package org.apache.qpid.server.security.access.config;

import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import org.apache.qpid.server.security.access.plugins.AclRule;
import org.apache.qpid.server.security.access.plugins.RuleOutcome;

/* loaded from: input_file:org/apache/qpid/server/security/access/config/Rule.class */
public class Rule {
    public static final String ALL = "all";
    public static final String OWNER = "owner";
    private final String _identity;
    private final LegacyOperation _operation;
    private final ObjectType _object;
    private final AclRulePredicates _predicates;
    private final RuleOutcome _ruleOutcome;
    private final RulePredicate _rulePredicate;
    private final boolean _isOwner;
    private final boolean _isAll;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/qpid/server/security/access/config/Rule$AclRuleImpl.class */
    public static final class AclRuleImpl implements AclRule {
        private final Rule _rule;

        AclRuleImpl(Rule rule) {
            this._rule = (Rule) Objects.requireNonNull(rule);
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public String getIdentity() {
            return this._rule.getIdentity();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public ObjectType getObjectType() {
            return this._rule.getObjectType();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public LegacyOperation getOperation() {
            return this._rule.getOperation();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public Map<Property, Object> getAttributes() {
            return this._rule.getAttributes();
        }

        @Override // org.apache.qpid.server.security.access.plugins.AclRule
        public RuleOutcome getOutcome() {
            return this._rule.getOutcome();
        }
    }

    /* loaded from: input_file:org/apache/qpid/server/security/access/config/Rule$Builder.class */
    public static final class Builder {
        private String _identity = Rule.ALL;
        private LegacyOperation _operation = LegacyOperation.ALL;
        private ObjectType _object = ObjectType.ALL;
        private RuleOutcome _outcome = RuleOutcome.DENY_LOG;
        private final AclRulePredicatesBuilder _aclRulePredicatesBuilder = new AclRulePredicatesBuilder();

        public Builder withIdentity(String str) {
            this._identity = (String) Objects.requireNonNull(str);
            return this;
        }

        public Builder withOperation(LegacyOperation legacyOperation) {
            this._operation = (LegacyOperation) Objects.requireNonNull(legacyOperation);
            return this;
        }

        public Builder withObject(ObjectType objectType) {
            this._object = (ObjectType) Objects.requireNonNull(objectType);
            return this;
        }

        public Builder withOutcome(RuleOutcome ruleOutcome) {
            this._outcome = (RuleOutcome) Objects.requireNonNull(ruleOutcome);
            return this;
        }

        public Builder withPredicate(String str, String str2) {
            this._aclRulePredicatesBuilder.parse(str, str2);
            return this;
        }

        public Builder withPredicate(Property property, String str) {
            this._aclRulePredicatesBuilder.put(property, str);
            return this;
        }

        public Builder withPredicate(String str, Set<String> set) {
            this._aclRulePredicatesBuilder.parse(str, set);
            return this;
        }

        public Builder withOwner() {
            this._identity = Rule.OWNER;
            return this;
        }

        public Builder withPredicates(ObjectProperties objectProperties) {
            for (Map.Entry<Property, Object> entry : objectProperties.getAll().entrySet()) {
                this._aclRulePredicatesBuilder.put(entry.getKey(), entry.getValue().toString());
            }
            Iterator<String> it = objectProperties.getAttributeNames().iterator();
            while (it.hasNext()) {
                this._aclRulePredicatesBuilder.put(Property.ATTRIBUTES, it.next());
            }
            return this;
        }

        public Rule build() {
            validate();
            return new Rule(this._identity, this._operation, this._object, this._aclRulePredicatesBuilder.build(), this._outcome);
        }

        public Rule build(FirewallRuleFactory firewallRuleFactory) {
            validate();
            return new Rule(this._identity, this._operation, this._object, this._aclRulePredicatesBuilder.build(firewallRuleFactory), this._outcome);
        }

        private void validate() {
            if (!this._object.isSupported(this._operation)) {
                throw new IllegalArgumentException(String.format("Operation %s  is not allowed for %s", this._operation, this._object));
            }
        }
    }

    public Rule(AclRule aclRule) {
        this(aclRule.getIdentity(), aclRule.getOperation(), aclRule.getObjectType(), new AclRulePredicatesBuilder(aclRule.getAttributes()).build(), aclRule.getOutcome());
    }

    Rule(String str, LegacyOperation legacyOperation, ObjectType objectType, AclRulePredicates aclRulePredicates, RuleOutcome ruleOutcome) {
        this._identity = (String) Objects.requireNonNull(str);
        this._operation = (LegacyOperation) Objects.requireNonNull(legacyOperation);
        this._object = (ObjectType) Objects.requireNonNull(objectType);
        this._ruleOutcome = (RuleOutcome) Objects.requireNonNull(ruleOutcome);
        this._predicates = (AclRulePredicates) Objects.requireNonNull(aclRulePredicates);
        this._rulePredicate = (RulePredicate) Objects.requireNonNull(aclRulePredicates.asSinglePredicate());
        this._isOwner = OWNER.equalsIgnoreCase(str);
        this._isAll = ALL.equalsIgnoreCase(str);
    }

    public boolean isForAll() {
        return this._isAll;
    }

    public boolean isForOwner() {
        return this._isOwner;
    }

    public boolean isForOwnerOrAll() {
        return this._isOwner || this._isAll;
    }

    public String getIdentity() {
        return this._identity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AclRulePredicates getPredicates() {
        return this._predicates;
    }

    public RuleOutcome getOutcome() {
        return this._ruleOutcome;
    }

    public boolean matches(LegacyOperation legacyOperation, ObjectType objectType, ObjectProperties objectProperties, Subject subject) {
        return operationsMatch(legacyOperation) && objectTypesMatch(objectType) && predicatesMatch(legacyOperation, objectProperties, subject);
    }

    public boolean predicatesMatch(LegacyOperation legacyOperation, ObjectProperties objectProperties, Subject subject) {
        return this._rulePredicate.matches(legacyOperation, objectProperties, subject);
    }

    public boolean anyPropertiesMatch() {
        return this._rulePredicate.matchesAny();
    }

    private boolean operationsMatch(LegacyOperation legacyOperation) {
        return LegacyOperation.ALL == getOperation() || getOperation() == legacyOperation;
    }

    private boolean objectTypesMatch(ObjectType objectType) {
        return ObjectType.ALL == getObjectType() || getObjectType() == objectType;
    }

    public LegacyOperation getOperation() {
        return this._operation;
    }

    public ObjectType getObjectType() {
        return this._object;
    }

    public Map<Property, Object> getAttributes() {
        return this._predicates.getParsedProperties();
    }

    public AclRule asAclRule() {
        return new AclRuleImpl(this);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || obj.getClass() != getClass()) {
            return false;
        }
        Rule rule = (Rule) obj;
        return getIdentity().equalsIgnoreCase(rule.getIdentity()) && getOperation() == rule.getOperation() && getObjectType() == rule.getObjectType() && getPredicates().equals(rule.getPredicates()) && getOutcome() == rule.getOutcome();
    }

    public int hashCode() {
        return Objects.hash(getIdentity(), getOperation(), getObjectType(), getPredicates(), getOutcome());
    }

    public String toString() {
        return "Rule[identity='" + this._identity + "'action=Action[operation=" + this._operation + ", object=" + this._object + ", predicates=" + this._predicates + "], permission=" + this._ruleOutcome + "]";
    }
}
