package org.jenkinsci.plugins.securityinspector.impl.items;

import hudson.Extension;
import hudson.model.Computer;
import hudson.model.Descriptor;
import hudson.model.Hudson;
import hudson.model.Item;
import hudson.model.User;
import hudson.model.View;
import hudson.security.ACL;
import hudson.security.Permission;
import hudson.security.PermissionGroup;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.annotation.Nonnull;
import javax.servlet.ServletException;
import org.acegisecurity.context.SecurityContext;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.jenkinsci.plugins.securityinspector.Messages;
import org.jenkinsci.plugins.securityinspector.SecurityInspectorAction;
import org.jenkinsci.plugins.securityinspector.UserContext;
import org.jenkinsci.plugins.securityinspector.UserContextCache;
import org.jenkinsci.plugins.securityinspector.model.PermissionReport;
import org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport;
import org.jenkinsci.plugins.securityinspector.util.UserFilter;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.HttpResponses;
import org.kohsuke.stapler.StaplerRequest;

@Extension
/* loaded from: input_file:WEB-INF/lib/security-inspector.jar:org/jenkinsci/plugins/securityinspector/impl/items/ItemForMultipleUsersReportBuilder.class */
public class ItemForMultipleUsersReportBuilder extends ItemReportBuilder {

    /* loaded from: input_file:WEB-INF/lib/security-inspector.jar:org/jenkinsci/plugins/securityinspector/impl/items/ItemForMultipleUsersReportBuilder$ReportImpl.class */
    public static class ReportImpl extends PermissionReport<User, Boolean> {

        @Nonnull
        final Item job4report;

        ReportImpl(@Nonnull Item item) {
            this.job4report = item;
        }

        @Override // org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport
        public void forRow(User user, Runnable runnable) {
            try {
                SecurityContext securityContext = null;
                try {
                    securityContext = ACL.impersonate(user.impersonate());
                    runnable.run();
                    if (securityContext != null) {
                        SecurityContextHolder.setContext(securityContext);
                    }
                } catch (Throwable th) {
                    if (securityContext != null) {
                        SecurityContextHolder.setContext(securityContext);
                    }
                    throw th;
                }
            } catch (UsernameNotFoundException e) {
                fillRowByResult(user, Boolean.FALSE);
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport
        public Boolean getEntryReport(User user, Permission permission) {
            return Boolean.valueOf(this.job4report.hasPermission(permission));
        }

        public final void generateReport(@Nonnull Set<User> set) {
            HashSet hashSet = new HashSet(PermissionGroup.getAll());
            hashSet.remove(PermissionGroup.get(Permission.class));
            hashSet.remove(PermissionGroup.get(Hudson.class));
            hashSet.remove(PermissionGroup.get(Computer.class));
            hashSet.remove(PermissionGroup.get(View.class));
            super.generateReport(set, hashSet);
        }

        public static ReportImpl createReport(@Nonnull Set<User> set, @Nonnull Item item) {
            ReportImpl reportImpl = new ReportImpl(item);
            reportImpl.generateReport(set);
            return reportImpl;
        }

        @Override // org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport
        public String getRowColumnHeader() {
            return Messages.UserReport_RowColumnHeader();
        }

        @Override // org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport
        public String getRowTitle(User user) {
            return user.getId();
        }

        @Override // org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport
        public boolean isEntryReportOk(User user, Permission permission, Boolean bool) {
            if (bool != null) {
                return bool.booleanValue();
            }
            return false;
        }
    }

    @Override // org.jenkinsci.plugins.securityinspector.model.ReportBuilder
    public String getIcon() {
        return "user.png";
    }

    @Override // org.jenkinsci.plugins.securityinspector.model.ReportBuilder
    public String getIndex() {
        return "users-for-item";
    }

    @Override // org.jenkinsci.plugins.securityinspector.model.ReportBuilder
    public String getDisplayName() {
        return "Multiple users, single job";
    }

    @Override // org.jenkinsci.plugins.securityinspector.model.ReportBuilder
    public String getDescription() {
        return "Display users permissions for the specified item";
    }

    @Override // org.jenkinsci.plugins.securityinspector.model.ReportBuilder
    public void processParameters(StaplerRequest staplerRequest) throws Descriptor.FormException, ServletException {
        try {
            Pattern.compile(staplerRequest.getParameter("_.includeRegex4User"));
            UserContextCache.updateSearchCache(new UserFilter(staplerRequest), staplerRequest.getParameter("selectedJob"));
        } catch (PatternSyntaxException e) {
            throw new Descriptor.FormException(e, "includeRegex4User");
        }
    }

    @Nonnull
    @Restricted({NoExternalUse.class})
    public SecurityInspectorReport getReportUser() {
        return ReportImpl.createReport(getRequestedUsers(), getRequestedJob());
    }

    @Nonnull
    @Restricted({NoExternalUse.class})
    public Set<User> getRequestedUsers() throws HttpResponses.HttpResponseException {
        UserContext userContext = UserContextCache.getInstance().get(SecurityInspectorAction.getSessionId());
        if (userContext == null) {
            throw HttpResponses.error(404, "Context has not been found");
        }
        UserFilter userFilter = userContext.getUserFilter();
        if (userFilter == null) {
            throw HttpResponses.error(500, "The retrieved context does not contain user filter settings");
        }
        List<User> doFilter = userFilter.doFilter();
        HashSet hashSet = new HashSet(doFilter.size());
        for (User user : doFilter) {
            if (user != null) {
                hashSet.add(user);
            }
        }
        return hashSet;
    }
}
