package org.xtreemfs.mrc.ac;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.xtreemfs.foundation.pbrpc.generatedinterfaces.RPC;
import org.xtreemfs.mrc.MRCException;
import org.xtreemfs.mrc.UserException;
import org.xtreemfs.mrc.database.AtomicDBUpdate;
import org.xtreemfs.mrc.database.DatabaseException;
import org.xtreemfs.mrc.database.DatabaseResultSet;
import org.xtreemfs.mrc.database.StorageManager;
import org.xtreemfs.mrc.metadata.ACLEntry;
import org.xtreemfs.mrc.metadata.FileMetadata;
import org.xtreemfs.mrc.utils.Converter;
import org.xtreemfs.mrc.utils.PathResolver;
import org.xtreemfs.pbrpc.generatedinterfaces.GlobalTypes;

/* loaded from: input_file:org/xtreemfs/mrc/ac/POSIXFileAccessPolicy.class */
public class POSIXFileAccessPolicy implements FileAccessPolicy {
    public static final short POLICY_ID;
    protected static final String OWNER = "u:";
    protected static final String OWNER_GROUP = "g:";
    protected static final String OTHER = "o:";
    protected static final String MASK = "m:";
    protected static final String NAMED_USER_PREFIX = "u:";
    protected static final String NAMED_GROUP_PREFIX = "g:";
    protected static final String STICKY_BIT = "sticky";
    protected static final String AM_WRITE = "w";
    protected static final String AM_READ = "r";
    protected static final String AM_READ_WRITE = "rw";
    protected static final String AM_EXECUTE = "x";
    protected static final String AM_DELETE = "d";
    protected static final String AM_MV_RM_IN_DIR = "m";
    protected static final int POSIX_OTHER_EXEC = 1;
    protected static final int POSIX_OTHER_WRITE = 2;
    protected static final int POSIX_OTHER_READ = 4;
    protected static final int POSIX_GROUP_EXEC = 8;
    protected static final int POSIX_GROUP_WRITE = 16;
    protected static final int POSIX_GROUP_READ = 32;
    protected static final int POSIX_OWNER_EXEC = 64;
    protected static final int POSIX_OWNER_WRITE = 128;
    protected static final int POSIX_OWNER_READ = 256;
    protected static final int POSIX_STICKY = 512;
    protected static final int POSIX_SGID = 1024;
    protected static final int POSIX_SUID = 2048;
    protected static final short PERM_READ = 1;
    protected static final short PERM_WRITE = 2;
    protected static final short PERM_EXECUTE = 4;
    protected static final short PERM_APPEND = 8;
    protected static final short PERM_GFS_APPEND = 16;
    protected static final short PERM_CREATE = 32;
    protected static final short PERM_TRUNCATE = 64;
    protected static final short PERM_STRICT_READ = 128;
    protected static final short PERM_DELETE = 256;
    protected static final short PERM_SUID_SGID = 16384;
    protected static final short READ_MASK = 129;
    protected static final short WRITE_MASK = 378;
    protected static final short EXEC_MASK = 4;
    protected static final short READ_ONLY_MASK = 365;
    static final /* synthetic */ boolean $assertionsDisabled;

    static {
        $assertionsDisabled = !POSIXFileAccessPolicy.class.desiredAssertionStatus();
        POLICY_ID = (short) GlobalTypes.AccessControlPolicyType.ACCESS_CONTROL_POLICY_POSIX.getNumber();
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public String translateAccessFlags(int i) {
        int i2 = i & (FileAccessManager.O_RDWR | FileAccessManager.O_WRONLY | FileAccessManager.O_APPEND | FileAccessManager.O_TRUNC | FileAccessManager.NON_POSIX_SEARCH | FileAccessManager.NON_POSIX_DELETE | FileAccessManager.NON_POSIX_RM_MV_IN_DIR);
        if (i2 == FileAccessManager.O_RDONLY) {
            return AM_READ;
        }
        if ((i2 & FileAccessManager.O_WRONLY) != 0 || (i2 & FileAccessManager.O_APPEND) != 0 || (i2 & FileAccessManager.O_TRUNC) != 0) {
            return "w";
        }
        if ((i2 & FileAccessManager.O_RDWR) != 0) {
            return AM_READ_WRITE;
        }
        if ((i2 & FileAccessManager.NON_POSIX_SEARCH) != 0) {
            return AM_EXECUTE;
        }
        if ((i2 & FileAccessManager.NON_POSIX_DELETE) != 0) {
            return AM_DELETE;
        }
        if ((i2 & FileAccessManager.NON_POSIX_RM_MV_IN_DIR) != 0) {
            return AM_MV_RM_IN_DIR;
        }
        if ($assertionsDisabled) {
            return null;
        }
        throw new AssertionError("unknown access mode: " + i2);
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public String translatePermissions(int i) {
        StringBuilder sb = new StringBuilder();
        sb.append((i & 1) > 0 ? AM_READ : "-");
        sb.append((i & 2) > 0 ? "w" : "-");
        sb.append((i & 4) > 0 ? AM_EXECUTE : "-");
        return sb.toString();
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void checkPermission(StorageManager storageManager, FileMetadata fileMetadata, long j, String str, List<String> list, String str2) throws UserException, MRCException {
        if (!$assertionsDisabled && fileMetadata == null) {
            throw new AssertionError();
        }
        DatabaseResultSet databaseResultSet = null;
        try {
            try {
                try {
                    DatabaseResultSet<ACLEntry> acl = storageManager.getACL(fileMetadata.getId());
                    if (acl.hasNext()) {
                        ACLEntry relevantACLEntry = getRelevantACLEntry(storageManager, fileMetadata, j, str, list, str2);
                        if (!$assertionsDisabled && relevantACLEntry == null) {
                            throw new AssertionError();
                        }
                        if (OTHER.equals(relevantACLEntry.getEntity()) || "u:".equals(relevantACLEntry.getEntity())) {
                            if (checkIfAllowed(storageManager, str2, relevantACLEntry.getRights(), fileMetadata, j, str)) {
                                if (acl != null) {
                                    acl.destroy();
                                    return;
                                }
                                return;
                            }
                            accessDenied(storageManager.getVolumeInfo().getId(), fileMetadata, str2, str);
                        }
                        ACLEntry aCLEntry = storageManager.getACLEntry(fileMetadata.getId(), MASK);
                        if (checkIfAllowed(storageManager, str2, relevantACLEntry.getRights(), fileMetadata, j, str) && (aCLEntry == null || checkIfAllowed(storageManager, str2, aCLEntry.getRights(), fileMetadata, j, str))) {
                            if (acl != null) {
                                acl.destroy();
                                return;
                            }
                            return;
                        }
                        accessDenied(storageManager.getVolumeInfo().getId(), fileMetadata, str2, str);
                    } else {
                        if (checkIfAllowed(storageManager, str2, toRelativeACLRights(fileMetadata.getPerms(), fileMetadata, j, str, list), fileMetadata, j, str)) {
                            if (acl != null) {
                                acl.destroy();
                                return;
                            }
                            return;
                        }
                        accessDenied(storageManager.getVolumeInfo().getId(), fileMetadata, str2, str);
                    }
                    if (acl != null) {
                        acl.destroy();
                    }
                } catch (UserException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new MRCException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                databaseResultSet.destroy();
            }
            throw th;
        }
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void checkSearchPermission(StorageManager storageManager, PathResolver pathResolver, String str, List<String> list) throws UserException, MRCException {
        try {
            FileMetadata[] resolvedPath = pathResolver.getResolvedPath();
            int i = 0;
            while (i < resolvedPath.length - 1) {
                checkPermission(storageManager, resolvedPath[i], i == 0 ? 0L : resolvedPath[i - 1].getId(), str, list, AM_EXECUTE);
                i++;
            }
        } catch (UserException e) {
            throw e;
        } catch (Exception e2) {
            throw new MRCException(e2);
        }
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void checkPrivilegedPermissions(StorageManager storageManager, FileMetadata fileMetadata, String str, List<String> list) throws UserException, MRCException {
        try {
            if (fileMetadata.getOwnerId().equals(str)) {
            } else {
                throw new UserException(RPC.POSIXErrno.POSIX_ERROR_EPERM, "no privileged permissions granted");
            }
        } catch (UserException e) {
            throw e;
        } catch (Exception e2) {
            throw new MRCException(e2);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void updateACLEntries(StorageManager storageManager, FileMetadata fileMetadata, long j, Map<String, Object> map, AtomicDBUpdate atomicDBUpdate) throws MRCException, UserException {
        Map hashMap;
        int i;
        DatabaseResultSet<ACLEntry> databaseResultSet = null;
        try {
            try {
                databaseResultSet = storageManager.getACL(fileMetadata.getId());
                if (databaseResultSet.hasNext()) {
                    hashMap = new HashMap();
                    while (databaseResultSet.hasNext()) {
                        ACLEntry next = databaseResultSet.next();
                        hashMap.put(next.getEntity(), Short.valueOf(next.getRights()));
                    }
                } else {
                    hashMap = convertToACL(fileMetadata.getPerms());
                }
                for (Map.Entry<String, Object> entry : map.entrySet()) {
                    String key = entry.getKey();
                    String str = (String) entry.getValue();
                    if (str != null) {
                        if (str.length() != 1 || str.charAt(0) < '0' || str.charAt(0) > '7') {
                            i = str.indexOf(114) != -1 ? 0 | 1 : 0;
                            if (str.indexOf(119) != -1) {
                                i |= 2;
                            }
                            if (str.indexOf(120) != -1) {
                                i |= 4;
                            }
                        } else {
                            int parseInt = Integer.parseInt(str, 8);
                            int i2 = ((parseInt >> 2) ^ parseInt) & 1;
                            i = parseInt ^ ((i2 << 2) | (i2 << 0));
                        }
                        hashMap.put(key, Integer.valueOf(i));
                    } else {
                        hashMap.put(key, null);
                    }
                }
                for (Map.Entry entry2 : hashMap.entrySet()) {
                    Number number = (Number) entry2.getValue();
                    storageManager.setACLEntry(fileMetadata.getId(), (String) entry2.getKey(), number == null ? null : Short.valueOf(number.shortValue()), atomicDBUpdate);
                }
                int intValue = ((Number) hashMap.get("u:")).intValue();
                Integer valueOf = hashMap.get(MASK) != null ? Integer.valueOf(((Number) hashMap.get(MASK)).intValue()) : null;
                if (valueOf == null) {
                    valueOf = Integer.valueOf(((Number) hashMap.get("g:")).intValue());
                }
                int intValue2 = ((Number) hashMap.get(OTHER)).intValue();
                fileMetadata.setPerms(((intValue & PERM_SUID_SGID) > 0 ? 2048 : 0) | ((valueOf.intValue() & PERM_SUID_SGID) > 0 ? 1024 : 0) | (fileMetadata.getPerms() & POSIX_STICKY) | ((intValue & 1) > 0 ? 256 : 0) | ((intValue & 2) > 0 ? 128 : 0) | ((intValue & 4) > 0 ? 64 : 0) | ((valueOf.intValue() & 1) > 0 ? 32 : 0) | ((valueOf.intValue() & 2) > 0 ? 16 : 0) | ((valueOf.intValue() & 4) > 0 ? 8 : 0) | ((intValue2 & 1) > 0 ? 4 : 0) | ((intValue2 & 2) > 0 ? 2 : 0) | ((intValue2 & 4) > 0 ? 1 : 0));
                storageManager.setMetadata(fileMetadata, (byte) 1, atomicDBUpdate);
                if (databaseResultSet != null) {
                    databaseResultSet.destroy();
                }
            } catch (Exception e) {
                throw new MRCException(e);
            }
        } catch (Throwable th) {
            if (databaseResultSet != null) {
                databaseResultSet.destroy();
            }
            throw th;
        }
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public Map<String, Object> getACLEntries(StorageManager storageManager, FileMetadata fileMetadata) throws MRCException {
        try {
            DatabaseResultSet<ACLEntry> acl = storageManager.getACL(fileMetadata.getId());
            Map<String, Object> aclToMap = Converter.aclToMap(acl, this);
            acl.destroy();
            return aclToMap;
        } catch (Exception e) {
            throw new MRCException(e);
        }
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void removeACLEntries(StorageManager storageManager, FileMetadata fileMetadata, long j, List<Object> list, AtomicDBUpdate atomicDBUpdate) throws MRCException, UserException {
        HashMap hashMap = new HashMap();
        Iterator<Object> it = list.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), null);
        }
        updateACLEntries(storageManager, fileMetadata, j, hashMap, atomicDBUpdate);
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public void setPosixAccessRights(StorageManager storageManager, FileMetadata fileMetadata, long j, String str, List<String> list, int i, boolean z, AtomicDBUpdate atomicDBUpdate) throws MRCException, UserException {
        DatabaseResultSet<ACLEntry> databaseResultSet = null;
        try {
            try {
                if ((i & 1024) > 0 && !z && !fileMetadata.isDirectory() && !list.contains(fileMetadata.getOwningGroupId())) {
                    i ^= 1024;
                }
                fileMetadata.setPerms(i);
                storageManager.setMetadata(fileMetadata, (byte) 1, atomicDBUpdate);
                databaseResultSet = storageManager.getACL(fileMetadata.getId());
                if (!databaseResultSet.hasNext()) {
                    if (databaseResultSet != null) {
                        databaseResultSet.destroy();
                        return;
                    }
                    return;
                }
                short s = (short) (((short) (((short) (((i & 64) > 0 ? 4 : 0) | ((i & 128) > 0 ? WRITE_MASK : 0))) | ((i & 256) > 0 ? (short) 129 : (short) 0))) | ((i & 2048) > 0 ? (short) 16384 : (short) 0));
                short s2 = (short) (((short) (((short) (((i & 8) > 0 ? 4 : 0) | ((i & 16) > 0 ? WRITE_MASK : 0))) | ((i & 32) > 0 ? (short) 129 : (short) 0))) | ((i & 1024) > 0 ? (short) 16384 : (short) 0));
                short s3 = (short) (((short) (((i & 1) > 0 ? 4 : 0) | ((i & 2) > 0 ? WRITE_MASK : 0))) | ((i & 4) > 0 ? (short) 129 : (short) 0));
                storageManager.setACLEntry(fileMetadata.getId(), "u:", Short.valueOf(s), atomicDBUpdate);
                storageManager.setACLEntry(fileMetadata.getId(), "g:", Short.valueOf(s2), atomicDBUpdate);
                storageManager.setACLEntry(fileMetadata.getId(), MASK, Short.valueOf(s2), atomicDBUpdate);
                storageManager.setACLEntry(fileMetadata.getId(), OTHER, Short.valueOf(s3), atomicDBUpdate);
                if (databaseResultSet != null) {
                    databaseResultSet.destroy();
                }
            } catch (Exception e) {
                throw new MRCException(e);
            }
        } catch (Throwable th) {
            if (databaseResultSet != null) {
                databaseResultSet.destroy();
            }
            throw th;
        }
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public int getPosixAccessRights(StorageManager storageManager, FileMetadata fileMetadata, String str, List<String> list) throws MRCException {
        return (fileMetadata.isDirectory() || !fileMetadata.isReadOnly()) ? fileMetadata.getPerms() : fileMetadata.getPerms() & READ_ONLY_MASK;
    }

    @Override // org.xtreemfs.mrc.ac.FileAccessPolicy
    public ACLEntry[] getDefaultRootACL() {
        return null;
    }

    private static boolean checkIfAllowed(StorageManager storageManager, String str, short s, FileMetadata fileMetadata, long j, String str2) throws DatabaseException {
        if (str.length() != 1) {
            if (str.length() != 2) {
                return false;
            }
            if (str.equals(AM_READ_WRITE)) {
                if (((s & 1) != 0) & ((s & 2) != 0)) {
                    return true;
                }
            }
            if (!str.equals("ga") || (s & 16) == 0) {
                return str.equals("sr") && (s & 128) != 0;
            }
            return true;
        }
        switch (str.charAt(0)) {
            case 'a':
                return (s & 8) != 0;
            case 'c':
                return (s & 32) != 0;
            case 'd':
                return (s & 256) != 0;
            case 'm':
                if (!$assertionsDisabled && j == 0) {
                    throw new AssertionError();
                }
                FileMetadata metadata = storageManager.getMetadata(j);
                if ($assertionsDisabled || metadata != null) {
                    return (metadata.getPerms() & POSIX_STICKY) == 0 || metadata.getOwnerId().equals(str2) || fileMetadata.getOwnerId().equals(str2);
                }
                throw new AssertionError("cannot resolve metadata for file ID " + j);
            case 'r':
                return (s & 1) != 0;
            case 't':
                return (s & 64) != 0;
            case 'w':
                return (s & 2) != 0;
            case 'x':
                return (s & 4) != 0;
            default:
                return false;
        }
    }

    private static short toRelativeACLRights(int i, FileMetadata fileMetadata, long j, String str, List<String> list) {
        if (str.equals(fileMetadata.getOwnerId())) {
            short s = 0;
            if ((i & 64) > 0) {
                s = (short) (0 | 4);
            }
            if ((i & 128) > 0) {
                s = (short) (s | WRITE_MASK);
            }
            if ((i & 256) > 0) {
                s = (short) (s | READ_MASK);
            }
            return s;
        }
        if (list.contains(fileMetadata.getOwningGroupId())) {
            short s2 = 0;
            if ((i & 8) > 0) {
                s2 = (short) (0 | 4);
            }
            if ((i & 16) > 0) {
                s2 = (short) (s2 | WRITE_MASK);
            }
            if ((i & 32) > 0) {
                s2 = (short) (s2 | READ_MASK);
            }
            return s2;
        }
        short s3 = 0;
        if ((i & 1) > 0) {
            s3 = (short) (0 | 4);
        }
        if ((i & 2) > 0) {
            s3 = (short) (s3 | WRITE_MASK);
        }
        if ((i & 4) > 0) {
            s3 = (short) (s3 | READ_MASK);
        }
        return s3;
    }

    private static ACLEntry getRelevantACLEntry(StorageManager storageManager, FileMetadata fileMetadata, long j, String str, List<String> list, String str2) throws UserException, DatabaseException {
        if (fileMetadata.getOwnerId().equals(str)) {
            ACLEntry aCLEntry = storageManager.getACLEntry(fileMetadata.getId(), "u:");
            if ($assertionsDisabled || aCLEntry != null) {
                return aCLEntry;
            }
            throw new AssertionError();
        }
        ACLEntry aCLEntry2 = storageManager.getACLEntry(fileMetadata.getId(), "u:" + str);
        if (aCLEntry2 != null) {
            return aCLEntry2;
        }
        boolean z = false;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().equals(fileMetadata.getOwningGroupId())) {
                ACLEntry aCLEntry3 = storageManager.getACLEntry(fileMetadata.getId(), "g:");
                if (checkIfAllowed(storageManager, str2, aCLEntry3.getRights(), fileMetadata, j, str)) {
                    return aCLEntry3;
                }
                z = true;
            }
        }
        Iterator<String> it2 = list.iterator();
        while (it2.hasNext()) {
            ACLEntry aCLEntry4 = storageManager.getACLEntry(fileMetadata.getId(), "g:" + it2.next());
            if (aCLEntry4 != null) {
                if (checkIfAllowed(storageManager, str2, aCLEntry4.getRights(), fileMetadata, j, str)) {
                    return aCLEntry4;
                }
                z = true;
            }
        }
        if (z) {
            accessDenied(storageManager.getVolumeInfo().getId(), fileMetadata, str2, str);
        }
        ACLEntry aCLEntry5 = storageManager.getACLEntry(fileMetadata.getId(), OTHER);
        if ($assertionsDisabled || aCLEntry5 != null) {
            return aCLEntry5;
        }
        throw new AssertionError();
    }

    protected static Map<String, Object> convertToACL(long j) throws MRCException {
        try {
            HashMap hashMap = new HashMap();
            long j2 = (j & 512) > 0 ? 1 : 0;
            if (j2 != 0) {
                hashMap.put(STICKY_BIT, Long.valueOf(j2));
            }
            hashMap.put("u:", Long.valueOf(((j & 64) > 0 ? 4 : 0) | ((j & 128) > 0 ? WRITE_MASK : 0) | ((j & 256) > 0 ? READ_MASK : 0) | ((j & 2048) > 0 ? PERM_SUID_SGID : 0)));
            hashMap.put("g:", Long.valueOf(((j & 8) > 0 ? 4 : 0) | ((j & 16) > 0 ? WRITE_MASK : 0) | ((j & 32) > 0 ? READ_MASK : 0) | ((j & 1024) > 0 ? PERM_SUID_SGID : 0)));
            hashMap.put(OTHER, Long.valueOf(((j & 1) > 0 ? 4 : 0) | ((j & 2) > 0 ? WRITE_MASK : 0) | ((j & 4) > 0 ? READ_MASK : 0)));
            return hashMap;
        } catch (Exception e) {
            throw new MRCException(e);
        }
    }

    private static void accessDenied(String str, FileMetadata fileMetadata, String str2, String str3) throws UserException {
        throw new UserException(RPC.POSIXErrno.POSIX_ERROR_EACCES, "access denied, volumeId = " + str + ", file = " + fileMetadata.getId() + " (" + fileMetadata.getFileName() + "), accessMode = \"" + str2 + "\", requestor's uid = \"" + str3 + "\", owner = \"" + fileMetadata.getOwnerId() + "\"");
    }
}
