package org.exist.security;

import java.io.IOException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.collections.Collection;
import org.exist.collections.triggers.TriggerException;
import org.exist.dom.persistent.DocumentImpl;
import org.exist.storage.DBBroker;
import org.exist.storage.txn.TransactionException;
import org.exist.storage.txn.TransactionManager;
import org.exist.storage.txn.Txn;
import org.exist.xmldb.XmldbURI;
import org.exist.xquery.XPathException;

/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/PermissionFactory.class */
public class PermissionFactory {
    private static final Logger LOG = LogManager.getLogger((Class<?>) PermissionFactory.class);
    public static SecurityManager sm = null;

    /* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/PermissionFactory$PermissionModifier.class */
    public interface PermissionModifier {
        void modify(Permission permission) throws PermissionDeniedException;
    }

    public static Permission getDefaultResourcePermission() {
        Subject subject = sm.getDatabase().getSubject();
        return new SimpleACLPermission(sm, subject.getId(), subject.getDefaultGroup().getId(), 438 & (subject.getUserMask() ^ (-1)));
    }

    public static Permission getDefaultCollectionPermission() {
        Subject subject = sm.getDatabase().getSubject();
        return new SimpleACLPermission(sm, subject.getId(), subject.getDefaultGroup().getId(), 511 & (subject.getUserMask() ^ (-1)));
    }

    public static Permission getPermission(int i) {
        Subject subject = sm.getDatabase().getSubject();
        return new SimpleACLPermission(sm, subject.getId(), subject.getDefaultGroup().getId(), i);
    }

    public static Permission getPermission(int i, int i2, int i3) {
        return new SimpleACLPermission(sm, i, i2, i3);
    }

    public static Permission getPermission(String str, String str2, int i) {
        Account account;
        SimpleACLPermission simpleACLPermission = null;
        try {
            account = sm.getAccount(str);
        } catch (Throwable th) {
            LOG.error("Exception while instantiating security permission class.", th);
        }
        if (account == null) {
            throw new IllegalArgumentException("User was not found '" + (str == null ? "" : str) + "'");
        }
        Group group = sm.getGroup(str2);
        if (group == null) {
            throw new IllegalArgumentException("Group was not found '" + (str == null ? "" : str2) + "'");
        }
        simpleACLPermission = new SimpleACLPermission(sm, account.getId(), group.getId(), i);
        return simpleACLPermission;
    }

    /* JADX WARN: Failed to calculate best type for var: r10v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r11v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 10, insn: 0x00d8: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r10 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:34:0x00d8 */
    /* JADX WARN: Not initialized variable reg: 11, insn: 0x00dd: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r11 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:36:0x00dd */
    /* JADX WARN: Type inference failed for: r10v1, types: [org.exist.storage.txn.Txn] */
    /* JADX WARN: Type inference failed for: r11v0, types: [java.lang.Throwable] */
    public static void updatePermissions(DBBroker dBBroker, XmldbURI xmldbURI, PermissionModifier permissionModifier) throws PermissionDeniedException {
        ?? r10;
        ?? r11;
        DocumentImpl documentImpl = null;
        TransactionManager transactionManager = dBBroker.getBrokerPool().getTransactionManager();
        try {
            try {
                try {
                    Txn beginTransaction = transactionManager.beginTransaction();
                    Throwable th = null;
                    Collection openCollection = dBBroker.openCollection(xmldbURI, 1);
                    if (openCollection == null) {
                        documentImpl = dBBroker.getXMLResource(xmldbURI, 1);
                        if (documentImpl == null) {
                            transactionManager.abort(beginTransaction);
                            throw new XPathException("Resource or collection '" + xmldbURI.toString() + "' does not exist.");
                        }
                        permissionModifier.modify(documentImpl.getPermissions());
                        dBBroker.storeXMLResource(beginTransaction, documentImpl);
                        transactionManager.commit(beginTransaction);
                        dBBroker.flush();
                    } else {
                        beginTransaction.registerLock(openCollection.getLock(), 1);
                        permissionModifier.modify(openCollection.getPermissionsNoLock());
                        dBBroker.saveCollection(beginTransaction, openCollection);
                        transactionManager.commit(beginTransaction);
                        dBBroker.flush();
                    }
                    if (beginTransaction != null) {
                        if (0 != 0) {
                            try {
                                beginTransaction.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            beginTransaction.close();
                        }
                    }
                    if (documentImpl != null) {
                        documentImpl.getUpdateLock().release(1);
                    }
                } catch (Throwable th3) {
                    if (r10 != 0) {
                        if (r11 != 0) {
                            try {
                                r10.close();
                            } catch (Throwable th4) {
                                r11.addSuppressed(th4);
                            }
                        } else {
                            r10.close();
                        }
                    }
                    throw th3;
                }
            } catch (IOException | TriggerException | PermissionDeniedException | TransactionException | XPathException e) {
                throw new PermissionDeniedException("Permission to modify permissions is denied for user '" + dBBroker.getSubject().getName() + "' on '" + xmldbURI.toString() + "': " + e.getMessage(), e);
            }
        } catch (Throwable th5) {
            if (0 != 0) {
                documentImpl.getUpdateLock().release(1);
            }
            throw th5;
        }
    }
}
