package org.acegisecurity.acls.domain;

import java.io.Serializable;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.acegisecurity.acls.AccessControlEntry;
import org.acegisecurity.acls.Acl;
import org.acegisecurity.acls.AuditableAcl;
import org.acegisecurity.acls.MutableAcl;
import org.acegisecurity.acls.NotFoundException;
import org.acegisecurity.acls.OwnershipAcl;
import org.acegisecurity.acls.Permission;
import org.acegisecurity.acls.UnloadedSidException;
import org.acegisecurity.acls.objectidentity.ObjectIdentity;
import org.acegisecurity.acls.sid.Sid;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/acegi-security-1.0.5.jar:org/acegisecurity/acls/domain/AclImpl.class */
public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
    private Acl parentAcl;
    private AclAuthorizationStrategy aclAuthorizationStrategy;
    private AuditLogger auditLogger;
    private List aces;
    private ObjectIdentity objectIdentity;
    private Serializable id;
    private Sid owner;
    private Sid[] loadedSids;
    private boolean entriesInheriting;

    public AclImpl(ObjectIdentity objectIdentity, Serializable serializable, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger) {
        this.aces = new Vector();
        this.loadedSids = null;
        this.entriesInheriting = true;
        Assert.notNull(objectIdentity, "Object Identity required");
        Assert.notNull(serializable, "Id required");
        Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
        Assert.notNull(auditLogger, "AuditLogger required");
        this.objectIdentity = objectIdentity;
        this.id = serializable;
        this.aclAuthorizationStrategy = aclAuthorizationStrategy;
        this.auditLogger = auditLogger;
    }

    public AclImpl(ObjectIdentity objectIdentity, Serializable serializable, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger, Acl acl, Sid[] sidArr, boolean z, Sid sid) {
        this.aces = new Vector();
        this.loadedSids = null;
        this.entriesInheriting = true;
        Assert.notNull(objectIdentity, "Object Identity required");
        Assert.notNull(serializable, "Id required");
        Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
        Assert.notNull(sid, "Owner required");
        Assert.notNull(auditLogger, "AuditLogger required");
        this.objectIdentity = objectIdentity;
        this.id = serializable;
        this.aclAuthorizationStrategy = aclAuthorizationStrategy;
        this.auditLogger = auditLogger;
        this.parentAcl = acl;
        this.loadedSids = sidArr;
        this.entriesInheriting = z;
        this.owner = sid;
    }

    private AclImpl() {
        this.aces = new Vector();
        this.loadedSids = null;
        this.entriesInheriting = true;
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public void deleteAce(Serializable serializable) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        synchronized (this.aces) {
            int findAceOffset = findAceOffset(serializable);
            if (findAceOffset == -1) {
                throw new NotFoundException("Requested ACE ID not found");
            }
            this.aces.remove(findAceOffset);
        }
    }

    private int findAceOffset(Serializable serializable) {
        Assert.notNull(serializable, "ACE ID is required");
        synchronized (this.aces) {
            for (int i = 0; i < this.aces.size(); i++) {
                if (((AccessControlEntry) this.aces.get(i)).getId().equals(serializable)) {
                    return i;
                }
            }
            return -1;
        }
    }

    @Override // org.acegisecurity.acls.Acl
    public AccessControlEntry[] getEntries() {
        return (AccessControlEntry[]) this.aces.toArray(new AccessControlEntry[0]);
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public Serializable getId() {
        return this.id;
    }

    @Override // org.acegisecurity.acls.Acl
    public ObjectIdentity getObjectIdentity() {
        return this.objectIdentity;
    }

    @Override // org.acegisecurity.acls.Acl
    public Sid getOwner() {
        return this.owner;
    }

    @Override // org.acegisecurity.acls.Acl
    public Acl getParentAcl() {
        return this.parentAcl;
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public void insertAce(Serializable serializable, Permission permission, Sid sid, boolean z) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        Assert.notNull(permission, "Permission required");
        Assert.notNull(sid, "Sid required");
        AccessControlEntryImpl accessControlEntryImpl = new AccessControlEntryImpl(null, this, sid, permission, z, false, false);
        synchronized (this.aces) {
            if (serializable != null) {
                int findAceOffset = findAceOffset(serializable);
                if (findAceOffset == -1) {
                    throw new NotFoundException("Requested ACE ID not found");
                }
                this.aces.add(findAceOffset + 1, accessControlEntryImpl);
            } else {
                this.aces.add(accessControlEntryImpl);
            }
        }
    }

    @Override // org.acegisecurity.acls.Acl
    public boolean isEntriesInheriting() {
        return this.entriesInheriting;
    }

    @Override // org.acegisecurity.acls.Acl
    public boolean isGranted(Permission[] permissionArr, Sid[] sidArr, boolean z) throws NotFoundException, UnloadedSidException {
        Assert.notEmpty(permissionArr, "Permissions required");
        Assert.notEmpty(sidArr, "SIDs required");
        if (!isSidLoaded(sidArr)) {
            throw new UnloadedSidException("ACL was not loaded for one or more SID");
        }
        AccessControlEntry accessControlEntry = null;
        for (Permission permission : permissionArr) {
            for (Sid sid : sidArr) {
                Iterator it = this.aces.iterator();
                boolean z2 = true;
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    AccessControlEntry accessControlEntry2 = (AccessControlEntry) it.next();
                    if (accessControlEntry2.getPermission().getMask() == permission.getMask() && accessControlEntry2.getSid().equals(sid)) {
                        if (accessControlEntry2.isGranting()) {
                            if (z) {
                                return true;
                            }
                            this.auditLogger.logIfNeeded(true, accessControlEntry2);
                            return true;
                        }
                        if (accessControlEntry == null) {
                            accessControlEntry = accessControlEntry2;
                        }
                        z2 = false;
                    }
                }
                if (!z2) {
                    break;
                }
            }
        }
        if (accessControlEntry != null) {
            if (z) {
                return false;
            }
            this.auditLogger.logIfNeeded(false, accessControlEntry);
            return false;
        }
        if (!isEntriesInheriting() || this.parentAcl == null) {
            throw new NotFoundException("Unable to locate a matching ACE for passed permissions and SIDs");
        }
        return this.parentAcl.isGranted(permissionArr, sidArr, false);
    }

    @Override // org.acegisecurity.acls.Acl
    public boolean isSidLoaded(Sid[] sidArr) {
        if (this.loadedSids == null || sidArr == null || sidArr.length == 0) {
            return true;
        }
        for (Sid sid : sidArr) {
            boolean z = false;
            int i = 0;
            while (true) {
                if (i >= this.loadedSids.length) {
                    break;
                }
                if (sid.equals(this.loadedSids[i])) {
                    z = true;
                    break;
                }
                i++;
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public void setEntriesInheriting(boolean z) {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        this.entriesInheriting = z;
    }

    @Override // org.acegisecurity.acls.OwnershipAcl
    public void setOwner(Sid sid) {
        this.aclAuthorizationStrategy.securityCheck(this, 0);
        Assert.notNull(sid, "Owner required");
        this.owner = sid;
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public void setParent(Acl acl) {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        Assert.notNull(acl, "New Parent required");
        Assert.isTrue(!acl.equals(this), "Cannot be the parent of yourself");
        this.parentAcl = acl;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("AclImpl[");
        stringBuffer.append("id: ").append(this.id).append("; ");
        stringBuffer.append("objectIdentity: ").append(this.objectIdentity).append("; ");
        stringBuffer.append("owner: ").append(this.owner).append("; ");
        Iterator it = this.aces.iterator();
        int i = 0;
        while (it.hasNext()) {
            i++;
            if (i == 1) {
                stringBuffer.append("\r\n");
            }
            stringBuffer.append(it.next().toString()).append("\r\n");
        }
        if (i == 0) {
            stringBuffer.append("no ACEs; ");
        }
        stringBuffer.append("inheriting: ").append(this.entriesInheriting).append("; ");
        stringBuffer.append("parent: ").append(this.parentAcl == null ? "Null" : this.parentAcl.getObjectIdentity().toString());
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    @Override // org.acegisecurity.acls.MutableAcl
    public void updateAce(Serializable serializable, Permission permission) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        synchronized (this.aces) {
            int findAceOffset = findAceOffset(serializable);
            if (findAceOffset == 1) {
                throw new NotFoundException("Requested ACE ID not found");
            }
            ((AccessControlEntryImpl) this.aces.get(findAceOffset)).setPermission(permission);
        }
    }

    @Override // org.acegisecurity.acls.AuditableAcl
    public void updateAuditing(Serializable serializable, boolean z, boolean z2) {
        this.aclAuthorizationStrategy.securityCheck(this, 1);
        synchronized (this.aces) {
            int findAceOffset = findAceOffset(serializable);
            if (findAceOffset == 1) {
                throw new NotFoundException("Requested ACE ID not found");
            }
            AccessControlEntryImpl accessControlEntryImpl = (AccessControlEntryImpl) this.aces.get(findAceOffset);
            accessControlEntryImpl.setAuditSuccess(z);
            accessControlEntryImpl.setAuditFailure(z2);
        }
    }
}
