package org.jenkinsci.plugins.ownership.integrations.securityinspector;

import hudson.Extension;
import hudson.model.Computer;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.model.TopLevelItem;
import hudson.model.User;
import hudson.model.View;
import hudson.security.ACL;
import hudson.security.Permission;
import hudson.security.PermissionGroup;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.annotation.Nonnull;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContext;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.jenkinsci.plugins.securityinspector.Messages;
import org.jenkinsci.plugins.securityinspector.SecurityInspectorAction;
import org.jenkinsci.plugins.securityinspector.UserContext;
import org.jenkinsci.plugins.securityinspector.UserContextCache;
import org.jenkinsci.plugins.securityinspector.impl.users.UserReportBuilder;
import org.jenkinsci.plugins.securityinspector.model.PermissionReport;
import org.jenkinsci.plugins.securityinspector.model.SecurityInspectorReport;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.HttpResponses;
import org.kohsuke.stapler.StaplerRequest;

@Extension(optional = true)
/* loaded from: input_file:WEB-INF/lib/ownership.jar:org/jenkinsci/plugins/ownership/integrations/securityinspector/PermissionsForOwnerReportBuilder.class */
public class PermissionsForOwnerReportBuilder extends UserReportBuilder {

    /* loaded from: input_file:WEB-INF/lib/ownership.jar:org/jenkinsci/plugins/ownership/integrations/securityinspector/PermissionsForOwnerReportBuilder$ReportImpl.class */
    public static class ReportImpl extends PermissionReport<TopLevelItem, Boolean> {

        @Nonnull
        final User user4report;

        ReportImpl(@Nonnull User user) {
            this.user4report = user;
        }

        public String getReportTargetName() {
            return this.user4report.getDisplayName();
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public Boolean getEntryReport(TopLevelItem topLevelItem, Permission permission) {
            try {
                Authentication impersonate = this.user4report.impersonate();
                SecurityContext securityContext = null;
                Item itemByFullName = Jenkins.getActiveInstance().getItemByFullName(topLevelItem.getFullName());
                if (itemByFullName == null) {
                    return Boolean.FALSE;
                }
                try {
                    securityContext = ACL.impersonate(impersonate);
                    Boolean valueOf = Boolean.valueOf(itemByFullName.hasPermission(permission));
                    if (securityContext != null) {
                        SecurityContextHolder.setContext(securityContext);
                    }
                    return valueOf;
                } catch (Throwable th) {
                    if (securityContext != null) {
                        SecurityContextHolder.setContext(securityContext);
                    }
                    throw th;
                }
            } catch (UsernameNotFoundException e) {
                return Boolean.FALSE;
            }
        }

        public final void generateReport(@Nonnull Set<TopLevelItem> set) {
            HashSet hashSet = new HashSet(PermissionGroup.getAll());
            hashSet.remove(PermissionGroup.get(Permission.class));
            hashSet.remove(PermissionGroup.get(Jenkins.class));
            hashSet.remove(PermissionGroup.get(Computer.class));
            hashSet.remove(PermissionGroup.get(View.class));
            super.generateReport(set, hashSet);
        }

        @Nonnull
        public static ReportImpl createReport(@Nonnull Set<TopLevelItem> set, @Nonnull User user) {
            ReportImpl reportImpl = new ReportImpl(user);
            reportImpl.generateReport(set);
            return reportImpl;
        }

        public String getRowColumnHeader() {
            return Messages.JobReport_RowColumnHeader();
        }

        public String getRowTitle(TopLevelItem topLevelItem) {
            return topLevelItem.getFullDisplayName();
        }

        public boolean isEntryReportOk(TopLevelItem topLevelItem, Permission permission, Boolean bool) {
            if (bool != null) {
                return bool.booleanValue();
            }
            return false;
        }
    }

    public String getIcon() {
        return "fingerprint.png";
    }

    public String getIndex() {
        return "items-for-owner";
    }

    public String getDisplayName() {
        return "Single any owner, multiple items";
    }

    public String getDescription() {
        return "Display job permissions for the specified owner";
    }

    public void processParameters(StaplerRequest staplerRequest) throws Descriptor.FormException, ServletException {
        try {
            Pattern.compile(staplerRequest.getParameter("_.includeRegex"));
            String parameter = staplerRequest.getParameter("selectedOwner");
            UserContextCache.updateSearchCache(new OwnerFilter(staplerRequest).doFilter(User.get(parameter)), (List) null, (List) null, parameter);
        } catch (PatternSyntaxException e) {
            throw new Descriptor.FormException(e, "includeRegex");
        }
    }

    public SecurityInspectorReport getReport() {
        Set<TopLevelItem> requestedJobs = getRequestedJobs();
        User requestedUser = getRequestedUser();
        try {
            SecurityContext securityContext = null;
            try {
                securityContext = ACL.impersonate(requestedUser.impersonate());
                ReportImpl createReport = ReportImpl.createReport(requestedJobs, requestedUser);
                if (securityContext != null) {
                    SecurityContextHolder.setContext(securityContext);
                }
                return createReport;
            } catch (Throwable th) {
                if (securityContext != null) {
                    SecurityContextHolder.setContext(securityContext);
                }
                throw th;
            }
        } catch (UsernameNotFoundException e) {
            return new ReportImpl(requestedUser);
        }
    }

    @Nonnull
    @Restricted({NoExternalUse.class})
    public Set<TopLevelItem> getRequestedJobs() throws HttpResponses.HttpResponseException {
        UserContext userContext = UserContextCache.getInstance().get(SecurityInspectorAction.getSessionId());
        if (userContext == null) {
            throw HttpResponses.error(404, "Context has not been found");
        }
        List<TopLevelItem> jobs = userContext.getJobs();
        if (jobs == null) {
            throw HttpResponses.error(500, "The retrieved context does not contain job filter settings");
        }
        HashSet hashSet = new HashSet(jobs.size());
        for (TopLevelItem topLevelItem : jobs) {
            if (topLevelItem != null) {
                hashSet.add(topLevelItem);
            }
        }
        return hashSet;
    }
}
