package io.takari.builder.internal;

import io.takari.builder.Messages;
import io.takari.builder.enforcer.ComposableSecurityManagerPolicy;
import io.takari.builder.enforcer.Policy;
import io.takari.builder.enforcer.internal.EnforcerViolation;
import io.takari.builder.enforcer.internal.EnforcerViolationType;
import io.takari.builder.internal.BuilderExecutionState;
import io.takari.builder.internal.pathmatcher.FileMatcher;
import io.takari.builder.internal.pathmatcher.PathMatcher;
import io.takari.builder.internal.pathmatcher.PathNormalizer;
import java.io.File;
import java.nio.file.Path;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicBoolean;
import org.slf4j.Logger;

/* loaded from: input_file:io/takari/builder/internal/BuilderContext.class */
public class BuilderContext {
    static final String PROPERTY_WRITE_ACTION = "write";
    static final String PROPERTY_READ_ACTION = "read";
    static final String PROPERTY_RW_ACTION = "read,write";
    private static final Object KEY_CONTEXT = BuilderContextPolicy.class;
    public static Messages MESSAGES = new Messages() { // from class: io.takari.builder.internal.BuilderContext.1
        private Messages getCurrentMessages() {
            return BuilderContext.access$0().getMessages();
        }

        @Override // io.takari.builder.Messages
        public void warn(File file, int i, int i2, String str, Throwable th) {
            getCurrentMessages().warn(file, i, i2, str, th);
        }

        @Override // io.takari.builder.Messages
        public void info(File file, int i, int i2, String str, Throwable th) {
            getCurrentMessages().info(file, i, i2, str, th);
        }

        @Override // io.takari.builder.Messages
        public void error(File file, int i, int i2, String str, Throwable th) {
            getCurrentMessages().error(file, i, i2, str, th);
        }

        @Override // io.takari.builder.Messages
        public void warn(Path path, int i, int i2, String str, Throwable th) {
            getCurrentMessages().warn(path, i, i2, str, th);
        }

        @Override // io.takari.builder.Messages
        public void info(Path path, int i, int i2, String str, Throwable th) {
            getCurrentMessages().info(path, i, i2, str, th);
        }

        @Override // io.takari.builder.Messages
        public void error(Path path, int i, int i2, String str, Throwable th) {
            getCurrentMessages().error(path, i, i2, str, th);
        }
    };
    private final Logger log;
    private final String id;
    private final PathNormalizer normalizer;
    private final PathMatcher readMatcher;
    private final PathMatcher writeMatcher;
    private final PathMatcher tempMatcher;
    private final Collection<String> execExceptions;
    private final boolean networkAccessAllowed;
    private final FileMatcher readExceptionsMatcher;
    private final FileMatcher writeExceptionsMatcher;
    private final PathMatcher readAndTrackExceptionsMatcher;
    private final Set<EnforcerViolation> violations;
    private final MessageCollector messages;
    private final BuilderWorkspace workspace;
    private final Object writeLock;
    private final BuilderExecutionState.InprogressStateWriter inprogressWriter;
    private final Set<String> writes;
    private final Set<String> tempWrites;
    private final Set<String> properties;

    /* loaded from: input_file:io/takari/builder/internal/BuilderContext$Builder.class */
    public static class Builder {
        private final Logger log;
        private final String id;
        private final Path sessionBasedir;
        private final PathNormalizer normalizer;
        private final PathMatcher.Builder readMatcherBuilder;
        private final PathMatcher.Builder readAndTrackMatcherBuilder;
        private final PathMatcher.Builder writeMatcherBuilder;
        private final PathMatcher.Builder tempMatcherBuilder;
        private final MessageCollector messages;
        private final Collection<String> execExceptions;
        private boolean networkAccessAllowed;
        private final Collection<String> readExceptions;
        private final Collection<String> writeExceptions;
        private BuilderExecutionState.InprogressStateWriter inprogressWriter;
        private final BuilderWorkspace workspace;

        private Builder(Logger logger, String str, Path path, MessageCollector messageCollector, BuilderWorkspace builderWorkspace) {
            this.execExceptions = new LinkedHashSet();
            this.readExceptions = new LinkedHashSet();
            this.writeExceptions = new LinkedHashSet();
            this.inprogressWriter = BuilderExecutionState.NOOP_INPROGRESSWRITER;
            this.log = logger;
            this.id = str;
            this.sessionBasedir = path;
            this.messages = messageCollector;
            this.normalizer = PathNormalizer.createNormalizer(path);
            this.readMatcherBuilder = PathMatcher.builder(this.normalizer).excludeRoot();
            this.readAndTrackMatcherBuilder = PathMatcher.builder(this.normalizer).excludeRoot();
            this.writeMatcherBuilder = PathMatcher.builder(this.normalizer).excludeRoot();
            this.tempMatcherBuilder = PathMatcher.builder(this.normalizer).excludeRoot();
            this.workspace = builderWorkspace;
        }

        public Builder addInputMatcher(PathMatcher pathMatcher) {
            this.readMatcherBuilder.addMatcher(pathMatcher);
            return this;
        }

        public Builder addInputFiles(Collection<Path> collection) {
            collection.forEach(path -> {
                this.readMatcherBuilder.includePath(path.toAbsolutePath().toString());
            });
            return this;
        }

        public Builder addInputFile(Path path) {
            this.readMatcherBuilder.includePath(path.toAbsolutePath().toString());
            return this;
        }

        public Builder addInputDirectory(Path path) {
            this.readMatcherBuilder.includePrefix(path.toAbsolutePath().toString());
            return this;
        }

        public Builder addOutputDirectory(Path path) {
            String path2 = path.toAbsolutePath().toString();
            this.writeMatcherBuilder.includePrefix(path2);
            this.tempMatcherBuilder.excludePrefix(path2);
            return this;
        }

        public Builder addOutputFile(Path path) {
            String path2 = path.toAbsolutePath().toString();
            this.writeMatcherBuilder.includePath(path2);
            this.tempMatcherBuilder.excludePath(path2);
            return this;
        }

        public Builder addTemporaryDirectory(Path path) {
            String path2 = path.toString();
            this.tempMatcherBuilder.includePrefix(path2);
            this.writeMatcherBuilder.excludePrefix(path2);
            return this;
        }

        public Builder addReadExceptions(Collection<String> collection) {
            this.readExceptions.addAll(collection);
            return this;
        }

        public Builder addReadAndTrackExceptions(Collection<String> collection) {
            collection.forEach(str -> {
                this.readAndTrackMatcherBuilder.includePath(str);
            });
            return this;
        }

        public Builder addWriteExceptions(Collection<String> collection) {
            this.writeExceptions.addAll(collection);
            return this;
        }

        public Builder addExecExceptions(Collection<String> collection) {
            this.execExceptions.addAll(collection);
            return this;
        }

        public Builder setNetworkAccessAllowed(boolean z) {
            this.networkAccessAllowed = z;
            return this;
        }

        public Builder setInprogressWriter(BuilderExecutionState.InprogressStateWriter inprogressStateWriter) {
            this.inprogressWriter = inprogressStateWriter;
            return this;
        }

        public BuilderContext build() {
            this.tempMatcherBuilder.excludePrefix(PathNormalizer.normalize0(this.sessionBasedir));
            return new BuilderContext(this.log, this.normalizer, this.id, this.readMatcherBuilder.build(), this.writeMatcherBuilder.build(), this.tempMatcherBuilder.build(), this.messages, this.execExceptions, this.networkAccessAllowed, this.readExceptions, this.writeExceptions, this.readAndTrackMatcherBuilder.build(), this.inprogressWriter, this.workspace, null);
        }

        /* synthetic */ Builder(Logger logger, String str, Path path, MessageCollector messageCollector, BuilderWorkspace builderWorkspace, Builder builder) {
            this(logger, str, path, messageCollector, builderWorkspace);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/takari/builder/internal/BuilderContext$BuilderContextPolicy.class */
    public static class BuilderContextPolicy implements Policy {
        private final BuilderContext ctx;
        private final ThreadLocal<Boolean> readPrivileged = ThreadLocal.withInitial(() -> {
            return Boolean.FALSE;
        });
        private AtomicBoolean inScope = new AtomicBoolean(true);

        public BuilderContextPolicy(BuilderContext builderContext) {
            this.ctx = builderContext;
        }

        public BuilderContext getBuilderContext() {
            return this.ctx;
        }

        public void checkWrite(String str) {
            checkScope();
            if (this.ctx.checkAndRecordWrite(str)) {
                return;
            }
            handleViolation(this.ctx, EnforcerViolationType.WRITE, PathNormalizer.normalize0(str));
        }

        public void checkSocketPermission() {
            checkScope();
            if (!this.ctx.checkSockets()) {
                throw new SecurityException();
            }
        }

        public void checkRead(String str) {
            checkScope();
            if (this.readPrivileged.get() == Boolean.TRUE) {
                return;
            }
            try {
                this.readPrivileged.set(Boolean.TRUE);
                if (!this.ctx.checkRead(str)) {
                    handleViolation(this.ctx, EnforcerViolationType.READ, PathNormalizer.normalize0(str));
                }
            } finally {
                this.readPrivileged.set(Boolean.FALSE);
            }
        }

        public void checkPropertyPermission(String str, String str2) {
            checkScope();
            if (!this.ctx.checkAndRecordProperty(str, str2)) {
                throw new SecurityException();
            }
        }

        public void checkExec(String str) {
            checkScope();
            if (this.ctx.checkExec(str)) {
                return;
            }
            handleViolation(this.ctx, EnforcerViolationType.EXECUTE, str);
        }

        private void checkScope() {
            if (!this.inScope.get()) {
                throw new IllegalStateException("BuilderContext is no longer in scope");
            }
        }

        private void handleViolation(BuilderContext builderContext, EnforcerViolationType enforcerViolationType, String str) {
            builderContext.addViolation(new EnforcerViolation(enforcerViolationType, str));
        }
    }

    public void enter() {
        ComposableSecurityManagerPolicy.registerContextPolicy(KEY_CONTEXT, new BuilderContextPolicy(this));
    }

    public void leave() {
        BuilderContextPolicy builderContextPolicy = (BuilderContextPolicy) ComposableSecurityManagerPolicy.unregisterContextPolicy(KEY_CONTEXT);
        if (builderContextPolicy.getBuilderContext() != this) {
            throw new IllegalStateException();
        }
        builderContextPolicy.inScope.set(false);
    }

    private static BuilderContext getCurrentContext() {
        BuilderContextPolicy builderContextPolicy = (BuilderContextPolicy) ComposableSecurityManagerPolicy.getContextPolicy(KEY_CONTEXT);
        if (builderContextPolicy == null) {
            throw new IllegalStateException();
        }
        return builderContextPolicy.getBuilderContext();
    }

    public static Builder builder(Logger logger, String str, Path path, MessageCollector messageCollector, BuilderWorkspace builderWorkspace) {
        return new Builder(logger, str, path, messageCollector, builderWorkspace, null);
    }

    private BuilderContext(Logger logger, PathNormalizer pathNormalizer, String str, PathMatcher pathMatcher, PathMatcher pathMatcher2, PathMatcher pathMatcher3, MessageCollector messageCollector, Collection<String> collection, boolean z, Collection<String> collection2, Collection<String> collection3, PathMatcher pathMatcher4, BuilderExecutionState.InprogressStateWriter inprogressStateWriter, BuilderWorkspace builderWorkspace) {
        this.violations = ConcurrentHashMap.newKeySet();
        this.writeLock = new Object();
        this.writes = ConcurrentHashMap.newKeySet();
        this.tempWrites = ConcurrentHashMap.newKeySet();
        this.properties = ConcurrentHashMap.newKeySet();
        this.log = logger;
        this.id = str;
        this.readMatcher = pathMatcher;
        this.writeMatcher = pathMatcher2;
        this.tempMatcher = pathMatcher3;
        this.messages = messageCollector;
        this.normalizer = pathNormalizer;
        this.execExceptions = collection;
        this.networkAccessAllowed = z;
        this.inprogressWriter = inprogressStateWriter;
        this.readExceptionsMatcher = getExceptionsMatcher(collection2);
        this.writeExceptionsMatcher = getExceptionsMatcher(collection3);
        this.readAndTrackExceptionsMatcher = pathMatcher4;
        this.workspace = builderWorkspace;
    }

    private static FileMatcher getExceptionsMatcher(Collection<String> collection) {
        return (collection == null || collection.isEmpty()) ? FileMatcher.createMatcher((Collection) null, Arrays.asList("*")) : FileMatcher.createMatcher(collection, (Collection) null);
    }

    public String toString() {
        return this.id;
    }

    /* JADX WARN: Type inference failed for: r0v12, types: [java.lang.Throwable, java.lang.Object] */
    public final boolean checkRead(String str) {
        String normalize = this.normalizer.normalize(str);
        if (this.readExceptionsMatcher.matches(normalize) || this.readAndTrackExceptionsMatcher.includes(normalize)) {
            return true;
        }
        synchronized (this.writeLock) {
            if (this.writes.contains(normalize) || this.tempWrites.contains(normalize)) {
                return true;
            }
            if (this.readMatcher.includes(normalize)) {
                return true;
            }
            return !this.workspace.isRegularFile(PathNormalizer.toPath(normalize));
        }
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [java.lang.Throwable, java.lang.Object] */
    public final boolean checkAndRecordWrite(String str) {
        String normalize = this.normalizer.normalize(str);
        if (this.writeExceptionsMatcher.matches(normalize)) {
            return true;
        }
        synchronized (this.writeLock) {
            if (this.writes.contains(normalize) || this.tempWrites.contains(normalize)) {
                return true;
            }
            if (this.workspace.isRegularFile(PathNormalizer.toPath(normalize)) && !this.readAndTrackExceptionsMatcher.includes(normalize)) {
                return false;
            }
            if (this.writeMatcher.includes(normalize)) {
                this.writes.add(normalize);
                recordInprogressWrite(normalize);
                this.workspace.processOutput(PathNormalizer.toPath(normalize));
                return true;
            }
            if (!this.tempMatcher.includes(normalize)) {
                return false;
            }
            this.tempWrites.add(normalize);
            recordInprogressWrite(normalize);
            return true;
        }
    }

    private void recordInprogressWrite(String str) {
        if (this.readAndTrackExceptionsMatcher.includes(str)) {
            return;
        }
        this.inprogressWriter.writePath(str);
    }

    public final boolean checkExec(String str) {
        return this.execExceptions.contains(str);
    }

    public final boolean checkSockets() {
        return this.networkAccessAllowed;
    }

    public boolean checkAndRecordProperty(String str, String str2) {
        if (!str.equals(PROPERTY_READ_ACTION) && !str.equals(PROPERTY_RW_ACTION)) {
            return str.equals(PROPERTY_WRITE_ACTION);
        }
        this.properties.add(str2);
        return true;
    }

    public boolean addViolation(EnforcerViolation enforcerViolation) {
        boolean add = this.violations.add(enforcerViolation);
        if (add) {
            StringBuilder sb = new StringBuilder();
            sb.append(String.format("Access to an undeclared resource detected in builder: %s", toString()));
            sb.append("\n   " + enforcerViolation.getFormattedViolation());
            enforcerViolation.getStackTrace().forEach(str -> {
                sb.append("\n   | ").append(str);
            });
            this.log.error(sb.toString());
        }
        return add;
    }

    public Set<EnforcerViolation> getViolations() {
        return this.violations;
    }

    public Collection<String> getWrittenFiles() {
        return this.writes;
    }

    public Collection<String> getTemporaryFiles() {
        return this.tempWrites;
    }

    public Collection<String> getReadProperties() {
        return this.properties;
    }

    public String getId() {
        return this.id;
    }

    public MessageCollector getMessages() {
        return this.messages;
    }

    public boolean wasWhitelistedException(String str) {
        return this.readAndTrackExceptionsMatcher.includes(this.normalizer.normalize(str));
    }

    static /* synthetic */ BuilderContext access$0() {
        return getCurrentContext();
    }

    /* synthetic */ BuilderContext(Logger logger, PathNormalizer pathNormalizer, String str, PathMatcher pathMatcher, PathMatcher pathMatcher2, PathMatcher pathMatcher3, MessageCollector messageCollector, Collection collection, boolean z, Collection collection2, Collection collection3, PathMatcher pathMatcher4, BuilderExecutionState.InprogressStateWriter inprogressStateWriter, BuilderWorkspace builderWorkspace, BuilderContext builderContext) {
        this(logger, pathNormalizer, str, pathMatcher, pathMatcher2, pathMatcher3, messageCollector, collection, z, collection2, collection3, pathMatcher4, inprogressStateWriter, builderWorkspace);
    }
}
