package org.springframework.security.acls.domain;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.IOUtils;
import org.springframework.security.acls.model.AccessControlEntry;
import org.springframework.security.acls.model.Acl;
import org.springframework.security.acls.model.AuditableAcl;
import org.springframework.security.acls.model.MutableAcl;
import org.springframework.security.acls.model.NotFoundException;
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.security.acls.model.OwnershipAcl;
import org.springframework.security.acls.model.Permission;
import org.springframework.security.acls.model.PermissionGrantingStrategy;
import org.springframework.security.acls.model.Sid;
import org.springframework.security.acls.model.UnloadedSidException;
import org.springframework.util.Assert;

/* loaded from: input_file:fk-ui-war-2.0.2.war:WEB-INF/lib/spring-security-acl-3.1.1.RELEASE.jar:org/springframework/security/acls/domain/AclImpl.class */
public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
    private Acl parentAcl;
    private transient AclAuthorizationStrategy aclAuthorizationStrategy;
    private transient PermissionGrantingStrategy permissionGrantingStrategy;
    private final List<AccessControlEntry> aces;
    private ObjectIdentity objectIdentity;
    private Serializable id;
    private Sid owner;
    private List<Sid> loadedSids;
    private boolean entriesInheriting;

    public AclImpl(ObjectIdentity objectIdentity, Serializable serializable, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger) {
        this.aces = new ArrayList();
        this.loadedSids = null;
        this.entriesInheriting = true;
        Assert.notNull(objectIdentity, "Object Identity required");
        Assert.notNull(serializable, "Id required");
        Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
        Assert.notNull(auditLogger, "AuditLogger required");
        this.objectIdentity = objectIdentity;
        this.id = serializable;
        this.aclAuthorizationStrategy = aclAuthorizationStrategy;
        this.permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
    }

    @Deprecated
    public AclImpl(ObjectIdentity objectIdentity, Serializable serializable, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger, Acl acl, List<Sid> list, boolean z, Sid sid) {
        this(objectIdentity, serializable, aclAuthorizationStrategy, new DefaultPermissionGrantingStrategy(auditLogger), acl, list, z, sid);
    }

    public AclImpl(ObjectIdentity objectIdentity, Serializable serializable, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy permissionGrantingStrategy, Acl acl, List<Sid> list, boolean z, Sid sid) {
        this.aces = new ArrayList();
        this.loadedSids = null;
        this.entriesInheriting = true;
        Assert.notNull(objectIdentity, "Object Identity required");
        Assert.notNull(serializable, "Id required");
        Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
        Assert.notNull(sid, "Owner required");
        this.objectIdentity = objectIdentity;
        this.id = serializable;
        this.aclAuthorizationStrategy = aclAuthorizationStrategy;
        this.parentAcl = acl;
        this.loadedSids = list;
        this.entriesInheriting = z;
        this.owner = sid;
        this.permissionGrantingStrategy = permissionGrantingStrategy;
    }

    private AclImpl() {
        this.aces = new ArrayList();
        this.loadedSids = null;
        this.entriesInheriting = true;
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public void deleteAce(int i) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        verifyAceIndexExists(i);
        synchronized (this.aces) {
            this.aces.remove(i);
        }
    }

    private void verifyAceIndexExists(int i) {
        if (i < 0) {
            throw new NotFoundException("aceIndex must be greater than or equal to zero");
        }
        if (i >= this.aces.size()) {
            throw new NotFoundException("aceIndex must refer to an index of the AccessControlEntry list. List size is " + this.aces.size() + ", index was " + i);
        }
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public void insertAce(int i, Permission permission, Sid sid, boolean z) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        Assert.notNull(permission, "Permission required");
        Assert.notNull(sid, "Sid required");
        if (i < 0) {
            throw new NotFoundException("atIndexLocation must be greater than or equal to zero");
        }
        if (i > this.aces.size()) {
            throw new NotFoundException("atIndexLocation must be less than or equal to the size of the AccessControlEntry collection");
        }
        AccessControlEntryImpl accessControlEntryImpl = new AccessControlEntryImpl(null, this, sid, permission, z, false, false);
        synchronized (this.aces) {
            this.aces.add(i, accessControlEntryImpl);
        }
    }

    @Override // org.springframework.security.acls.model.Acl
    public List<AccessControlEntry> getEntries() {
        return new ArrayList(this.aces);
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public Serializable getId() {
        return this.id;
    }

    @Override // org.springframework.security.acls.model.Acl
    public ObjectIdentity getObjectIdentity() {
        return this.objectIdentity;
    }

    @Override // org.springframework.security.acls.model.Acl
    public boolean isEntriesInheriting() {
        return this.entriesInheriting;
    }

    @Override // org.springframework.security.acls.model.Acl
    public boolean isGranted(List<Permission> list, List<Sid> list2, boolean z) throws NotFoundException, UnloadedSidException {
        Assert.notEmpty(list, "Permissions required");
        Assert.notEmpty(list2, "SIDs required");
        if (isSidLoaded(list2)) {
            return this.permissionGrantingStrategy.isGranted(this, list, list2, z);
        }
        throw new UnloadedSidException("ACL was not loaded for one or more SID");
    }

    @Override // org.springframework.security.acls.model.Acl
    public boolean isSidLoaded(List<Sid> list) {
        if (this.loadedSids == null || list == null || list.size() == 0) {
            return true;
        }
        for (Sid sid : list) {
            boolean z = false;
            Iterator<Sid> it = this.loadedSids.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (sid.equals(it.next())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public void setEntriesInheriting(boolean z) {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        this.entriesInheriting = z;
    }

    @Override // org.springframework.security.acls.model.MutableAcl, org.springframework.security.acls.model.OwnershipAcl
    public void setOwner(Sid sid) {
        this.aclAuthorizationStrategy.securityCheck(this, 0);
        Assert.notNull(sid, "Owner required");
        this.owner = sid;
    }

    @Override // org.springframework.security.acls.model.Acl
    public Sid getOwner() {
        return this.owner;
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public void setParent(Acl acl) {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        Assert.isTrue(acl == null || !acl.equals(this), "Cannot be the parent of yourself");
        this.parentAcl = acl;
    }

    @Override // org.springframework.security.acls.model.Acl
    public Acl getParentAcl() {
        return this.parentAcl;
    }

    @Override // org.springframework.security.acls.model.MutableAcl
    public void updateAce(int i, Permission permission) throws NotFoundException {
        this.aclAuthorizationStrategy.securityCheck(this, 2);
        verifyAceIndexExists(i);
        synchronized (this.aces) {
            ((AccessControlEntryImpl) this.aces.get(i)).setPermission(permission);
        }
    }

    @Override // org.springframework.security.acls.model.AuditableAcl
    public void updateAuditing(int i, boolean z, boolean z2) {
        this.aclAuthorizationStrategy.securityCheck(this, 1);
        verifyAceIndexExists(i);
        synchronized (this.aces) {
            AccessControlEntryImpl accessControlEntryImpl = (AccessControlEntryImpl) this.aces.get(i);
            accessControlEntryImpl.setAuditSuccess(z);
            accessControlEntryImpl.setAuditFailure(z2);
        }
    }

    public boolean equals(Object obj) {
        if (!(obj instanceof AclImpl)) {
            return false;
        }
        AclImpl aclImpl = (AclImpl) obj;
        if (!this.aces.equals(aclImpl.aces)) {
            return false;
        }
        if (!(this.parentAcl == null && aclImpl.parentAcl == null) && (this.parentAcl == null || !this.parentAcl.equals(aclImpl.parentAcl))) {
            return false;
        }
        if (!(this.objectIdentity == null && aclImpl.objectIdentity == null) && (this.objectIdentity == null || !this.objectIdentity.equals(aclImpl.objectIdentity))) {
            return false;
        }
        if (!(this.id == null && aclImpl.id == null) && (this.id == null || !this.id.equals(aclImpl.id))) {
            return false;
        }
        if ((!(this.owner == null && aclImpl.owner == null) && (this.owner == null || !this.owner.equals(aclImpl.owner))) || this.entriesInheriting != aclImpl.entriesInheriting) {
            return false;
        }
        if (this.loadedSids == null && aclImpl.loadedSids == null) {
            return true;
        }
        if (this.loadedSids == null || this.loadedSids.size() != aclImpl.loadedSids.size()) {
            return false;
        }
        for (int i = 0; i < this.loadedSids.size(); i++) {
            if (!this.loadedSids.get(i).equals(aclImpl.loadedSids.get(i))) {
                return false;
            }
        }
        return true;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("AclImpl[");
        sb.append("id: ").append(this.id).append("; ");
        sb.append("objectIdentity: ").append(this.objectIdentity).append("; ");
        sb.append("owner: ").append(this.owner).append("; ");
        int i = 0;
        for (AccessControlEntry accessControlEntry : this.aces) {
            i++;
            if (i == 1) {
                sb.append(IOUtils.LINE_SEPARATOR_UNIX);
            }
            sb.append(accessControlEntry).append(IOUtils.LINE_SEPARATOR_UNIX);
        }
        if (i == 0) {
            sb.append("no ACEs; ");
        }
        sb.append("inheriting: ").append(this.entriesInheriting).append("; ");
        sb.append("parent: ").append(this.parentAcl == null ? "Null" : this.parentAcl.getObjectIdentity().toString());
        sb.append("; ");
        sb.append("aclAuthorizationStrategy: ").append(this.aclAuthorizationStrategy).append("; ");
        sb.append("permissionGrantingStrategy: ").append(this.permissionGrantingStrategy);
        sb.append("]");
        return sb.toString();
    }
}
