package org.linid.dm.authorization;

import java.util.ArrayList;
import java.util.Collection;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import org.linid.dm.authorization.ger.GerImplementation;
import org.springframework.ldap.core.ContextSource;

/* loaded from: input_file:WEB-INF/lib/authorization-2.0.1.jar:org/linid/dm/authorization/GERAuthorizationModule.class */
public class GERAuthorizationModule implements AuthorizationModule {
    public static final String ENTRY_KEYWORD = "entry";
    public static String name = "ger";
    private ContextSource ldapContext;
    public static final String DEFAULT_LDAP_FILTER = "objectClass=*";
    private GerImplementation implementation;

    public GERAuthorizationModule(GerImplementation gerImplementation) {
        this.implementation = gerImplementation;
    }

    @Override // org.linid.dm.authorization.AuthorizationModule
    public boolean eval(String str, String str2, EnumSet<AuthorizationType> enumSet, Properties properties) {
        String property = properties.getProperty(AuthorizationModule.AUTHORIZATION_ATTRIBUTE_PARAMETER_NAME);
        if (property == null || property.length() == 0) {
            throw new RuntimeException("Attribute name cannot be null");
        }
        Collection<String> eval = eval(str, str2, enumSet, property);
        return eval.size() == 1 && property.equals(eval.iterator().next());
    }

    @Override // org.linid.dm.authorization.AuthorizationModule
    public boolean eval(String str, String str2, EnumSet<AuthorizationType> enumSet) {
        return eval(str, str2, enumSet, "entry").size() > 0;
    }

    @Override // org.linid.dm.authorization.AuthorizationModule
    public Collection<String> eval(String str, String str2, EnumSet<AuthorizationType> enumSet, Collection<String> collection) {
        return eval(str, str2, enumSet, (String[]) collection.toArray(new String[collection.size()]));
    }

    @Override // org.linid.dm.authorization.AuthorizationModule
    public Collection<String> eval(String str, String str2, EnumSet<AuthorizationType> enumSet, String... strArr) {
        ArrayList arrayList = new ArrayList();
        if (null == strArr) {
            return arrayList;
        }
        for (String str3 : strArr) {
            if (evalAttribute(this.ldapContext, str2, enumSet, str3)) {
                arrayList.add(str3);
            }
        }
        return arrayList;
    }

    public Map<String, List<AuthorizationType>> parse(SearchResult searchResult) throws NumberFormatException, NamingException {
        return this.implementation.parse(searchResult);
    }

    private boolean evalAttribute(ContextSource contextSource, String str, EnumSet<AuthorizationType> enumSet, String str2) {
        SearchControls searchControls = new SearchControls();
        try {
            searchControls.setSearchScope(0);
            searchControls.setReturningAttributes(new String[]{str2});
            NamingEnumeration search = !enumSet.contains(AuthorizationType.CREATE) ? contextSource.getReadOnlyContext().search(str, DEFAULT_LDAP_FILTER, searchControls) : contextSource.getReadOnlyContext().search(new LdapName(str).getSuffix(1).toString(), DEFAULT_LDAP_FILTER, searchControls);
            if (!search.hasMore()) {
                return false;
            }
            SearchResult searchResult = (SearchResult) search.next();
            if (search.hasMore()) {
                return false;
            }
            Iterator it = enumSet.iterator();
            while (it.hasNext()) {
                AuthorizationType authorizationType = (AuthorizationType) it.next();
                switch (authorizationType) {
                    case CREATE:
                        if (parse(searchResult).get("entry") != null && parse(searchResult).get("entry").contains(AuthorizationType.CREATE)) {
                            break;
                        } else {
                            return false;
                        }
                        break;
                    case AUTHENTICATION:
                    case COMPARE:
                    case DELETE:
                    case READ:
                    case SEARCH:
                    case MODIFY:
                    case WRITE:
                        if (parse(searchResult).get(str2) != null && parse(searchResult).get(str2).contains(authorizationType)) {
                            break;
                        } else {
                            return false;
                        }
                        break;
                    case UNKNOWN:
                        return false;
                }
            }
            return true;
        } catch (NamingException e) {
            throw new RuntimeException(e.toString(), e);
        }
    }

    public void setLdapContext(ContextSource contextSource) {
        this.ldapContext = contextSource;
    }
}
