package org.mentawai.tag.authorization;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
import org.mentawai.action.BaseLoginAction;
import org.mentawai.authorization.AuthorizationManager;
import org.mentawai.core.Action;
import org.mentawai.core.ApplicationManager;
import org.mentawai.core.Consequence;
import org.mentawai.core.ConsequenceException;
import org.mentawai.core.Forward;
import org.mentawai.i18n.LocaleManager;

/* loaded from: input_file:org/mentawai/tag/authorization/RequiresAuthorization.class */
public class RequiresAuthorization extends TagSupport {
    private static final String HEADER_KEY_PRAGMA = "Pragma";
    private static final String HEADER_KEY_CACHECONTROL = "Cache-Control";
    private static final String HEADER_VALUE_NOCACHE = "no-cache";
    protected HttpSession session = null;
    protected HttpServletRequest req = null;
    protected HttpServletResponse res = null;
    protected Action action = null;
    protected Locale loc = null;
    protected ApplicationManager appManager = null;
    private boolean cache = false;
    private List<String> groups;
    private List<String> permissions;

    public void setCache(boolean z) {
        this.cache = z;
    }

    public void setGroups(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        this.groups = new ArrayList(stringTokenizer.countTokens());
        while (stringTokenizer.hasMoreTokens()) {
            this.groups.add(stringTokenizer.nextToken().trim());
        }
    }

    public void setPermission(String str) {
        setPermissions(str);
    }

    public void setPermissions(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        this.permissions = new ArrayList(stringTokenizer.countTokens());
        while (stringTokenizer.hasMoreTokens()) {
            this.permissions.add(stringTokenizer.nextToken().trim());
        }
    }

    public int doStartTag() throws JspException {
        this.session = this.pageContext.getSession();
        this.req = this.pageContext.getRequest();
        this.res = this.pageContext.getResponse();
        this.action = (Action) this.req.getAttribute(Forward.ACTION_REQUEST);
        this.loc = LocaleManager.getLocale(this.req);
        this.appManager = ApplicationManager.getInstance();
        return super.doStartTag();
    }

    private void executeConsequence() throws JspException {
        Consequence globalConsequence = this.appManager.getGlobalConsequence("accessdenied");
        if (globalConsequence == null) {
            throw new JspException("No global consequence defined for ACCESSDENIED!");
        }
        try {
            globalConsequence.execute(this.action, this.req, this.res);
        } catch (ConsequenceException e) {
            e.printStackTrace();
            throw new JspException(e);
        }
    }

    public int doEndTag() throws JspException {
        if (!this.cache) {
            this.res.setHeader(HEADER_KEY_PRAGMA, HEADER_VALUE_NOCACHE);
            this.res.setHeader(HEADER_KEY_CACHECONTROL, HEADER_VALUE_NOCACHE);
        }
        List userGroups = BaseLoginAction.getUserGroups(this.session);
        if (userGroups == null || userGroups.size() == 0) {
            executeConsequence();
            return 5;
        }
        boolean z = false;
        if (this.groups != null && this.groups.size() > 0) {
            int i = 0;
            while (i < this.groups.size()) {
                int i2 = 0;
                while (i2 < userGroups.size()) {
                    if (userGroups.get(i2).toString().equals(this.groups.get(i).toString())) {
                        z = true;
                        i = this.groups.size();
                        i2 = userGroups.size();
                    }
                    i2++;
                }
                i++;
            }
            if (!z) {
                executeConsequence();
                return 5;
            }
        }
        if (this.permissions != null && this.permissions.size() > 0) {
            Iterator it = userGroups.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (AuthorizationManager.checkAny(it.next().toString(), this.permissions)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                executeConsequence();
                return 5;
            }
        }
        if (z) {
            return 6;
        }
        executeConsequence();
        return 5;
    }
}
