package org.yop.example;

import java.io.FileDescriptor;
import java.net.InetAddress;
import java.net.URL;
import java.net.URLClassLoader;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.Permission;
import java.util.Set;
import java.util.TreeSet;
import java.util.stream.Stream;
import org.yop.orm.exception.YopRuntimeException;
import org.yop.rest.exception.YopForbiddenException;
import org.yop.rest.exception.YopResourceInvocationException;

/* loaded from: input_file:WEB-INF/classes/org/yop/example/Sandbox.class */
public class Sandbox extends SecurityManager {
    private final Set<Path> allowedPaths = new TreeSet();

    /* JADX INFO: Access modifiers changed from: package-private */
    public Sandbox() {
        this.allowedPaths.add(Paths.get(ThreadLocalSession.class.getResource("ThreadLocalSession.class").toString(), new String[0]));
        this.allowedPaths.add(Paths.get(System.getProperty("java.home"), new String[0]));
        allowClassloader((URLClassLoader) getClass().getClassLoader());
    }

    @Override // java.lang.SecurityManager
    protected Class[] getClassContext() {
        return super.getClassContext();
    }

    @Override // java.lang.SecurityManager
    public Object getSecurityContext() {
        return super.getSecurityContext();
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission) {
    }

    @Override // java.lang.SecurityManager
    public void checkCreateClassLoader() {
        super.checkCreateClassLoader();
    }

    @Override // java.lang.SecurityManager
    public void checkAccess(Thread thread) {
        super.checkAccess(thread);
    }

    @Override // java.lang.SecurityManager
    public void checkAccess(ThreadGroup threadGroup) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopRuntimeException("Did you just try to spawn a new Thread ?");
        }
        super.checkAccess(threadGroup);
    }

    @Override // java.lang.SecurityManager
    public void checkExit(int i) {
        throw new YopResourceInvocationException("Somebody tried to exit the JVM !");
    }

    @Override // java.lang.SecurityManager
    public void checkExec(String str) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopRuntimeException("Please, no command line execution :-P");
        }
        super.checkExec(str);
    }

    @Override // java.lang.SecurityManager
    public void checkLink(String str) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopRuntimeException("Please, do not link any library !");
        }
        super.checkLink(str);
    }

    @Override // java.lang.SecurityManager
    public void checkRead(FileDescriptor fileDescriptor) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopRuntimeException("Please, no file descriptor mess !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str) {
        Path path = Paths.get(str, new String[0]);
        String uid = ThreadLocalSession.getUID();
        if (path != null) {
            Stream<Path> stream = this.allowedPaths.stream();
            path.getClass();
            if (stream.noneMatch(path::startsWith)) {
                String packageName = ThreadLocalSession.getPackageName();
                if (Session.has(uid)) {
                    Session session = Session.get(uid);
                    if (isCustomCode(packageName) && !path.startsWith(session.getFakeRoot())) {
                        throw new YopForbiddenException("You tried to access files outside of the sandbox [" + str + "]");
                    }
                }
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(String str) {
        checkRead(str);
        super.checkWrite(str);
    }

    @Override // java.lang.SecurityManager
    public void checkDelete(String str) {
        checkRead(str);
        super.checkDelete(str);
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not connect elsewhere !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i, Object obj) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not connect elsewhere !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkListen(int i) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not connect elsewhere !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkAccept(String str, int i) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not connect elsewhere !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkMulticast(InetAddress inetAddress) {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not connect elsewhere !");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPropertiesAccess() {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not change system properties !");
        }
        super.checkPropertiesAccess();
    }

    @Override // java.lang.SecurityManager
    public void checkPropertyAccess(String str) {
        if (!str.startsWith("yop.") && isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not mess with system properties !");
        }
        super.checkPropertyAccess(str);
    }

    @Override // java.lang.SecurityManager
    public void checkPrintJobAccess() {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not print anything !");
        }
        super.checkPrintJobAccess();
    }

    @Override // java.lang.SecurityManager
    public void checkPackageAccess(String str) {
        super.checkPackageAccess(str);
    }

    @Override // java.lang.SecurityManager
    public void checkPackageDefinition(String str) {
        super.checkPackageDefinition(str);
    }

    @Override // java.lang.SecurityManager
    public void checkSetFactory() {
        if (isCustomCode(ThreadLocalSession.getPackageName())) {
            throw new YopForbiddenException("Please do not change socket factory !");
        }
        super.checkSetFactory();
    }

    private void allowClassloader(URLClassLoader uRLClassLoader) {
        for (URL url : uRLClassLoader.getURLs()) {
            this.allowedPaths.add(Paths.get(url.getFile(), new String[0]));
        }
    }

    private boolean isCustomCode(String str) {
        for (Class cls : getClassContext()) {
            if ((cls.getPackage() != null ? cls.getPackage().getName() : "").equals(str)) {
                return true;
            }
        }
        return false;
    }
}
