package com.sibvisions.rad.server.security;

import com.sibvisions.rad.server.config.DBObjects;
import com.sibvisions.util.type.CommonUtil;
import com.sibvisions.util.type.StringUtil;
import java.math.BigDecimal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import java.sql.Timestamp;
import javax.rad.application.ILauncher;
import javax.rad.remote.IConnectionConstants;
import javax.rad.server.ExpiredException;
import javax.rad.server.IConfiguration;
import javax.rad.server.ISession;
import javax.rad.server.InactiveException;
import javax.rad.server.InvalidPasswordException;
import javax.rad.server.NotFoundException;

/* loaded from: input_file:com/sibvisions/rad/server/security/DBSecurityManager.class */
public class DBSecurityManager extends AbstractDBSecurityManager {
    protected static final String TABLE_USERS = "USERS";
    protected static final String TABLE_AUTOLOGIN = "AUTOLOGIN";
    protected static final String VIEW_ACCESSRULES = "V_ACCESSRULES";
    private PreparedStatement psAutoLogin;
    private PreparedStatement psInsertAutoLogin;
    private PreparedStatement psDeleteAutoLoginKey;
    private PreparedStatement psDeleteAutoLoginUser;
    private PreparedStatement psUserId;
    private PreparedStatement psUserName;
    private PreparedStatement psAccessRule;
    private PreparedStatement psChangePwd;
    private PreparedStatement psChangePwdUnset;
    private String sUsersTable;
    private String sUsersId;
    private String sUsersName;
    private String sUsersChgPwd;
    private String sUsersPwd;
    private String sAutoLoginTable;
    private String sAutoLoginId;
    private String sAutoLoginKey;
    private String sAccessTable;
    private String sAccessUser;

    /*  JADX ERROR: Types fix failed
        java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
        	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
        	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryPossibleTypes(FixTypesVisitor.java:183)
        	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:242)
        	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
        	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
        */
    /* JADX WARN: Not initialized variable reg: 18, insn: 0x028a: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r18 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:72:0x0288 */
    @Override // com.sibvisions.rad.server.security.ISecurityManager
    public synchronized void validateAuthentication(javax.rad.server.ISession r7) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 850
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sibvisions.rad.server.security.DBSecurityManager.validateAuthentication(javax.rad.server.ISession):void");
    }

    @Override // com.sibvisions.rad.server.security.ISecurityManager
    public synchronized void changePassword(ISession iSession) throws Exception {
        String str;
        boolean z;
        String str2 = (String) iSession.getProperty(IConnectionConstants.OLDPASSWORD);
        String str3 = (String) iSession.getProperty(IConnectionConstants.NEWPASSWORD);
        validatePassword(iSession, str2, str3);
        String applicationName = iSession.getApplicationName();
        String userName = iSession.getUserName();
        IConfiguration config = iSession.getConfig();
        openConnection(iSession);
        try {
            try {
                this.psUserName.clearParameters();
                this.psUserName.setString(1, userName);
                ResultSet executeQuery = this.psUserName.executeQuery();
                validateUser(iSession, executeQuery);
                try {
                    str = executeQuery.getString(DBObjects.getColumnName(config, TABLE_USERS, "PASSWORD"));
                } catch (SQLException e) {
                    str = null;
                }
                if (((iSession.getProperty("client.login.key") == null || iSession.getPassword() != null) && !comparePassword(config, iSession.getPassword(), str2)) || !comparePassword(config, str2, str)) {
                    throw new InvalidPasswordException("Invalid password for '" + userName + "' and application '" + applicationName + "'");
                }
                try {
                    executeQuery.getString(DBObjects.getColumnName(config, TABLE_USERS, "CHANGE_PASSWORD"));
                    z = true;
                } catch (Throwable th) {
                    z = false;
                }
                PreparedStatement preparedStatement = z ? this.psChangePwdUnset : this.psChangePwd;
                preparedStatement.clearParameters();
                preparedStatement.setString(1, getEncryptedPassword(config, str3));
                preparedStatement.setString(2, userName);
                if (preparedStatement.execute()) {
                    CommonUtil.close(preparedStatement.getResultSet());
                }
                if (preparedStatement.getUpdateCount() != 1) {
                    throw new NotFoundException("User '" + userName + "' was not found for application '" + applicationName + "'");
                }
            } catch (SQLException e2) {
                debug(e2);
                throw new SecurityException("Error while changing password of '" + userName + "' for application '" + applicationName + "'");
            }
        } catch (Throwable th2) {
            throw th2;
        }
    }

    @Override // com.sibvisions.rad.server.security.ISecurityManager
    public synchronized void logout(ISession iSession) {
        if (Boolean.valueOf((String) iSession.getProperty("userlogout")).booleanValue()) {
            try {
                String str = (String) iSession.getProperty("client.login.key");
                if (str != null) {
                    openConnection(iSession);
                    this.psDeleteAutoLoginKey.clearParameters();
                    this.psDeleteAutoLoginKey.setString(1, str);
                    if (this.psDeleteAutoLoginKey.execute()) {
                        CommonUtil.close(this.psDeleteAutoLoginKey.getResultSet());
                    }
                    iSession.setProperty("client.login.key", null);
                }
            } catch (Exception e) {
                error(e);
            }
        }
    }

    @Override // com.sibvisions.rad.server.security.ISecurityManager
    public synchronized IAccessController getAccessController(ISession iSession) throws Exception {
        IConfiguration config = iSession.getConfig();
        ResultSet resultSet = null;
        openConnection(iSession);
        try {
            if (this.psAccessRule == null) {
                return null;
            }
            try {
                this.psAccessRule.clearParameters();
                this.psAccessRule.setObject(1, iSession.getUserName());
                resultSet = this.psAccessRule.executeQuery();
                String simpleEnvironmentName = getSimpleEnvironmentName(iSession);
                String yesValue = DBObjects.getYesValue(config);
                IAccessController createAccessController = createAccessController(iSession);
                String columnName = DBObjects.getColumnName(config, VIEW_ACCESSRULES, "LIFECYCLENAME");
                String str = null;
                String str2 = null;
                String str3 = null;
                boolean z = false;
                if (simpleEnvironmentName != null) {
                    str = DBObjects.getColumnName(config, VIEW_ACCESSRULES, "ENV_DESKTOP");
                    str2 = DBObjects.getColumnName(config, VIEW_ACCESSRULES, "ENV_WEB");
                    str3 = DBObjects.getColumnName(config, VIEW_ACCESSRULES, "ENV_MOBILE");
                    ResultSetMetaData metaData = resultSet.getMetaData();
                    int columnCount = metaData.getColumnCount();
                    for (int i = 1; i <= columnCount && !z; i++) {
                        String columnName2 = metaData.getColumnName(i);
                        if (columnName2.equals(str) || columnName2.equals(str2) || columnName2.equals(str3)) {
                            z = true;
                        }
                    }
                }
                while (resultSet.next()) {
                    boolean z2 = true;
                    if (z) {
                        if (simpleEnvironmentName.equals(ILauncher.ENVIRONMENT_DESKTOP)) {
                            if (!yesValue.equals(resultSet.getString(str))) {
                                z2 = false;
                            }
                        } else if (simpleEnvironmentName.equals(ILauncher.ENVIRONMENT_WEB)) {
                            if (!yesValue.equals(resultSet.getString(str2))) {
                                z2 = false;
                            }
                        } else if (simpleEnvironmentName.equals(ILauncher.ENVIRONMENT_MOBILE) && !yesValue.equals(resultSet.getString(str3))) {
                            z2 = false;
                        }
                    }
                    if (z2) {
                        createAccessController.addAccess(resultSet.getString(columnName));
                    }
                }
                return createAccessController;
            } catch (SQLException e) {
                debug(e);
                return null;
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // com.sibvisions.rad.server.security.AbstractDBSecurityManager
    protected void updateConfiguration(IConfiguration iConfiguration) throws Exception {
        this.sUsersTable = DBObjects.getTableName(iConfiguration, TABLE_USERS);
        this.sUsersId = DBObjects.getColumnName(iConfiguration, TABLE_USERS, "ID");
        this.sUsersName = DBObjects.getColumnName(iConfiguration, TABLE_USERS, "USERNAME");
        this.sUsersChgPwd = DBObjects.getColumnName(iConfiguration, TABLE_USERS, "CHANGE_PASSWORD");
        this.sUsersPwd = DBObjects.getColumnName(iConfiguration, TABLE_USERS, "PASSWORD");
        this.sAutoLoginTable = DBObjects.getTableName(iConfiguration, TABLE_AUTOLOGIN);
        this.sAutoLoginId = DBObjects.getColumnName(iConfiguration, TABLE_AUTOLOGIN, "USER_ID");
        this.sAutoLoginKey = DBObjects.getColumnName(iConfiguration, TABLE_AUTOLOGIN, "LOGINKEY");
        this.sAccessTable = DBObjects.getTableName(iConfiguration, VIEW_ACCESSRULES);
        this.sAccessUser = DBObjects.getColumnName(iConfiguration, VIEW_ACCESSRULES, "USERNAME");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sibvisions.rad.server.security.AbstractDBSecurityManager
    public void closeStatements() {
        super.closeStatements();
        this.psUserId = null;
        this.psUserName = null;
        this.psChangePwd = null;
        this.psChangePwdUnset = null;
        this.psAutoLogin = null;
        this.psInsertAutoLogin = null;
        this.psDeleteAutoLoginKey = null;
        this.psDeleteAutoLoginUser = null;
        this.psAccessRule = null;
    }

    @Override // com.sibvisions.rad.server.security.AbstractDBSecurityManager
    protected void initStatements(Connection connection) throws Exception {
        this.psUserId = prepareStatement(connection, "select * from " + this.sUsersTable + " u where u." + this.sUsersId + " = ?");
        this.psUserName = prepareStatement(connection, "select * from " + this.sUsersTable + " u where u." + this.sUsersName + " = ?");
        this.psChangePwd = prepareStatement(connection, "update " + this.sUsersTable + " u set u." + this.sUsersPwd + " = ?  where u." + this.sUsersName + " = ?");
        this.psChangePwdUnset = prepareStatement(connection, "update " + this.sUsersTable + " u set u." + this.sUsersPwd + " = ?, u." + this.sUsersChgPwd + " = 'N'  where u." + this.sUsersName + " = ?");
        try {
            this.psAutoLogin = prepareStatement(connection, "select " + this.sAutoLoginId + " from " + this.sAutoLoginTable + " where " + this.sAutoLoginKey + " = ?");
            this.psInsertAutoLogin = prepareStatement(connection, "insert into " + this.sAutoLoginTable + "(" + this.sAutoLoginId + ", " + this.sAutoLoginKey + ") values (?, ?)");
            this.psDeleteAutoLoginKey = prepareStatement(connection, "delete from " + this.sAutoLoginTable + " where " + this.sAutoLoginKey + " = ?");
            this.psDeleteAutoLoginUser = prepareStatement(connection, "delete from " + this.sAutoLoginTable + " where " + this.sAutoLoginId + " = ?");
        } catch (SQLException e) {
            close(this.psAutoLogin, this.psInsertAutoLogin, this.psDeleteAutoLoginKey, this.psDeleteAutoLoginUser);
            this.psAutoLogin = null;
            this.psInsertAutoLogin = null;
            this.psDeleteAutoLoginKey = null;
            this.psDeleteAutoLoginUser = null;
        }
        try {
            this.psAccessRule = prepareStatement(connection, "select * from " + this.sAccessTable + " where " + this.sAccessUser + " = ?");
        } catch (SQLException e2) {
        }
    }

    @Override // com.sibvisions.rad.server.security.AbstractDBSecurityManager
    protected String getAliveQuery() {
        return "select ID from " + this.sUsersTable;
    }

    private void validateUser(ISession iSession, ResultSet resultSet) throws Exception {
        String str;
        Timestamp timestamp;
        Timestamp timestamp2;
        String applicationName = iSession.getApplicationName();
        String userName = iSession.getUserName();
        if (!resultSet.next()) {
            throw new NotFoundException("User '" + userName + "' was not found for application '" + applicationName + "'");
        }
        IConfiguration config = iSession.getConfig();
        try {
            str = resultSet.getString(DBObjects.getColumnName(config, TABLE_USERS, "ACTIVE"));
        } catch (SQLException e) {
            str = null;
        }
        if (!isActive(iSession, str)) {
            throw new InactiveException("User '" + userName + "' is inactive for application '" + applicationName + "'");
        }
        try {
            timestamp = resultSet.getTimestamp(DBObjects.getColumnName(config, TABLE_USERS, "VALID_FROM"));
        } catch (SQLException e2) {
            timestamp = null;
        }
        try {
            timestamp2 = resultSet.getTimestamp(DBObjects.getColumnName(config, TABLE_USERS, "VALID_TO"));
        } catch (SQLException e3) {
            timestamp2 = null;
        }
        if (!isValid(iSession, timestamp, timestamp2)) {
            throw new ExpiredException("User '" + userName + "' is expired for application '" + applicationName + "'");
        }
    }

    protected boolean isActive(ISession iSession, String str) throws Exception {
        if (str == null) {
            return true;
        }
        return DBObjects.getYesValue(iSession.getConfig()).equals(str);
    }

    protected boolean isValid(ISession iSession, Timestamp timestamp, Timestamp timestamp2) {
        long currentTimeMillis = System.currentTimeMillis();
        return (timestamp == null || timestamp.getTime() <= currentTimeMillis) && (timestamp2 == null || timestamp2.getTime() > currentTimeMillis);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isPasswordValid(ISession iSession, String str) throws Exception {
        return comparePassword(iSession.getConfig(), iSession.getPassword(), str);
    }

    protected boolean isChangePassword(ISession iSession, String str) throws Exception {
        if (str == null) {
            return false;
        }
        return DBObjects.getYesValue(iSession.getConfig()).equals(str);
    }

    protected void postAuthentication(ISession iSession, BigDecimal bigDecimal) throws Exception {
    }

    public static String getSimpleEnvironmentName(ISession iSession) {
        int indexOf;
        String str = (String) iSession.getProperty("client.Launcher.environment");
        if (!StringUtil.isEmpty(str) && (indexOf = str.indexOf(":")) >= 0) {
            str = str.substring(0, indexOf);
        }
        return str;
    }
}
