package org.deegree.portal.standard.security.control;

import java.io.StringReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.deegree.enterprise.control.AbstractListener;
import org.deegree.enterprise.control.FormEvent;
import org.deegree.enterprise.control.RPCException;
import org.deegree.enterprise.control.RPCMember;
import org.deegree.enterprise.control.RPCParameter;
import org.deegree.enterprise.control.RPCStruct;
import org.deegree.enterprise.control.RPCUtils;
import org.deegree.enterprise.control.RPCWebEvent;
import org.deegree.framework.log.ILogger;
import org.deegree.framework.log.LoggerFactory;
import org.deegree.framework.xml.XMLTools;
import org.deegree.i18n.Messages;
import org.deegree.model.filterencoding.AbstractFilter;
import org.deegree.model.filterencoding.Filter;
import org.deegree.security.GeneralSecurityException;
import org.deegree.security.UnauthorizedException;
import org.deegree.security.drm.SecurityAccessManager;
import org.deegree.security.drm.SecurityTransaction;
import org.deegree.security.drm.model.Right;
import org.deegree.security.drm.model.RightType;
import org.deegree.security.drm.model.Role;
import org.deegree.security.drm.model.SecuredObject;
import org.deegree.security.drm.model.User;

/* loaded from: input_file:org/deegree/portal/standard/security/control/StoreRightsListener.class */
public class StoreRightsListener extends AbstractListener {
    private static final ILogger LOG = LoggerFactory.getLogger(StoreRightsListener.class);
    private static final String MINX = "-180.0";
    private static final String MINY = "-90.0";
    private static final String MAXX = "180.0";
    private static final String MAXY = "90.0";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/deegree/portal/standard/security/control/StoreRightsListener$FeatureTypeRight.class */
    public class FeatureTypeRight {
        public int id;
        public boolean access;
        public boolean delete;
        public boolean insert;
        public boolean update;

        FeatureTypeRight(int i, boolean z, boolean z2, boolean z3, boolean z4) {
            this.id = 0;
            this.access = true;
            this.delete = true;
            this.insert = true;
            this.update = true;
            this.id = i;
            this.access = z;
            this.insert = z2;
            this.update = z3;
            this.delete = z4;
        }
    }

    @Override // org.deegree.enterprise.control.AbstractListener, org.deegree.enterprise.control.WebListener
    public void actionPerformed(FormEvent formEvent) {
        SecurityAccessManager securityAccessManager = null;
        try {
            try {
                RPCParameter[] parameters = ((RPCWebEvent) formEvent).getRPCMethodCall().getParameters();
                int validate = validate(parameters);
                RPCParameter[] rPCParameterArr = (RPCParameter[]) parameters[1].getValue();
                int[] iArr = new int[rPCParameterArr.length];
                Map<String, Object>[] mapArr = new Map[rPCParameterArr.length];
                extractLayerValues(iArr, mapArr, rPCParameterArr);
                if (!(parameters[2].getValue() instanceof RPCParameter[])) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_THIRD_PARAM", new Object[0]));
                }
                FeatureTypeRight[] extractFeatureTypeValues = extractFeatureTypeValues(parameters);
                SecurityTransaction acquireTransaction = SecurityHelper.acquireTransaction(this);
                SecurityHelper.checkForAdminRole(acquireTransaction);
                SecurityAccessManager securityAccessManager2 = SecurityAccessManager.getInstance();
                User user = acquireTransaction.getUser();
                Role roleById = acquireTransaction.getRoleById(validate);
                if (!user.hasRight(acquireTransaction, "update", roleById)) {
                    getRequest().setAttribute("SOURCE", getClass().getName());
                    getRequest().setAttribute("MESSAGE", Messages.getMessage("IGEO_STD_STORERIGHTS_MISSING_RIGHTS", roleById.getName()));
                    setNextPage("error.jsp");
                    if (securityAccessManager2 == null || acquireTransaction == null) {
                        return;
                    }
                    try {
                        securityAccessManager2.abortTransaction(acquireTransaction);
                        return;
                    } catch (GeneralSecurityException e) {
                        LOG.logDebug(e.getMessage(), (Throwable) e);
                        return;
                    }
                }
                setAccessRightsForLayers(iArr, mapArr, acquireTransaction, roleById, acquireTransaction.getAllSecuredObjects(ClientHelper.TYPE_LAYER));
                setAccessRightsForFeatureTypes(extractFeatureTypeValues, acquireTransaction, roleById, acquireTransaction.getAllSecuredObjects(ClientHelper.TYPE_FEATURETYPE));
                securityAccessManager2.commitTransaction(acquireTransaction);
                getRequest().setAttribute("MESSAGE", Messages.getMessage("IGEO_STD_STORERIGHTS_SUCCESS", Integer.valueOf(roleById.getID())));
                if (securityAccessManager2 == null || 0 == 0) {
                    return;
                }
                try {
                    securityAccessManager2.abortTransaction(null);
                } catch (GeneralSecurityException e2) {
                    LOG.logDebug(e2.getMessage(), (Throwable) e2);
                }
            } catch (Throwable th) {
                if (0 != 0 && 0 != 0) {
                    try {
                        securityAccessManager.abortTransaction(null);
                    } catch (GeneralSecurityException e3) {
                        LOG.logDebug(e3.getMessage(), (Throwable) e3);
                    }
                }
                throw th;
            }
        } catch (RPCException e4) {
            getRequest().setAttribute("SOURCE", getClass().getName());
            getRequest().setAttribute("MESSAGE", Messages.getMessage("IGEO_STD_STORERIGHTS_INVALID_REQ", e4.getMessage()));
            setNextPage("error.jsp");
            LOG.logDebug(e4.getMessage(), (Throwable) e4);
            if (0 != 0 || 0 == 0) {
            }
            try {
                securityAccessManager.abortTransaction(null);
            } catch (GeneralSecurityException e5) {
                LOG.logDebug(e5.getMessage(), (Throwable) e5);
            }
        } catch (GeneralSecurityException e6) {
            getRequest().setAttribute("SOURCE", getClass().getName());
            getRequest().setAttribute("MESSAGE", Messages.getMessage("IGEO_STD_STORERIGHTS_ERROR", e6.getMessage()));
            setNextPage("error.jsp");
            LOG.logDebug(e6.getMessage(), (Throwable) e6);
            if (0 != 0) {
            }
        }
    }

    private void setAccessRightsForFeatureTypes(FeatureTypeRight[] featureTypeRightArr, SecurityTransaction securityTransaction, Role role, SecuredObject[] securedObjectArr) throws GeneralSecurityException, UnauthorizedException {
        for (SecuredObject securedObject : securedObjectArr) {
            boolean z = false;
            FeatureTypeRight featureTypeRight = null;
            int i = 0;
            while (true) {
                if (i >= featureTypeRightArr.length) {
                    break;
                }
                featureTypeRight = featureTypeRightArr[i];
                if (securedObject.getID() == featureTypeRight.id && featureTypeRight.access) {
                    z = true;
                    break;
                }
                i++;
            }
            if (z) {
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                arrayList.add(RightType.GETFEATURE);
                arrayList.add(RightType.DESCRIBEFEATURETYPE);
                if (featureTypeRight.insert) {
                    arrayList.add(RightType.INSERT);
                } else {
                    arrayList2.add(RightType.INSERT);
                }
                if (featureTypeRight.update) {
                    arrayList.add(RightType.UPDATE);
                } else {
                    arrayList2.add(RightType.UPDATE);
                }
                if (featureTypeRight.delete) {
                    arrayList.add(RightType.DELETE);
                } else {
                    arrayList2.add(RightType.DELETE);
                }
                securityTransaction.removeRights(securedObject, role, (RightType[]) arrayList2.toArray(new RightType[arrayList2.size()]));
                securityTransaction.addRights(securedObject, role, (RightType[]) arrayList.toArray(new RightType[arrayList.size()]));
            } else {
                securityTransaction.removeRights(securedObject, role, new RightType[]{RightType.GETFEATURE, RightType.DESCRIBEFEATURETYPE, RightType.INSERT, RightType.DELETE, RightType.UPDATE});
            }
        }
    }

    private void setAccessRightsForLayers(int[] iArr, Map[] mapArr, SecurityTransaction securityTransaction, Role role, SecuredObject[] securedObjectArr) throws RPCException, GeneralSecurityException, UnauthorizedException {
        for (SecuredObject securedObject : securedObjectArr) {
            boolean z = false;
            Map map = null;
            int i = 0;
            while (true) {
                if (i >= iArr.length) {
                    break;
                }
                if (securedObject.getID() == iArr[i]) {
                    z = true;
                    map = mapArr[i];
                    break;
                }
                i++;
            }
            if (z) {
                Filter filter = null;
                if (map != null) {
                    String buildGetMapFilter = buildGetMapFilter(map);
                    if (buildGetMapFilter != null) {
                        try {
                            filter = AbstractFilter.buildFromDOM(XMLTools.parse(new StringReader(buildGetMapFilter)).getDocumentElement());
                        } catch (Exception e) {
                            throw new GeneralSecurityException(Messages.getMessage("IGEO_STD_STORERIGHTS_FILTER_PARSING_ERROR", e.getMessage()));
                        }
                    }
                    if (filter != null) {
                        LOG.logInfo("Back to XML: " + ((Object) filter.toXML()));
                    }
                }
                securityTransaction.setRights(securedObject, role, new Right[]{new Right(securedObject, RightType.GETMAP, filter), new Right(securedObject, RightType.GETFEATUREINFO), new Right(securedObject, RightType.GETLEGENDGRAPHIC)});
            } else {
                securityTransaction.removeRights(securedObject, role, new RightType[]{RightType.GETMAP, RightType.GETFEATUREINFO, RightType.GETLEGENDGRAPHIC});
            }
        }
    }

    private FeatureTypeRight[] extractFeatureTypeValues(RPCParameter[] rPCParameterArr) throws RPCException {
        RPCParameter[] rPCParameterArr2 = (RPCParameter[]) rPCParameterArr[2].getValue();
        FeatureTypeRight[] featureTypeRightArr = new FeatureTypeRight[rPCParameterArr2.length];
        for (int i = 0; i < rPCParameterArr2.length; i++) {
            if (rPCParameterArr2[i].getValue() instanceof String) {
                try {
                    featureTypeRightArr[i] = new FeatureTypeRight(Integer.parseInt((String) rPCParameterArr2[i].getValue()), true, false, false, false);
                } catch (NumberFormatException e) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_INT_EXPECTED", new Object[0]));
                }
            } else {
                if (rPCParameterArr2[i].getValue().getClass() != RPCParameter[].class) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_WRONGTYPE", new Object[0]));
                }
                RPCParameter[] rPCParameterArr3 = (RPCParameter[]) rPCParameterArr2[i].getValue();
                try {
                    int parseInt = Integer.parseInt((String) rPCParameterArr3[0].getValue());
                    RPCStruct rPCStruct = (RPCStruct) rPCParameterArr3[1].getValue();
                    featureTypeRightArr[i] = new FeatureTypeRight(parseInt, "true".equals(RPCUtils.getRpcPropertyAsString(rPCStruct, "ACCESS")), "true".equals(RPCUtils.getRpcPropertyAsString(rPCStruct, "INSERT")), "true".equals(RPCUtils.getRpcPropertyAsString(rPCStruct, "UPDATE")), "true".equals(RPCUtils.getRpcPropertyAsString(rPCStruct, "DELETE")));
                } catch (NumberFormatException e2) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_INT_EXPECTED", new Object[0]));
                }
            }
        }
        return featureTypeRightArr;
    }

    private void extractLayerValues(int[] iArr, Map<String, Object>[] mapArr, RPCParameter[] rPCParameterArr) throws RPCException {
        for (int i = 0; i < rPCParameterArr.length; i++) {
            if (rPCParameterArr[i].getValue() instanceof RPCParameter[]) {
                mapArr[i] = new HashMap();
                RPCParameter[] rPCParameterArr2 = (RPCParameter[]) rPCParameterArr[i].getValue();
                try {
                    iArr[i] = Integer.parseInt((String) rPCParameterArr2[0].getValue());
                    RPCMember[] members = ((RPCStruct) rPCParameterArr2[1].getValue()).getMembers();
                    for (int i2 = 0; i2 < members.length; i2++) {
                        String name = members[i2].getName();
                        Object value = members[i2].getValue();
                        if (value instanceof RPCParameter[]) {
                            String[] strArr = new String[((RPCParameter[]) value).length];
                            for (int i3 = 0; i3 < strArr.length; i3++) {
                                strArr[i3] = (String) ((RPCParameter[]) value)[i3].getValue();
                            }
                            mapArr[i].put(name, strArr);
                        } else {
                            if (!(value instanceof String)) {
                                throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_LAYER_ACCESSCONSTRAINTS", new Object[0]));
                            }
                            mapArr[i].put(name, value);
                        }
                    }
                } catch (NumberFormatException e) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_INT_EXPECTED", new Object[0]));
                }
            } else {
                if (!(rPCParameterArr[i].getValue() instanceof String)) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_LAYER_ACCESSCONSTRAINTS", new Object[0]));
                }
                try {
                    iArr[i] = Integer.parseInt((String) rPCParameterArr[i].getValue());
                } catch (NumberFormatException e2) {
                    throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_INT_EXPECTED", new Object[0]));
                }
            }
        }
    }

    private int validate(RPCParameter[] rPCParameterArr) throws RPCException {
        if (rPCParameterArr.length != 3) {
            throw new RPCException(Messages.getMessage("IGEO_STD_SEC_WRONG_PARAMS_NUM", "3"));
        }
        if (!(rPCParameterArr[0].getValue() instanceof String)) {
            throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_FIRST_PARAM", new Object[0]));
        }
        try {
            int parseInt = Integer.parseInt((String) rPCParameterArr[0].getValue());
            if (rPCParameterArr[1].getValue() instanceof RPCParameter[]) {
                return parseInt;
            }
            throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_SECOND_PARAM", new Object[0]));
        } catch (NumberFormatException e) {
            throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_ROLE_PARAM", new Object[0]));
        }
    }

    String buildGetMapFilter(Map map) throws RPCException {
        StringBuffer stringBuffer;
        int i = 0;
        StringBuffer stringBuffer2 = new StringBuffer(1000);
        if (map.get("bbox") != null) {
            i = 0 + 1;
            String[] strArr = (String[]) map.get("bbox");
            if (strArr.length != 4) {
                throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_BBOX_ERROR", new Object[0]));
            }
            String str = strArr[0];
            String str2 = strArr[1];
            String str3 = strArr[2];
            String str4 = strArr[3];
            stringBuffer2.append("<ogc:Within>");
            stringBuffer2.append("<ogc:PropertyName>bbox</ogc:PropertyName>");
            stringBuffer2.append("<gml:Box>");
            stringBuffer2.append("<gml:coordinates>");
            stringBuffer2.append(str).append(',').append(str2).append(' ');
            stringBuffer2.append(str3).append(',').append(str4);
            stringBuffer2.append("</gml:coordinates>");
            stringBuffer2.append("</gml:Box></ogc:Within>");
        }
        String[] strArr2 = (String[]) map.get("bgcolor");
        if (strArr2 != null && strArr2.length > 0) {
            i++;
            if (strArr2.length > 1) {
                stringBuffer2.append("<ogc:Or>");
            }
            for (String str5 : strArr2) {
                stringBuffer2.append("<ogc:PropertyIsEqualTo>");
                stringBuffer2.append("<ogc:PropertyName>bgcolor</ogc:PropertyName>");
                stringBuffer2.append("<ogc:Literal><![CDATA[" + str5 + "]]></ogc:Literal>");
                stringBuffer2.append("</ogc:PropertyIsEqualTo>");
            }
            if (strArr2.length > 1) {
                stringBuffer2.append("</ogc:Or>");
            }
        }
        String str6 = (String) map.get("transparent");
        if (str6 != null) {
            i++;
            stringBuffer2.append("<ogc:PropertyIsEqualTo>");
            stringBuffer2.append("<ogc:PropertyName>transparent</ogc:PropertyName>");
            stringBuffer2.append("<ogc:Literal><![CDATA[" + str6 + "]]></ogc:Literal>");
            stringBuffer2.append("</ogc:PropertyIsEqualTo>");
        }
        String[] strArr3 = (String[]) map.get("format");
        if (strArr3 != null && strArr3.length > 0) {
            i++;
            if (strArr3.length > 1) {
                stringBuffer2.append("<ogc:Or>");
            }
            for (String str7 : strArr3) {
                stringBuffer2.append("<ogc:PropertyIsEqualTo>");
                stringBuffer2.append("<ogc:PropertyName>format</ogc:PropertyName>");
                stringBuffer2.append("<ogc:Literal><![CDATA[" + str7 + "]]></ogc:Literal>");
                stringBuffer2.append("</ogc:PropertyIsEqualTo>");
            }
            if (strArr3.length > 1) {
                stringBuffer2.append("</ogc:Or>");
            }
        }
        String str8 = (String) map.get("resolution");
        if (str8 != null) {
            i++;
            stringBuffer2.append("<ogc:PropertyIsGreaterThanOrEqualTo>");
            stringBuffer2.append("<ogc:PropertyName>resolution</ogc:PropertyName>");
            stringBuffer2.append("<ogc:Literal>").append(str8).append("</ogc:Literal>");
            stringBuffer2.append("</ogc:PropertyIsGreaterThanOrEqualTo>");
        }
        String str9 = (String) map.get("width");
        if (str9 != null) {
            i++;
            stringBuffer2.append("<ogc:PropertyIsLessThanOrEqualTo>");
            stringBuffer2.append("<ogc:PropertyName>width</ogc:PropertyName>");
            stringBuffer2.append("<ogc:Literal>").append(str9).append("</ogc:Literal>");
            stringBuffer2.append("</ogc:PropertyIsLessThanOrEqualTo>");
        }
        String str10 = (String) map.get("height");
        if (str10 != null) {
            i++;
            stringBuffer2.append("<ogc:PropertyIsLessThanOrEqualTo>");
            stringBuffer2.append("<ogc:PropertyName>height</ogc:PropertyName>");
            stringBuffer2.append("<ogc:Literal>").append(str10).append("</ogc:Literal>");
            stringBuffer2.append("</ogc:PropertyIsLessThanOrEqualTo>");
        }
        String[] strArr4 = (String[]) map.get("exceptions");
        if (strArr4 != null && strArr4.length > 0) {
            i++;
            if (strArr4.length > 1) {
                stringBuffer2.append("<ogc:Or>");
            }
            for (String str11 : strArr4) {
                stringBuffer2.append("<ogc:PropertyIsEqualTo>");
                stringBuffer2.append("<ogc:PropertyName>exceptions</ogc:PropertyName>");
                stringBuffer2.append("<ogc:Literal><![CDATA[").append(str11);
                stringBuffer2.append("]]></ogc:Literal>");
                stringBuffer2.append("</ogc:PropertyIsEqualTo>");
            }
            if (strArr4.length > 1) {
                stringBuffer2.append("</ogc:Or>");
            }
        }
        if (i == 0) {
            return null;
        }
        if (i >= 2) {
            StringBuffer stringBuffer3 = new StringBuffer(500);
            stringBuffer3.append("<ogc:Filter xmlns:ogc=\"http://www.opengis.net/ogc\" ");
            stringBuffer3.append("xmlns:gml=\"http://www.opengis.net/gml\">");
            stringBuffer3.append("<ogc:And>").append(stringBuffer2).append("</ogc:And></ogc:Filter>");
            stringBuffer = stringBuffer3;
        } else {
            StringBuffer stringBuffer4 = new StringBuffer();
            stringBuffer4.append("<ogc:Filter xmlns:ogc=\"http://www.opengis.net/ogc\" ");
            stringBuffer4.append("xmlns:gml=\"http://www.opengis.net/gml\">");
            stringBuffer4.append(stringBuffer2).append("</ogc:Filter>");
            stringBuffer = stringBuffer4;
        }
        return stringBuffer.toString();
    }
}
