package org.jboss.security.acl;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.jboss.security.SecurityException;
import org.jboss.security.util.Util;

/* loaded from: input_file:portal-forums-authz-plugin.sar:jboss-acl.jar:org/jboss/security/acl/DefaultEnforcer.class */
public class DefaultEnforcer implements Enforcer {
    protected Module module = null;
    protected User user = null;
    protected Resource resource = null;
    protected Collection permissions = null;
    protected Collection localPermissions = null;
    protected Collection impliedPermissions = null;

    @Override // org.jboss.security.acl.Enforcer
    public void setup(Module module, User user, Resource resource, Collection collection) throws SecurityException {
        this.module = module;
        this.user = user;
        this.resource = resource;
        this.permissions = collection;
        this.localPermissions = new ArrayList();
        this.impliedPermissions = new ArrayList();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setupLocalPermissions() {
        calculatePermissions(this.module.getFunctions(this.resource));
    }

    protected void setupImpliedPermissions() {
        calculateImpliedPermissions(this.module.getImpliedFunctions(this.module.getFunctions(this.resource)));
    }

    @Override // org.jboss.security.acl.Enforcer
    public boolean isAllowed() throws SecurityException {
        this.localPermissions = new ArrayList();
        this.impliedPermissions = new ArrayList();
        Collection functions = this.module.getFunctions(this.resource);
        calculatePermissions(functions);
        calculateImpliedPermissions(this.module.getImpliedFunctions(functions));
        boolean isAllowed = isAllowed(this.localPermissions);
        if (this.localPermissions == null || this.localPermissions.size() == 0) {
            isAllowed = isAllowed(this.impliedPermissions);
        }
        return isAllowed;
    }

    private boolean isAllowed(Collection collection) {
        boolean z = false;
        Iterator it = collection.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Permission permission = (Permission) it.next();
            boolean z2 = true;
            if (this.resource.getCriteriaId() != null && this.resource.getCriteriaId().trim().length() > 0) {
                z2 = isCriteriaMet(this.resource, permission);
            }
            if (!permission.isNegated() && z2) {
                z = true;
            }
            if (permission.isNegated() && z2) {
                z = false;
                break;
            }
        }
        return z;
    }

    protected boolean isAllFound() {
        boolean z = false;
        if (!Util.isEmpty(this.localPermissions)) {
            Iterator it = this.localPermissions.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (((Permission) it.next()).getName().equalsIgnoreCase("all")) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    private void calculatePermissions(Collection collection) {
        if (Util.isEmpty(collection)) {
            return;
        }
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            Function function = (Function) it.next();
            if (!Util.isEmpty(this.permissions)) {
                Iterator it2 = this.permissions.iterator();
                while (true) {
                    if (it2.hasNext()) {
                        Permission permission = (Permission) it2.next();
                        if (permission.getName().equals("all")) {
                            if (permission.isNegated()) {
                                this.localPermissions = new ArrayList();
                                break;
                            }
                            this.localPermissions.add(permission);
                        } else if (function.getId().equals(permission.getName())) {
                            this.localPermissions.add(permission);
                        }
                    }
                }
            }
        }
    }

    private void calculateImpliedPermissions(Collection collection) {
        if (Util.isEmpty(collection)) {
            return;
        }
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            Function function = (Function) it.next();
            if (!Util.isEmpty(this.permissions)) {
                Iterator it2 = this.permissions.iterator();
                while (true) {
                    if (it2.hasNext()) {
                        Permission permission = (Permission) it2.next();
                        if (permission.getName().equals("all")) {
                            if (permission.isNegated()) {
                                this.impliedPermissions = new ArrayList();
                                break;
                            }
                            this.impliedPermissions.add(permission);
                        } else if (function.getId().equals(permission.getName())) {
                            this.impliedPermissions.add(permission);
                        }
                    }
                }
            }
        }
    }

    private boolean isCriteriaMet(Resource resource, Permission permission) {
        boolean z = true;
        Collection criteria = permission.getCriteria();
        if (criteria != null && criteria.size() > 0) {
            Iterator it = criteria.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Criteria criteria2 = (Criteria) it.next();
                if (criteria2.getId().equalsIgnoreCase(resource.getCriteriaId())) {
                    z = resource.evaluate(criteria2.getValue());
                    break;
                }
            }
        }
        return z;
    }
}
