package org.miloss.fgsms.common;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.servlet.http.HttpServletRequest;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
import org.apache.log4j.Level;
import org.miloss.fgsms.services.interfaces.common.SecurityWrapper;

/* loaded from: input_file:org/miloss/fgsms/common/UserIdentityUtil.class */
public class UserIdentityUtil {
    public static final String logname = "fgsms.UserIdentityUtil";
    static final Logger log = Logger.getLogger(logname);

    public static void assertReadAccess(String str, String str2, String str3, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR) || webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_WRITE) || webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_READ)) {
                    return;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select count(*)where  ? in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username=? AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.ReadObject=true OR \tUserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or 'everyone' in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username='everyone' AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.ReadObject=true OR \tUserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or ?  in (\tselect Users.Username\tfrom Users\tWhere Users.Username=?\tAND Users.rolecol='admin');");
                preparedStatement.setString(1, str2);
                preparedStatement.setString(2, str2);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str);
                preparedStatement.setString(5, str2);
                preparedStatement.setString(6, str2);
                resultSet = preparedStatement.executeQuery();
                resultSet.next();
                int i = resultSet.getInt(1);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                if (i == 0) {
                    log.log(Level.ERROR, str2 + " does not have fgsms read rights for " + str + " from " + str3);
                    AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str3, str2, "read deny", securityWrapper, (MessageContext) null);
                    throw new SecurityException("Access Denied");
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
            } catch (Exception e2) {
                if (e2 instanceof SecurityException) {
                    throw ((SecurityException) e2);
                }
                log.log(Level.ERROR, "Error caught querying database for " + str2 + ":fgsms read rights for " + str + " from " + str3, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertWriteAccess(String str, String str2, String str3, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR) || webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_WRITE)) {
                    return;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select count(*)where  ? in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username=? AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t) or 'everyone' in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username='everyone' AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or ?  in (\tselect Users.Username\tfrom Users\tWhere Users.Username=?\tAND Users.rolecol='admin');");
                preparedStatement.setString(1, str2);
                preparedStatement.setString(2, str2);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str);
                preparedStatement.setString(5, str2);
                preparedStatement.setString(6, str2);
                resultSet = preparedStatement.executeQuery();
                resultSet.next();
                int i = resultSet.getInt(1);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                if (i == 0) {
                    log.log(Level.ERROR, str2 + " does not have fgsms write rights for " + str + " from " + str3);
                    AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str3, str2, "write deny", securityWrapper, (MessageContext) null);
                    throw new SecurityException("Access Denied");
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
            } catch (Exception e2) {
                if (e2 instanceof SecurityException) {
                    throw ((SecurityException) e2);
                }
                log.log(Level.ERROR, "Error caught querying database for " + str2 + ":fgsms write rights for " + str + " from " + str3, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertAuditAccess(String str, String str2, String str3, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        try {
        } catch (Exception e) {
            log.log(Level.DEBUG, "error type casting servlet request context", e);
        }
        if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
            return;
        }
        if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
            return;
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select count(*)where ?  in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username=? AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or 'everyone'  in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username='everyone' AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or ?  in (\tselect Users.Username\tfrom Users\tWhere Users.Username=?\tAND (Users.rolecol='admin' OR Users.rolecol='audit'));");
                preparedStatement.setString(1, str2);
                preparedStatement.setString(2, str2);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str);
                preparedStatement.setString(5, str2);
                preparedStatement.setString(6, str2);
                resultSet = preparedStatement.executeQuery();
                resultSet.next();
                int i = resultSet.getInt(1);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                if (i == 0) {
                    AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str3, str2, "audit deny", securityWrapper, (MessageContext) null);
                    log.log(Level.ERROR, str2 + " does not have fgsms audit rights for " + str + " from " + str3);
                    throw new SecurityException("Access Denied");
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
            } catch (Exception e2) {
                if (e2 instanceof SecurityException) {
                    throw ((SecurityException) e2);
                }
                log.log(Level.ERROR, "Error caught querying database for " + str2 + ":fgsms audit rights for " + str + " from " + str3, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertAdministerAccess(String str, String str2, String str3, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select count(*)where  ? in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username=? AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.AdministerObject=true))\t)or ?  in (\tselect Users.Username\tfrom Users\tWhere Users.Username=?\tAND Users.rolecol='admin');");
                preparedStatement.setString(1, str2);
                preparedStatement.setString(2, str2);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str2);
                preparedStatement.setString(5, str2);
                resultSet = preparedStatement.executeQuery();
                resultSet.next();
                int i = resultSet.getInt(1);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                if (i == 0) {
                    log.log(Level.ERROR, str2 + " does not have fgsms administer rights for " + str + " from " + str3);
                    AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str3, str2, "admin deny", securityWrapper, (MessageContext) null);
                    throw new SecurityException("Access Denied");
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
            } catch (Exception e2) {
                if (e2 instanceof SecurityException) {
                    throw ((SecurityException) e2);
                }
                log.log(Level.ERROR, "Error caught querying database for " + str2 + ":fgsms administer rights for " + str + " from " + str3 + "Msg: " + e2.getLocalizedMessage());
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertGlobalAdministratorRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (Utility.stringIsNullOrEmpty(str)) {
            throw new SecurityException("Access Denied");
        }
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && string.equalsIgnoreCase("admin")) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                log.log(Level.ERROR, str + " does not have fgsms Global Admin rights." + str2);
                AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str2, str, "global admin deny", securityWrapper, (MessageContext) null);
                throw new SecurityException("Access Denied");
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms global admin rights. " + str2, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static boolean hasGlobalAdministratorRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return true;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        try {
            try {
                PreparedStatement prepareStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                while (executeQuery.next()) {
                    String string = executeQuery.getString("rolecol");
                    if (Utility.stringIsNullOrEmpty(string)) {
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return false;
                    }
                    if (string.equalsIgnoreCase("admin")) {
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return true;
                    }
                }
                DBUtils.safeClose(executeQuery);
                DBUtils.safeClose(prepareStatement);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms global admin rights. Assuming the answer is no." + str2, e2);
                DBUtils.safeClose((ResultSet) null);
                DBUtils.safeClose((PreparedStatement) null);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            }
        } catch (Throwable th) {
            DBUtils.safeClose((ResultSet) null);
            DBUtils.safeClose((PreparedStatement) null);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static String getFirstIdentityToString(WebServiceContext webServiceContext) {
        if (webServiceContext == null) {
            return "anonymous";
        }
        if (webServiceContext.getUserPrincipal() != null && !Utility.stringIsNullOrEmpty(webServiceContext.getUserPrincipal().getName())) {
            return webServiceContext.getUserPrincipal().getName();
        }
        MessageContext messageContext = webServiceContext.getMessageContext();
        if (messageContext == null) {
            return "anonymous";
        }
        try {
            Object obj = messageContext.get("org.apache.cxf.configuration.security.AuthorizationPolicy");
            if (obj != null) {
                String firstIdentityToString = CXFUserIdentifyUtil.getFirstIdentityToString(obj);
                if (!Utility.stringIsNullOrEmpty(firstIdentityToString)) {
                    return firstIdentityToString;
                }
            }
            HttpServletRequest httpServletRequest = (HttpServletRequest) messageContext.get("javax.xml.ws.servlet.request");
            return (httpServletRequest == null || httpServletRequest.getUserPrincipal() == null || Utility.stringIsNullOrEmpty(httpServletRequest.getAuthType()) || Utility.stringIsNullOrEmpty(httpServletRequest.getUserPrincipal().getName())) ? "anonymous" : httpServletRequest.getUserPrincipal().getName();
        } catch (Exception e) {
            log.log(Level.ERROR, "Error caught determining the current user identity. Assuming anonymous.", e);
            return "anonymous";
        }
    }

    public static void assertAgentRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AGENT)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && string.equalsIgnoreCase("agent")) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                log.log(Level.ERROR, str + " does not have fgsms agent rights." + str2);
                AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str2, str, "agent deny", securityWrapper, (MessageContext) null);
                throw new SecurityException("Access Denied");
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms agent rights. " + str2, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static boolean isTrustedAgent(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AGENT)) {
                    return true;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && string.equalsIgnoreCase("agent")) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return true;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms agent rights. " + str2, e2);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertAdminOrAgentRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AGENT)) {
                    return;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && (string.equalsIgnoreCase("agent") || string.equalsIgnoreCase("admin"))) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                log.log(Level.ERROR, str + " does not have fgsms agent or admin rights." + str2);
                AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str2, str, "agent deny", securityWrapper, (MessageContext) null);
                throw new SecurityException("Access Denied");
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms agent or admin rights. " + str2, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertAuditRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (Utility.stringIsNullOrEmpty(str)) {
            throw new SecurityException("Access Denied");
        }
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && (string.equalsIgnoreCase("audit") || string.equalsIgnoreCase("admin"))) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                log.log(Level.ERROR, str + " does not have fgsms Global audit rights." + str2);
                AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str2, str, "global audit deny", securityWrapper, (MessageContext) null);
                throw new SecurityException("Access Denied");
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms global audit rights. " + str2, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static boolean hasGlobalAuditRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return true;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return true;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        try {
            try {
                PreparedStatement prepareStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                while (executeQuery.next()) {
                    String string = executeQuery.getString("rolecol");
                    if (Utility.stringIsNullOrEmpty(string)) {
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return false;
                    }
                    if (string.equalsIgnoreCase("audit") || string.equalsIgnoreCase("admin")) {
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(executeQuery);
                        DBUtils.safeClose(prepareStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return true;
                    }
                }
                DBUtils.safeClose(executeQuery);
                DBUtils.safeClose(prepareStatement);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms global audit rights. Assuming the answer is no." + str2, e2);
                DBUtils.safeClose((ResultSet) null);
                DBUtils.safeClose((PreparedStatement) null);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            }
        } catch (Throwable th) {
            DBUtils.safeClose((ResultSet) null);
            DBUtils.safeClose((PreparedStatement) null);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static void assertGlobalAuditRole(String str, String str2, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (Utility.stringIsNullOrEmpty(str)) {
            throw new SecurityException("Access Denied");
        }
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR)) {
                    return;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select rolecol from Users where Username=?;");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    String string = resultSet.getString(1);
                    if (!Utility.stringIsNullOrEmpty(string) && (string.equalsIgnoreCase("admin") || string.equalsIgnoreCase("audit"))) {
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        DBUtils.safeClose(resultSet);
                        DBUtils.safeClose(preparedStatement);
                        DBUtils.safeClose(configurationDBConnection);
                        return;
                    }
                }
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                log.log(Level.ERROR, str + " does not have fgsms Global audit rights." + str2);
                AuditLogger.logItem(UserIdentityUtil.class.getCanonicalName(), str2, str, "global audit deny", securityWrapper, (MessageContext) null);
                throw new SecurityException("Access Denied");
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught determining if " + str + " has fgsms global audit rights. " + str2, e2);
                throw new SecurityException("Access Denied");
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }

    public static boolean hasReadAccess(String str, String str2, String str3, SecurityWrapper securityWrapper, WebServiceContext webServiceContext) {
        if (webServiceContext != null) {
            try {
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_ADMINISTRATOR) || webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_WRITE) || webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_READ)) {
                    return true;
                }
                if (webServiceContext.isUserInRole(Constants.ROLES_GLOBAL_AUDITOR)) {
                    return true;
                }
            } catch (Exception e) {
                log.log(Level.DEBUG, "error type casting servlet request context", e);
            }
        }
        Connection configurationDBConnection = Utility.getConfigurationDBConnection();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = configurationDBConnection.prepareStatement("Select count(*)where  ? in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username=? AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.ReadObject=true OR \tUserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or 'everyone' in (\tSelect Username\tfrom UserPermissions\tWhere (UserPermissions.Username='everyone' AND\tUserPermissions.ObjectURI=?)\tAND\t((UserPermissions.ReadObject=true OR \tUserPermissions.WriteObject=true OR\tUserPermissions.AdministerObject=true OR\tUserPermissions.AuditObject=true))\t)or ?  in (\tselect Users.Username\tfrom Users\tWhere Users.Username=?\tAND Users.rolecol='admin');");
                preparedStatement.setString(1, str);
                preparedStatement.setString(2, str);
                preparedStatement.setString(3, str3);
                preparedStatement.setString(4, str3);
                preparedStatement.setString(5, str);
                preparedStatement.setString(6, str);
                resultSet = preparedStatement.executeQuery();
                resultSet.next();
                int i = resultSet.getInt(1);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                boolean z = i != 0;
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                return z;
            } catch (Exception e2) {
                log.log(Level.ERROR, "Error caught querying database for " + str + ":fgsms read rights for " + str3 + " from " + str2, e2);
                DBUtils.safeClose(resultSet);
                DBUtils.safeClose(preparedStatement);
                DBUtils.safeClose(configurationDBConnection);
                return false;
            }
        } catch (Throwable th) {
            DBUtils.safeClose(resultSet);
            DBUtils.safeClose(preparedStatement);
            DBUtils.safeClose(configurationDBConnection);
            throw th;
        }
    }
}
