package org.n52.security.service.pdp;

import java.io.InputStream;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.log4j.Logger;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.Element;
import org.dom4j.Namespace;
import org.n52.security.authentication.principals.AttributePrincipal;
import org.n52.security.authentication.principals.RolePrincipal;
import org.n52.security.common.attributes.Attribute;
import org.n52.security.common.attributes.StringAttributeValue;
import org.n52.security.common.util.XMLUtilsDom4j;
import org.n52.security.decision.DecisionProcessingException;
import org.n52.security.decision.Obligation;
import org.n52.security.decision.PDPProxy;
import org.n52.security.decision.PDPRequest;
import org.n52.security.decision.PDPRequestCollection;
import org.n52.security.decision.PDPResponse;
import org.n52.security.decision.PDPResponseCollection;
import org.n52.security.decision.Target;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/n52/security/service/pdp/PermissionCollectionPDP.class */
public class PermissionCollectionPDP implements PDPProxy {
    private static final Logger LOG;
    public static final Namespace sRightsNamespace;
    private Map m_permissionCollections = new HashMap();
    static Class class$org$n52$security$service$pdp$PermissionCollectionPDP;

    public PermissionCollectionPDP(InputStream inputStream) {
        XMLUtilsDom4j.getDocFactory().getXPathNamespaceURIs().put(sRightsNamespace.getPrefix(), sRightsNamespace.getURI());
        try {
            readPermissionCollections(XMLUtilsDom4j.read(new InputSource(inputStream)));
        } catch (DocumentException e) {
            IllegalArgumentException illegalArgumentException = new IllegalArgumentException("rights xml can't be interpreted");
            illegalArgumentException.initCause(e);
            throw illegalArgumentException;
        }
    }

    private void readPermissionCollections(Document document) {
        for (Element element : document.selectNodes("//rights:PermissionCollection")) {
            List<Element> elements = element.elements();
            PermissionCollection permissionCollection = new PermissionCollection(element.attributeValue("type"), null);
            for (Element element2 : elements) {
                String elementTextTrim = element2.elementTextTrim("Subject");
                String attributeValue = element2.element("Subject").attributeValue("type");
                if (attributeValue == null) {
                    attributeValue = "urn:n52:authentication:subject:principal:role";
                }
                AttributePrincipal attributePrincipal = new AttributePrincipal(attributeValue, elementTextTrim);
                String elementTextTrim2 = element2.elementTextTrim("Resource");
                String elementTextTrim3 = element2.elementTextTrim("Action");
                ArrayList arrayList = new ArrayList();
                for (Element element3 : element2.elements("Obligation")) {
                    String attributeValue2 = element3.attributeValue("type");
                    ArrayList arrayList2 = new ArrayList();
                    for (Element element4 : element3.elements("Attribute")) {
                        arrayList2.add(new Attribute(element4.attributeValue("id"), new StringAttributeValue(element4.getTextTrim())));
                    }
                    arrayList.add(new Obligation(1, attributeValue2, arrayList2));
                }
                permissionCollection.addPermission(new Permission((Principal) attributePrincipal, elementTextTrim2, elementTextTrim3, (List) arrayList, ""));
                permissionCollection.addPermission(new Permission((Principal) new RolePrincipal(elementTextTrim), elementTextTrim2, elementTextTrim3, (List) arrayList, ""));
            }
            if (this.m_permissionCollections.put(permissionCollection.getId(), permissionCollection) != null) {
                LOG.warn(new StringBuffer().append("PermissionCollection duplicate for type ").append(permissionCollection.getId()).append(" found. Last occurance overwrites previous one! Please ensure that your rights file does not contain PermissionCollection elements of the same type.").toString());
            }
        }
    }

    public PermissionCollection getPermissionCollection(String str) {
        return (PermissionCollection) this.m_permissionCollections.get(str);
    }

    public Set getPermissionCollections() {
        return this.m_permissionCollections.entrySet();
    }

    public PDPResponseCollection request(PDPRequestCollection pDPRequestCollection) throws DecisionProcessingException {
        PDPResponse pDPResponse;
        PDPResponseCollection pDPResponseCollection = new PDPResponseCollection();
        LOG.info("PDP performs request");
        Iterator it = pDPRequestCollection.iterator();
        while (it.hasNext()) {
            PDPRequest pDPRequest = (PDPRequest) it.next();
            if (LOG.isDebugEnabled()) {
                LOG.debug(pDPRequest);
            }
            Target target = pDPRequest.getTarget();
            Set<Principal> principals = target.getSubject().getPrincipals();
            if (principals.size() < 1) {
                throw new DecisionProcessingException("Subject for PDP request contains no principal");
            }
            String type = target.getType();
            if (type == null || type.equals("")) {
                throw new DecisionProcessingException("Target must specify a PermissionCollection type");
            }
            PermissionCollection permissionCollection = (PermissionCollection) this.m_permissionCollections.get(type);
            if (permissionCollection == null) {
                LOG.debug(new StringBuffer().append("No PermissionCollection available for type ").append(type).toString());
                pDPResponse = new PDPResponse(1, pDPRequest);
            } else {
                Permission permission = permissionCollection.getPermission(principals, target.getResource(), target.getAction());
                pDPResponse = permission == null ? new PDPResponse(1, pDPRequest) : new PDPResponse(2, pDPRequest, permission.getObligations());
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug(pDPResponse);
            }
            pDPResponseCollection.add(pDPResponse);
        }
        return pDPResponseCollection;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$pdp$PermissionCollectionPDP == null) {
            cls = class$("org.n52.security.service.pdp.PermissionCollectionPDP");
            class$org$n52$security$service$pdp$PermissionCollectionPDP = cls;
        } else {
            cls = class$org$n52$security$service$pdp$PermissionCollectionPDP;
        }
        LOG = Logger.getLogger(cls);
        sRightsNamespace = new Namespace("rights", "http://www.52north.org/rights");
    }
}
