package org.fcrepo.server.security.xacml.pdp.data;

import com.sun.org.apache.xml.internal.serialize.OutputFormat;
import com.sun.org.apache.xml.internal.serialize.XMLSerializer;
import com.sun.xacml.AbstractPolicy;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.ParsingException;
import com.sun.xacml.finder.PolicyFinder;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.axiom.om.impl.serialize.StreamingOMSerializer;
import org.fcrepo.server.security.xacml.pdp.finder.policy.PolicyReader;
import org.fcrepo.server.security.xacml.util.AttributeBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xmldb.api.DatabaseManager;
import org.xmldb.api.base.Collection;
import org.xmldb.api.base.Database;
import org.xmldb.api.base.Resource;
import org.xmldb.api.base.ResourceIterator;
import org.xmldb.api.base.ResourceSet;
import org.xmldb.api.base.XMLDBException;
import org.xmldb.api.modules.CollectionManagementService;
import org.xmldb.api.modules.XMLResource;
import org.xmldb.api.modules.XPathQueryService;

/* loaded from: input_file:WEB-INF/lib/fcrepo-security-pdp-3.6.1.jar:org/fcrepo/server/security/xacml/pdp/data/ExistPolicyIndex.class */
public class ExistPolicyIndex extends XPathPolicyIndex implements PolicyIndex {
    private static final String ROOT_COLLECTION_PATH = "/db";
    private static final String INDEX_DOCUMENT_NAME = "collection.xconf";
    private String m_databaseURI;
    private String m_collectionName;
    private String m_collectionPath;
    private String m_indexCollectionPath;
    private String m_user;
    private String m_password;
    protected Collection m_collection;
    private static final Logger log = LoggerFactory.getLogger(ExistPolicyIndex.class.getName());
    private static final ReentrantReadWriteLock rwl = new ReentrantReadWriteLock();
    private static final Lock readLock = rwl.readLock();
    private static final Lock writeLock = rwl.writeLock();

    protected ExistPolicyIndex(PolicyReader policyReader) throws PolicyIndexException {
        super(policyReader);
        try {
            writeLock.lock();
            initCollection();
            writeLock.unlock();
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public String addPolicy(String str, String str2) throws PolicyIndexException {
        String nameToId = nameToId(str);
        try {
            try {
                writeLock.lock();
                if (((XMLResource) this.m_collection.getResource(nameToId)) != null) {
                    throw new PolicyIndexException("Tried to add an already-existing resource " + str);
                }
                XMLResource xMLResource = (XMLResource) this.m_collection.createResource(nameToId, XMLResource.RESOURCE_TYPE);
                xMLResource.setContentAsDOM(createDocument(str2));
                this.m_collection.storeResource(xMLResource);
                writeLock.unlock();
                return str;
            } catch (XMLDBException e) {
                log.error("Error adding resource " + str + " " + e.getMessage(), (Throwable) e);
                throw new PolicyIndexException("Error adding resource " + str + " " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public boolean clear() throws PolicyIndexException {
        try {
            writeLock.lock();
            deleteCollection();
            initCollection();
            writeLock.unlock();
            return true;
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public boolean contains(String str) throws PolicyIndexException {
        try {
            try {
                readLock.lock();
                boolean z = this.m_collection.getResource(nameToId(str)) != null;
                readLock.unlock();
                return z;
            } catch (XMLDBException e) {
                log.error("Error determining if db contains " + str + " - " + e.getMessage(), (Throwable) e);
                throw new PolicyIndexException("Error determining if db contains " + str + " - " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public boolean deletePolicy(String str) throws PolicyIndexException {
        String nameToId = nameToId(str);
        try {
            try {
                writeLock.lock();
                Resource resource = this.m_collection.getResource(nameToId);
                if (resource == null) {
                    log.warn("Attempted to delete non-existing resource " + str);
                    writeLock.unlock();
                    return false;
                }
                this.m_collection.removeResource(resource);
                writeLock.unlock();
                return true;
            } catch (XMLDBException e) {
                log.error("Error deleting resource " + str + " " + e.getMessage(), (Throwable) e);
                throw new PolicyIndexException("Error deleting resource " + str + " " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public Map<String, AbstractPolicy> getPolicies(EvaluationCtx evaluationCtx, PolicyFinder policyFinder) throws PolicyIndexException {
        try {
            Map<String, Set<AttributeBean>> attributeMap = getAttributeMap(evaluationCtx);
            HashMap hashMap = new HashMap();
            String xpath = getXpath(attributeMap);
            Map<String, String> xpathVariables = getXpathVariables(attributeMap);
            try {
                readLock.lock();
                try {
                    try {
                        ResourceIterator iterator = doQuery(xpath, xpathVariables).getIterator();
                        while (iterator.hasMoreResources()) {
                            String documentId = ((XMLResource) iterator.nextResource()).getDocumentId();
                            log.trace("Query matched document: " + IdToName(documentId));
                            hashMap.put(IdToName(documentId), handleDocument(this.m_policyReader.readPolicy(((String) this.m_collection.getResource(documentId).getContent()).getBytes("UTF-8")), policyFinder));
                        }
                        readLock.unlock();
                        return hashMap;
                    } catch (UnsupportedEncodingException e) {
                        throw new RuntimeException("Unsupported encoding " + e.getMessage(), e);
                    }
                } catch (ParsingException e2) {
                    log.error("Error retrieving query results " + e2.getMessage(), (Throwable) e2);
                    throw new PolicyIndexException("Error retrieving query results " + e2.getMessage(), e2);
                } catch (XMLDBException e3) {
                    log.error("Error retrieving query results " + e3.getMessage(), (Throwable) e3);
                    throw new PolicyIndexException("Error retrieving query results " + e3.getMessage(), e3);
                }
            } catch (Throwable th) {
                readLock.unlock();
                throw th;
            }
        } catch (URISyntaxException e4) {
            log.error("Error getting attribute map " + e4.getMessage(), (Throwable) e4);
            throw new PolicyIndexException("Error getting attribute map " + e4.getMessage(), e4);
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public AbstractPolicy getPolicy(String str, PolicyFinder policyFinder) throws PolicyIndexException {
        try {
            try {
                try {
                    try {
                        readLock.lock();
                        XMLResource xMLResource = (XMLResource) this.m_collection.getResource(nameToId(str));
                        if (xMLResource == null) {
                            log.error("Attempting to get non-existant resource " + str);
                            throw new PolicyIndexException("Attempting to get non-existant resource " + str);
                        }
                        AbstractPolicy handleDocument = handleDocument(this.m_policyReader.readPolicy(((String) xMLResource.getContent()).getBytes("UTF-8")), policyFinder);
                        readLock.unlock();
                        return handleDocument;
                    } catch (XMLDBException e) {
                        log.error("Error getting policy " + str + " " + e.getMessage(), (Throwable) e);
                        throw new PolicyIndexException("Error getting policy " + str + " " + e.getMessage(), e);
                    }
                } catch (ParsingException e2) {
                    log.error("Error getting policy " + str + " " + e2.getMessage(), (Throwable) e2);
                    throw new PolicyIndexException("Error getting policy " + str + " " + e2.getMessage(), e2);
                }
            } catch (UnsupportedEncodingException e3) {
                throw new RuntimeException("Unsupported encoding " + e3.getMessage(), e3);
            }
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // org.fcrepo.server.security.xacml.pdp.data.PolicyIndex
    public boolean updatePolicy(String str, String str2) throws PolicyIndexException {
        String nameToId = nameToId(str);
        try {
            try {
                writeLock.lock();
                XMLResource xMLResource = (XMLResource) this.m_collection.getResource(nameToId);
                if (xMLResource == null) {
                    log.error("Tried to update non-existing resource " + str);
                    throw new PolicyIndexException("Tried to update non-existing resource " + str);
                }
                xMLResource.setContentAsDOM(createDocument(str2));
                this.m_collection.storeResource(xMLResource);
                writeLock.unlock();
                return true;
            } catch (XMLDBException e) {
                log.error("Error updating resource " + str + " " + e.getMessage(), (Throwable) e);
                throw new PolicyIndexException("Error updating resource " + str + " " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    protected static byte[] nodeToByte(Node node) throws PolicyIndexException {
        OutputFormat outputFormat = new OutputFormat();
        outputFormat.setEncoding("UTF-8");
        outputFormat.setIndenting(true);
        outputFormat.setIndent(2);
        outputFormat.setOmitXMLDeclaration(false);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new XMLSerializer(new OutputStreamWriter(byteArrayOutputStream), outputFormat).serialize(node);
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new PolicyIndexException("Failed to serialise node " + e.getMessage(), e);
        }
    }

    protected static String nameToId(String str) {
        try {
            return URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unsupported encoding", e);
        }
    }

    protected static String IdToName(String str) {
        try {
            return URLDecoder.decode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unsupported encoding", e);
        }
    }

    protected static String[] sortDescending(String[] strArr) {
        Arrays.sort(strArr, new Comparator<String>() { // from class: org.fcrepo.server.security.xacml.pdp.data.ExistPolicyIndex.1
            @Override // java.util.Comparator
            public int compare(String str, String str2) {
                if (str.length() < str2.length()) {
                    return 1;
                }
                return str.length() > str2.length() ? -1 : 0;
            }
        });
        return strArr;
    }

    protected ResourceSet doQuery(String str, Map<String, String> map) throws PolicyIndexException {
        try {
            XPathQueryService xPathQueryService = (XPathQueryService) this.m_collection.getService("XPathQueryService", "1.0");
            for (String str2 : PolicyIndexBase.namespaces.keySet()) {
                xPathQueryService.setNamespace(str2, PolicyIndexBase.namespaces.get(str2));
            }
            for (String str3 : sortDescending((String[]) map.keySet().toArray(new String[0]))) {
                str = str.replace("$" + str3, "\"" + map.get(str3) + "\"");
            }
            log.trace("XPath query with variables substituted:\n" + str);
            long nanoTime = System.nanoTime();
            ResourceSet query = xPathQueryService.query(str);
            log.debug("XPath query time: " + (System.nanoTime() - nanoTime) + StreamingOMSerializer.NAMESPACE_PREFIX);
            return query;
        } catch (XMLDBException e) {
            log.error("Error running query " + e.getMessage(), (Throwable) e);
            throw new PolicyIndexException("Error running query " + e.getMessage(), e);
        }
    }

    protected Collection createCollectionPath(String str, Collection collection) throws PolicyIndexException {
        Collection createCollection;
        try {
            if (collection.getParentCollection() != null) {
                throw new PolicyIndexException("Collection supplied is not a root collection");
            }
            String name = collection.getName();
            if (!str.startsWith(name)) {
                throw new PolicyIndexException("Collection path " + str + " does not start from root collection - " + name);
            }
            Collection collection2 = collection;
            for (String str2 : str.substring(name.length()).split("/")) {
                if (collection2.getChildCollection(str2) != null) {
                    createCollection = collection2.getChildCollection(str2);
                } else {
                    createCollection = ((CollectionManagementService) collection2.getService("CollectionManagementService", "1.0")).createCollection(str2);
                    log.debug("Created collection " + str2);
                }
                if (collection2.isOpen()) {
                    collection2.close();
                }
                collection2 = createCollection;
            }
            return collection2;
        } catch (XMLDBException e) {
            log.error("Error creating collections from path " + e.getMessage(), (Throwable) e);
            throw new PolicyIndexException("Error creating collections from path " + e.getMessage(), e);
        }
    }

    public void setDatabaseURI(String str) {
        this.m_databaseURI = str;
    }

    public void setCollectionName(String str) {
        this.m_collectionName = str;
        this.m_indexCollectionPath = "/db/system/config/db/" + this.m_collectionName;
        this.m_collectionPath = "/db/" + this.m_collectionName;
    }

    public void setUser(String str) {
        this.m_user = str;
    }

    public void setPassword(String str) {
        this.m_password = str;
    }

    public void init() throws PolicyIndexException {
        initDatabase();
        initCollection();
    }

    public void initDatabase() throws PolicyIndexException {
        try {
            try {
                Database database = (Database) Class.forName("org.exist.xmldb.DatabaseImpl").newInstance();
                try {
                    database.setProperty("create-database", "true");
                    DatabaseManager.registerDatabase(database);
                } catch (XMLDBException e) {
                    throw new PolicyIndexException("Error registering xmldb driver " + e.getMessage(), e);
                }
            } catch (Exception e2) {
                log.error("Error instantiating xmldb driver", (Throwable) e2);
                throw new PolicyIndexException("Error instantiating xmldb driver", e2);
            }
        } catch (ClassNotFoundException e3) {
            log.error("Class not found - check xmldb driver classes are on classpath " + e3.getMessage());
            throw new PolicyIndexException("Class not found - check xmldb driver classes are on classpath " + e3.getMessage(), e3);
        }
    }

    protected void initCollection() throws PolicyIndexException {
        try {
            this.m_collection = DatabaseManager.getCollection(this.m_databaseURI + this.m_collectionPath, this.m_user, this.m_password);
            if (this.m_collection == null) {
                Collection collection = DatabaseManager.getCollection(this.m_databaseURI + ROOT_COLLECTION_PATH, this.m_user, this.m_password);
                CollectionManagementService collectionManagementService = (CollectionManagementService) collection.getService("CollectionManagementService", "1.0");
                Collection collection2 = DatabaseManager.getCollection(this.m_databaseURI + this.m_indexCollectionPath, this.m_user, this.m_password);
                if (collection2 == null) {
                    log.debug("creating index collection");
                    collection2 = createCollectionPath(this.m_indexCollectionPath, collection);
                }
                if (collection.isOpen()) {
                    collection.close();
                }
                XMLResource xMLResource = (XMLResource) collection2.getResource(INDEX_DOCUMENT_NAME);
                if (xMLResource == null) {
                    xMLResource = (XMLResource) collection2.createResource(INDEX_DOCUMENT_NAME, XMLResource.RESOURCE_TYPE);
                }
                Document createDocument = createDocument("<?xml version=\"1.0\" encoding=\"UTF-8\"?><collection xmlns=\"http://exist-db.org/collection-config/1.0\"><index xmlns:p=\"urn:oasis:names:tc:xacml:2.0:policy:schema:os\"><create qname=\"p:AttributeValue\" type=\"xs:string\"/><create qname=\"@AttributeId\" type=\"xs:string\"/></index></collection>");
                log.debug("Storing index document");
                xMLResource.setContentAsDOM(createDocument);
                collection2.storeResource(xMLResource);
                collection2.close();
                log.debug("Creating policy collection");
                this.m_collection = collectionManagementService.createCollection(this.m_collectionName);
            }
        } catch (XMLDBException e) {
            throw new PolicyIndexException("Error getting/creating policy collection " + e.getMessage(), e);
        }
    }

    protected void deleteCollection() throws PolicyIndexException {
        try {
            ((CollectionManagementService) DatabaseManager.getCollection(this.m_databaseURI + ROOT_COLLECTION_PATH, this.m_user, this.m_password).getService("CollectionManagementService", "1.0")).removeCollection(this.m_collectionName);
            log.debug("Policy collection deleted");
        } catch (XMLDBException e) {
            throw new PolicyIndexException("Error deleting collection " + e.getMessage(), e);
        }
    }

    protected static Document createDocument(String str) throws PolicyIndexException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        try {
            return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
        } catch (IOException e) {
            throw new PolicyIndexException(e);
        } catch (ParserConfigurationException e2) {
            throw new PolicyIndexException(e2);
        } catch (SAXException e3) {
            throw new PolicyIndexException(e3);
        }
    }

    public void close() {
        try {
            this.m_collection.close();
        } catch (XMLDBException e) {
            log.warn("Error closing connection " + e.getMessage(), (Throwable) e);
        }
    }
}
