package com.adventnet.authorization;

import com.adventnet.ds.notification.SelectQueryNotificationUtil;
import com.adventnet.ds.query.Criteria;
import com.adventnet.ds.query.SelectQuery;
import com.adventnet.ds.query.util.QueryUtil;
import com.adventnet.persistence.DataAccess;
import com.adventnet.persistence.DataAccessException;
import com.adventnet.persistence.DataObject;
import com.adventnet.persistence.DeleteUtil;
import com.adventnet.persistence.OperationInfo;
import com.adventnet.persistence.ejb.interceptor.CreatePersistenceRequest;
import com.adventnet.persistence.ejb.interceptor.DeletePersistenceRequest;
import com.adventnet.persistence.ejb.interceptor.ModifyPersistenceRequest;
import com.adventnet.persistence.ejb.interceptor.PersistenceInterceptor;
import com.adventnet.persistence.ejb.interceptor.PersistenceRequest;
import com.adventnet.persistence.ejb.interceptor.RetrievePersistenceRequest;
import java.lang.reflect.Method;
import java.rmi.RemoteException;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jboss.ejb.Container;
import org.jboss.ejb.plugins.AbstractInterceptor;
import org.jboss.invocation.Invocation;

/* loaded from: input_file:com/adventnet/authorization/AuthorizationInterceptor.class */
public class AuthorizationInterceptor extends AbstractInterceptor implements PersistenceInterceptor {
    private static Logger logger;
    static Class class$com$adventnet$authorization$AuthorizationInterceptor;
    PersistenceInterceptor nextPI = null;
    private List noAuthModuleList = null;
    private String beanName = null;

    public void setContainer(Container container) {
        if (container != null) {
            this.beanName = container.getBeanMetaData().getEjbName();
        }
    }

    public String getInterceptorName() {
        return "AuthorizationInterceptor";
    }

    public Object invoke(Invocation invocation) throws Exception {
        logger.log(Level.FINEST, "AuthorizationInterceptor.invoke invoked");
        Method method = invocation.getMethod();
        Object[] arguments = invocation.getArguments();
        if (!AuthorizationEngine.getCGAEnabled()) {
            logger.log(Level.FINEST, "CG Authorization is disabled in the System ");
            return getNext().invoke(invocation);
        }
        AuthorizationEngine.checkPermission(this.beanName, method, arguments);
        logger.exiting("CGAuthorizationInterceptor", "Authorize");
        return getNext().invoke(invocation);
    }

    public Object invokeHome(Invocation invocation) throws Exception {
        logger.log(Level.FINEST, "AuthorizationInterceptor.invoke invoked");
        Method method = invocation.getMethod();
        Object[] arguments = invocation.getArguments();
        if (AuthorizationEngine.getCGAEnabled()) {
            AuthorizationEngine.checkPermission(this.beanName, method, arguments);
            return getNext().invokeHome(invocation);
        }
        logger.log(Level.FINEST, "CG Authorization is disabled in the System ");
        return getNext().invokeHome(invocation);
    }

    public Object process(PersistenceRequest persistenceRequest) throws DataAccessException {
        logger.log(Level.FINEST, "process persistence request invoked");
        String str = "VOID";
        DataObject constructDataObject = DataAccess.constructDataObject();
        try {
        } catch (RemoteException e) {
            logger.log(Level.WARNING, "Problement while accessing persistence lite bean ", e);
        }
        if (!AuthorizationEngine.getFGAEnabled()) {
            logger.log(Level.FINEST, "Authorization is disabled in the System ");
            return this.nextPI.process(persistenceRequest);
        }
        if (persistenceRequest.getOperationType() == 603) {
            AuthorizationEngine.scopeSelectQuery(((RetrievePersistenceRequest) persistenceRequest).getQuery());
        }
        if (persistenceRequest.getOperationType() == 601) {
            str = "U";
            constructDataObject = ((ModifyPersistenceRequest) persistenceRequest).getDataObject();
            AuthorizationEngine.checkPermission(constructDataObject, str);
        }
        if (persistenceRequest.getOperationType() == 600) {
            str = "C";
            constructDataObject = ((CreatePersistenceRequest) persistenceRequest).getDataObject();
        }
        if (persistenceRequest.getOperationType() == 602) {
            DeletePersistenceRequest deletePersistenceRequest = (DeletePersistenceRequest) persistenceRequest;
            Criteria criteria = deletePersistenceRequest.getCriteria();
            OperationInfo operationInfo = (OperationInfo) deletePersistenceRequest.getContextInfo(criteria);
            if (operationInfo == null) {
                operationInfo = DeleteUtil.getDeleteInfo(getTableName(criteria), criteria);
                deletePersistenceRequest.setContextInfo(criteria, operationInfo);
            }
            logger.log(Level.FINEST, "deleteOperationInfo obtained is {0}", operationInfo);
            constructDataObject = operationInfo.getDataObject();
            str = "D";
            if (operationInfo.getBulkTableNames() == null || operationInfo.getTableNames().size() != operationInfo.getBulkTableNames().size()) {
                SelectQuery scopeQueryForDO = AuthorizationEngine.getScopeQueryForDO(operationInfo, str);
                logger.log(Level.FINE, "scoped query obtained for delinfo : {0}", scopeQueryForDO);
                if (scopeQueryForDO != null) {
                    QueryUtil.syncForDataType(scopeQueryForDO);
                }
                if (scopeQueryForDO != null) {
                    try {
                        boolean matches = SelectQueryNotificationUtil.matches(scopeQueryForDO, operationInfo);
                        logger.log(Level.FINE, "scoped query and delinfo matches returned : {0}", new Boolean(matches));
                        if (!matches) {
                            logger.log(Level.FINE, "scoped query and delInfo did not match. authorization failed");
                            throw new AuthorizationException(" In sufficient Permission for user ");
                        }
                    } catch (Exception e2) {
                        logger.log(Level.SEVERE, "Exception occured while comparing scoped query to delInfo {0}", (Throwable) e2);
                        throw new AuthorizationException("Exception occured while comparing scoped query to delInfo ", e2);
                    }
                }
            } else {
                List selectQueries = operationInfo.getSelectQueries();
                operationInfo.getBulkTableNames();
                for (int i = 0; i < selectQueries.size(); i++) {
                    try {
                        SelectQuery selectQuery = (SelectQuery) selectQueries.get(i);
                        AuthorizationEngine.authorizeDeleteOperation(selectQuery.getTableList(), selectQuery);
                    } catch (Exception e3) {
                        logger.log(Level.SEVERE, "Exception occured while authorizing for delete operation ", (Throwable) e3);
                        throw new AuthorizationException(" Got Exception while processing request ", e3);
                    }
                }
            }
        }
        Object process = this.nextPI.process(persistenceRequest);
        try {
            logger.log(Level.FINEST, "POST:FGAuthorizationInterceptor", "Authorize");
        } catch (RemoteException e4) {
            logger.log(Level.WARNING, "Problement while accessing persistence lite bean post processing ", e4);
        }
        if (persistenceRequest.getOperationType() == 603) {
            return process;
        }
        if (persistenceRequest.getOperationType() == 601) {
        }
        if (persistenceRequest.getOperationType() == 600) {
            AuthorizationEngine.checkPermission(constructDataObject, str);
        }
        return process;
    }

    private static boolean containsAny(List list, List list2) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (list2.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    public void setNextInterceptor(PersistenceInterceptor persistenceInterceptor) {
        this.nextPI = persistenceInterceptor;
    }

    public void cleanup() {
    }

    private String getTableName(Criteria criteria) {
        while (criteria.getLeftCriteria() != null) {
            criteria = criteria.getLeftCriteria();
        }
        return criteria.getColumn().getTableAlias();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$adventnet$authorization$AuthorizationInterceptor == null) {
            cls = class$("com.adventnet.authorization.AuthorizationInterceptor");
            class$com$adventnet$authorization$AuthorizationInterceptor = cls;
        } else {
            cls = class$com$adventnet$authorization$AuthorizationInterceptor;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
