package com.gemstone.gemfire.internal.security;

import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.operations.ExecuteCQOperationContext;
import com.gemstone.gemfire.cache.operations.ExecuteFunctionOperationContext;
import com.gemstone.gemfire.cache.operations.GetOperationContext;
import com.gemstone.gemfire.cache.operations.KeySetOperationContext;
import com.gemstone.gemfire.cache.operations.QueryOperationContext;
import com.gemstone.gemfire.i18n.LogWriterI18n;
import com.gemstone.gemfire.internal.ClassLoadUtil;
import com.gemstone.gemfire.internal.cache.tier.sockets.ClientProxyMembershipID;
import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
import com.gemstone.gemfire.security.AccessControl;
import com.gemstone.gemfire.security.NotAuthorizedException;
import java.io.Serializable;
import java.lang.reflect.InvocationTargetException;
import java.security.Principal;
import java.util.Set;

/* loaded from: input_file:com/gemstone/gemfire/internal/security/AuthorizeRequestPP.class */
public class AuthorizeRequestPP {
    private AccessControl postAuthzCallback;
    private final ClientProxyMembershipID id;
    private final LogWriterI18n logger;
    private final Principal principal;
    private final boolean isPrincipalSerializable;

    public AuthorizeRequestPP(String str, ClientProxyMembershipID clientProxyMembershipID, Principal principal, Cache cache) throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        this.id = clientProxyMembershipID;
        this.principal = principal;
        if (this.principal instanceof Serializable) {
            this.isPrincipalSerializable = true;
        } else {
            this.isPrincipalSerializable = false;
        }
        this.logger = cache.getSecurityLoggerI18n();
        this.postAuthzCallback = (AccessControl) ClassLoadUtil.methodFromName(str).invoke(null, (Object[]) null);
        this.postAuthzCallback.init(principal, clientProxyMembershipID.getDistributedMember(), cache);
        if (this.logger.infoEnabled()) {
            this.logger.info(LocalizedStrings.AuthorizeRequestPP_AUTHORIZEREQUESTPP_SETTING_POST_PROCESS_AUTHORIZATION_CALLBACK_TO_1_FOR_CLIENT_0, new Object[]{clientProxyMembershipID, str});
        }
    }

    public AccessControl getPostAuthzCallback() {
        return this.postAuthzCallback;
    }

    public GetOperationContext getAuthorize(String str, Object obj, Object obj2, boolean z, GetOperationContext getOperationContext) throws NotAuthorizedException {
        if (getOperationContext == null) {
            getOperationContext = new GetOperationContext(obj, true);
        } else {
            getOperationContext.setPostOperation();
        }
        getOperationContext.setObject(obj2, z);
        if (this.postAuthzCallback.authorizeOperation(str, getOperationContext)) {
            if (this.logger.finestEnabled()) {
                this.logger.finest(this.id + ": In post-process: authorized to perform GET operation on region [" + str + ']');
            }
            return getOperationContext;
        }
        String localizedString = LocalizedStrings.AuthorizeRequestPP_IN_POSTPROCESS_NOT_AUTHORIZED_TO_PERFORM_GET_OPERATION_ON_REGION_0.toLocalizedString(str);
        this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[]{this.id, localizedString});
        if (this.isPrincipalSerializable) {
            throw new NotAuthorizedException(localizedString, this.principal);
        }
        throw new NotAuthorizedException(localizedString);
    }

    public QueryOperationContext queryAuthorize(String str, Set set, Object obj, QueryOperationContext queryOperationContext) throws NotAuthorizedException {
        if (queryOperationContext == null) {
            queryOperationContext = new QueryOperationContext(str, set, true);
        } else {
            queryOperationContext.setPostOperation();
        }
        queryOperationContext.setQueryResult(obj);
        if (this.postAuthzCallback.authorizeOperation(null, queryOperationContext)) {
            if (this.logger.finestEnabled()) {
                this.logger.finest(this.id + ": In post-process: authorized to perform QUERY operation [" + str + "] on cache");
            }
            return queryOperationContext;
        }
        String localizedString = LocalizedStrings.AuthorizeRequestPP_IN_POSTPROCESS_NOT_AUTHORIZED_TO_PERFORM_QUERY_OPERATION_0_ON_THE_CACHE.toLocalizedString(str);
        this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[]{this.id, localizedString});
        if (this.isPrincipalSerializable) {
            throw new NotAuthorizedException(localizedString, this.principal);
        }
        throw new NotAuthorizedException(localizedString);
    }

    public QueryOperationContext executeCQAuthorize(String str, String str2, Set set, Object obj, QueryOperationContext queryOperationContext) throws NotAuthorizedException {
        if (queryOperationContext == null) {
            queryOperationContext = new ExecuteCQOperationContext(str, str2, set, true);
        } else {
            queryOperationContext.setPostOperation();
        }
        queryOperationContext.setQueryResult(obj);
        if (this.postAuthzCallback.authorizeOperation(null, queryOperationContext)) {
            if (this.logger.finestEnabled()) {
                this.logger.finest(this.id + ": In post-process: authorized to perform EXECUTE_CQ operation [" + str2 + "] on cache");
            }
            return queryOperationContext;
        }
        String localizedString = LocalizedStrings.AuthorizeRequestPP_IN_POSTPROCESS_NOT_AUTHORIZED_TO_PERFORM_EXECUTE_CQ_OPERATION_0_ON_THE_CACHE.toLocalizedString(str2);
        this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[]{this.id, localizedString});
        if (this.isPrincipalSerializable) {
            throw new NotAuthorizedException(localizedString, this.principal);
        }
        throw new NotAuthorizedException(localizedString);
    }

    public KeySetOperationContext keySetAuthorize(String str, Set set, KeySetOperationContext keySetOperationContext) throws NotAuthorizedException {
        if (keySetOperationContext == null) {
            keySetOperationContext = new KeySetOperationContext(true);
        } else {
            keySetOperationContext.setPostOperation();
        }
        keySetOperationContext.setKeySet(set);
        if (this.postAuthzCallback.authorizeOperation(str, keySetOperationContext)) {
            if (this.logger.finestEnabled()) {
                this.logger.finest(this.id + ": In post-process: authorized to perform KEY_SET operation on region [" + str + ']');
            }
            return keySetOperationContext;
        }
        String localizedString = LocalizedStrings.AuthorizeRequestPP_IN_POSTPROCESS_NOT_AUTHORIZED_TO_PERFORM_KEY_SET_OPERATION_ON_REGION_0.toLocalizedString(str);
        this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[]{this.id, localizedString});
        if (this.isPrincipalSerializable) {
            throw new NotAuthorizedException(localizedString, this.principal);
        }
        throw new NotAuthorizedException(localizedString);
    }

    public ExecuteFunctionOperationContext executeFunctionAuthorize(Object obj, ExecuteFunctionOperationContext executeFunctionOperationContext) throws NotAuthorizedException {
        executeFunctionOperationContext.setResult(obj);
        String regionName = executeFunctionOperationContext.getRegionName();
        if (this.postAuthzCallback.authorizeOperation(regionName, executeFunctionOperationContext)) {
            if (this.logger.finestEnabled()) {
                this.logger.finest(this.id + ": In post-process: authorized to perform EXECUTE_REGION_FUNCTION operation on region [" + regionName + ']');
            }
            return executeFunctionOperationContext;
        }
        String localizedString = LocalizedStrings.AuthorizeRequestPP_0_NOT_AUTHORIZED_TO_PERFORM_EXECUTE_REGION_FUNCTION_1.toLocalizedString(toString(), regionName);
        if (this.logger.warningEnabled()) {
            this.logger.warning(LocalizedStrings.ONE_ARG, localizedString);
        }
        if (this.isPrincipalSerializable) {
            throw new NotAuthorizedException(localizedString, this.principal);
        }
        throw new NotAuthorizedException(localizedString);
    }

    public void close() {
        this.postAuthzCallback.close();
    }
}
