package com.microej.kf.util.security;

import ej.annotation.Nullable;
import ej.basictool.map.PackedMap;
import ej.kf.Feature;
import ej.kf.FeatureStateListener;
import ej.kf.Kernel;
import java.io.IOException;
import java.io.InputStream;
import java.security.Permission;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;

/* loaded from: input_file:com/microej/kf/util/security/KernelSecurityPolicyManager.class */
public class KernelSecurityPolicyManager extends SecurityManager implements FeatureStateListener {
    private static final Logger LOGGER = Logger.getLogger(KernelSecurityPolicyManager.class.getName());
    private final PackedMap<Feature, List<FeaturePolicyPermission>> featurePermissionsMap = new PackedMap<>();
    private final SecurityPolicyResourceLoader securityPolicyResourceLoader;

    public KernelSecurityPolicyManager(SecurityPolicyResourceLoader securityPolicyResourceLoader) {
        this.securityPolicyResourceLoader = securityPolicyResourceLoader;
        handleFeatureStateUpdates();
    }

    private void handleFeatureStateUpdates() {
        Kernel.addFeatureStateListener(this);
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission) {
        if (Kernel.isInKernelMode()) {
            return;
        }
        Feature feature = (Feature) Kernel.getContextOwner();
        Kernel.enter();
        if (((List) this.featurePermissionsMap.get(feature)) == null) {
            throw new SecurityException();
        }
        checkPermission(permission, feature);
    }

    private void checkPermission(Permission permission, Feature feature) {
        LOGGER.fine("Checking permission for: " + permission.getClass().getName() + " name: " + permission.getName() + " actions: " + permission.getActions());
        boolean z = false;
        Iterator it = ((List) this.featurePermissionsMap.get(feature)).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            FeaturePolicyPermission featurePolicyPermission = (FeaturePolicyPermission) it.next();
            if (featurePolicyPermission.getPermissionClassName().equals(SecurityPolicyResourceLoader.ALL_IDENTIFIER) || featurePolicyPermission.getPermissionClassName().equals(permission.getClass().getName())) {
                PackedMap<String, List<String>> nameActionsMap = featurePolicyPermission.getNameActionsMap();
                if (!nameActionsMap.isEmpty()) {
                    String findBestNameMatch = findBestNameMatch(nameActionsMap, permission);
                    if (findBestNameMatch.isEmpty()) {
                        break;
                    }
                    List<String> list = (List) featurePolicyPermission.getNameActionsMap().get(findBestNameMatch);
                    if (list != null) {
                        z = isActionPresent(list, permission);
                    }
                    if (z) {
                        break;
                    }
                } else {
                    z = true;
                    break;
                }
            }
        }
        if (!z) {
            throw new SecurityException(String.valueOf(feature.getName()) + " is not allowed to access " + permission.getClass().getName() + " (name: " + permission.getName() + " - actions: " + permission.getActions() + ")");
        }
        LOGGER.fine("Permission granted for: " + feature.getName() + " for permission: " + permission.getClass().getName() + " name: " + permission.getName() + " actions: " + permission.getActions());
    }

    private List<String> splitStringArray(String str, char c) {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (int i2 = 0; i2 < str.length(); i2++) {
            if (str.charAt(i2) == c) {
                arrayList.add(str.substring(i, i2));
                i = i2 + 1;
            }
        }
        arrayList.add(str.substring(i));
        return arrayList;
    }

    public void addToPermissionMap(Feature feature) {
        String property = System.getProperty("feature.policy.name", "/feature.policy.json");
        Throwable th = null;
        try {
            try {
                InputStream resourceAsStream = feature.getResourceAsStream(property.startsWith("/") ? property : "/" + property);
                try {
                    List<FeaturePolicyPermission> loadFeaturePermissions = this.securityPolicyResourceLoader.loadFeaturePermissions(resourceAsStream);
                    this.featurePermissionsMap.put(feature, loadFeaturePermissions == null ? new ArrayList<>() : loadFeaturePermissions);
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } catch (Throwable th2) {
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    throw th2;
                }
            } catch (Throwable th3) {
                if (0 == 0) {
                    th = th3;
                } else if (null != th3) {
                    th.addSuppressed(th3);
                }
                throw th;
            }
        } catch (IOException e) {
            LOGGER.severe(e.getMessage());
        }
    }

    private String findBestNameMatch(PackedMap<String, List<String>> packedMap, Permission permission) {
        String str = "";
        for (String str2 : packedMap.keySet()) {
            if ((permission.getName() == null && str2.equals(SecurityPolicyResourceLoader.NULL_IDENTIFIER)) || (permission.getName() != null && str2.equals(permission.getName()))) {
                str = str2;
                break;
            }
            if (str2.endsWith(SecurityPolicyResourceLoader.ALL_IDENTIFIER) && (permission.getName() == null || permission.getName().contains(str2.substring(0, str2.length() - 1)))) {
                if (str2.length() > str.length()) {
                    str = str2;
                }
            }
        }
        return str;
    }

    private boolean isActionPresent(List<String> list, Permission permission) {
        boolean z = false;
        if (list.isEmpty() || list.contains(SecurityPolicyResourceLoader.ALL_IDENTIFIER) || ((permission.getActions() == null && list.contains(SecurityPolicyResourceLoader.NULL_IDENTIFIER)) || (permission.getActions() != null && list.containsAll(splitStringArray(permission.getActions(), ','))))) {
            z = true;
        }
        return z;
    }

    public void stateChanged(Feature feature, @Nullable Feature.State state) {
        if (feature.getState().equals(Feature.State.INSTALLED) && state == null) {
            addToPermissionMap(feature);
        } else if (feature.getState().equals(Feature.State.UNINSTALLED) && state != null && state.equals(Feature.State.STOPPED)) {
            this.featurePermissionsMap.remove(feature);
        }
    }
}
