package io.jenkins.plugins.enhanced.credentials;

import com.cloudbees.plugins.credentials.Credentials;
import hudson.AbortException;
import hudson.model.FreeStyleBuild;
import hudson.model.FreeStyleProject;
import hudson.model.Job;
import hudson.model.Result;
import hudson.model.TaskListener;
import io.jenkins.plugins.enhanced.credentials.listener.GenericRunListener;
import java.util.List;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import org.jenkinsci.plugins.workflow.flow.FlowExecution;
import org.jenkinsci.plugins.workflow.job.WorkflowRun;
import org.jenkinsci.plugins.workflow.steps.StepExecution;

/* loaded from: input_file:WEB-INF/lib/enhanced-credentials.jar:io/jenkins/plugins/enhanced/credentials/CredentialRuleSupporter.class */
public class CredentialRuleSupporter {
    private static final Logger LOGGER = Logger.getLogger(CredentialRuleSupporter.class.getName());

    public Boolean checkProjectHasAccessForCredential(Credentials credentials, FreeStyleProject freeStyleProject) {
        return checkItemHasAccessForCredential(callGetId(credentials), freeStyleProject.getFullName());
    }

    public Boolean checkJobHasAccessForCredential(Credentials credentials, Job job) {
        return checkItemHasAccessForCredential(callGetId(credentials), job.getFullName());
    }

    private Boolean checkItemHasAccessForCredential(String str, String str2) {
        CredentialRules loadCredentialRules = CredentialRuleConfiguration.loadCredentialRules();
        LOGGER.fine(String.format("Checking Access for Credential:%s and Item:%s", str, str2));
        if (loadCredentialRules.getCredentialRuleList().size() == 0) {
            LOGGER.fine("No Credentials Rules are found");
            if (loadCredentialRules.getRestrictNotMatching().booleanValue()) {
                LOGGER.info(String.format("Blocking Credential:%s Access for Item:%s", str, str2));
                return false;
            }
            LOGGER.info(String.format("Allowing Credential:%s Access for Item:%s", str, str2));
            return true;
        }
        Boolean bool = false;
        Boolean bool2 = false;
        for (CredentialRule credentialRule : loadCredentialRules.getCredentialRuleList()) {
            String credentialPattern = credentialRule.getCredentialPattern();
            String itemPattern = credentialRule.getItemPattern();
            LOGGER.fine(String.format("Checking access for credentialPattern:%s and itemPattern:%s", credentialPattern, itemPattern));
            if (str.matches(credentialPattern)) {
                LOGGER.fine(String.format("Credential %s is matched with pattern:%s", str, credentialPattern));
                bool = true;
                if (str2.matches(itemPattern)) {
                    LOGGER.fine(String.format("Item %s is matched with pattern:%s", str2, itemPattern));
                    bool2 = true;
                }
            }
        }
        if (loadCredentialRules.getRestrictNotMatching().booleanValue() && !bool.booleanValue()) {
            LOGGER.info(String.format("Blocking Credential:%s Access for Item:%s", str, str2));
            return false;
        }
        if (loadCredentialRules.getRestrictNotMatching().booleanValue() && bool.booleanValue()) {
            if (bool2.booleanValue()) {
                LOGGER.info(String.format("Allowing Credential:%s Access for Item:%s", str, str2));
            } else {
                LOGGER.info(String.format("Blocking Credential:%s Access for Item:%s", str, str2));
            }
            return bool2;
        }
        if (!loadCredentialRules.getRestrictNotMatching().booleanValue() && bool.booleanValue()) {
            if (bool2.booleanValue()) {
                LOGGER.info(String.format("Allowing Credential:%s Access for Item:%s", str, str2));
            } else {
                LOGGER.info(String.format("Blocking Credential:%s Access for Item:%s", str, str2));
            }
            return bool2;
        }
        if (loadCredentialRules.getRestrictNotMatching().booleanValue() || bool.booleanValue()) {
            return false;
        }
        LOGGER.info(String.format("Allowing Credential:%s Access for Item:%s", str, str2));
        return true;
    }

    public void tryStoppingFreeStyleBuild(FreeStyleBuild freeStyleBuild) throws AbortException {
        freeStyleBuild.setResult(Result.FAILURE);
        throw new AbortException("Stopping build..");
    }

    public void tryStoppingWorkflowRun(WorkflowRun workflowRun) {
        LOGGER.fine(String.format("Tyring to stop Workflow Run:%s", workflowRun.getUrl()));
        TaskListener taskListener = GenericRunListener.getTaskListener(workflowRun.getUrl());
        try {
            taskListener.error("Stopping build..");
            FlowExecution execution = workflowRun.getExecution();
            if (execution == null) {
                LOGGER.fine(String.format("Flow Execution is null for Workflow Run %s:", workflowRun.getUrl()));
                throw new Exception(String.format("Flow Execution is null for %s:", workflowRun.getUrl()));
            }
            LOGGER.fine(String.format("Found Flow Execution for Workflow Run %s:", workflowRun.getUrl()));
            for (StepExecution stepExecution : (List) execution.getCurrentExecutions(true).get()) {
                LOGGER.fine(String.format("Stopping step %s", stepExecution.toString()));
                stepExecution.stop(new Throwable("Cancelling step"));
            }
            workflowRun.setResult(Result.FAILURE);
        } catch (Exception e) {
            LOGGER.fine(String.format("Hard-killing Workflow Run:%s", workflowRun.getUrl()));
            taskListener.error(String.format("Failed to stop build with error: %s", e.getMessage()));
            taskListener.error("Trying Hard Kill!");
            workflowRun.doKill();
        }
    }

    public static String callGetId(Credentials credentials) {
        try {
            return String.valueOf(credentials.getClass().getMethod("getId", new Class[0]).invoke(credentials, new Object[0]));
        } catch (Exception e) {
            throw new RuntimeException("Runtime Exception");
        }
    }

    public static void checkAdminPermission() throws Exception {
        Jenkins instanceOrNull = Jenkins.getInstanceOrNull();
        if (instanceOrNull == null) {
            throw new Exception("Couldn't get Jenkins Instance");
        }
        instanceOrNull.checkPermission(Jenkins.ADMINISTER);
    }
}
