package org.apache.jetspeed.page;

import java.security.AccessController;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.security.auth.Subject;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.om.page.SecurityConstraintImpl;
import org.apache.jetspeed.om.page.SecurityConstraintsDef;
import org.apache.jetspeed.page.document.DocumentException;
import org.apache.jetspeed.security.GroupPrincipal;
import org.apache.jetspeed.security.JSSubject;
import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.UserPrincipal;

/* loaded from: input_file:portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-page-manager-2.1.4.jar:org/apache/jetspeed/page/PageManagerSecurityUtils.class */
public class PageManagerSecurityUtils {
    public static boolean checkConstraint(SecurityConstraintsDef securityConstraintsDef, String str) throws DocumentException {
        List parseCSVList = SecurityConstraintImpl.parseCSVList(str);
        List list = null;
        if (parseCSVList.size() != 1) {
            list = parseCSVList;
            parseCSVList = null;
            if (list.remove(JetspeedActions.VIEW)) {
                parseCSVList = new ArrayList(1);
                parseCSVList.add(JetspeedActions.VIEW);
            }
        } else if (!parseCSVList.contains(JetspeedActions.VIEW)) {
            list = parseCSVList;
            parseCSVList = null;
        }
        Subject subject = JSSubject.getSubject(AccessController.getContext());
        if (subject == null) {
            throw new SecurityException("Security Consraint Check: Missing JSSubject");
        }
        LinkedList linkedList = null;
        LinkedList linkedList2 = null;
        LinkedList linkedList3 = null;
        for (Principal principal : subject.getPrincipals()) {
            if (principal instanceof UserPrincipal) {
                if (linkedList == null) {
                    linkedList = new LinkedList();
                }
                linkedList.add(principal.getName());
            } else if (principal instanceof RolePrincipal) {
                if (linkedList2 == null) {
                    linkedList2 = new LinkedList();
                }
                linkedList2.add(principal.getName());
            } else if (principal instanceof GroupPrincipal) {
                if (linkedList3 == null) {
                    linkedList3 = new LinkedList();
                }
                linkedList3.add(principal.getName());
            }
        }
        boolean checkConstraints = parseCSVList != null ? checkConstraints(parseCSVList, linkedList, linkedList2, linkedList3, securityConstraintsDef) : false;
        if (list != null) {
            checkConstraints = checkConstraints(list, linkedList, linkedList2, linkedList3, securityConstraintsDef);
        }
        return checkConstraints;
    }

    public static boolean checkConstraints(List list, List list2, List list3, List list4, SecurityConstraintsDef securityConstraintsDef) throws DocumentException {
        List securityConstraints = securityConstraintsDef.getSecurityConstraints();
        if (securityConstraints == null || securityConstraints.isEmpty()) {
            return list.isEmpty();
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            boolean z = false;
            boolean z2 = false;
            boolean z3 = true;
            Iterator it2 = securityConstraints.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                SecurityConstraintImpl securityConstraintImpl = (SecurityConstraintImpl) it2.next();
                if (securityConstraintImpl.getPermissions() != null) {
                    z3 = true;
                    if (securityConstraintImpl.actionMatch(str) && securityConstraintImpl.principalsMatch(list2, list3, list4, true)) {
                        z = true;
                        break;
                    }
                } else if (securityConstraintImpl.principalsMatch(list2, list3, list4, false)) {
                    z2 = true;
                    break;
                }
            }
            if ((!z && z3) || z2) {
                return false;
            }
        }
        return true;
    }
}
