package oracle.security.xs.internal;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import oracle.jdbc.internal.OracleConnection;
import oracle.security.xs.AccessDeniedException;
import oracle.security.xs.AttributeValue;
import oracle.security.xs.ExternalRole;
import oracle.security.xs.InvalidXSAttributeException;
import oracle.security.xs.NamespaceValue;
import oracle.security.xs.NotAttachedException;
import oracle.security.xs.Role;
import oracle.security.xs.Session;
import oracle.security.xs.SessionNamespace;
import oracle.security.xs.SessionNamespaceAttribute;
import oracle.security.xs.XSAccessController;
import oracle.security.xs.XSException;
import oracle.security.xs.integration.MasterSession;

/* loaded from: input_file:oracle/security/xs/internal/MasterSessionServiceImpl.class */
public final class MasterSessionServiceImpl implements MasterSession {
    private Session master;
    Collection<Session> sessions;
    private Map<String, AttributeMap> namespaces;
    private Collection<String> enabledDynamicRoles;
    private Collection<String> disabledDynamicRoles;
    private Collection<ExternalRole> externalRoles;
    private boolean synced;
    private static Logger logger = Logger.getLogger("oracle.security.xs.internal.MasterSessionImpl");
    private static ResourceBundle msgBundle = ResourceBundle.getBundle("oracle.security.xs.internal.XSMsg", Locale.getDefault());
    private Collection<Role> allEnabledRoles;

    /* JADX INFO: Access modifiers changed from: package-private */
    public MasterSessionServiceImpl(Session session) {
        this.master = null;
        this.sessions = new ArrayList();
        this.namespaces = new HashMap();
        this.enabledDynamicRoles = null;
        this.disabledDynamicRoles = null;
        this.externalRoles = null;
        this.synced = false;
        this.allEnabledRoles = null;
        this.master = session;
        this.allEnabledRoles = ((SessionImpl) session).getSessionInfo().enabledRoleNamesHT.values();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MasterSessionServiceImpl(String str, String str2) {
        this.master = null;
        this.sessions = new ArrayList();
        this.namespaces = new HashMap();
        this.enabledDynamicRoles = null;
        this.disabledDynamicRoles = null;
        this.externalRoles = null;
        this.synced = false;
        this.allEnabledRoles = null;
        this.master = new SessionImpl(str, str2);
    }

    private XSSessionManagerImpl getSessionManager() throws XSException {
        return SessionManagerCache.get(this.master.getDispatcherSid());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getMasterSession() {
        return this.master;
    }

    public String getCookie() {
        if (this.master != null) {
            return this.master.getCookie();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addSession(Session session) {
        this.sessions.add(session);
    }

    private OracleConnection getPhysicalConnection(Connection connection) {
        OracleConnection unwrap = ((OracleConnection) connection).unwrap();
        return unwrap == null ? (OracleConnection) connection : unwrap;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getSession(Connection connection) {
        OracleConnection physicalConnection = getPhysicalConnection(connection);
        Iterator<Session> it = this.sessions.iterator();
        while (it.hasNext()) {
            SessionImpl sessionImpl = (Session) it.next();
            if (isSessionConnectionGood(sessionImpl) && getPhysicalConnection(sessionImpl.dbConnection) == physicalConnection) {
                return sessionImpl;
            }
        }
        return null;
    }

    public String getId() {
        if (this.master != null) {
            return this.master.getSessionInfo().getKey();
        }
        return null;
    }

    public Collection<NamespaceValue> getNamespaces() {
        return Collections.unmodifiableCollection(getNamespaceValue());
    }

    public Collection<Role> getEnabledRoles() {
        return Collections.unmodifiableCollection(this.allEnabledRoles);
    }

    public void setNamespaceAttribute(Connection connection, String str, String str2, String str3) throws SQLException, AccessDeniedException, XSException {
        validateInput(connection);
        setNamespaceAttributeInternal(connection, str, str2, str3, false);
    }

    private void createOrSetAttribute(SessionNamespace sessionNamespace, String str, String str2, boolean z) throws SQLException, AccessDeniedException, XSException, InvalidXSAttributeException, NotAttachedException {
        try {
            if (sessionNamespace.getAttribute(str) != null) {
                ((SessionNamespaceImpl) sessionNamespace).setAttributeInternal(str, str2, z);
            }
        } catch (InvalidXSAttributeException e) {
            ((SessionNamespaceImpl) sessionNamespace).createAttributeInternal(str, str2, (List) null, z);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setNamespaceAttributeInternal(Connection connection, String str, String str2, String str3, boolean z) throws SQLException, AccessDeniedException, XSException {
        if (Utils.isNull(str)) {
            throw new XSException("the namespace name cannot be null or empty");
        }
        if (Utils.isNull(str2)) {
            throw new XSException("the attribute name cannot be null or empty");
        }
        if (str2.length() > 4002) {
            throw new XSException("the attribute name is too long");
        }
        if (!Utils.isNull(str3) && str3.length() > 4002) {
            throw new XSException("the attribute value is too long");
        }
        checkSync();
        Session session = getSession(connection);
        if (session == null || !session.isAttached()) {
            throw new NotAttachedException(msgBundle.getString("NOT_ATTACHED"));
        }
        SessionNamespace namespace = session.getNamespace(str);
        if (namespace == null) {
            throw new XSException("INVALID_NS_FOR_ATTIBUTE_OPERATION", new Object[]{str, "set namespace attribute"});
        }
        createOrSetAttribute(namespace, str2, str3, z);
        getSessionManager().saveSession(session);
        copyNamespace(session, str);
        for (Session session2 : this.sessions) {
            if (session2 != session) {
                if (isSessionConnectionGood(session2)) {
                    SessionNamespace namespace2 = session2.getNamespace(str);
                    if (namespace2 == null) {
                        logger.log(Level.SEVERE, " namespace " + str + " cannot be created, maybe the template is not defined");
                        return;
                    }
                    createOrSetAttribute(namespace2, str2, str3, true);
                } else {
                    logger.log(Level.SEVERE, "stale slave sessions in " + getId() + " " + this);
                    logger.log(Level.SEVERE, "remove slave session " + session2 + " from  master " + this);
                }
            }
        }
    }

    public void deleteNamespaceAttribute(Connection connection, String str, String str2) throws SQLException, AccessDeniedException, XSException {
        validateInput(connection);
        deleteNamespaceAttributeInternal(connection, str, str2, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteNamespaceAttributeInternal(Connection connection, String str, String str2, boolean z) throws SQLException, AccessDeniedException, XSException {
        if (Utils.isNull(str)) {
            throw new XSException("the namespace name cannot be null or empty");
        }
        if (Utils.isNull(str2)) {
            throw new XSException("the attribute name cannot be null or empty");
        }
        if (str2.length() > 4002) {
            throw new XSException("the attribute name is too long");
        }
        checkSync();
        Session session = getSession(connection);
        if (session == null || !session.isAttached()) {
            throw new NotAttachedException(msgBundle.getString("NOT_ATTACHED"));
        }
        SessionNamespaceImpl namespace = session.getNamespace(str);
        if (namespace == null) {
            throw new XSException("INVALID_NS_FOR_ATTIBUTE_OPERATION", new Object[]{str, "delete namespace attribute"});
        }
        namespace.deleteAttributeInternal(str2, z);
        getSessionManager().saveSession(session);
        copyNamespace(session, str);
        for (Session session2 : this.sessions) {
            if (session2 != session) {
                if (isSessionConnectionGood(session2)) {
                    SessionNamespaceImpl namespace2 = session2.getNamespace(str);
                    if (namespace2 == null) {
                        logger.log(Level.SEVERE, " namespace " + str + " cannot be created, maybe the template is not defined");
                        return;
                    }
                    namespace2.deleteAttributeInternal(str2, true);
                } else {
                    logger.log(Level.SEVERE, "stale slave sessions in " + getId() + " " + this);
                    logger.log(Level.SEVERE, "remove slave session " + session2 + " from  master " + this);
                }
            }
        }
    }

    public String getNamespaceAttribute(Connection connection, String str, String str2) throws SQLException, AccessDeniedException, XSException {
        if (Utils.isNull(str)) {
            throw new XSException("the namespace name cannot be null or empty");
        }
        if (Utils.isNull(str2)) {
            throw new XSException("the attribute name cannot be null or empty");
        }
        checkSync();
        AttributeMap attributeMap = this.namespaces.get(str);
        if (attributeMap != null) {
            AttributeValue attribute = attributeMap.getAttribute(str2);
            if (attribute != null) {
                return attribute.getValue();
            }
        } else if (connection == null) {
            throw new XSException("INVALID_NS_FOR_ATTIBUTE_OPERATION", new Object[]{str, "get namespace attribute"});
        }
        Session session = getSession(connection);
        if (session == null || !session.isAttached()) {
            throw new NotAttachedException(msgBundle.getString("NOT_ATTACHED"));
        }
        SessionNamespace namespace = session.getNamespace(str);
        if (namespace == null) {
            throw new XSException("INVALID_NS_FOR_ATTIBUTE_OPERATION", new Object[]{str, "get namespace attribute"});
        }
        copyNamespace(session, str);
        SessionNamespaceAttribute attribute2 = namespace.getAttribute(str2);
        if (attribute2 == null) {
            return null;
        }
        return attribute2.getValue();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setEnabledDynamicRoles(Collection<String> collection) {
        this.enabledDynamicRoles = collection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<String> getEnabledDynamicRoles() {
        return this.enabledDynamicRoles;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDisabledDynamicRoles(Collection<String> collection) {
        this.disabledDynamicRoles = collection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<String> getDisabledDynamicRoles() {
        return this.disabledDynamicRoles;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setExternalRoles(Collection<ExternalRole> collection) {
        this.externalRoles = collection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<ExternalRole> getExternalRoles() {
        return this.externalRoles;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<NamespaceValue> getNamespaceValue() {
        ArrayList arrayList = new ArrayList();
        for (String str : this.namespaces.keySet()) {
            arrayList.add(new NamespaceValue(str, this.namespaces.get(str).getAttributes()));
        }
        return Collections.unmodifiableCollection(arrayList);
    }

    private NamespaceValue toNamespaceValue(SessionNamespace sessionNamespace) {
        ArrayList arrayList = new ArrayList();
        for (SessionNamespaceAttributeImpl sessionNamespaceAttributeImpl : sessionNamespace.getAttributes()) {
            arrayList.add(new AttributeHolder(sessionNamespaceAttributeImpl.getName(), sessionNamespaceAttributeImpl.getValue(), sessionNamespaceAttributeImpl.hasFirstreadEvent() || sessionNamespaceAttributeImpl.hasModifyEvent()));
        }
        return new NamespaceValue(sessionNamespace.getName(), arrayList);
    }

    void copyNamespace(Session session) {
        this.namespaces = new HashMap();
        for (SessionNamespaceImpl sessionNamespaceImpl : ((SessionImpl) session).listNamespaces()) {
            if (!sessionNamespaceImpl.isDeleted()) {
                NamespaceValue namespaceValue = toNamespaceValue(sessionNamespaceImpl);
                this.namespaces.put(namespaceValue.getNamespace(), new AttributeMap(namespaceValue.getAttributes(), sessionNamespaceImpl.getACL()));
            }
        }
    }

    void copyNamespace(Session session, String str) throws SQLException, AccessDeniedException, XSException {
        SessionNamespaceImpl namespace = session.getNamespace(str);
        if (namespace == null) {
            return;
        }
        if (namespace.isDeleted()) {
            this.namespaces.remove(str);
        } else {
            NamespaceValue namespaceValue = toNamespaceValue(namespace);
            this.namespaces.put(namespaceValue.getNamespace(), new AttributeMap(namespaceValue.getAttributes(), namespace.getACL()));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void copyNamespace() {
        copyNamespace(this.master);
        this.allEnabledRoles = new ArrayList();
        this.allEnabledRoles.addAll(this.master.getEnabledRoles());
    }

    private void checkSync() throws XSException {
        if (!this.synced) {
            throw new XSException("SESSION_NOT_SYNCHRONIZED", (Object[]) null, (Throwable) null);
        }
    }

    public void createNamespace(Connection connection, String str) throws SQLException, AccessDeniedException, XSException {
        validateInput(connection);
        createNamespaceInternal(connection, str, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createNamespaceInternal(Connection connection, String str, boolean z) throws SQLException, AccessDeniedException, XSException {
        if (Utils.isNull(str)) {
            throw new XSException("the namespace name cannot be null or empty");
        }
        if (str.length() > 130) {
            throw new XSException("the namespace name is too long");
        }
        checkSync();
        SessionImpl session = getSession(connection);
        if (session == null || !session.isAttached()) {
            throw new NotAttachedException(msgBundle.getString("NOT_ATTACHED"));
        }
        session.createNamespaceInternal(str, z);
        getSessionManager().saveSession(session);
        copyNamespace(session, str);
        Iterator<Session> it = this.sessions.iterator();
        while (it.hasNext()) {
            SessionImpl sessionImpl = (Session) it.next();
            if (sessionImpl != session) {
                if (isSessionConnectionGood(sessionImpl)) {
                    sessionImpl.createNamespaceInternal(str, true);
                } else {
                    logger.log(Level.SEVERE, "stale slave sessions in " + getId() + " " + this);
                    logger.log(Level.SEVERE, "remove slave session " + sessionImpl + " from  master " + this);
                }
            }
        }
    }

    public void deleteNamespace(Connection connection, String str) throws SQLException, AccessDeniedException, XSException {
        validateInput(connection);
        deleteNamespaceInternal(connection, str, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteNamespaceInternal(Connection connection, String str, boolean z) throws SQLException, AccessDeniedException, XSException {
        if (Utils.isNull(str)) {
            throw new XSException("the namespace name cannot be null or empty");
        }
        checkSync();
        SessionImpl session = getSession(connection);
        if (session == null || !session.isAttached()) {
            throw new NotAttachedException(msgBundle.getString("NOT_ATTACHED"));
        }
        session.deleteNamespaceInternal(str, z);
        getSessionManager().saveSession(session);
        this.namespaces.remove(str);
        Iterator<Session> it = this.sessions.iterator();
        while (it.hasNext()) {
            SessionImpl sessionImpl = (Session) it.next();
            if (sessionImpl != session) {
                if (isSessionConnectionGood(sessionImpl)) {
                    sessionImpl.deleteNamespaceInternal(str, true);
                } else {
                    logger.log(Level.SEVERE, "stale slave sessions in " + getId() + " " + this);
                    logger.log(Level.SEVERE, "remove slave session " + sessionImpl + " from  master " + this);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSynced(boolean z) {
        this.synced = z;
    }

    public String getUser() {
        return this.master.getUser();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeSession(Session session) {
        this.sessions.remove(session);
    }

    public boolean checkAcl(Connection connection, byte[] bArr, String str) throws SQLException, XSException {
        validateInput(connection);
        Session session = getSession(connection);
        if (session == null || !session.isAttached()) {
            session = getSessionManager().attachByMasterSessionInternal(connection, this);
        }
        return XSAccessController.checkAcl(session, bArr, str);
    }

    public boolean isAnonymous() {
        return Constants.ANONYMOUS_USER.compareToIgnoreCase(getUser()) == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void clearSessions() {
        this.sessions.clear();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isSessionConnectionGood(Session session) {
        if (session == null) {
            return false;
        }
        try {
            if (!session.isAttached() || session.getConnection() == null) {
                return false;
            }
            return !session.getConnection().isClosed();
        } catch (Exception e) {
            return false;
        }
    }

    public boolean hasPendingChanges() {
        return true;
    }

    public Collection<String> getPrivileges(Connection connection, byte[] bArr) throws SQLException, XSException {
        validateInput(connection);
        SessionImpl session = getSession(connection);
        if (session == null || !session.isAttached()) {
            session = getSessionManager().attachByMasterSessionInternal(connection, this);
        }
        return session.getPrivileges(bArr);
    }

    public boolean isTrusted() {
        return this.master.isTrusted();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean compareRoles(Set<ExternalRole> set) throws XSException {
        checkSync();
        SessionInfo sessionFromCache = getSessionManager().getSessionFromCache(getId());
        if (sessionFromCache == null) {
            return false;
        }
        return SessionUtil.compareRoleCollectionWithMap(set, sessionFromCache.getExternalRoles());
    }

    private void validateInput(Connection connection) throws XSException {
        if (connection == null) {
            throw new XSException(msgBundle.getString("INVALID_JDBC_CONN"));
        }
    }
}
