package org.apache.qpid.server.security.access.plugins;

import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.qpid.server.logging.EventLoggerProvider;
import org.apache.qpid.server.model.CommonAccessControlProvider;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.Content;
import org.apache.qpid.server.model.CustomRestHeaders;
import org.apache.qpid.server.model.ManagedAttributeField;
import org.apache.qpid.server.model.RestContentHeader;
import org.apache.qpid.server.security.Result;
import org.apache.qpid.server.security.access.config.AclAction;
import org.apache.qpid.server.security.access.config.AclFileParser;
import org.apache.qpid.server.security.access.config.AclRulePredicates;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
import org.apache.qpid.server.security.access.config.ObjectType;
import org.apache.qpid.server.security.access.config.Rule;
import org.apache.qpid.server.security.access.config.RuleBasedAccessControl;
import org.apache.qpid.server.security.access.config.RuleSet;
import org.apache.qpid.server.security.access.plugins.AbstractCommonRuleBasedAccessControlProvider;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/qpid/server/security/access/plugins/AbstractCommonRuleBasedAccessControlProvider.class */
public abstract class AbstractCommonRuleBasedAccessControlProvider<X extends AbstractCommonRuleBasedAccessControlProvider<X, T, Y>, T extends EventLoggerProvider & ConfiguredObject<?>, Y extends CommonAccessControlProvider<Y>> extends AbstractLegacyAccessControlProvider<X, T, Y> implements EventLoggerProvider {

    @ManagedAttributeField
    private Result _defaultResult;

    @ManagedAttributeField
    private volatile List<AclRule> _rules;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.qpid.server.security.access.plugins.AbstractCommonRuleBasedAccessControlProvider$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/qpid/server/security/access/plugins/AbstractCommonRuleBasedAccessControlProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$qpid$server$security$Result = new int[Result.values().length];

        static {
            try {
                $SwitchMap$org$apache$qpid$server$security$Result[Result.DENIED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$Result[Result.ALLOWED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$qpid$server$security$Result[Result.DEFER.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:org/apache/qpid/server/security/access/plugins/AbstractCommonRuleBasedAccessControlProvider$AclRuleImpl.class */
    public static class AclRuleImpl implements AclRule {
        private final Rule _rule;

        AclRuleImpl(Rule rule) {
            this._rule = rule;
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public String getIdentity() {
            return this._rule.getIdentity();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public ObjectType getObjectType() {
            return this._rule.getAction().getObjectType();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public LegacyOperation getOperation() {
            return this._rule.getAction().getOperation();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public Map<ObjectProperties.Property, String> getAttributes() {
            return this._rule.getAttributes();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public RuleOutcome getOutcome() {
            return this._rule.getRuleOutcome();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/qpid/server/security/access/plugins/AbstractCommonRuleBasedAccessControlProvider$StringContent.class */
    public static class StringContent implements Content, CustomRestHeaders {
        private static final DateTimeFormatter FORMATTER = DateTimeFormatter.ofPattern("yyyy-MM-dd-HHmmss");
        private final String _content;
        private final String _name;

        public StringContent(String str, String str2) {
            this._content = str2;
            this._name = str;
        }

        public void write(OutputStream outputStream) throws IOException {
            outputStream.write(this._content.getBytes(StandardCharsets.UTF_8));
        }

        @RestContentHeader("Content-Type")
        public String getContentType() {
            return "text/plain";
        }

        @RestContentHeader("Content-Disposition")
        public String getContentDisposition() {
            return String.format("attachment; filename=\"%s-%s.acl\"", this._name, FORMATTER.format(LocalDateTime.now()));
        }

        public void release() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractCommonRuleBasedAccessControlProvider(Map<String, Object> map, T t) {
        super(map, t);
    }

    protected void postSetAttributes(Set<String> set) {
        super.postSetAttributes(set);
        if (set.contains("defaultResult") || set.contains("rules")) {
            recreateAccessController();
        }
    }

    @Override // org.apache.qpid.server.security.access.plugins.AbstractLegacyAccessControlProvider
    protected RuleBasedAccessControl createRuleBasedAccessController() {
        ArrayList arrayList = new ArrayList();
        for (AclRule aclRule : this._rules) {
            arrayList.add(new Rule(aclRule.getIdentity(), new AclAction(aclRule.getOperation(), aclRule.getObjectType(), new AclRulePredicates(aclRule.getAttributes())), aclRule.getOutcome()));
        }
        return new RuleBasedAccessControl(new RuleSet(this, arrayList, this._defaultResult), getModel());
    }

    public Result getDefaultResult() {
        return this._defaultResult;
    }

    public List<AclRule> getRules() {
        return this._rules;
    }

    public void loadFromFile(String str) {
        RuleSet parse = AclFileParser.parse(str, this);
        ArrayList arrayList = new ArrayList();
        Iterator<Rule> it = parse.getAllRules().iterator();
        while (it.hasNext()) {
            arrayList.add(new AclRuleImpl(it.next()));
        }
        HashMap hashMap = new HashMap();
        hashMap.put("defaultResult", parse.getDefault());
        hashMap.put("rules", arrayList);
        setAttributes(hashMap);
    }

    public Content extractRules() {
        StringBuilder sb = new StringBuilder();
        switch (AnonymousClass1.$SwitchMap$org$apache$qpid$server$security$Result[this._defaultResult.ordinal()]) {
            case 2:
            case 3:
                Object[] objArr = new Object[1];
                objArr[0] = this._defaultResult == Result.ALLOWED ? AclFileParser.DEFAULT_ALLOW : AclFileParser.DEFAULT_DEFER;
                sb.append(String.format("CONFIG %s=true\n", objArr));
                break;
        }
        for (AclRule aclRule : this._rules) {
            sb.append("ACL ");
            sb.append(aclRule.getOutcome().name().replace('_', '-'));
            sb.append(' ');
            sb.append(aclRule.getIdentity());
            sb.append(' ');
            sb.append(aclRule.getOperation().name());
            sb.append(' ');
            sb.append(aclRule.getObjectType().name());
            for (Map.Entry<ObjectProperties.Property, String> entry : aclRule.getAttributes().entrySet()) {
                sb.append(' ');
                sb.append(entry.getKey().getCanonicalName());
                sb.append(" = \"");
                sb.append(entry.getValue());
                sb.append("\"");
            }
            sb.append('\n');
        }
        return new StringContent(getName(), sb.toString());
    }
}
