package com.assembla.jenkinsci.plugin;

import com.assembla.jenkinsci.plugin.api.ApiService;
import com.assembla.jenkinsci.plugin.api.AssemblaPermission;
import com.assembla.jenkinsci.plugin.api.SpaceAssembla;
import com.assembla.jenkinsci.plugin.api.UserRoleAssembla;
import hudson.security.ACL;
import hudson.security.Permission;
import java.util.Calendar;
import java.util.LinkedList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.acegisecurity.Authentication;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;

/* loaded from: input_file:com/assembla/jenkinsci/plugin/AssemblaACL.class */
public class AssemblaACL extends ACL {
    private static final Logger LOG = Logger.getLogger(AssemblaACL.class.getName());
    private static final long USER_API_CALL_CACHE_TIME = 300000;
    private final List<String> adminUserNameList;

    public AssemblaACL(String str) {
        LOG.fine("**************** AssemblaACL() ****************");
        this.adminUserNameList = new LinkedList();
        for (String str2 : str.split(",")) {
            this.adminUserNameList.add(str2.trim());
        }
    }

    public boolean hasPermission(Authentication authentication, Permission permission) {
        boolean z = false;
        String name = authentication.getName();
        if (this.adminUserNameList.contains(name)) {
            z = true;
        } else if (authentication instanceof AssemblaAuthenticationToken) {
            switch (getAssemblaPermissionFromAPI((AssemblaAuthenticationToken) authentication)) {
                case AssemblaPermission.NONE /* 0 */:
                default:
                    z = false;
                    break;
                case AssemblaPermission.VIEW /* 1 */:
                    z = isReadPermission(permission);
                    break;
                case AssemblaPermission.EDIT /* 2 */:
                    z = true;
                    if (permission.getId().equals("hudson.model.Hudson.Administer")) {
                        z = false;
                        break;
                    }
                    break;
                case AssemblaPermission.ALL /* 3 */:
                    z = true;
                    break;
            }
        } else if ((authentication instanceof UsernamePasswordAuthenticationToken) && name.equals(SYSTEM.getPrincipal())) {
            z = true;
        }
        return z;
    }

    private int getAssemblaPermissionFromAPI(AssemblaAuthenticationToken assemblaAuthenticationToken) {
        Calendar calendar = Calendar.getInstance();
        if (calendar.getTimeInMillis() - assemblaAuthenticationToken.getLastTimeApiCall() > USER_API_CALL_CACHE_TIME) {
            LOG.fine("getAssemblaPermissionFromAPI() - - Reloading user data from Assembla API ...");
            assemblaAuthenticationToken.getUser().setRole(null);
            try {
                assemblaAuthenticationToken.getTokensAssembla().access_token = ApiService.postRefreshAccessToken(assemblaAuthenticationToken.getTokensAssembla().refresh_token, assemblaAuthenticationToken.getTokensAssembla().clientId, assemblaAuthenticationToken.getTokensAssembla().clientSecret);
                SpaceAssembla space = ApiService.getSpace(assemblaAuthenticationToken.getTokensAssembla().access_token, assemblaAuthenticationToken.getUser().getSpaceId());
                UserRoleAssembla[] userRoles = ApiService.getUserRoles(assemblaAuthenticationToken.getTokensAssembla().access_token, assemblaAuthenticationToken.getUser().getSpaceId());
                if (userRoles != null) {
                    int length = userRoles.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        UserRoleAssembla userRoleAssembla = userRoles[i];
                        if (assemblaAuthenticationToken.getUser().id.equals(userRoleAssembla.user_id)) {
                            assemblaAuthenticationToken.getUser().setRole(userRoleAssembla.role);
                            break;
                        }
                        i++;
                    }
                }
                assemblaAuthenticationToken.getUser().setAssembla_permission(AssemblaPermission.getPermission(assemblaAuthenticationToken.getUser().getRole(), space));
                assemblaAuthenticationToken.setLastTimeApiCall(calendar.getTimeInMillis());
            } catch (Exception e) {
                LOG.log(Level.SEVERE, "getAssemblaPermissionFromAPI()", (Throwable) e);
                assemblaAuthenticationToken.getUser().setAssembla_permission(0);
            }
        }
        return assemblaAuthenticationToken.getUser().getAssembla_permission();
    }

    private boolean isReadPermission(Permission permission) {
        return permission.getId().equals("hudson.model.Hudson.Read") || permission.getId().equals("hudson.model.Item.Read");
    }

    public List<String> getAdminUserNameList() {
        return this.adminUserNameList;
    }
}
