package org.springframework.security.acls.jdbc;

import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.List;
import javax.sql.DataSource;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.BatchPreparedStatementSetter;
import org.springframework.security.acls.domain.AccessControlEntryImpl;
import org.springframework.security.acls.domain.GrantedAuthoritySid;
import org.springframework.security.acls.domain.ObjectIdentityImpl;
import org.springframework.security.acls.domain.PrincipalSid;
import org.springframework.security.acls.model.AccessControlEntry;
import org.springframework.security.acls.model.Acl;
import org.springframework.security.acls.model.AclCache;
import org.springframework.security.acls.model.AlreadyExistsException;
import org.springframework.security.acls.model.ChildrenExistException;
import org.springframework.security.acls.model.MutableAcl;
import org.springframework.security.acls.model.MutableAclService;
import org.springframework.security.acls.model.NotFoundException;
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.security.acls.model.Sid;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.transaction.support.TransactionSynchronizationManager;
import org.springframework.util.Assert;

/* loaded from: input_file:fk-admin-ui-war-3.0.10.war:WEB-INF/lib/spring-security-acl-3.1.1.RELEASE.jar:org/springframework/security/acls/jdbc/JdbcMutableAclService.class */
public class JdbcMutableAclService extends JdbcAclService implements MutableAclService {
    private boolean foreignKeysInDatabase;
    private final AclCache aclCache;
    private String deleteEntryByObjectIdentityForeignKey;
    private String deleteObjectIdentityByPrimaryKey;
    private String classIdentityQuery;
    private String sidIdentityQuery;
    private String insertClass;
    private String insertEntry;
    private String insertObjectIdentity;
    private String insertSid;
    private String selectClassPrimaryKey;
    private String selectObjectIdentityPrimaryKey;
    private String selectSidPrimaryKey;
    private String updateObjectIdentity;

    public JdbcMutableAclService(DataSource dataSource, LookupStrategy lookupStrategy, AclCache aclCache) {
        super(dataSource, lookupStrategy);
        this.foreignKeysInDatabase = true;
        this.deleteEntryByObjectIdentityForeignKey = "delete from acl_entry where acl_object_identity=?";
        this.deleteObjectIdentityByPrimaryKey = "delete from acl_object_identity where id=?";
        this.classIdentityQuery = "call identity()";
        this.sidIdentityQuery = "call identity()";
        this.insertClass = "insert into acl_class (class) values (?)";
        this.insertEntry = "insert into acl_entry (acl_object_identity, ace_order, sid, mask, granting, audit_success, audit_failure)values (?, ?, ?, ?, ?, ?, ?)";
        this.insertObjectIdentity = "insert into acl_object_identity (object_id_class, object_id_identity, owner_sid, entries_inheriting) values (?, ?, ?, ?)";
        this.insertSid = "insert into acl_sid (principal, sid) values (?, ?)";
        this.selectClassPrimaryKey = "select id from acl_class where class=?";
        this.selectObjectIdentityPrimaryKey = "select acl_object_identity.id from acl_object_identity, acl_class where acl_object_identity.object_id_class = acl_class.id and acl_class.class=? and acl_object_identity.object_id_identity = ?";
        this.selectSidPrimaryKey = "select id from acl_sid where principal=? and sid=?";
        this.updateObjectIdentity = "update acl_object_identity set parent_object = ?, owner_sid = ?, entries_inheriting = ? where id = ?";
        Assert.notNull(aclCache, "AclCache required");
        this.aclCache = aclCache;
    }

    @Override // org.springframework.security.acls.model.MutableAclService
    public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
        Assert.notNull(objectIdentity, "Object Identity required");
        if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) {
            throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
        }
        createObjectIdentity(objectIdentity, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()));
        Acl readAclById = readAclById(objectIdentity);
        Assert.isInstanceOf(MutableAcl.class, readAclById, "MutableAcl should be been returned");
        return (MutableAcl) readAclById;
    }

    protected void createEntries(final MutableAcl mutableAcl) {
        this.jdbcTemplate.batchUpdate(this.insertEntry, new BatchPreparedStatementSetter() { // from class: org.springframework.security.acls.jdbc.JdbcMutableAclService.1
            @Override // org.springframework.jdbc.core.BatchPreparedStatementSetter
            public int getBatchSize() {
                return mutableAcl.getEntries().size();
            }

            @Override // org.springframework.jdbc.core.BatchPreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement, int i) throws SQLException {
                AccessControlEntry accessControlEntry = mutableAcl.getEntries().get(i);
                Assert.isTrue(accessControlEntry instanceof AccessControlEntryImpl, "Unknown ACE class");
                AccessControlEntryImpl accessControlEntryImpl = (AccessControlEntryImpl) accessControlEntry;
                preparedStatement.setLong(1, ((Long) mutableAcl.getId()).longValue());
                preparedStatement.setInt(2, i);
                preparedStatement.setLong(3, JdbcMutableAclService.this.createOrRetrieveSidPrimaryKey(accessControlEntryImpl.getSid(), true).longValue());
                preparedStatement.setInt(4, accessControlEntryImpl.getPermission().getMask());
                preparedStatement.setBoolean(5, accessControlEntryImpl.isGranting());
                preparedStatement.setBoolean(6, accessControlEntryImpl.isAuditSuccess());
                preparedStatement.setBoolean(7, accessControlEntryImpl.isAuditFailure());
            }
        });
    }

    protected void createObjectIdentity(ObjectIdentity objectIdentity, Sid sid) {
        Long createOrRetrieveSidPrimaryKey = createOrRetrieveSidPrimaryKey(sid, true);
        this.jdbcTemplate.update(this.insertObjectIdentity, createOrRetrieveClassPrimaryKey(objectIdentity.getType(), true), objectIdentity.getIdentifier(), createOrRetrieveSidPrimaryKey, Boolean.TRUE);
    }

    protected Long createOrRetrieveClassPrimaryKey(String str, boolean z) {
        List queryForList = this.jdbcTemplate.queryForList(this.selectClassPrimaryKey, new Object[]{str}, Long.class);
        if (!queryForList.isEmpty()) {
            return (Long) queryForList.get(0);
        }
        if (!z) {
            return null;
        }
        this.jdbcTemplate.update(this.insertClass, str);
        Assert.isTrue(TransactionSynchronizationManager.isSynchronizationActive(), "Transaction must be running");
        return new Long(this.jdbcTemplate.queryForLong(this.classIdentityQuery));
    }

    protected Long createOrRetrieveSidPrimaryKey(Sid sid, boolean z) {
        String grantedAuthority;
        Assert.notNull(sid, "Sid required");
        boolean z2 = true;
        if (sid instanceof PrincipalSid) {
            grantedAuthority = ((PrincipalSid) sid).getPrincipal();
        } else {
            if (!(sid instanceof GrantedAuthoritySid)) {
                throw new IllegalArgumentException("Unsupported implementation of Sid");
            }
            grantedAuthority = ((GrantedAuthoritySid) sid).getGrantedAuthority();
            z2 = false;
        }
        List queryForList = this.jdbcTemplate.queryForList(this.selectSidPrimaryKey, new Object[]{Boolean.valueOf(z2), grantedAuthority}, Long.class);
        if (!queryForList.isEmpty()) {
            return (Long) queryForList.get(0);
        }
        if (!z) {
            return null;
        }
        this.jdbcTemplate.update(this.insertSid, Boolean.valueOf(z2), grantedAuthority);
        Assert.isTrue(TransactionSynchronizationManager.isSynchronizationActive(), "Transaction must be running");
        return new Long(this.jdbcTemplate.queryForLong(this.sidIdentityQuery));
    }

    @Override // org.springframework.security.acls.model.MutableAclService
    public void deleteAcl(ObjectIdentity objectIdentity, boolean z) throws ChildrenExistException {
        List<ObjectIdentity> findChildren;
        Assert.notNull(objectIdentity, "Object Identity required");
        Assert.notNull(objectIdentity.getIdentifier(), "Object Identity doesn't provide an identifier");
        if (z) {
            List<ObjectIdentity> findChildren2 = findChildren(objectIdentity);
            if (findChildren2 != null) {
                Iterator<ObjectIdentity> it = findChildren2.iterator();
                while (it.hasNext()) {
                    deleteAcl(it.next(), true);
                }
            }
        } else if (!this.foreignKeysInDatabase && (findChildren = findChildren(objectIdentity)) != null) {
            throw new ChildrenExistException("Cannot delete '" + objectIdentity + "' (has " + findChildren.size() + " children)");
        }
        Long retrieveObjectIdentityPrimaryKey = retrieveObjectIdentityPrimaryKey(objectIdentity);
        deleteEntries(retrieveObjectIdentityPrimaryKey);
        deleteObjectIdentity(retrieveObjectIdentityPrimaryKey);
        this.aclCache.evictFromCache(objectIdentity);
    }

    protected void deleteEntries(Long l) {
        this.jdbcTemplate.update(this.deleteEntryByObjectIdentityForeignKey, l);
    }

    protected void deleteObjectIdentity(Long l) {
        this.jdbcTemplate.update(this.deleteObjectIdentityByPrimaryKey, l);
    }

    protected Long retrieveObjectIdentityPrimaryKey(ObjectIdentity objectIdentity) {
        try {
            return new Long(this.jdbcTemplate.queryForLong(this.selectObjectIdentityPrimaryKey, objectIdentity.getType(), objectIdentity.getIdentifier()));
        } catch (DataAccessException e) {
            return null;
        }
    }

    @Override // org.springframework.security.acls.model.MutableAclService
    public MutableAcl updateAcl(MutableAcl mutableAcl) throws NotFoundException {
        Assert.notNull(mutableAcl.getId(), "Object Identity doesn't provide an identifier");
        deleteEntries(retrieveObjectIdentityPrimaryKey(mutableAcl.getObjectIdentity()));
        createEntries(mutableAcl);
        updateObjectIdentity(mutableAcl);
        clearCacheIncludingChildren(mutableAcl.getObjectIdentity());
        return (MutableAcl) super.readAclById(mutableAcl.getObjectIdentity());
    }

    private void clearCacheIncludingChildren(ObjectIdentity objectIdentity) {
        Assert.notNull(objectIdentity, "ObjectIdentity required");
        List<ObjectIdentity> findChildren = findChildren(objectIdentity);
        if (findChildren != null) {
            Iterator<ObjectIdentity> it = findChildren.iterator();
            while (it.hasNext()) {
                clearCacheIncludingChildren(it.next());
            }
        }
        this.aclCache.evictFromCache(objectIdentity);
    }

    protected void updateObjectIdentity(MutableAcl mutableAcl) {
        Long l = null;
        if (mutableAcl.getParentAcl() != null) {
            Assert.isInstanceOf(ObjectIdentityImpl.class, mutableAcl.getParentAcl().getObjectIdentity(), "Implementation only supports ObjectIdentityImpl");
            l = retrieveObjectIdentityPrimaryKey((ObjectIdentityImpl) mutableAcl.getParentAcl().getObjectIdentity());
        }
        Assert.notNull(mutableAcl.getOwner(), "Owner is required in this implementation");
        if (this.jdbcTemplate.update(this.updateObjectIdentity, l, createOrRetrieveSidPrimaryKey(mutableAcl.getOwner(), true), Boolean.valueOf(mutableAcl.isEntriesInheriting()), mutableAcl.getId()) != 1) {
            throw new NotFoundException("Unable to locate ACL to update");
        }
    }

    public void setClassIdentityQuery(String str) {
        Assert.hasText(str, "New classIdentityQuery query is required");
        this.classIdentityQuery = str;
    }

    public void setSidIdentityQuery(String str) {
        Assert.hasText(str, "New sidIdentityQuery query is required");
        this.sidIdentityQuery = str;
    }

    public void setDeleteEntryByObjectIdentityForeignKeySql(String str) {
        this.deleteEntryByObjectIdentityForeignKey = str;
    }

    public void setDeleteObjectIdentityByPrimaryKeySql(String str) {
        this.deleteObjectIdentityByPrimaryKey = str;
    }

    public void setInsertClassSql(String str) {
        this.insertClass = str;
    }

    public void setInsertEntrySql(String str) {
        this.insertEntry = str;
    }

    public void setInsertObjectIdentitySql(String str) {
        this.insertObjectIdentity = str;
    }

    public void setInsertSidSql(String str) {
        this.insertSid = str;
    }

    public void setClassPrimaryKeyQuery(String str) {
        this.selectClassPrimaryKey = str;
    }

    public void setObjectIdentityPrimaryKeyQuery(String str) {
        this.selectObjectIdentityPrimaryKey = str;
    }

    public void setSidPrimaryKeyQuery(String str) {
        this.selectSidPrimaryKey = str;
    }

    public void setUpdateObjectIdentity(String str) {
        this.updateObjectIdentity = str;
    }

    public void setForeignKeysInDatabase(boolean z) {
        this.foreignKeysInDatabase = z;
    }
}
