package nyla.solutions.core.security.data;

import java.security.Principal;
import java.security.acl.Group;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import nyla.solutions.core.exception.SecurityException;

/* loaded from: input_file:nyla/solutions/core/security/data/SecurityAcl.class */
public class SecurityAcl implements Acl, AclEditor {
    private static final long serialVersionUID = 15616038981342591L;
    private Map<Principal, Set<AccessControl>> entries;
    private final String name;

    public SecurityAcl() {
        this("SecurityAcl");
    }

    public SecurityAcl(String str) {
        this.entries = new HashMap();
        this.name = str;
    }

    @Override // nyla.solutions.core.security.data.Acl
    public synchronized String getName() {
        return this.name;
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public synchronized boolean addEntry(Principal principal, Principal principal2, Permission permission) {
        return addEntry(principal, new SecurityAccessControl(principal2, permission));
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public synchronized boolean addEntry(Principal principal, Principal principal2, String str) {
        return addEntry(principal, new SecurityAccessControl(principal2, str));
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public synchronized boolean addEntry(Principal principal, Principal principal2, boolean z, String str) {
        return addEntry(principal, new SecurityAccessControl(principal2, z, str));
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public synchronized boolean addEntry(Principal principal, AccessControl accessControl) {
        if (accessControl == null) {
            return false;
        }
        Principal principal2 = accessControl.getPrincipal();
        Set<AccessControl> set = this.entries.get(principal2);
        if (set == null) {
            HashSet hashSet = new HashSet();
            hashSet.add(accessControl);
            this.entries.put(principal2, hashSet);
            return true;
        }
        for (AccessControl accessControl2 : set) {
            if (principal2.equals(accessControl2.getPrincipal())) {
                mergePermissions(accessControl, accessControl2);
            }
        }
        return true;
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public void mergePermissions(AccessControl accessControl, AccessControl accessControl2) {
        List<Permission> permissions;
        if (accessControl == null || accessControl2 == null || (permissions = accessControl.getPermissions()) == null) {
            return;
        }
        if (accessControl.isNegative() != accessControl2.isNegative()) {
            throw new SecurityException("Cannot change or mixed different negative property for ACL from:" + accessControl + " to ACL:" + accessControl2 + "  permission must be either all negative or all positive for a principal");
        }
        Iterator<Permission> it = permissions.iterator();
        while (it.hasNext()) {
            accessControl2.addPermission(it.next());
        }
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public synchronized boolean revokeAccess(Principal principal, AccessControl accessControl) {
        Principal principal2;
        Set<AccessControl> set;
        if (accessControl == null || (principal2 = accessControl.getPrincipal()) == null || (set = this.entries.get(accessControl.getPrincipal())) == null || set.isEmpty()) {
            return false;
        }
        boolean remove = set.remove(accessControl);
        this.entries.put(principal2, set);
        return remove;
    }

    @Override // nyla.solutions.core.security.data.Acl
    public synchronized boolean checkPermission(Principal principal, Permission permission) {
        if (principal == null || permission == null) {
            return false;
        }
        Set<AccessControl> set = this.entries.get(principal);
        if (set != null && !set.isEmpty()) {
            Iterator<AccessControl> it = set.iterator();
            while (it.hasNext()) {
                if (it.next().checkPermission(permission)) {
                    return true;
                }
            }
        }
        if (SecurityUser.class.isAssignableFrom(principal.getClass())) {
            return checkPermission(((SecurityUser) principal).getGroups(), permission);
        }
        return false;
    }

    @Override // nyla.solutions.core.security.data.Acl
    public boolean checkPermission(Set<Group> set, Permission permission) {
        if (set == null || set.isEmpty()) {
            return false;
        }
        Iterator<Group> it = set.iterator();
        while (it.hasNext()) {
            if (checkPermission(it.next(), permission)) {
                return true;
            }
        }
        return false;
    }

    @Override // nyla.solutions.core.security.data.Acl
    public synchronized boolean checkPermission(Principal principal, String str) {
        if (str == null) {
            return false;
        }
        return checkPermission(principal, new SecurityPermission(str));
    }

    @Override // nyla.solutions.core.security.data.Acl
    public boolean isEmpty() {
        return this.entries == null || this.entries.isEmpty();
    }

    @Override // nyla.solutions.core.security.data.AclEditor
    public void clear() {
        this.entries.clear();
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("SecurityAcl [entries=").append(this.entries).append(", name=").append(this.name).append("]");
        return sb.toString();
    }
}
