package _ss_com.streamsets.datacollector.security;

import _ss_com.streamsets.datacollector.main.RuntimeInfo;
import _ss_com.streamsets.datacollector.util.Configuration;
import _ss_com.streamsets.pipeline.ContainerClassLoader;
import _ss_com.streamsets.pipeline.SDCClassLoader;
import com.amazonaws.util.StringUtils;
import com.streamsets.pipeline.api.impl.Utils;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:_ss_com/streamsets/datacollector/security/SdcSecurityManager.class */
public class SdcSecurityManager extends SecurityManager {
    public static final String PROPERTY_EXCEPTIONS = "security_manager.sdc_dirs.exceptions";
    public static final String PROPERTY_STAGE_EXCEPTIONS = "security_manager.sdc_dirs.exceptions.lib.";
    private final Set<String> exceptions = new HashSet();
    private final Map<String, Set<String>> stageLibExceptions = new HashMap();
    private final String configDir;
    private final String dataDir;
    private final String resourcesDir;

    public SdcSecurityManager(RuntimeInfo runtimeInfo, Configuration configuration) {
        this.configDir = runtimeInfo.getConfigDir();
        this.dataDir = runtimeInfo.getDataDir();
        this.resourcesDir = runtimeInfo.getResourcesDir();
        setExceptions(configuration);
    }

    private void setExceptions(Configuration configuration) {
        this.exceptions.clear();
        this.stageLibExceptions.clear();
        for (String str : configuration.get(PROPERTY_EXCEPTIONS, "").split(StringUtils.COMMA_SEPARATOR)) {
            this.exceptions.add(replaceVariables(str));
        }
        for (Map.Entry<String, String> entry : configuration.getSubSetConfiguration(PROPERTY_STAGE_EXCEPTIONS, true).getValues().entrySet()) {
            HashSet hashSet = new HashSet();
            for (String str2 : entry.getValue().split(StringUtils.COMMA_SEPARATOR)) {
                hashSet.add(replaceVariables(str2));
            }
            this.stageLibExceptions.put(entry.getKey(), hashSet);
        }
    }

    private String replaceVariables(String str) {
        return str.replace("$SDC_DATA", this.dataDir).replace("$SDC_CONF", this.configDir).replace("$SDC_RESOURCES", this.resourcesDir);
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str) {
        checkPrivatePathsForRead(str);
        super.checkRead(str);
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str, Object obj) {
        checkPrivatePathsForRead(str);
        super.checkRead(str, obj);
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(String str) {
        checkPrivatePathsForWrite(str);
        super.checkWrite(str);
    }

    @Override // java.lang.SecurityManager
    public void checkDelete(String str) {
        checkPrivatePathsForWrite(str);
        super.checkDelete(str);
    }

    private void checkPrivatePathsForRead(String str) {
        if (str.startsWith(this.configDir) || str.startsWith(this.dataDir)) {
            ensureProperPermissions(str);
        }
    }

    private void checkPrivatePathsForWrite(String str) {
        checkPrivatePathsForRead(str);
        if (str.startsWith(this.configDir) || str.startsWith(this.dataDir) || str.startsWith(this.resourcesDir)) {
            ensureProperPermissions(str);
        }
    }

    private void ensureProperPermissions(String str) {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if ((contextClassLoader instanceof ContainerClassLoader) || this.exceptions.contains(str)) {
            return;
        }
        if (contextClassLoader instanceof SDCClassLoader) {
            String name = ((SDCClassLoader) contextClassLoader).getName();
            if (this.stageLibExceptions.containsKey(name) && this.stageLibExceptions.get(name).contains(str)) {
                return;
            }
        }
        throw new SecurityException(Utils.format("Classloader {} is not allowed access to Data Collector internal directories ({}).", new Object[]{contextClassLoader.toString(), str}));
    }
}
