package org.apache.jackrabbit.core.security.jboss;

import java.io.FileInputStream;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Properties;
import java.util.Set;
import javax.jcr.AccessDeniedException;
import javax.jcr.ItemNotFoundException;
import javax.jcr.NoSuchWorkspaceException;
import javax.jcr.RepositoryException;
import javax.security.auth.Subject;
import org.apache.jackrabbit.core.HierarchyManager;
import org.apache.jackrabbit.core.ItemId;
import org.apache.jackrabbit.core.security.AMContext;
import org.apache.jackrabbit.core.security.AccessManager;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jackrabbit/core/security/jboss/SimpleJbossAccessManager.class */
public class SimpleJbossAccessManager implements AccessManager {
    private static Logger log = LoggerFactory.getLogger(SimpleJbossAccessManager.class);
    protected Subject subject;
    protected HierarchyManager hierMgr;
    private boolean initialized = false;
    protected boolean anonymous = false;
    protected boolean system = false;

    public void init(AMContext aMContext) throws AccessDeniedException, Exception {
        if (this.initialized) {
            throw new IllegalStateException("already initialized");
        }
        this.subject = aMContext.getSubject();
        this.hierMgr = aMContext.getHierarchyManager();
        Set<Principal> principals = this.subject.getPrincipals();
        Properties properties = new Properties();
        String str = aMContext.getHomeDir() + "/rolemappings.properties";
        FileInputStream fileInputStream = new FileInputStream(str);
        properties.load(fileInputStream);
        fileInputStream.close();
        log.info("Load jbossgroup role mappings from " + str);
        Iterator<Principal> it = principals.iterator();
        while (it.hasNext()) {
            SimpleGroup simpleGroup = (Principal) it.next();
            if (simpleGroup.getName().equalsIgnoreCase("Roles")) {
                Enumeration members = simpleGroup.members();
                while (members.hasMoreElements()) {
                    String property = properties.getProperty(((SimplePrincipal) members.nextElement()).getName());
                    if (property != null && property.equalsIgnoreCase("full")) {
                        this.system = true;
                    } else if (property != null && property.equalsIgnoreCase("read")) {
                        this.anonymous = true;
                    }
                }
            }
        }
        this.initialized = true;
    }

    public synchronized void close() throws Exception {
        if (!this.initialized) {
            throw new IllegalStateException("not initialized");
        }
        this.initialized = false;
    }

    public void checkPermission(ItemId itemId, int i) throws AccessDeniedException, ItemNotFoundException, RepositoryException {
        if (!this.initialized) {
            throw new IllegalStateException("not initialized");
        }
        if (this.system) {
            return;
        }
        if (!this.anonymous) {
            throw new AccessDeniedException();
        }
        if ((i & 2) == 2 || (i & 4) == 4) {
            throw new AccessDeniedException();
        }
    }

    public boolean isGranted(ItemId itemId, int i) throws ItemNotFoundException, RepositoryException {
        if (!this.initialized) {
            throw new IllegalStateException("not initialized");
        }
        if (this.system) {
            return true;
        }
        return (!this.anonymous || (i & 2) == 2 || (i & 4) == 4) ? false : true;
    }

    public boolean canAccess(String str) throws NoSuchWorkspaceException, RepositoryException {
        return this.system || this.anonymous;
    }
}
