package com.liferay.portal.security.pacl;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.servlet.ServletContextPool;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.JavaDetector;
import com.liferay.portal.kernel.util.PropsUtil;
import com.liferay.portal.kernel.util.SetUtil;
import com.liferay.portal.kernel.util.SortedProperties;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.security.pacl.checker.Checker;
import com.liferay.portal.security.pacl.checker.FileChecker;
import java.io.FilePermission;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.Permissions;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.security.Provider;
import java.security.Security;
import java.security.URIParameter;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeSet;
import javax.servlet.ServletContext;

/* loaded from: input_file:com/liferay/portal/security/pacl/BasePACLPolicy.class */
public abstract class BasePACLPolicy implements PACLPolicy {
    private static Log _log = LogFactoryUtil.getLog(BasePACLPolicy.class);
    private Map<String, Checker> _checkers = new HashMap();
    private ClassLoader _classLoader;
    private Policy _policy;
    private Properties _properties;
    private String _servletContextName;

    public BasePACLPolicy(String str, ClassLoader classLoader, Properties properties) {
        this._servletContextName = str;
        this._classLoader = classLoader;
        this._properties = properties;
        try {
            initCheckers();
            initPolicy(str, classLoader);
        } catch (Exception e) {
            _log.error(e, e);
        }
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public ClassLoader getClassLoader() {
        return this._classLoader;
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public Policy getPolicy() {
        return this._policy;
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public Properties getProperties() {
        return this._properties;
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public String getProperty(String str) {
        return this._properties.getProperty(str);
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public String[] getPropertyArray(String str) {
        return StringUtil.split(getProperty(str));
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public boolean getPropertyBoolean(String str) {
        return GetterUtil.getBoolean(getProperty(str));
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public Set<String> getPropertySet(String str) {
        return new TreeSet(SetUtil.fromArray(getPropertyArray(str)));
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public String getServletContextName() {
        return this._servletContextName;
    }

    @Override // com.liferay.portal.security.pacl.PACLPolicy
    public boolean isCheckablePermission(Permission permission) {
        return this._checkers.containsKey(permission.getClass().getName());
    }

    public String toString() {
        StringBundler stringBundler = new StringBundler(7);
        stringBundler.append("{active=");
        stringBundler.append(isActive());
        stringBundler.append(", hashCode=");
        stringBundler.append(hashCode());
        stringBundler.append(", servletContextName=");
        stringBundler.append(this._servletContextName);
        stringBundler.append("}");
        return stringBundler.toString();
    }

    protected void checkForAllPermission(Policy policy, String str) throws MalformedURLException {
        if (policy.implies(new ProtectionDomain(new CodeSource(new URL("file", (String) null, str), new Certificate[0]), new Permissions()), new AllPermission())) {
            throw new IllegalStateException("The plugin's Java policy tried to declared all permissions");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Checker getChecker(Class<? extends Permission> cls) {
        return this._checkers.get(cls.getName());
    }

    protected Provider getProvider() {
        String str = "SUN";
        if (JavaDetector.isIBM() && JavaDetector.isJDK6()) {
            str = "Policy";
        }
        return Security.getProvider(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Checker initChecker(Checker checker) {
        checker.setPACLPolicy(this);
        checker.afterPropertiesSet();
        return checker;
    }

    protected void initCheckers() throws Exception {
        ClassLoader classLoader = getClass().getClassLoader();
        SortedProperties sortedProperties = new SortedProperties(PropsUtil.getProperties("portal.security.manager.pacl.policy.checker", false));
        if (_log.isInfoEnabled()) {
            _log.info("Registering " + sortedProperties.size() + " PACL policy checkers");
        }
        for (Map.Entry entry : sortedProperties.entrySet()) {
            String str = (String) entry.getKey();
            String substring = str.substring(str.indexOf("[") + 1, str.indexOf("]"));
            String str2 = (String) entry.getValue();
            Checker checker = (Checker) classLoader.loadClass(str2).newInstance();
            initChecker(checker);
            if (_log.isInfoEnabled()) {
                _log.info("Registering permission " + substring + " with PACL policy " + str2);
            }
            this._checkers.put(substring, checker);
        }
    }

    protected void initPolicy(String str, ClassLoader classLoader) throws Exception {
        URL resource;
        FileChecker fileChecker;
        ServletContext servletContext = ServletContextPool.get(str);
        if (servletContext == null || (resource = servletContext.getResource("/WEB-INF/java.policy")) == null || (fileChecker = (FileChecker) this._checkers.get(FilePermission.class.getName())) == null) {
            return;
        }
        String rootDir = fileChecker.getRootDir();
        System.setProperty(str, rootDir);
        try {
            Policy policy = Policy.getInstance("JavaPolicy", (Policy.Parameters) new URIParameter(resource.toURI()), getProvider());
            checkForAllPermission(policy, rootDir);
            this._policy = policy;
        } catch (Exception e) {
            _log.error("Unable to initialize Java policy " + resource.toString(), e);
        }
    }
}
