package uk.ltd.getahead.dwr.impl;

import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import uk.ltd.getahead.dwr.AccessControl;
import uk.ltd.getahead.dwr.Creator;
import uk.ltd.getahead.dwr.Messages;

/* loaded from: input_file:WEB-INF/lib/dwr.jar:uk/ltd/getahead/dwr/impl/DefaultAccessControl.class */
public class DefaultAccessControl implements AccessControl {
    private Map policyMap = new HashMap();
    private Map roleRestrictMap = new HashMap();
    private static final String PACKAGE_DWR = "uk.ltd.getahead.dwr.";
    static Class class$java$lang$Object;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/dwr.jar:uk/ltd/getahead/dwr/impl/DefaultAccessControl$Policy.class */
    public static class Policy {
        boolean defaultAllow = true;
        List rules = new ArrayList();

        Policy() {
        }
    }

    @Override // uk.ltd.getahead.dwr.AccessControl
    public String getReasonToNotExecute(HttpServletRequest httpServletRequest, Creator creator, String str, Method method) {
        Set roleRestrictions = getRoleRestrictions(str, method.getName());
        if (roleRestrictions == null) {
            return null;
        }
        boolean z = false;
        Iterator it = roleRestrictions.iterator();
        while (it.hasNext() && !z) {
            if (httpServletRequest.isUserInRole((String) it.next())) {
                z = true;
            }
        }
        if (z) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        Iterator it2 = roleRestrictions.iterator();
        while (it2.hasNext()) {
            stringBuffer.append((String) it2.next());
            if (it2.hasNext()) {
                stringBuffer.append(", ");
            }
        }
        return Messages.getString("ExecuteQuery.DeniedByJ2EERoles", stringBuffer.toString());
    }

    @Override // uk.ltd.getahead.dwr.AccessControl
    public String getReasonToNotDisplay(HttpServletRequest httpServletRequest, Creator creator, String str, Method method) {
        Class<?> cls;
        String name = method.getName();
        if (!Modifier.isPublic(method.getModifiers())) {
            return Messages.getString("ExecuteQuery.DeniedNonPublic");
        }
        if (!isExecutable(str, name)) {
            return Messages.getString("ExecuteQuery.DeniedByAccessRules");
        }
        if (creator.getType().getName().startsWith(PACKAGE_DWR)) {
            return Messages.getString("ExecuteQuery.DeniedCoreDWR");
        }
        for (int i = 0; i < method.getParameterTypes().length; i++) {
            if (method.getParameterTypes()[i].getName().startsWith(PACKAGE_DWR)) {
                return Messages.getString("ExecuteQuery.DeniedParamDWR");
            }
        }
        Class<?> declaringClass = method.getDeclaringClass();
        if (class$java$lang$Object == null) {
            cls = class$("java.lang.Object");
            class$java$lang$Object = cls;
        } else {
            cls = class$java$lang$Object;
        }
        if (declaringClass == cls) {
            return Messages.getString("ExecuteQuery.DeniedObjectMethod");
        }
        return null;
    }

    @Override // uk.ltd.getahead.dwr.AccessControl
    public void addRoleRestriction(String str, String str2, String str3) {
        String stringBuffer = new StringBuffer().append(str).append('.').append(str2).toString();
        Set set = (Set) this.roleRestrictMap.get(stringBuffer);
        if (set == null) {
            set = new HashSet();
            this.roleRestrictMap.put(stringBuffer, set);
        }
        set.add(str3);
    }

    private Set getRoleRestrictions(String str, String str2) {
        return (Set) this.roleRestrictMap.get(new StringBuffer().append(str).append('.').append(str2).toString());
    }

    @Override // uk.ltd.getahead.dwr.AccessControl
    public void addIncludeRule(String str, String str2) {
        Policy policy = getPolicy(str);
        if (policy.defaultAllow) {
            if (policy.rules.size() > 0) {
                throw new IllegalArgumentException(Messages.getString("DefaultCreatorManager.MixedIncludesAndExcludes", str));
            }
            policy.defaultAllow = false;
        }
        policy.rules.add(str2);
    }

    @Override // uk.ltd.getahead.dwr.AccessControl
    public void addExcludeRule(String str, String str2) {
        Policy policy = getPolicy(str);
        if (!policy.defaultAllow) {
            if (policy.rules.size() > 0) {
                throw new IllegalArgumentException(Messages.getString("DefaultCreatorManager.MixedIncludesAndExcludes", str));
            }
            policy.defaultAllow = true;
        }
        policy.rules.add(str2);
    }

    private boolean isExecutable(String str, String str2) {
        Policy policy = (Policy) this.policyMap.get(str);
        if (policy == null) {
            return true;
        }
        String str3 = null;
        Iterator it = policy.rules.iterator();
        while (it.hasNext() && str3 == null) {
            String str4 = (String) it.next();
            if (str2.equals(str4)) {
                str3 = str4;
            }
        }
        if (!policy.defaultAllow || str3 == null) {
            return policy.defaultAllow || str3 != null;
        }
        return false;
    }

    private Policy getPolicy(String str) {
        Policy policy = (Policy) this.policyMap.get(str);
        if (policy == null) {
            policy = new Policy();
            this.policyMap.put(str, policy);
        }
        return policy;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
