.Subject.USER) {
                Application.getApplication().logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.VALUE, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, requestContext.getUser().getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, requestContext.getUser().getUserID()), new EventLogField(EventLogField.FieldName.TARGET_USER_ID, rightDescriptor.getSubjectId()));
                return true;
            }
            Application.getApplication().logEvent(EventLogMessage.EventType.ACCESS_CONTROL_ENTRY_SET, new EventLogField(EventLogField.FieldName.RIGHT, rightDescriptor.getRightName()), new EventLogField(EventLogField.FieldName.VALUE, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, requestContext.getUser().getUserName()), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, requestContext.getUser().getUserID()), new EventLogField(EventLogField.FieldName.GROUP_ID, rightDescriptor.getSubjectId()));
            return true;
        } catch (SQLException e) {
            throw new ViewFailedException(e);
        } catch (NoDatabaseConnectionException e2) {
            throw new ViewFailedException(e2);
        }
    }

    private int setRights(RequestContext requestContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Tab tab, int i, AccessControlDescriptor.Subject subject) throws NoSessionException, GeneralizedException, ViewFailedException {
        AccessControl accessControl = new AccessControl(Application.getApplication());
        int i2 = 0;
        boolean z = false;
        if (tab == Tab.USER_MANAGEMENT || tab == null) {
            if (!setRight(httpServletRequest, "Users.Add", i, subject, accessControl, requestContext)) {
                i2 = 0 + 1;
            }
            if (!setRight(httpServletRequest, "Users.Edit", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.Delete", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.Unlock", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.UpdatePassword", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.UpdateOwnPassword", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.Sessions.Delete", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Users.Sessions.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            z = true;
        }
        if (tab == Tab.GROUP_MANAGEMENT || tab == null) {
            if (!setRight(httpServletRequest, "Groups.Add", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Groups.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Groups.Edit", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Groups.Delete", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "Groups.Membership.Edit", i, subject, accessControl, requestContext)) {
                i2++;
            }
            z = true;
        }
        if (tab == Tab.SITE_GROUP_MANAGEMENT || tab == null) {
            if (!setRight(httpServletRequest, "SiteGroups.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "SiteGroups.Add", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "SiteGroups.Delete", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "SiteGroups.Edit", i, subject, accessControl, requestContext)) {
                i2++;
            }
            z = true;
        }
        if (tab == Tab.SYSTEM_CONFIGURATION || tab == null) {
            if (!setRight(httpServletRequest, "System.Information.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "System.Configuration.View", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "System.Configuration.Edit", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "System.Shutdown", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "System.ControlScanner", i, subject, accessControl, requestContext)) {
                i2++;
            }
            if (!setRight(httpServletRequest, "SiteGroups.ScanAllRules", i, subject, accessControl, requestContext)) {
                i2++;
            }
            z = true;
        }
        if (z) {
            requestContext.addMessage("Rights successfully updated", SessionMessages.MessageSeverity.SUCCESS);
        }
        return i2;
    }

    private Vector<RightsCategory> getRightsCategories(int i, AccessControlDescriptor.Subject subject, AccessControl accessControl) throws SQLException, NoDatabaseConnectionException, NotFoundException {
        Vector<RightsCategory> vector = new Vector<>();
        vector.add(new RightsCategory("User Management", getRights(Tab.USER_MANAGEMENT, i, subject, accessControl), Tab.USER_MANAGEMENT.ordinal()));
        vector.add(new RightsCategory("Group Management", getRights(Tab.GROUP_MANAGEMENT, i, subject, accessControl), Tab.GROUP_MANAGEMENT.ordinal()));
        vector.add(new RightsCategory("Site-Group Management", getRights(Tab.SITE_GROUP_MANAGEMENT, i, subject, accessControl), Tab.SITE_GROUP_MANAGEMENT.ordinal()));
        vector.add(new RightsCategory("System Administration", getRights(Tab.SYSTEM_CONFIGURATION, i, subject, accessControl), Tab.SYSTEM_CONFIGURATION.ordinal()));
        return vector;
    }

    private Vector<Right> getRights(Tab tab, int i, AccessControlDescriptor.Subject subject, AccessControl accessControl) throws SQLException, NoDatabaseConnectionException, NotFoundException {
        Vector<Right> vector = new Vector<>();
        if (tab == Tab.USER_MANAGEMENT) {
            vector.add(getRight("Users.Add", "Create New Users", i, subject, accessControl));
            vector.add(getRight("Users.Edit", "Edit Users", i, subject, accessControl));
            vector.add(getRight("Users.View", "View Users", i, subject, accessControl));
            vector.add(getRight("Users.Delete", "Delete Users", i, subject, accessControl));
            vector.add(getRight("Users.Unlock", "Unlock Accounts (due to repeated authentication attempts)", i, subject, accessControl));
            vector.add(getRight("Users.UpdatePassword", "Update Other's Password (applies only to the other users' accounts)", i, subject, accessControl));
            vector.add(getRight("Users.UpdateOwnPassword", "Update Account Details (applies only to the users' own account)", i, subject, accessControl));
            vector.add(getRight("Users.Sessions.Delete", "Delete Users' Sessions (kick users off)", i, subject, accessControl));
            vector.add(getRight("Users.Sessions.View", "View Users' Sessions (see who is logged in)", i, subject, accessControl));
        } else if (tab == Tab.GROUP_MANAGEMENT) {
            vector.add(getRight("Groups.Add", "Create New Groups", i, subject, accessControl));
            vector.add(getRight("Groups.View", "View Groups", i, subject, accessControl));
            vector.add(getRight("Groups.Edit", "Edit Groups", i, subject, accessControl));
            vector.add(getRight("Groups.Delete", "Delete Groups", i, subject, accessControl));
            vector.add(getRight("Groups.Membership.Edit", "Manage Group Membership", i, subject, accessControl));
        } else if (tab == Tab.SITE_GROUP_MANAGEMENT) {
            vector.add(getRight("SiteGroups.View", "View Site-groups", i, subject, accessControl));
            vector.add(getRight("SiteGroups.Add", "Create New Site-group", i, subject, accessControl));
            vector.add(getRight("SiteGroups.Delete", "Delete Site-groups", i, subject, accessControl));
            vector.add(getRight("SiteGroups.Edit", "Edit Site-groups", i, subject, accessControl));
        } else {
            vector.add(getRight("System.Information.View", "View System Information and Status", i, subject, accessControl));
            vector.add(getRight("System.Configuration.View", "View System Configuration", i, subject, accessControl));
            vector.add(getRight("System.Configuration.Edit", "Modify System Configuration", i, subject, accessControl));
            vector.add(getRight("System.Shutdown", "Shutdown the application", i, subject, accessControl));
            vector.add(getRight("System.ControlScanner", "Start/Stop Scanner", i, subject, accessControl));
            vector.add(getRight("SiteGroups.ScanAllRules", "Allow Gratuitous Scanning of All Rules", i, subject, accessControl));
        }
        return vector;
    }

    @Override // net.lukemurphey.nsia.web.View
    protected boolean process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RequestContext requestContext, String[] strArr, Map<String, Object> map) throws ViewFailedException, URLInvalidException, IOException, ViewNotFoundException {
        Object rights;
        try {
            boolean z = true;
            AccessControlDescriptor.Subject subject = AccessControlDescriptor.Subject.USER;
            try {
                int intValue = Integer.valueOf(strArr[1]).intValue();
                if ("Group".equalsIgnoreCase(strArr[0])) {
                    z = false;
                    subject = AccessControlDescriptor.Subject.GROUP;
                }
                Shortcuts.addDashboardHeaders(httpServletRequest, httpServletResponse, map);
                Vector vector = new Vector();
                vector.add(new Link("Main Dashboard", StandardViewList.getURL(MainDashboardView.VIEW_NAME, new Object[0])));
                if (z) {
                    try {
                        UserManagement.UserDescriptor userDescriptor = new UserManagement(Application.getApplication()).getUserDescriptor(intValue);
                        map.put(UserView.VIEW_NAME, userDescriptor);
                        vector.add(new Link("User Management", UsersView.getURL()));
                        vector.add(new Link("User: " + userDescriptor.getUserName(), UserView.getURL(userDescriptor)));
                        vector.add(new Link("Rights", getURL(userDescriptor)));
                        map.put("menu", Menu.getUserMenuItems(requestContext, userDescriptor));
                    } catch (NotFoundException e) {
                        throw new ViewFailedException(e);
                    }
                } else {
                    GroupManagement.GroupDescriptor groupDescriptor = new GroupManagement(Application.getApplication()).getGroupDescriptor(intValue);
                    map.put(GroupView.VIEW_NAME, groupDescriptor);
                    vector.add(new Link("Group Management", GroupListView.getURL()));
                    vector.add(new Link("Group: " + groupDescriptor.getGroupName(), GroupView.getURL(groupDescriptor)));
                    vector.add(new Link("Rights", getURL(groupDescriptor)));
                    map.put("menu", Menu.getGroupMenuItems(requestContext, groupDescriptor));
                }
                map.put("breadcrumbs", vector);
                map.put(DialogTemplateDirective.PARAM_TITLE, "Rights Management");
                if (z && !Shortcuts.hasRight(requestContext.getSessionInfo(), "Users.View", "View rights for user ID " + intValue)) {
                    vector.set(2, new Link("View User", UserView.getURL(intValue)));
                    Shortcuts.getPermissionDeniedDialog(httpServletResponse, map, "You do not have permission to view user rights");
                    return true;
                }
                if (!Shortcuts.hasRight(requestContext.getSessionInfo(), "Groups.View", "View rights for group ID " + intValue)) {
                    vector.set(2, new Link("View Group", GroupView.getURL(intValue)));
                    Shortcuts.getPermissionDeniedDialog(httpServletResponse, map, "You do not have permission to view group rights");
                    return true;
                }
                Tab tab = null;
                if (httpServletRequest.getParameter("TabIndex") != null) {
                    try {
                        tab = Tab.getFromOrdinal(Integer.valueOf(httpServletRequest.getParameter("TabIndex")).intValue());
                    } catch (NumberFormatException e2) {
                    }
                }
                if (tab != null) {
                    map.put("tabIndex", Integer.valueOf(tab.ordinal()));
                }
                map.put("USER_MANAGEMENT", Integer.valueOf(Tab.USER_MANAGEMENT.ordinal()));
                map.put("GROUP_MANAGEMENT", Integer.valueOf(Tab.GROUP_MANAGEMENT.ordinal()));
                map.put("SYSTEM_CONFIGURATION", Integer.valueOf(Tab.SYSTEM_CONFIGURATION.ordinal()));
                map.put("SITE_GROUP_MANAGEMENT", Integer.valueOf(Tab.SITE_GROUP_MANAGEMENT.ordinal()));
                AccessControl accessControl = new AccessControl(Application.getApplication());
                if (z) {
                    rights = getRights(tab, intValue, AccessControlDescriptor.Subject.USER, accessControl);
                    map.put("categories", getRightsCategories(intValue, AccessControlDescriptor.Subject.USER, accessControl));
                } else {
                    rights = getRights(tab, intValue, AccessControlDescriptor.Subject.GROUP, accessControl);
                    map.put("categories", getRightsCategories(intValue, AccessControlDescriptor.Subject.GROUP, accessControl));
                }
                if (!"POST".equalsIgnoreCase(httpServletRequest.getMethod())) {
                    map.put("rights", rights);
                    map.put("isUser", Boolean.valueOf(z));
                    TemplateLoader.renderToResponse("RightsEditView.ftl", map, httpServletResponse);
                    return true;
                }
                if (z && !Shortcuts.hasRight(requestContext.getSessionInfo(), "Users.Edit", "Edit rights for user ID " + intValue)) {
                    vector.add(new Link("View User", UserView.getURL(intValue)));
                    Shortcuts.getPermissionDeniedDialog(httpServletResponse, map, "You do not have permission to edit user rights");
                    return true;
                }
                if (!Shortcuts.hasRight(requestContext.getSessionInfo(), "Groups.Edit", "Edit rights for group ID " + intValue)) {
                    vector.add(new Link("View Group", GroupView.getURL(intValue)));
                    Shortcuts.getPermissionDeniedDialog(httpServletResponse, map, "You do not have permission to edit group rights");
                    return true;
                }
                setRights(requestContext, httpServletRequest, httpServletResponse, tab, intValue, subject);
                if (subject == AccessControlDescriptor.Subject.GROUP) {
                    httpServletResponse.sendRedirect(createURL("Group", Integer.valueOf(intValue)));
                    return true;
                }
                httpServletResponse.sendRedirect(createURL("User", Integer.valueOf(intValue)));
                return true;
            } catch (NumberFormatException e3) {
                Dialog.getDialog(httpServletResponse, requestContext, map, "The identifier for the user or group is not a valid number.", "User or Group ID Invalid", Dialog.DialogType.WARNING);
                return true;
            }
        } catch (SQLException e4) {
            throw new ViewFailedException(e4);
        } catch (GeneralizedException e5) {
            throw new ViewFailedException(e5);
        } catch (InputValidationException e6) {
            throw new ViewFailedException(e6);
        } catch (NoDatabaseConnectionException e7) {
            throw new ViewFailedException(e7);
        } catch (NoSessionException e8) {
            throw new ViewFailedException(e8);
        } catch (NotFoundException e9) {
            Dialog.getDialog(httpServletResponse, requestContext, map, e9.getMessage(), "Not Found", Dialog.DialogType.WARNING);
            return true;
        }
    }
}
