package org.exist.security.internal;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Optional;
import java.util.Properties;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.config.Configuration;
import org.exist.config.ConfigurationException;
import org.exist.config.Configurator;
import org.exist.config.annotation.ConfigurationClass;
import org.exist.config.annotation.ConfigurationFieldAsElement;
import org.exist.security.AbstractAccount;
import org.exist.security.AbstractRealm;
import org.exist.security.Account;
import org.exist.security.Credential;
import org.exist.security.Group;
import org.exist.security.PermissionDeniedException;
import org.exist.security.SchemaType;
import org.exist.security.SecurityManager;
import org.exist.security.internal.aider.UserAider;
import org.exist.storage.DBBroker;

@ConfigurationClass("account")
/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/internal/AccountImpl.class */
public class AccountImpl extends AbstractAccount {
    private static final Logger LOG = LogManager.getLogger((Class<?>) AccountImpl.class);
    public static boolean CHECK_PASSWORDS = true;
    private static final SecurityProperties securityProperties = new SecurityProperties();

    @ConfigurationFieldAsElement("password")
    private String password;

    @ConfigurationFieldAsElement("digestPassword")
    private String digestPassword;

    /* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/internal/AccountImpl$SecurityProperties.class */
    public static final class SecurityProperties {
        private static final boolean DEFAULT_CHECK_PASSWORDS = true;
        private static final String PROP_CHECK_PASSWORDS = "passwords.check";
        private Properties loadedSecurityProperties = null;
        private Boolean checkPasswords = null;

        public synchronized boolean isCheckPasswords() {
            if (this.checkPasswords == null) {
                String property = getProperty(PROP_CHECK_PASSWORDS);
                if (property == null || property.length() == 0) {
                    this.checkPasswords = true;
                } else {
                    this.checkPasswords = Boolean.valueOf(property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true"));
                }
            }
            return this.checkPasswords.booleanValue();
        }

        public synchronized void enableCheckPasswords(boolean z) {
            this.checkPasswords = Boolean.valueOf(z);
        }

        /* JADX WARN: Failed to calculate best type for var: r6v1 ??
        java.lang.NullPointerException
         */
        /* JADX WARN: Failed to calculate best type for var: r7v0 ??
        java.lang.NullPointerException
         */
        /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
         */
        /* JADX WARN: Not initialized variable reg: 6, insn: 0x0053: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r6 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:27:0x0053 */
        /* JADX WARN: Not initialized variable reg: 7, insn: 0x0057: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r7 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:29:0x0057 */
        /* JADX WARN: Type inference failed for: r6v1, types: [java.io.InputStream] */
        /* JADX WARN: Type inference failed for: r7v0, types: [java.lang.Throwable] */
        private synchronized String getProperty(String str) {
            if (this.loadedSecurityProperties == null) {
                this.loadedSecurityProperties = new Properties();
                try {
                    try {
                        InputStream resourceAsStream = AccountImpl.class.getResourceAsStream("security.properties");
                        Throwable th = null;
                        if (resourceAsStream != null) {
                            this.loadedSecurityProperties.load(resourceAsStream);
                        }
                        if (resourceAsStream != null) {
                            if (0 != 0) {
                                try {
                                    resourceAsStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                resourceAsStream.close();
                            }
                        }
                    } finally {
                    }
                } catch (IOException e) {
                    AccountImpl.LOG.error("Unable to load security.properties, using defaults. " + e.getMessage(), (Throwable) e);
                }
            }
            return this.loadedSecurityProperties.getProperty(str);
        }
    }

    public static SecurityProperties getSecurityProperties() {
        return securityProperties;
    }

    public AccountImpl(AbstractRealm abstractRealm, int i, String str, String str2) throws ConfigurationException {
        super(abstractRealm, i, str);
        this.password = null;
        this.digestPassword = null;
        setPassword(str2);
    }

    public AccountImpl(AbstractRealm abstractRealm, int i, String str, String str2, Group group, boolean z) throws ConfigurationException {
        super(abstractRealm, i, str);
        this.password = null;
        this.digestPassword = null;
        setPassword(str2);
        this.groups.add(group);
        this.hasDbaRole = z;
    }

    public AccountImpl(AbstractRealm abstractRealm, int i, String str, String str2, Group group) throws ConfigurationException {
        super(abstractRealm, i, str);
        this.password = null;
        this.digestPassword = null;
        setPassword(str2);
        this.groups.add(group);
    }

    public AccountImpl(AbstractRealm abstractRealm, String str) throws ConfigurationException {
        super(abstractRealm, -1, str);
        this.password = null;
        this.digestPassword = null;
    }

    public AccountImpl(AbstractRealm abstractRealm, int i, Account account) throws ConfigurationException, PermissionDeniedException {
        super(abstractRealm, i, account.getName());
        this.password = null;
        this.digestPassword = null;
        instantiate(account);
    }

    public AccountImpl(DBBroker dBBroker, AbstractRealm abstractRealm, int i, Account account) throws ConfigurationException, PermissionDeniedException {
        super(dBBroker, abstractRealm, i, account.getName());
        this.password = null;
        this.digestPassword = null;
        instantiate(account);
    }

    private void instantiate(Account account) throws PermissionDeniedException {
        for (SchemaType schemaType : account.getMetadataKeys()) {
            setMetadataValue(schemaType, account.getMetadataValue(schemaType));
        }
        setUserMask(account.getUserMask());
        if (account instanceof AccountImpl) {
            AccountImpl accountImpl = (AccountImpl) account;
            this.groups = new ArrayList(accountImpl.groups);
            this.password = accountImpl.password;
            this.digestPassword = accountImpl.digestPassword;
            this.hasDbaRole = accountImpl.hasDbaRole;
            this._cred = accountImpl._cred;
            return;
        }
        if (!(account instanceof UserAider)) {
            addGroup(account.getDefaultGroup());
            return;
        }
        UserAider userAider = (UserAider) account;
        for (String str : userAider.getGroups()) {
            addGroup(str);
        }
        setPassword(userAider.getPassword());
        this.digestPassword = userAider.getDigestPassword();
    }

    public AccountImpl(AbstractRealm abstractRealm, AccountImpl accountImpl) throws ConfigurationException {
        super(abstractRealm, accountImpl.id, accountImpl.name);
        this.password = null;
        this.digestPassword = null;
        for (SchemaType schemaType : accountImpl.getMetadataKeys()) {
            setMetadataValue(schemaType, accountImpl.getMetadataValue(schemaType));
        }
        this.groups = accountImpl.groups;
        this.password = accountImpl.password;
        this.digestPassword = accountImpl.digestPassword;
        this.hasDbaRole = accountImpl.hasDbaRole;
        this._cred = accountImpl._cred;
    }

    public AccountImpl(AbstractRealm abstractRealm, Configuration configuration) throws ConfigurationException {
        super(abstractRealm, configuration);
        this.password = null;
        this.digestPassword = null;
        if (this.configuration != null) {
            this.configuration = Configurator.configure(this, this.configuration);
        }
        this.hasDbaRole = hasGroup(SecurityManager.DBA_GROUP);
    }

    public AccountImpl(AbstractRealm abstractRealm, Configuration configuration, boolean z) throws ConfigurationException {
        this(abstractRealm, configuration);
        this.removed = z;
    }

    @Override // org.exist.security.User
    public final String getPassword() {
        return this.password;
    }

    @Override // org.exist.security.User
    public final String getDigestPassword() {
        return this.digestPassword;
    }

    @Override // org.exist.security.User
    public final void setPassword(String str) {
        this._cred = new Password(this, str);
        if (str == null) {
            this.password = null;
            this.digestPassword = null;
        } else {
            this.password = this._cred.toString();
            this.digestPassword = this._cred.getDigest();
        }
    }

    @Override // org.exist.security.User
    public void setCredential(Credential credential) {
        this._cred = credential;
        this.password = this._cred.toString();
        this.digestPassword = this._cred.getDigest();
    }

    public final Group insertGroup(int i, String str) throws PermissionDeniedException {
        return insertGroup(i, (Group) Optional.ofNullable(getRealm().getGroup(str)).orElse(getRealm().getSecurityManager().getGroup(str)));
    }

    private Group insertGroup(int i, Group group) throws PermissionDeniedException {
        if (group == null) {
            return null;
        }
        group.assertCanModifyGroup(getDatabase().getSubject());
        if (!this.groups.contains(group)) {
            this.groups.add(i, group);
            if (SecurityManager.DBA_GROUP.equals(group.getName())) {
                this.hasDbaRole = true;
            }
        }
        return group;
    }
}
