package org.geoserver.geofence.internal;

import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.geoserver.geofence.spi.UserResolver;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.GeoServerSecurityService;
import org.geoserver.security.GeoServerUserGroupService;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.security.impl.GeoServerUserGroup;
import org.geoserver.security.impl.RoleCalculator;
import org.geotools.util.logging.Logging;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;

@Deprecated
@PropertySource({"classpath*:application.properties"})
/* loaded from: input_file:org/geoserver/geofence/internal/InternalUserResolver.class */
public class InternalUserResolver implements UserResolver {
    public static final String DEFAULT_USER_GROUP_SERVICE_KEY = "org.geoserver.rest.DefaultUserGroupServiceName";
    private Logger logger = Logging.getLogger(InternalUserResolver.class);

    @Autowired
    private Environment env;

    @Value("${org.geoserver.rest.DefaultUserGroupServiceName}")
    private String DEFAULT_ROLE_SERVICE_NAME;
    private GeoServerSecurityService defaultSecurityService;
    protected GeoServerSecurityManager securityManager;

    private String getDefaultServiceName() {
        String property = System.getProperty(DEFAULT_USER_GROUP_SERVICE_KEY);
        if (property != null) {
            return property;
        }
        String property2 = property == null ? this.env.getProperty(DEFAULT_USER_GROUP_SERVICE_KEY) : this.DEFAULT_ROLE_SERVICE_NAME;
        return property2 == null ? this.DEFAULT_ROLE_SERVICE_NAME : property2;
    }

    public GeoServerSecurityService getDefaultSecurityService() throws IOException {
        if (this.defaultSecurityService != null) {
            return this.defaultSecurityService;
        }
        for (String str : this.securityManager.listUserGroupServices()) {
            if (str.equals(getDefaultServiceName())) {
                GeoServerUserGroupService loadUserGroupService = this.securityManager.loadUserGroupService(str);
                this.defaultSecurityService = loadUserGroupService;
                return loadUserGroupService;
            }
        }
        for (String str2 : this.securityManager.listRoleServices()) {
            if (str2.equals(getDefaultServiceName())) {
                GeoServerRoleService loadRoleService = this.securityManager.loadRoleService(str2);
                this.defaultSecurityService = loadRoleService;
                return loadRoleService;
            }
        }
        this.defaultSecurityService = this.securityManager.getActiveRoleService();
        return this.defaultSecurityService;
    }

    public InternalUserResolver(GeoServerSecurityManager geoServerSecurityManager) {
        this.securityManager = geoServerSecurityManager;
    }

    public boolean existsUser(String str) {
        if (this.logger.isLoggable(Level.FINE)) {
            this.logger.log(Level.FINE, "Getting Roles for User [" + str + "]");
        }
        try {
            for (String str2 : this.securityManager.listUserGroupServices()) {
                if (this.logger.isLoggable(Level.FINE)) {
                    this.logger.log(Level.FINE, "Checking UserGroupService [" + str2 + "]");
                }
                if (this.securityManager.loadUserGroupService(str2).getUserByUsername(str) != null) {
                    if (!this.logger.isLoggable(Level.FINE)) {
                        return true;
                    }
                    this.logger.log(Level.FINE, "UserGroupService [" + str2 + "] matching for User [" + str + "]");
                    return true;
                }
            }
            for (String str3 : this.securityManager.listRoleServices()) {
                if (this.logger.isLoggable(Level.FINE)) {
                    this.logger.log(Level.FINE, "Checking RoleService [" + str3 + "]");
                }
                GeoServerRoleService loadRoleService = this.securityManager.loadRoleService(str3);
                if (loadRoleService.getRolesForUser(str) != null && !loadRoleService.getRolesForUser(str).isEmpty()) {
                    if (!this.logger.isLoggable(Level.FINE)) {
                        return true;
                    }
                    this.logger.log(Level.FINE, "RoleService [" + str3 + "] matching for User [" + str + "]");
                    return true;
                }
            }
            Iterator it = this.securityManager.listRoleServices().iterator();
            while (it.hasNext()) {
                SortedSet rolesForUser = this.securityManager.loadRoleService((String) it.next()).getRolesForUser(str);
                if (rolesForUser != null && !rolesForUser.isEmpty()) {
                    return true;
                }
            }
        } catch (IOException e) {
            this.logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
        }
        this.logger.log(Level.FINER, "GeoFence was not able to find any matching user on Security Context or Services.");
        return false;
    }

    public boolean existsRole(String str) {
        try {
            if (this.logger.isLoggable(Level.FINE)) {
                this.logger.log(Level.FINE, "Checking Role [" + str + "] on ActiveRoleService [" + getDefaultSecurityService() + "]");
            }
            if (!(getDefaultSecurityService() instanceof GeoServerRoleService) || getDefaultSecurityService().getRoleByName(str) == null) {
                return this.securityManager.getActiveRoleService().getRoleByName(str) != null;
            }
            return true;
        } catch (IOException e) {
            this.logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v125, types: [java.util.SortedSet] */
    public Set<String> getRoles(String str) {
        try {
            TreeSet<GeoServerRole> treeSet = new TreeSet();
            TreeSet treeSet2 = new TreeSet();
            if (getDefaultSecurityService() instanceof GeoServerRoleService) {
                treeSet = getDefaultSecurityService().getRolesForUser(str);
            }
            for (GeoServerRole geoServerRole : treeSet) {
                if (this.logger.isLoggable(Level.FINE)) {
                    this.logger.log(Level.FINE, "Checking Role [" + geoServerRole + "] on ActiveRoleService [" + getDefaultSecurityService() + "]");
                }
                treeSet2.add(geoServerRole.getAuthority());
            }
            for (GeoServerRole geoServerRole2 : this.securityManager.getActiveRoleService().getRolesForUser(str)) {
                if (this.logger.isLoggable(Level.FINE)) {
                    this.logger.log(Level.FINE, "Checking Role [" + geoServerRole2 + "] on ActiveRoleService [" + this.securityManager.getActiveRoleService() + "]");
                }
                treeSet2.add(geoServerRole2.getAuthority());
            }
            try {
                for (String str2 : this.securityManager.listUserGroupServices()) {
                    if (this.logger.isLoggable(Level.FINE)) {
                        this.logger.log(Level.FINE, "Checking UserGroupService [" + str2 + "]");
                    }
                    GeoServerUserGroupService loadUserGroupService = this.securityManager.loadUserGroupService(str2);
                    if (loadUserGroupService.getUserByUsername(str) != null) {
                        RoleCalculator roleCalculator = getDefaultSecurityService() instanceof GeoServerRoleService ? new RoleCalculator(loadUserGroupService, getDefaultSecurityService()) : null;
                        if (this.logger.isLoggable(Level.FINE)) {
                            this.logger.log(Level.FINE, "UserGroupService [" + str2 + "] matching for User [" + str + "]");
                        }
                        GeoServerUser userByUsername = loadUserGroupService.getUserByUsername(str);
                        if (roleCalculator != null) {
                            for (GeoServerUserGroup geoServerUserGroup : loadUserGroupService.getGroupsForUser(userByUsername)) {
                                if (geoServerUserGroup.isEnabled()) {
                                    Iterator it = roleCalculator.calculateRoles(geoServerUserGroup).iterator();
                                    while (it.hasNext()) {
                                        treeSet2.add(((GeoServerRole) it.next()).getAuthority());
                                    }
                                }
                            }
                        }
                        RoleCalculator roleCalculator2 = new RoleCalculator(loadUserGroupService, this.securityManager.getActiveRoleService());
                        if (roleCalculator2 != null) {
                            for (GeoServerUserGroup geoServerUserGroup2 : loadUserGroupService.getGroupsForUser(userByUsername)) {
                                if (geoServerUserGroup2.isEnabled()) {
                                    Iterator it2 = roleCalculator2.calculateRoles(geoServerUserGroup2).iterator();
                                    while (it2.hasNext()) {
                                        treeSet2.add(((GeoServerRole) it2.next()).getAuthority());
                                    }
                                }
                            }
                        }
                    }
                }
            } catch (IOException e) {
                this.logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
            }
            if (this.logger.isLoggable(Level.FINE)) {
                this.logger.log(Level.FINE, "Matching Roles [" + treeSet2 + "] for User [" + str + "]");
            }
            return treeSet2;
        } catch (IOException e2) {
            this.logger.log(Level.WARNING, e2.getMessage(), (Throwable) e2);
            return Collections.emptySet();
        }
    }
}
