package org.eclipse.orion.internal.server.servlets.workspace.authorization;

import org.eclipse.core.runtime.CoreException;
import org.eclipse.orion.internal.server.servlets.Activator;
import org.eclipse.orion.server.core.OrionConfiguration;
import org.eclipse.orion.server.core.PreferenceHelper;
import org.eclipse.orion.server.core.ServerStatus;
import org.eclipse.orion.server.core.metastore.UserInfo;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:org/eclipse/orion/internal/server/servlets/workspace/authorization/AuthorizationService.class */
public class AuthorizationService {
    public static final int POST = 1;
    public static final int PUT = 2;
    public static final int GET = 4;
    public static final int DELETE = 8;
    private static final String PREFIX_EXPORT = "/xfer/export/";
    private static final String PREFIX_IMPORT = "/xfer/import/";
    private static final String ANONYMOUS_LOGIN_VALUE = "Anonymous";

    public static void addUserRight(String str, String str2) throws CoreException {
        try {
            UserInfo readUser = OrionConfiguration.getMetaStore().readUser(str);
            JSONArray authorizationData = AuthorizationReader.getAuthorizationData(readUser);
            JSONObject createUserRight = createUserRight(str2);
            for (int i = 0; i < authorizationData.length(); i++) {
                if (createUserRight.toString().equals(authorizationData.get(i).toString())) {
                    return;
                }
            }
            authorizationData.put(createUserRight);
            AuthorizationReader.saveRights(readUser, authorizationData);
        } catch (Exception e) {
            throw new CoreException(new ServerStatus(4, 500, "Error persisting user rights", e));
        }
    }

    public static boolean checkRights(String str, String str2, String str3) throws CoreException {
        if (str2.equals(Activator.LOCATION_WORKSPACE_SERVLET) && !ANONYMOUS_LOGIN_VALUE.equals(str)) {
            return true;
        }
        if (str2.startsWith("/site") && !ANONYMOUS_LOGIN_VALUE.equals(str)) {
            return true;
        }
        if ((str2.equals("/users/" + str) && !ANONYMOUS_LOGIN_VALUE.equals(str)) || str2.startsWith("/task")) {
            return true;
        }
        if (str2.startsWith(PREFIX_EXPORT) && str2.endsWith(".zip")) {
            str2 = "/file/" + str2.substring(13, str2.length() - 4) + '/';
        } else if (str2.startsWith(PREFIX_IMPORT)) {
            str2 = "/file/" + str2.substring(PREFIX_IMPORT.length());
            if (!str2.endsWith("/")) {
                str2 = String.valueOf(str2) + '/';
            }
        }
        String string = PreferenceHelper.getString("orion.file.anonymous.read", "false");
        int method = getMethod(str3);
        if (method == 4 && str2.startsWith("/file/") && "true".equalsIgnoreCase(string)) {
            return ("/file/".equals(str2) || str2.startsWith("/file/.metadata/")) ? false : true;
        }
        JSONArray authorizationData = AuthorizationReader.getAuthorizationData(OrionConfiguration.getMetaStore().readUser(str));
        for (int i = 0; i < authorizationData.length(); i++) {
            try {
                JSONObject jSONObject = (JSONObject) authorizationData.get(i);
                String string2 = jSONObject.getString("Uri");
                int i2 = jSONObject.getInt("Method");
                if (wildCardMatch(str2, string2) && (method & i2) == method) {
                    return true;
                }
            } catch (JSONException unused) {
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JSONObject createUserRight(String str) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("Uri", str);
        jSONObject.put("Method", 15);
        return jSONObject;
    }

    private static int getMethod(String str) {
        if (str.equals("POST")) {
            return 1;
        }
        if (str.equals("PUT")) {
            return 2;
        }
        if (str.equals("GET")) {
            return 4;
        }
        return str.equals("DELETE") ? 8 : 0;
    }

    public static void removeUserRight(String str, String str2) throws CoreException {
        try {
            Activator.getDefault();
            UserInfo readUser = OrionConfiguration.getMetaStore().readUser(str);
            JSONArray authorizationData = AuthorizationReader.getAuthorizationData(readUser);
            for (int i = 0; i < authorizationData.length(); i++) {
                if (str2.equals(((JSONObject) authorizationData.get(i)).get("Uri"))) {
                    authorizationData.remove(i);
                }
            }
            AuthorizationReader.saveRights(readUser, authorizationData);
        } catch (Exception e) {
            throw new CoreException(new ServerStatus(4, 500, "Error persisting user rights", e));
        }
    }

    private static boolean wildCardMatch(String str, String str2) {
        String[] split = str2.split("\\*");
        if (!str2.startsWith("*") && !str.startsWith(split[0])) {
            return false;
        }
        if (!str2.endsWith("*") && !str.endsWith(split[split.length - 1])) {
            return false;
        }
        for (String str3 : split) {
            int indexOf = str.indexOf(str3);
            if (indexOf == -1) {
                return false;
            }
            str = str.substring(indexOf + str3.length());
        }
        return true;
    }
}
