package pl.decerto.hyperon.runtime.function.groovy.shell;

import groovy.lang.GroovyClassLoader;
import groovy.lang.GroovyCodeSource;
import java.security.AccessController;
import java.util.regex.Pattern;
import org.codehaus.groovy.control.CompilationUnit;
import org.codehaus.groovy.control.CompilerConfiguration;
import org.codehaus.groovy.control.ErrorCollector;
import org.codehaus.groovy.control.MultipleCompilationErrorsException;
import org.codehaus.groovy.control.messages.Message;
import pl.decerto.hyperon.runtime.invoker.MppGroovyShellConfiguration;
import pl.decerto.hyperon.runtime.model.GroovyFunction;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:pl/decerto/hyperon/runtime/function/groovy/shell/CompilationResultVerifier.class */
public class CompilationResultVerifier {
    public static final String GROOVY_PROCESS_EXECUTE_REGEX = "(\\s+)?(\")?(.*)(\")?(\\s+)?\\.(\\s+)?(execute)(\\s+)?\\((\\s+)?";
    private static final String DEFAULT_CODE_BASE = "/groovy/shell";
    private final GroovyClassLoader loader;
    private static final Pattern COMPILED_GROOVY_EXECUTE_REGEX = Pattern.compile("(\\s+)?(\")?(.*)(\")?(\\s+)?\\.(\\s+)?(execute)(\\s+)?\\((\\s+)?");
    private static final CompilerConfiguration CONFIGURATION = MppGroovyShellConfiguration.secureConfiguration();

    /* JADX INFO: Access modifiers changed from: package-private */
    public CompilationResultVerifier() {
        ClassLoader classLoader = CachedGroovyShell.class.getClassLoader();
        this.loader = (GroovyClassLoader) AccessController.doPrivileged(() -> {
            return new GroovyClassLoader(classLoader, CONFIGURATION);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void verify(GroovyFunction groovyFunction) {
        verifyBody(new ErrorCollector(CONFIGURATION), compile(groovyFunction));
    }

    private CompiledGroovyFunction compile(GroovyFunction groovyFunction) {
        String body = groovyFunction.getBody();
        String virtualName = groovyFunction.getVirtualName();
        GroovyCodeSource groovyCodeSource = new GroovyCodeSource(body, virtualName, "/groovy/shell");
        return new CompiledGroovyFunction(groovyFunction.getImplId(), virtualName, groovyCodeSource, this.loader.parseClass(groovyCodeSource, false), null);
    }

    private void verifyBody(ErrorCollector errorCollector, CompiledGroovyFunction compiledGroovyFunction) {
        GroovyCodeSource source = compiledGroovyFunction.getSource();
        findProcessExecuteExpression(errorCollector, source.getScriptText(), new CompilationUnit(CONFIGURATION, source.getCodeSource(), this.loader));
        if (errorCollector.hasErrors()) {
            throw new MultipleCompilationErrorsException(errorCollector);
        }
    }

    private void findProcessExecuteExpression(ErrorCollector errorCollector, String str, CompilationUnit compilationUnit) {
        if (COMPILED_GROOVY_EXECUTE_REGEX.matcher(str).find()) {
            addError(errorCollector, compilationUnit, "java.lang.Process");
        }
    }

    private void addError(ErrorCollector errorCollector, CompilationUnit compilationUnit, String str) {
        errorCollector.addError(Message.create(String.format("Property access not allowed on [%s]", str), compilationUnit));
    }
}
