package org.apache.wiki.auth.acl;

import java.security.Permission;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.TreeMap;
import java.util.regex.Pattern;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.wiki.api.core.Attachment;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.core.Engine;
import org.apache.wiki.api.core.Page;
import org.apache.wiki.api.exceptions.ProviderException;
import org.apache.wiki.api.spi.Wiki;
import org.apache.wiki.auth.AuthorizationManager;
import org.apache.wiki.auth.WikiSecurityException;
import org.apache.wiki.auth.permissions.PermissionFactory;
import org.apache.wiki.pages.PageLock;
import org.apache.wiki.pages.PageManager;
import org.apache.wiki.render.RenderingManager;
import org.apache.wiki.util.comparators.PrincipalComparator;

/* loaded from: input_file:WEB-INF/lib/jspwiki-main-2.12.0.jar:org/apache/wiki/auth/acl/DefaultAclManager.class */
public class DefaultAclManager implements AclManager {
    private AuthorizationManager m_auth;
    private Engine m_engine;
    private static final String PERM_REGEX = "(comment|delete|edit|modify|rename|upload|view)";
    private static final Logger LOG = LogManager.getLogger((Class<?>) DefaultAclManager.class);
    private static final String ACL_REGEX = "\\[\\{\\s*ALLOW\\s+(comment|delete|edit|modify|rename|upload|view)\\s*(.*?)\\s*\\}\\]";
    public static final Pattern ACL_PATTERN = Pattern.compile(ACL_REGEX);

    @Override // org.apache.wiki.api.engine.Initializable
    public void initialize(Engine engine, Properties properties) {
        this.m_auth = (AuthorizationManager) engine.getManager(AuthorizationManager.class);
        this.m_engine = engine;
    }

    @Override // org.apache.wiki.auth.acl.AclManager
    public org.apache.wiki.api.core.Acl parseAcl(Page page, String str) throws WikiSecurityException {
        org.apache.wiki.api.core.Acl acl = page.getAcl();
        if (acl == null) {
            acl = Wiki.acls().acl();
        }
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(str);
            stringTokenizer.nextToken();
            String nextToken = stringTokenizer.nextToken();
            while (stringTokenizer.hasMoreTokens()) {
                Principal resolvePrincipal = this.m_auth.resolvePrincipal(stringTokenizer.nextToken(",").trim());
                org.apache.wiki.api.core.AclEntry aclEntry = acl.getAclEntry(resolvePrincipal);
                if (aclEntry != null) {
                    LOG.debug("Adding to old acl list: " + resolvePrincipal + ", " + nextToken);
                    aclEntry.addPermission(PermissionFactory.getPagePermission(page, nextToken));
                } else {
                    LOG.debug("Adding new acl entry for " + nextToken);
                    org.apache.wiki.api.core.AclEntry entry = Wiki.acls().entry();
                    entry.setPrincipal(resolvePrincipal);
                    entry.addPermission(PermissionFactory.getPagePermission(page, nextToken));
                    acl.addEntry(entry);
                }
            }
            page.setAcl(acl);
            LOG.debug(acl.toString());
            return acl;
        } catch (IllegalArgumentException e) {
            throw new WikiSecurityException("Invalid permission type: " + str, e);
        } catch (NoSuchElementException e2) {
            LOG.warn("Invalid access rule: " + str + " - defaults will be used.");
            throw new WikiSecurityException("Invalid access rule: " + str, e2);
        }
    }

    @Override // org.apache.wiki.auth.acl.AclManager
    public org.apache.wiki.api.core.Acl getPermissions(Page page) {
        org.apache.wiki.api.core.Acl acl = page.getAcl();
        LOG.debug("page=" + page.getName() + "\n" + acl);
        if (acl == null) {
            if (page instanceof Attachment) {
                acl = getPermissions(((PageManager) this.m_engine.getManager(PageManager.class)).getPage(((Attachment) page).getParentName()));
            } else {
                Context create = Wiki.context().create(this.m_engine, page);
                create.setVariable(Context.VAR_EXECUTE_PLUGINS, Boolean.FALSE);
                ((RenderingManager) this.m_engine.getManager(RenderingManager.class)).getHTML(create, page);
                if (page.getAcl() == null) {
                    page.setAcl(Wiki.acls().acl());
                }
                acl = page.getAcl();
            }
        }
        return acl;
    }

    @Override // org.apache.wiki.auth.acl.AclManager
    public void setPermissions(Page page, org.apache.wiki.api.core.Acl acl) throws WikiSecurityException {
        PageManager pageManager = (PageManager) this.m_engine.getManager(PageManager.class);
        PageLock currentLock = pageManager.getCurrentLock(page);
        if (currentLock != null) {
            pageManager.unlockPage(currentLock);
        }
        try {
            pageManager.putPageText(page, printAcl(page.getAcl()) + ACL_PATTERN.matcher(((PageManager) this.m_engine.getManager(PageManager.class)).getPureText(page)).replaceAll(""));
        } catch (ProviderException e) {
            throw new WikiSecurityException("Could not set Acl. Reason: ProviderExcpetion " + e.getMessage(), e);
        }
    }

    protected static String printAcl(org.apache.wiki.api.core.Acl acl) {
        TreeMap treeMap = new TreeMap();
        Enumeration<org.apache.wiki.api.core.AclEntry> aclEntries = acl.aclEntries();
        while (aclEntries.hasMoreElements()) {
            org.apache.wiki.api.core.AclEntry nextElement = aclEntries.nextElement();
            Principal principal = nextElement.getPrincipal();
            Enumeration<Permission> permissions = nextElement.permissions();
            while (permissions.hasMoreElements()) {
                Permission nextElement2 = permissions.nextElement();
                List list = (List) treeMap.get(nextElement2.getActions());
                if (list == null) {
                    list = new ArrayList();
                    String actions = nextElement2.getActions();
                    if (actions.indexOf(44) != -1) {
                        throw new IllegalStateException("AclEntry permission cannot have multiple targets.");
                    }
                    treeMap.put(actions, list);
                }
                list.add(principal);
            }
        }
        StringBuilder sb = new StringBuilder();
        for (Map.Entry entry : treeMap.entrySet()) {
            String str = (String) entry.getKey();
            List list2 = (List) entry.getValue();
            list2.sort(new PrincipalComparator());
            sb.append("[{ALLOW ").append(str).append(" ");
            for (int i = 0; i < list2.size(); i++) {
                sb.append(((Principal) list2.get(i)).getName());
                if (i < list2.size() - 1) {
                    sb.append(",");
                }
            }
            sb.append("}]\n");
        }
        return sb.toString();
    }
}
