package com.orientechnologies.security.auditing;

import com.cloudbees.syslog.sender.TcpSyslogMessageSender;
import com.orientechnologies.common.parser.OVariableParser;
import com.orientechnologies.common.parser.OVariableParserListener;
import com.orientechnologies.orient.core.command.OCommandExecutor;
import com.orientechnologies.orient.core.command.OCommandRequestText;
import com.orientechnologies.orient.core.db.ODatabase;
import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
import com.orientechnologies.orient.core.db.ODatabaseListener;
import com.orientechnologies.orient.core.db.ODatabaseRecordThreadLocal;
import com.orientechnologies.orient.core.db.document.ODatabaseDocument;
import com.orientechnologies.orient.core.hook.ORecordHook;
import com.orientechnologies.orient.core.hook.ORecordHookAbstract;
import com.orientechnologies.orient.core.metadata.schema.OClass;
import com.orientechnologies.orient.core.metadata.schema.OType;
import com.orientechnologies.orient.core.metadata.security.OSecurityUser;
import com.orientechnologies.orient.core.record.ORecord;
import com.orientechnologies.orient.core.record.impl.ODocument;
import com.orientechnologies.orient.core.record.impl.ODocumentInternal;
import com.orientechnologies.orient.core.security.OAuditingOperation;
import com.orientechnologies.orient.server.OServer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.LinkedBlockingQueue;

/* loaded from: input_file:com/orientechnologies/security/auditing/OAuditingHook.class */
public class OAuditingHook extends ORecordHookAbstract implements ODatabaseListener {
    private final Map<String, OAuditingClassConfig> classes;
    private final OAuditingLoggingThread auditingThread;
    private Map<ODatabaseDocument, List<ODocument>> operations;
    private volatile LinkedBlockingQueue<ODocument> auditingQueue;
    private Set<OAuditingCommandConfig> commands;
    private boolean onGlobalCreate;
    private boolean onGlobalRead;
    private boolean onGlobalUpdate;
    private boolean onGlobalDelete;
    private OAuditingClassConfig defaultConfig;
    private OAuditingSchemaConfig schemaConfig;
    private ODocument iConfiguration;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.orientechnologies.security.auditing.OAuditingHook$4, reason: invalid class name */
    /* loaded from: input_file:com/orientechnologies/security/auditing/OAuditingHook$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation = new int[OAuditingOperation.values().length];

        static {
            try {
                $SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation[OAuditingOperation.CREATED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation[OAuditingOperation.LOADED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation[OAuditingOperation.UPDATED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation[OAuditingOperation.DELETED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/orientechnologies/security/auditing/OAuditingHook$OAuditingClassConfig.class */
    public static class OAuditingClassConfig {
        public boolean polymorphic;
        public boolean onCreateEnabled;
        public String onCreateMessage;
        public boolean onReadEnabled;
        public String onReadMessage;
        public boolean onUpdateEnabled;
        public String onUpdateMessage;
        public boolean onUpdateChanges;
        public boolean onDeleteEnabled;
        public String onDeleteMessage;

        public OAuditingClassConfig() {
            this.polymorphic = true;
            this.onCreateEnabled = false;
            this.onReadEnabled = false;
            this.onUpdateEnabled = false;
            this.onUpdateChanges = true;
            this.onDeleteEnabled = false;
        }

        public OAuditingClassConfig(ODocument oDocument) {
            this.polymorphic = true;
            this.onCreateEnabled = false;
            this.onReadEnabled = false;
            this.onUpdateEnabled = false;
            this.onUpdateChanges = true;
            this.onDeleteEnabled = false;
            if (oDocument.containsField("polymorphic")) {
                this.polymorphic = ((Boolean) oDocument.field("polymorphic")).booleanValue();
            }
            if (oDocument.containsField("onCreateEnabled")) {
                this.onCreateEnabled = ((Boolean) oDocument.field("onCreateEnabled")).booleanValue();
            }
            if (oDocument.containsField("onCreateMessage")) {
                this.onCreateMessage = (String) oDocument.field("onCreateMessage");
            }
            if (oDocument.containsField("onReadEnabled")) {
                this.onReadEnabled = ((Boolean) oDocument.field("onReadEnabled")).booleanValue();
            }
            if (oDocument.containsField("onReadMessage")) {
                this.onReadMessage = (String) oDocument.field("onReadMessage");
            }
            if (oDocument.containsField("onUpdateEnabled")) {
                this.onUpdateEnabled = ((Boolean) oDocument.field("onUpdateEnabled")).booleanValue();
            }
            if (oDocument.containsField("onUpdateMessage")) {
                this.onUpdateMessage = (String) oDocument.field("onUpdateMessage");
            }
            if (oDocument.containsField("onUpdateChanges")) {
                this.onUpdateChanges = ((Boolean) oDocument.field("onUpdateChanges")).booleanValue();
            }
            if (oDocument.containsField("onDeleteEnabled")) {
                this.onDeleteEnabled = ((Boolean) oDocument.field("onDeleteEnabled")).booleanValue();
            }
            if (oDocument.containsField("onDeleteMessage")) {
                this.onDeleteMessage = (String) oDocument.field("onDeleteMessage");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/orientechnologies/security/auditing/OAuditingHook$OAuditingCommandConfig.class */
    public static class OAuditingCommandConfig {
        public String regex;
        public String message;

        public OAuditingCommandConfig(ODocument oDocument) {
            this.regex = (String) oDocument.field("regex");
            this.message = (String) oDocument.field("message");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/orientechnologies/security/auditing/OAuditingHook$OAuditingSchemaConfig.class */
    public class OAuditingSchemaConfig extends OAuditingConfig {
        private boolean onCreateClassEnabled;
        private String onCreateClassMessage;
        private boolean onDropClassEnabled;
        private String onDropClassMessage;

        public OAuditingSchemaConfig(ODocument oDocument) {
            this.onCreateClassEnabled = false;
            this.onDropClassEnabled = false;
            if (oDocument.containsField("onCreateClassEnabled")) {
                this.onCreateClassEnabled = ((Boolean) oDocument.field("onCreateClassEnabled")).booleanValue();
            }
            this.onCreateClassMessage = (String) oDocument.field("onCreateClassMessage");
            if (oDocument.containsField("onDropClassEnabled")) {
                this.onDropClassEnabled = ((Boolean) oDocument.field("onDropClassEnabled")).booleanValue();
            }
            this.onDropClassMessage = (String) oDocument.field("onDropClassMessage");
        }

        @Override // com.orientechnologies.security.auditing.OAuditingConfig
        public String formatMessage(OAuditingOperation oAuditingOperation, String str) {
            return oAuditingOperation == OAuditingOperation.CREATEDCLASS ? resolveMessage(this.onCreateClassMessage, "class", str) : oAuditingOperation == OAuditingOperation.DROPPEDCLASS ? resolveMessage(this.onDropClassMessage, "class", str) : str;
        }

        @Override // com.orientechnologies.security.auditing.OAuditingConfig
        public boolean isEnabled(OAuditingOperation oAuditingOperation) {
            if (oAuditingOperation == OAuditingOperation.CREATEDCLASS) {
                return this.onCreateClassEnabled;
            }
            if (oAuditingOperation == OAuditingOperation.DROPPEDCLASS) {
                return this.onDropClassEnabled;
            }
            return false;
        }
    }

    public OAuditingHook(String str) {
        this(new ODocument().fromJSON(str, "noMap"), (OServer) null);
    }

    public OAuditingHook(String str, OServer oServer) {
        this(new ODocument().fromJSON(str, "noMap"), oServer);
    }

    public OAuditingHook(ODocument oDocument) {
        this(oDocument, (OServer) null);
    }

    public OAuditingHook(ODocument oDocument, OServer oServer) {
        this.classes = new HashMap(20);
        this.operations = new ConcurrentHashMap();
        this.commands = new HashSet();
        this.defaultConfig = new OAuditingClassConfig();
        this.iConfiguration = oDocument;
        this.onGlobalDelete = false;
        this.onGlobalUpdate = false;
        this.onGlobalRead = false;
        this.onGlobalCreate = false;
        ODocument oDocument2 = (ODocument) oDocument.field("classes");
        if (oDocument2 != null) {
            for (String str : oDocument2.fieldNames()) {
                OAuditingClassConfig oAuditingClassConfig = new OAuditingClassConfig((ODocument) oDocument2.field(str));
                if (str.equals("*")) {
                    this.defaultConfig = oAuditingClassConfig;
                } else {
                    this.classes.put(str, oAuditingClassConfig);
                }
                if (oAuditingClassConfig.onCreateEnabled) {
                    this.onGlobalCreate = true;
                }
                if (oAuditingClassConfig.onReadEnabled) {
                    this.onGlobalRead = true;
                }
                if (oAuditingClassConfig.onUpdateEnabled) {
                    this.onGlobalUpdate = true;
                }
                if (oAuditingClassConfig.onDeleteEnabled) {
                    this.onGlobalDelete = true;
                }
            }
        }
        Iterable iterable = (Iterable) oDocument.field("commands");
        if (iterable != null) {
            Iterator it = iterable.iterator();
            while (it.hasNext()) {
                this.commands.add(new OAuditingCommandConfig((ODocument) it.next()));
            }
        }
        ODocument oDocument3 = (ODocument) oDocument.field("schema");
        if (oDocument3 != null) {
            this.schemaConfig = new OAuditingSchemaConfig(oDocument3);
        }
        this.auditingQueue = new LinkedBlockingQueue<>();
        this.auditingThread = new OAuditingLoggingThread(ODatabaseRecordThreadLocal.instance().get().getName(), this.auditingQueue, oServer);
        this.auditingThread.start();
    }

    public OAuditingHook(OServer oServer) {
        this.classes = new HashMap(20);
        this.operations = new ConcurrentHashMap();
        this.commands = new HashSet();
        this.defaultConfig = new OAuditingClassConfig();
        this.auditingQueue = new LinkedBlockingQueue<>();
        this.auditingThread = new OAuditingLoggingThread("OSystem", this.auditingQueue, oServer);
        this.auditingThread.start();
    }

    public void onCreate(ODatabase oDatabase) {
    }

    public void onDelete(ODatabase oDatabase) {
    }

    public void onOpen(ODatabase oDatabase) {
    }

    public void onBeforeTxBegin(ODatabase oDatabase) {
    }

    public void onBeforeTxRollback(ODatabase oDatabase) {
    }

    public void onAfterTxRollback(ODatabase oDatabase) {
        synchronized (this.operations) {
            this.operations.remove(oDatabase);
        }
    }

    public void onBeforeTxCommit(ODatabase oDatabase) {
    }

    public void onAfterTxCommit(ODatabase oDatabase) {
        List<ODocument> remove;
        synchronized (this.operations) {
            remove = this.operations.remove(oDatabase);
        }
        if (remove != null) {
            Iterator<ODocument> it = remove.iterator();
            while (it.hasNext()) {
                this.auditingQueue.offer(it.next());
            }
        }
    }

    public void onClose(ODatabase oDatabase) {
    }

    public void onBeforeCommand(OCommandRequestText oCommandRequestText, OCommandExecutor oCommandExecutor) {
    }

    public void onAfterCommand(OCommandRequestText oCommandRequestText, OCommandExecutor oCommandExecutor, Object obj) {
        logCommand(oCommandRequestText.getText());
    }

    public boolean onCorruptionRepairDatabase(ODatabase oDatabase, String str, String str2) {
        return false;
    }

    public ODocument getConfiguration() {
        return this.iConfiguration;
    }

    public void onRecordAfterCreate(ORecord oRecord) {
        if (this.onGlobalCreate) {
            log(OAuditingOperation.CREATED, oRecord);
        }
    }

    public void onRecordAfterRead(ORecord oRecord) {
        if (this.onGlobalRead) {
            log(OAuditingOperation.LOADED, oRecord);
        }
    }

    public void onRecordAfterUpdate(ORecord oRecord) {
        if (oRecord instanceof ODocument) {
            ODocument oDocument = (ODocument) oRecord;
            ODatabaseDocumentInternal oDatabaseDocumentInternal = ODatabaseRecordThreadLocal.instance().get();
            if (ODocumentInternal.getImmutableSchemaClass(oDatabaseDocumentInternal, oDocument).isOuser() && Arrays.asList(oDocument.getDirtyFields()).contains("password")) {
                log(OAuditingOperation.CHANGED_PWD, oDatabaseDocumentInternal.getName(), oDatabaseDocumentInternal.getUser(), String.format("The password for user '%s' has been changed", (String) oDocument.getProperty("name")));
            }
        }
        if (this.onGlobalUpdate) {
            log(OAuditingOperation.UPDATED, oRecord);
        }
    }

    public void onRecordAfterDelete(ORecord oRecord) {
        if (this.onGlobalDelete) {
            log(OAuditingOperation.DELETED, oRecord);
        }
    }

    public ORecordHook.DISTRIBUTED_EXECUTION_MODE getDistributedExecutionMode() {
        return ORecordHook.DISTRIBUTED_EXECUTION_MODE.SOURCE_NODE;
    }

    protected void logCommand(String str) {
        if (this.auditingQueue == null) {
            return;
        }
        for (OAuditingCommandConfig oAuditingCommandConfig : this.commands) {
            if (str.matches(oAuditingCommandConfig.regex)) {
                ODatabaseDocumentInternal oDatabaseDocumentInternal = ODatabaseRecordThreadLocal.instance().get();
                this.auditingQueue.offer(createLogDocument(OAuditingOperation.COMMAND, oDatabaseDocumentInternal.getName(), oDatabaseDocumentInternal.getUser(), formatCommandNote(str, oAuditingCommandConfig.message)));
            }
        }
    }

    private String formatCommandNote(final String str, String str2) {
        return (str2 == null || str2.isEmpty()) ? str : (String) OVariableParser.resolveVariables(str2, "${", "}", new OVariableParserListener() { // from class: com.orientechnologies.security.auditing.OAuditingHook.1
            public Object resolve(String str3) {
                if (str3.startsWith("command")) {
                    return str;
                }
                return null;
            }
        });
    }

    protected void log(OAuditingOperation oAuditingOperation, ORecord oRecord) {
        OAuditingClassConfig auditConfiguration;
        if (this.auditingQueue == null || (auditConfiguration = getAuditConfiguration(oRecord)) == null) {
            return;
        }
        ODocument oDocument = null;
        String str = null;
        switch (AnonymousClass4.$SwitchMap$com$orientechnologies$orient$core$security$OAuditingOperation[oAuditingOperation.ordinal()]) {
            case 1:
                if (auditConfiguration.onCreateEnabled) {
                    str = auditConfiguration.onCreateMessage;
                    break;
                } else {
                    return;
                }
            case TcpSyslogMessageSender.SETTING_MAX_RETRY /* 2 */:
                if (auditConfiguration.onReadEnabled) {
                    str = auditConfiguration.onReadMessage;
                    break;
                } else {
                    return;
                }
            case 3:
                if (!auditConfiguration.onUpdateEnabled) {
                    return;
                }
                str = auditConfiguration.onUpdateMessage;
                if ((oRecord instanceof ODocument) && auditConfiguration.onUpdateChanges) {
                    ODocument oDocument2 = (ODocument) oRecord;
                    oDocument = new ODocument();
                    for (String str2 : oDocument2.getDirtyFields()) {
                        ODocument oDocument3 = new ODocument();
                        oDocument3.field("from", oDocument2.getOriginalValue(str2));
                        oDocument3.field("to", oDocument2.rawField(str2));
                        oDocument.field(str2, oDocument3, new OType[]{OType.EMBEDDED});
                    }
                    break;
                }
                break;
            case 4:
                if (auditConfiguration.onDeleteEnabled) {
                    str = auditConfiguration.onDeleteMessage;
                    break;
                } else {
                    return;
                }
        }
        ODatabaseDocument oDatabaseDocument = ODatabaseRecordThreadLocal.instance().get();
        ODocument createLogDocument = createLogDocument(oAuditingOperation, oDatabaseDocument.getName(), oDatabaseDocument.getUser(), formatNote(oRecord, str));
        createLogDocument.field("record", oRecord.getIdentity());
        if (oDocument != null) {
            createLogDocument.field("changes", oDocument, new OType[]{OType.EMBEDDED});
        }
        if (!oDatabaseDocument.getTransaction().isActive()) {
            this.auditingQueue.offer(createLogDocument);
            return;
        }
        synchronized (this.operations) {
            List<ODocument> list = this.operations.get(oDatabaseDocument);
            if (list == null) {
                list = new ArrayList();
                this.operations.put(oDatabaseDocument, list);
            }
            list.add(createLogDocument);
        }
    }

    private String formatNote(final ORecord oRecord, String str) {
        if (str == null) {
            return null;
        }
        return (String) OVariableParser.resolveVariables(str, "${", "}", new OVariableParserListener() { // from class: com.orientechnologies.security.auditing.OAuditingHook.2
            public Object resolve(String str2) {
                if (!str2.startsWith("field.") || !(oRecord instanceof ODocument)) {
                    return null;
                }
                return oRecord.field(str2.substring("field.".length()));
            }
        });
    }

    private OAuditingClassConfig getAuditConfiguration(ORecord oRecord) {
        OAuditingClassConfig oAuditingClassConfig = null;
        if (oRecord instanceof ODocument) {
            OClass schemaClass = ((ODocument) oRecord).getSchemaClass();
            if (schemaClass != null) {
                if (!schemaClass.getName().equals(ODefaultAuditing.AUDITING_LOG_CLASSNAME)) {
                    oAuditingClassConfig = this.classes.get(schemaClass.getName());
                    while (true) {
                        if (oAuditingClassConfig != null || schemaClass == null) {
                            break;
                        }
                        schemaClass = schemaClass.getSuperClass();
                        if (schemaClass != null) {
                            oAuditingClassConfig = this.classes.get(schemaClass.getName());
                            if (oAuditingClassConfig != null && !oAuditingClassConfig.polymorphic) {
                                oAuditingClassConfig = null;
                                break;
                            }
                        }
                    }
                } else {
                    return null;
                }
            }
        }
        if (oAuditingClassConfig == null) {
            oAuditingClassConfig = this.defaultConfig;
        }
        return oAuditingClassConfig;
    }

    public void shutdown(boolean z) {
        if (this.auditingThread != null) {
            this.auditingThread.sendShutdown(z);
            this.auditingQueue = null;
        }
    }

    private String formatClassNote(final OClass oClass, String str) {
        return (str == null || str.isEmpty()) ? oClass.getName() : (String) OVariableParser.resolveVariables(str, "${", "}", new OVariableParserListener() { // from class: com.orientechnologies.security.auditing.OAuditingHook.3
            public Object resolve(String str2) {
                if (str2.equalsIgnoreCase("class")) {
                    return oClass.getName();
                }
                return null;
            }
        });
    }

    protected void logClass(OAuditingOperation oAuditingOperation, String str) {
        ODatabaseDocumentInternal oDatabaseDocumentInternal = ODatabaseRecordThreadLocal.instance().get();
        this.auditingQueue.offer(createLogDocument(oAuditingOperation, oDatabaseDocumentInternal.getName(), oDatabaseDocumentInternal.getUser(), str));
    }

    protected void logClass(OAuditingOperation oAuditingOperation, OClass oClass) {
        if (this.schemaConfig == null || !this.schemaConfig.isEnabled(oAuditingOperation)) {
            return;
        }
        logClass(oAuditingOperation, this.schemaConfig.formatMessage(oAuditingOperation, oClass.getName()));
    }

    public void onCreateClass(OClass oClass) {
        logClass(OAuditingOperation.CREATEDCLASS, oClass);
    }

    public void onDropClass(OClass oClass) {
        logClass(OAuditingOperation.DROPPEDCLASS, oClass);
    }

    public void log(OAuditingOperation oAuditingOperation, String str, OSecurityUser oSecurityUser, String str2) {
        if (this.auditingQueue != null) {
            this.auditingQueue.offer(createLogDocument(oAuditingOperation, str, oSecurityUser, str2));
        }
    }

    private ODocument createLogDocument(OAuditingOperation oAuditingOperation, String str, OSecurityUser oSecurityUser, String str2) {
        ODocument oDocument = new ODocument();
        oDocument.field("date", Long.valueOf(System.currentTimeMillis()));
        oDocument.field("operation", Byte.valueOf(oAuditingOperation.getByte()));
        if (oSecurityUser != null) {
            oDocument.field("user", oSecurityUser.getName());
            oDocument.field("userType", oSecurityUser.getUserType());
        }
        if (str2 != null) {
            oDocument.field("note", str2);
        }
        if (str != null) {
            oDocument.field("database", str);
        }
        return oDocument;
    }
}
