package org.jboss.as.ejb3.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContextException;
import org.jboss.as.ee.component.ComponentConfiguration;
import org.jboss.as.ee.component.ComponentDescription;
import org.jboss.as.ee.component.EEModuleConfiguration;
import org.jboss.as.ee.component.ViewDescription;
import org.jboss.as.ejb3.EJBMethodIdentifier;
import org.jboss.as.ejb3.component.EJBComponentDescription;
import org.jboss.as.ejb3.component.EJBViewDescription;
import org.jboss.as.ejb3.component.MethodIntf;
import org.jboss.as.ejb3.component.session.SessionBeanComponentDescription;
import org.jboss.as.security.service.JaccService;
import org.jboss.invocation.proxy.MethodIdentifier;
import org.jboss.metadata.ejb.spec.MethodInterfaceType;

/* loaded from: input_file:org/jboss/as/ejb3/security/EjbJaccService.class */
public class EjbJaccService extends JaccService<EEModuleConfiguration> {
    public EjbJaccService(String str, EEModuleConfiguration eEModuleConfiguration, Boolean bool) {
        super(str, eEModuleConfiguration, bool);
    }

    public void createPermissions(EEModuleConfiguration eEModuleConfiguration, PolicyConfiguration policyConfiguration) throws PolicyContextException {
        Collection componentConfigurations = eEModuleConfiguration.getComponentConfigurations();
        if (componentConfigurations != null) {
            Iterator it = componentConfigurations.iterator();
            while (it.hasNext()) {
                ComponentDescription componentDescription = ((ComponentConfiguration) it.next()).getComponentDescription();
                if (componentDescription instanceof EJBComponentDescription) {
                    EJBComponentDescription eJBComponentDescription = (EJBComponentDescription) EJBComponentDescription.class.cast(componentDescription);
                    String eJBClassName = eJBComponentDescription.getEJBClassName();
                    String eJBName = eJBComponentDescription.getEJBName();
                    boolean z = true;
                    boolean z2 = true;
                    ArrayList arrayList = new ArrayList();
                    ArrayList arrayList2 = new ArrayList();
                    for (ViewDescription viewDescription : eJBComponentDescription.getViews()) {
                        String viewClassName = viewDescription.getViewClassName();
                        if (eJBComponentDescription.isDenyAllApplicableToClass(viewClassName, eJBClassName)) {
                            arrayList.add(new EJBMethodPermission(eJBName, (String) null, getMethodInterfaceType(((EJBViewDescription) EJBViewDescription.class.cast(viewDescription)).getMethodIntf()).name(), (String[]) null));
                        } else {
                            z = false;
                        }
                        if (eJBComponentDescription.isPermitAllApplicableToClass(viewClassName, eJBClassName)) {
                            arrayList2.add(new EJBMethodPermission(eJBName, (String) null, getMethodInterfaceType(((EJBViewDescription) EJBViewDescription.class.cast(viewDescription)).getMethodIntf()).name(), (String[]) null));
                        } else {
                            z2 = false;
                        }
                        Iterator<String> it2 = eJBComponentDescription.getRolesAllowedForClass(viewClassName, eJBClassName).iterator();
                        while (it2.hasNext()) {
                            policyConfiguration.addToRole(it2.next(), new EJBMethodPermission(eJBName, (String) null, (String) null, (String[]) null));
                        }
                        Iterator<EJBMethodIdentifier> it3 = eJBComponentDescription.getDenyAllMethodsForView(viewClassName).iterator();
                        while (it3.hasNext()) {
                            MethodIdentifier methodIdentifier = it3.next().getMethodIdentifier();
                            policyConfiguration.addToExcludedPolicy(new EJBMethodPermission(eJBName, methodIdentifier.getName(), getMethodInterfaceType(((EJBViewDescription) EJBViewDescription.class.cast(viewDescription)).getMethodIntf()).name(), methodIdentifier.getParameterTypes()));
                        }
                        Iterator<EJBMethodIdentifier> it4 = eJBComponentDescription.getPermitAllMethodsForView(viewClassName).iterator();
                        while (it4.hasNext()) {
                            MethodIdentifier methodIdentifier2 = it4.next().getMethodIdentifier();
                            policyConfiguration.addToUncheckedPolicy(new EJBMethodPermission(eJBName, methodIdentifier2.getName(), getMethodInterfaceType(((EJBViewDescription) EJBViewDescription.class.cast(viewDescription)).getMethodIntf()).name(), methodIdentifier2.getParameterTypes()));
                        }
                        for (Map.Entry<EJBMethodIdentifier, Set<String>> entry : eJBComponentDescription.getRolesAllowed(viewClassName).entrySet()) {
                            MethodIdentifier methodIdentifier3 = entry.getKey().getMethodIdentifier();
                            MethodInterfaceType methodInterfaceType = getMethodInterfaceType(((EJBViewDescription) EJBViewDescription.class.cast(viewDescription)).getMethodIntf());
                            Iterator<String> it5 = entry.getValue().iterator();
                            while (it5.hasNext()) {
                                policyConfiguration.addToRole(it5.next(), new EJBMethodPermission(eJBName, methodIdentifier3.getName(), methodInterfaceType.name(), methodIdentifier3.getParameterTypes()));
                            }
                        }
                    }
                    if (z) {
                        arrayList = new ArrayList();
                        arrayList.add(new EJBMethodPermission(eJBName, (String) null, (String) null, (String[]) null));
                    }
                    Iterator it6 = arrayList.iterator();
                    while (it6.hasNext()) {
                        policyConfiguration.addToExcludedPolicy((EJBMethodPermission) it6.next());
                    }
                    if (z2) {
                        arrayList2 = new ArrayList();
                        arrayList2.add(new EJBMethodPermission(eJBName, (String) null, (String) null, (String[]) null));
                    }
                    Iterator it7 = arrayList2.iterator();
                    while (it7.hasNext()) {
                        policyConfiguration.addToUncheckedPolicy((EJBMethodPermission) it7.next());
                    }
                    for (Map.Entry<String, Collection<String>> entry2 : eJBComponentDescription.getSecurityRoleLinks().entrySet()) {
                        String key = entry2.getKey();
                        Iterator<String> it8 = entry2.getValue().iterator();
                        while (it8.hasNext()) {
                            policyConfiguration.addToRole(it8.next(), new EJBRoleRefPermission(eJBName, key));
                        }
                    }
                    if ((eJBComponentDescription instanceof SessionBeanComponentDescription) && ((SessionBeanComponentDescription) SessionBeanComponentDescription.class.cast(eJBComponentDescription)).isStateful()) {
                        policyConfiguration.addToUncheckedPolicy(new EJBMethodPermission(eJBName, "getEJBObject", "Home", (String[]) null));
                    }
                }
            }
        }
    }

    protected MethodInterfaceType getMethodInterfaceType(MethodIntf methodIntf) {
        switch (methodIntf) {
            case HOME:
                return MethodInterfaceType.Home;
            case LOCAL_HOME:
                return MethodInterfaceType.LocalHome;
            case SERVICE_ENDPOINT:
                return MethodInterfaceType.ServiceEndpoint;
            case LOCAL:
                return MethodInterfaceType.Local;
            case REMOTE:
                return MethodInterfaceType.Remote;
            case TIMER:
                return MethodInterfaceType.Timer;
            case MESSAGE_ENDPOINT:
                return MethodInterfaceType.MessageEndpoint;
            default:
                return null;
        }
    }
}
