package com.microsoft.jenkins.azuread;

import hudson.Extension;
import hudson.model.AutoCompletionCandidates;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.model.Job;
import hudson.model.JobProperty;
import hudson.model.JobPropertyDescriptor;
import hudson.security.AuthorizationMatrixProperty;
import hudson.security.Permission;
import hudson.security.PermissionScope;
import hudson.util.FormValidation;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
import jenkins.model.Jenkins;
import net.sf.json.JSONObject;
import org.jenkinsci.Symbol;
import org.jenkinsci.plugins.matrixauth.AbstractAuthorizationPropertyConverter;
import org.jenkinsci.plugins.matrixauth.AuthorizationProperty;
import org.jenkinsci.plugins.matrixauth.AuthorizationPropertyDescriptor;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.verb.GET;

/* loaded from: input_file:WEB-INF/lib/azure-ad.jar:com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixProperty.class */
public class AzureAdAuthorizationMatrixProperty extends AuthorizationMatrixProperty {
    private final transient ObjId2FullSidMap objId2FullSidMap;

    @SuppressRestrictedWarnings({AbstractAuthorizationPropertyConverter.class})
    /* loaded from: input_file:WEB-INF/lib/azure-ad.jar:com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixProperty$ConverterImpl.class */
    public static class ConverterImpl extends AbstractAuthorizationPropertyConverter {
        public boolean canConvert(Class cls) {
            return cls == AzureAdAuthorizationMatrixProperty.class;
        }

        /* renamed from: create, reason: merged with bridge method [inline-methods] */
        public AuthorizationProperty m487create() {
            return new AzureAdAuthorizationMatrixProperty();
        }
    }

    @Extension
    @SuppressRestrictedWarnings({AuthorizationPropertyDescriptor.class})
    @Symbol({"azureAdAuthorizationMatrix"})
    /* loaded from: input_file:WEB-INF/lib/azure-ad.jar:com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixProperty$DescriptorImpl.class */
    public static class DescriptorImpl extends JobPropertyDescriptor implements AuthorizationPropertyDescriptor<AzureAdAuthorizationMatrixProperty> {
        /* renamed from: create, reason: merged with bridge method [inline-methods] */
        public AzureAdAuthorizationMatrixProperty m489create() {
            return new AzureAdAuthorizationMatrixProperty();
        }

        public PermissionScope getPermissionScope() {
            return PermissionScope.ITEM;
        }

        /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
        public JobProperty<?> m488newInstance(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            return createNewInstance(staplerRequest, jSONObject, true);
        }

        public boolean isApplicable() {
            return Jenkins.get().getAuthorizationStrategy() instanceof AzureAdMatrixAuthorizationStrategy;
        }

        @GET
        public FormValidation doCheckName(@AncestorInPath Job<?, ?> job, @QueryParameter String str) {
            return doCheckName_(str, job, Item.CONFIGURE);
        }

        @Nonnull
        public String getDisplayName() {
            return "Azure Active Directory Authorization Matrix";
        }

        public AutoCompletionCandidates doAutoCompleteUserOrGroup(@QueryParameter String str) throws IOException {
            return AzureAdMatrixAuthorizationStrategy.searchAndGenerateCandidates(str);
        }
    }

    public AzureAdAuthorizationMatrixProperty() {
        super(Collections.emptyList());
        this.objId2FullSidMap = new ObjId2FullSidMap();
    }

    public AzureAdAuthorizationMatrixProperty(Map<Permission, Set<String>> map) {
        super(map);
        this.objId2FullSidMap = new ObjId2FullSidMap();
        refreshMap();
    }

    @DataBoundConstructor
    @Restricted({NoExternalUse.class})
    public AzureAdAuthorizationMatrixProperty(List<String> list) {
        this();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            add(it.next());
        }
    }

    void refreshMap() {
        Iterator it = getAllSIDs().iterator();
        while (it.hasNext()) {
            this.objId2FullSidMap.putFullSid((String) it.next());
        }
        new AzureAdAuthorizationMatrixProperty();
    }

    public void add(Permission permission, String str) {
        super.add(permission, str);
        this.objId2FullSidMap.putFullSid(str);
    }

    public boolean hasExplicitPermission(String str, Permission permission) {
        if (str == null) {
            return false;
        }
        return super.hasExplicitPermission(this.objId2FullSidMap.getOrOriginal(str), permission);
    }

    public boolean hasPermission(String str, Permission permission) {
        return super.hasPermission(this.objId2FullSidMap.getOrOriginal(str), permission);
    }

    public boolean hasPermission(String str, Permission permission, boolean z) {
        return super.hasPermission(this.objId2FullSidMap.getOrOriginal(str), permission, z);
    }
}
