package org.jboss.seam.security;

import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import org.drools.FactHandle;
import org.drools.RuleBase;
import org.drools.StatefulSession;
import org.drools.base.ClassObjectFilter;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;

@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@BypassInterceptors
@Install(precedence = 10, classDependencies = {"org.drools.WorkingMemory"})
@Startup
/* loaded from: input_file:jboss-seam-2.0.0.GA.jar:org/jboss/seam/security/RuleBasedIdentity.class */
public class RuleBasedIdentity extends Identity {
    private static final long serialVersionUID = -2798083003251077858L;
    public static final String RULES_COMPONENT_NAME = "securityRules";
    private static final LogProvider log = Logging.getLogProvider(RuleBasedIdentity.class);
    private StatefulSession securityContext;
    private RuleBase securityRules;

    @Override // org.jboss.seam.security.Identity
    public void create() {
        super.create();
        initSecurityContext();
    }

    protected void initSecurityContext() {
        if (this.securityRules == null) {
            this.securityRules = (RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true);
        }
        if (this.securityRules != null) {
            this.securityContext = this.securityRules.newStatefulSession(false);
        }
        if (this.securityContext == null) {
            log.warn("no security rule base available - please install a RuleBase with the name 'securityRules' if permission checks are required.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.seam.security.Identity
    public void postAuthenticate() {
        super.postAuthenticate();
        StatefulSession securityContext = getSecurityContext();
        if (securityContext != null) {
            for (Principal principal : getSubject().getPrincipals()) {
                if ((principal instanceof Group) && Identity.ROLES_GROUP.equals(((Group) principal).getName())) {
                    Enumeration<? extends Principal> members = ((Group) principal).members();
                    while (members.hasMoreElements()) {
                        securityContext.insert(new Role(members.nextElement().getName()));
                    }
                }
            }
            securityContext.insert(getPrincipal());
        }
    }

    @Override // org.jboss.seam.security.Identity
    public boolean hasPermission(String str, String str2, Object... objArr) {
        StatefulSession securityContext = getSecurityContext();
        if (securityContext == null) {
            return false;
        }
        ArrayList arrayList = new ArrayList();
        PermissionCheck permissionCheck = new PermissionCheck(str, str2);
        synchronized (securityContext) {
            arrayList.add(securityContext.insert(permissionCheck));
            for (int i = 0; i < objArr.length; i++) {
                if (i == 0 && (objArr[0] instanceof Collection)) {
                    for (Object obj : (Collection) objArr[i]) {
                        if (securityContext.getFactHandle(obj) == null) {
                            arrayList.add(securityContext.insert(obj));
                        }
                    }
                } else {
                    arrayList.add(securityContext.insert(objArr[i]));
                }
            }
            securityContext.fireAllRules();
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                securityContext.retract((FactHandle) it.next());
            }
        }
        return permissionCheck.isGranted();
    }

    @Override // org.jboss.seam.security.Identity
    public boolean hasRole(String str) {
        if (this.securityContext != null) {
            Iterator iterateObjects = this.securityContext.iterateObjects(new ClassObjectFilter(Role.class));
            while (iterateObjects.hasNext()) {
                if (((Role) iterateObjects.next()).getName().equals(str)) {
                    return true;
                }
            }
        }
        return super.hasRole(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.seam.security.Identity
    public void unAuthenticate() {
        StatefulSession securityContext = getSecurityContext();
        if (securityContext != null) {
            Iterator iterateObjects = securityContext.iterateObjects(new ClassObjectFilter(Role.class));
            while (iterateObjects.hasNext()) {
                getSecurityContext().retract(securityContext.getFactHandle(iterateObjects.next()));
            }
        }
        super.unAuthenticate();
    }

    @Override // org.jboss.seam.security.Identity
    public boolean addRole(String str) {
        if (!super.addRole(str) || getSecurityContext() == null) {
            return false;
        }
        getSecurityContext().insert(new Role(str));
        return true;
    }

    @Override // org.jboss.seam.security.Identity
    public void removeRole(String str) {
        StatefulSession securityContext = getSecurityContext();
        if (securityContext != null) {
            Iterator iterateObjects = securityContext.iterateObjects(new ClassObjectFilter(Role.class));
            while (true) {
                if (!iterateObjects.hasNext()) {
                    break;
                }
                Role role = (Role) iterateObjects.next();
                if (role.getName().equals(str)) {
                    getSecurityContext().retract(getSecurityContext().getFactHandle(role));
                    break;
                }
            }
        }
        super.removeRole(str);
    }

    public StatefulSession getSecurityContext() {
        return this.securityContext;
    }

    public void setSecurityContext(StatefulSession statefulSession) {
        this.securityContext = statefulSession;
    }

    public RuleBase getSecurityRules() {
        return this.securityRules;
    }

    public void setSecurityRules(RuleBase ruleBase) {
        this.securityRules = ruleBase;
    }
}
