package org.wso2.registry.users.def;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.registry.i18n.Messages;
import org.wso2.registry.users.AccessControlAdmin;
import org.wso2.registry.users.UserStoreException;
import org.wso2.registry.users.def.util.DefaultDatabaseUtil;

/* loaded from: input_file:WEB-INF/lib/wso2registry-core-SNAPSHOT.jar:org/wso2/registry/users/def/DefaultAccessControlAdmin.class */
public class DefaultAccessControlAdmin extends DefaultAuthorizer implements AccessControlAdmin {
    private static Log log = LogFactory.getLog(DefaultAccessControlAdmin.class);

    public DefaultAccessControlAdmin(DataSource dataSource, String str) {
        super(dataSource, str);
    }

    public DefaultAccessControlAdmin(DataSource dataSource) {
        super(dataSource, "BLOCK_FIRST");
    }

    public void clearUserAuthorization(String str, String str2, String str3) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                PreparedStatement prepareStatement = connection2.prepareStatement("select id from um_permissions where um_permissions.resource_id=? and um_permissions.action=?");
                prepareStatement.setString(1, str2);
                prepareStatement.setString(2, str3);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new UserStoreException(Messages.getMessage("nullData"));
                }
                int i = executeQuery.getInt("id");
                int userId = DefaultDatabaseUtil.getUserId(connection2, str);
                PreparedStatement prepareStatement2 = connection2.prepareStatement("delete from um_user_permissions where user_id = ? and permission_id = ?");
                prepareStatement2.setInt(1, userId);
                prepareStatement2.setInt(2, i);
                prepareStatement2.executeUpdate();
                connection2.commit();
                prepareStatement.close();
                prepareStatement2.close();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (SQLException e2) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e2);
                    }
                }
                throw th;
            }
        } catch (SQLException e3) {
            log.debug(e3);
            throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e3);
        }
    }

    public void denyUser(String str, String str2, String str3) throws UserStoreException {
        addAllowDenyUserPermission(str, str2, str3, (short) 0);
    }

    @Override // org.wso2.registry.users.AccessControlAdmin
    public void authorizeRole(String str, String str2, String str3) throws UserStoreException {
        addAllowDenyRolePermission(str, str2, str3, (short) 1);
    }

    public void denyRole(String str, String str2, String str3) throws UserStoreException {
        addAllowDenyRolePermission(str, str2, str3, (short) 0);
    }

    public void clearRoleAuthorization(String str, String str2, String str3) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                PreparedStatement prepareStatement = connection2.prepareStatement("select id from um_permissions where um_permissions.resource_id=? and um_permissions.action=?");
                prepareStatement.setString(1, str2);
                prepareStatement.setString(2, str3);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new UserStoreException(Messages.getMessage("nullData"));
                }
                String string = executeQuery.getString("id");
                int roleId = DefaultDatabaseUtil.getRoleId(connection2, str);
                PreparedStatement prepareStatement2 = connection2.prepareStatement("delete from um_role_permissions where role_id = ? and permission_id = ?");
                prepareStatement2.setInt(1, roleId);
                prepareStatement2.setString(2, string);
                prepareStatement2.executeUpdate();
                connection2.commit();
                prepareStatement.close();
                prepareStatement2.close();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (SQLException e2) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e2);
                    }
                }
                throw th;
            }
        } catch (SQLException e3) {
            log.debug(e3);
            throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e3);
        }
    }

    @Override // org.wso2.registry.users.AccessControlAdmin
    public void clearResourceAuthorizations(String str) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                PreparedStatement prepareStatement = connection2.prepareStatement("delete from um_permissions where resource_id = ?");
                prepareStatement.setString(1, str);
                prepareStatement.executeUpdate();
                connection2.commit();
                prepareStatement.close();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (SQLException e2) {
                log.debug(e2);
                throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    connection.close();
                } catch (SQLException e3) {
                    throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e3);
                }
            }
            throw th;
        }
    }

    @Override // org.wso2.registry.users.AccessControlAdmin
    public void copyAuthorizations(String str, String str2) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                PreparedStatement prepareStatement = connection2.prepareStatement("select * from um_permissions where um_permissions.resource_id=?");
                prepareStatement.setString(1, str2);
                if (prepareStatement.executeQuery().next()) {
                    throw new UserStoreException(Messages.getMessage("copyAuthorizationFailedPermissionExist"));
                }
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                PreparedStatement prepareStatement2 = connection2.prepareStatement(DefaultRealmConstants.ADD_PERMISSION_SQL);
                while (executeQuery.next()) {
                    String string = executeQuery.getString("action");
                    String string2 = executeQuery.getString("id");
                    prepareStatement2.setString(1, str2);
                    prepareStatement2.setString(2, string);
                    prepareStatement2.executeUpdate();
                    PreparedStatement prepareStatement3 = connection2.prepareStatement("select id from um_permissions where um_permissions.resource_id=? and um_permissions.action=?");
                    prepareStatement3.setString(1, str2);
                    prepareStatement3.setString(2, string);
                    ResultSet executeQuery2 = prepareStatement3.executeQuery();
                    int i = -1;
                    if (executeQuery2.next()) {
                        i = executeQuery2.getInt("id");
                    }
                    PreparedStatement prepareStatement4 = connection2.prepareStatement("select * from um_role_permissions where permission_id=?");
                    prepareStatement4.setString(1, string2);
                    ResultSet executeQuery3 = prepareStatement4.executeQuery();
                    PreparedStatement prepareStatement5 = connection2.prepareStatement(DefaultRealmConstants.ADD_ROLE_PERMISSION_SQL);
                    while (executeQuery3.next()) {
                        String string3 = executeQuery3.getString("role_id");
                        short s = executeQuery3.getShort("is_allowed");
                        prepareStatement5.setInt(1, i);
                        prepareStatement5.setShort(2, s);
                        prepareStatement5.setString(3, string3);
                        prepareStatement5.executeUpdate();
                    }
                    PreparedStatement prepareStatement6 = connection2.prepareStatement("select * from um_user_permissions where permission_id=?");
                    prepareStatement6.setString(1, string2);
                    ResultSet executeQuery4 = prepareStatement6.executeQuery();
                    PreparedStatement prepareStatement7 = connection2.prepareStatement(DefaultRealmConstants.ADD_USER_PERMISSION_SQL);
                    while (executeQuery4.next()) {
                        String string4 = executeQuery4.getString("user_id");
                        short s2 = executeQuery4.getShort("is_allowed");
                        prepareStatement7.setInt(1, i);
                        prepareStatement7.setShort(2, s2);
                        prepareStatement7.setString(3, string4);
                        prepareStatement7.executeUpdate();
                    }
                    prepareStatement4.close();
                    prepareStatement5.close();
                    prepareStatement6.close();
                    prepareStatement7.close();
                }
                prepareStatement.close();
                prepareStatement2.close();
                connection2.commit();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (SQLException e2) {
                log.debug(e2);
                throw new UserStoreException(Messages.getMessage("errorCopyingAuthorizations"), e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    connection.close();
                } catch (SQLException e3) {
                    throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e3);
                }
            }
            throw th;
        }
    }

    @Override // org.wso2.registry.users.AccessControlAdmin
    public void authorizeUser(String str, String str2, String str3) throws UserStoreException {
        addAllowDenyUserPermission(str, str2, str3, (short) 1);
    }

    protected int getOrAddPermissionId(Connection connection, String str, String str2) throws UserStoreException {
        int i = -1;
        try {
            PreparedStatement prepareStatement = connection.prepareStatement("select id from um_permissions where um_permissions.resource_id=? and um_permissions.action=?");
            prepareStatement.setString(1, str);
            prepareStatement.setString(2, str2);
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (executeQuery.next()) {
                i = executeQuery.getInt("id");
            }
            PreparedStatement prepareStatement2 = connection.prepareStatement(DefaultRealmConstants.ADD_PERMISSION_SQL);
            if (i == -1) {
                prepareStatement2.setString(1, str);
                prepareStatement2.setString(2, str2);
                prepareStatement2.executeUpdate();
                connection.commit();
                PreparedStatement prepareStatement3 = connection.prepareStatement("select id from um_permissions where um_permissions.resource_id=? and um_permissions.action=?");
                prepareStatement3.setString(1, str);
                prepareStatement3.setString(2, str2);
                ResultSet executeQuery2 = prepareStatement3.executeQuery();
                if (executeQuery2.next()) {
                    i = executeQuery2.getInt("id");
                }
                connection.commit();
            }
            return i;
        } catch (SQLException e) {
            log.debug(e);
            throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e);
        }
    }

    protected void addAllowDenyUserPermission(String str, String str2, String str3, short s) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                int userId = DefaultDatabaseUtil.getUserId(connection2, str);
                if (userId == -1) {
                    throw new UserStoreException(Messages.getMessage("nullUser"));
                }
                int orAddPermissionId = getOrAddPermissionId(connection2, str2, str3);
                PreparedStatement prepareStatement = connection2.prepareStatement("delete from um_user_permissions where user_id = ? and permission_id = ?");
                prepareStatement.setInt(1, userId);
                prepareStatement.setInt(2, orAddPermissionId);
                prepareStatement.executeUpdate();
                PreparedStatement prepareStatement2 = connection2.prepareStatement(DefaultRealmConstants.ADD_USER_PERMISSION_SQL);
                prepareStatement2.setInt(1, orAddPermissionId);
                prepareStatement2.setShort(2, s);
                prepareStatement2.setInt(3, userId);
                prepareStatement2.executeUpdate();
                connection2.commit();
                prepareStatement2.close();
                prepareStatement.close();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (SQLException e2) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e2);
                    }
                }
                throw th;
            }
        } catch (SQLException e3) {
            log.debug(e3);
            throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e3);
        }
    }

    protected void addAllowDenyRolePermission(String str, String str2, String str3, short s) throws UserStoreException {
        Connection connection = null;
        try {
            try {
                Connection connection2 = this.dataSource.getConnection();
                if (connection2 == null) {
                    throw new UserStoreException(Messages.getMessage("null_connection"));
                }
                connection2.setAutoCommit(false);
                int roleId = DefaultDatabaseUtil.getRoleId(connection2, str);
                if (roleId == -1) {
                    throw new UserStoreException(Messages.getMessage("nullRole"));
                }
                int orAddPermissionId = getOrAddPermissionId(connection2, str2, str3);
                PreparedStatement prepareStatement = connection2.prepareStatement("delete from um_role_permissions where role_id = ? and permission_id = ?");
                prepareStatement.setInt(1, roleId);
                prepareStatement.setInt(2, orAddPermissionId);
                prepareStatement.executeUpdate();
                PreparedStatement prepareStatement2 = connection2.prepareStatement(DefaultRealmConstants.ADD_ROLE_PERMISSION_SQL);
                prepareStatement2.setInt(1, orAddPermissionId);
                prepareStatement2.setShort(2, s);
                prepareStatement2.setInt(3, roleId);
                prepareStatement2.executeUpdate();
                connection2.commit();
                prepareStatement2.close();
                prepareStatement.close();
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (SQLException e) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (SQLException e2) {
                        throw new UserStoreException(Messages.getMessage("errorClosingConnection"), e2);
                    }
                }
                throw th;
            }
        } catch (SQLException e3) {
            log.debug(e3);
            throw new UserStoreException(Messages.getMessage("errorModifyingUserStore"), e3);
        }
    }
}
