package com.octetstring.vde.acl;

import com.bea.common.store.bootstrap.LDIFTUtils;
import com.octetstring.ldapv3.Filter;
import com.octetstring.nls.Messages;
import com.octetstring.vde.syntax.DirectoryString;
import com.octetstring.vde.util.DNUtility;
import com.octetstring.vde.util.DirectoryException;
import com.octetstring.vde.util.InvalidDNException;
import com.octetstring.vde.util.Logger;
import com.octetstring.vde.util.ParseFilter;
import com.sun.xml.ws.encoding.soap.streaming.SOAP12NamespaceConstants;
import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;
import weblogic.entitlement.rules.SignaturePredicate;

/* loaded from: input_file:com/octetstring/vde/acl/ACL.class */
public class ACL {
    private boolean scopeSubtree = false;
    private boolean grant = false;
    private Vector permission = null;
    private Vector attr = null;
    private String authnLevel = null;
    private boolean authzDN = true;
    private byte subjectType = 0;
    private DirectoryString subject = null;
    private Filter targetFilter = null;
    public static final byte SUBJECT_INVALID = 0;
    public static final byte SUBJECT_PUBLIC = 2;
    public static final byte SUBJECT_SUBTREE = 4;
    public static final byte SUBJECT_ROLE = 8;
    public static final byte SUBJECT_GROUP = 16;
    public static final byte SUBJECT_THIS = 32;
    public static final byte SUBJECT_AUTHZID = 64;
    public static final byte SUBJECT_IPADDRESS = 96;

    public ACL() {
    }

    public ACL(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, "#");
        String nextToken = stringTokenizer.nextToken();
        if (nextToken.equalsIgnoreCase("subtree")) {
            setScopeSubtree(true);
            nextToken = null;
        } else if (nextToken.equalsIgnoreCase("entry")) {
            setScopeSubtree(false);
            nextToken = null;
        }
        StringTokenizer stringTokenizer2 = new StringTokenizer(nextToken == null ? stringTokenizer.nextToken() : nextToken, ":");
        if (stringTokenizer2.nextToken().equalsIgnoreCase("grant")) {
            setGrant(true);
        } else {
            setGrant(false);
        }
        if (stringTokenizer2.hasMoreTokens()) {
            Vector vector = new Vector();
            StringTokenizer stringTokenizer3 = new StringTokenizer(stringTokenizer2.nextToken(), ",");
            while (stringTokenizer3.hasMoreTokens()) {
                vector.addElement(new Character(stringTokenizer3.nextToken().charAt(0)));
            }
            setPermission(vector);
        }
        Vector vector2 = new Vector();
        StringTokenizer stringTokenizer4 = new StringTokenizer(stringTokenizer.nextToken(), ",");
        while (stringTokenizer4.hasMoreTokens()) {
            vector2.addElement(new DirectoryString(stringTokenizer4.nextToken()));
        }
        setAttr(vector2);
        StringTokenizer stringTokenizer5 = new StringTokenizer(stringTokenizer.nextToken(), ":");
        String nextToken2 = stringTokenizer5.nextToken();
        if (nextToken2.equalsIgnoreCase("authnLevel")) {
            String nextToken3 = stringTokenizer5.nextToken();
            setAuthnLevel(nextToken3.equalsIgnoreCase("sasl") ? nextToken3.concat(":" + stringTokenizer5.nextToken()) : nextToken3);
        }
        String nextToken4 = getAuthnLevel() == null ? nextToken2 : stringTokenizer5.nextToken();
        if (nextToken4.startsWith("authz")) {
            setSubjectType((byte) 64);
            StringTokenizer stringTokenizer6 = new StringTokenizer(nextToken4, "-");
            stringTokenizer6.nextToken();
            if (stringTokenizer6.nextToken().equalsIgnoreCase(LDIFTUtils.DN)) {
                setAuthzDN(true);
            } else {
                setAuthzDN(false);
            }
            try {
                setSubject(new DirectoryString(stringTokenizer5.nextToken()));
            } catch (InvalidDNException e) {
                Logger.getInstance().log(0, this, Messages.getString("Invalid_DN_Specified_in_ACL_15"));
            }
        } else if (nextToken4.equalsIgnoreCase("public")) {
            setSubjectType((byte) 2);
        } else if (nextToken4.equalsIgnoreCase("this")) {
            setSubjectType((byte) 32);
        } else {
            if (nextToken4.equalsIgnoreCase(SOAP12NamespaceConstants.ATTR_ACTOR)) {
                setSubjectType((byte) 8);
            } else if (nextToken4.equalsIgnoreCase(SignaturePredicate.GROUP_TYPE)) {
                setSubjectType((byte) 16);
            } else if (nextToken4.equalsIgnoreCase("subtree")) {
                setSubjectType((byte) 4);
            } else if (nextToken4.equalsIgnoreCase("ipAddress")) {
                setSubjectType((byte) 96);
            }
            try {
                setSubject(new DirectoryString(stringTokenizer5.nextToken()));
            } catch (InvalidDNException e2) {
                Logger.getInstance().log(0, this, Messages.getString("Invalid_DN_Specified_in_ACL_22"));
            }
        }
        if (stringTokenizer.hasMoreTokens()) {
            try {
                setTargetFilter(ParseFilter.parse(stringTokenizer.nextToken()));
            } catch (DirectoryException e3) {
            }
        }
    }

    public Filter getTargetFilter() {
        return this.targetFilter;
    }

    public void setTargetFilter(Filter filter) {
        this.targetFilter = filter;
    }

    public Vector getAttr() {
        return this.attr;
    }

    public void setAttr(Vector vector) {
        this.attr = vector;
    }

    public String getAuthnLevel() {
        return this.authnLevel;
    }

    public void setAuthnLevel(String str) {
        this.authnLevel = str;
    }

    public boolean isAuthzDN() {
        return this.authzDN;
    }

    public void setAuthzDN(boolean z) {
        this.authzDN = z;
    }

    public boolean isGrant() {
        return this.grant;
    }

    public void setGrant(boolean z) {
        this.grant = z;
    }

    public Vector getPermission() {
        return this.permission;
    }

    public void setPermission(Vector vector) {
        this.permission = vector;
    }

    public boolean isScopeSubtree() {
        return this.scopeSubtree;
    }

    public void setScopeSubtree(boolean z) {
        this.scopeSubtree = z;
    }

    public DirectoryString getSubject() {
        return this.subject;
    }

    public void setSubject(DirectoryString directoryString) throws InvalidDNException {
        switch (getSubjectType()) {
            case 4:
            case 8:
            case 16:
                this.subject = DNUtility.getInstance().normalize(directoryString);
                return;
            case 64:
                if (isAuthzDN()) {
                    this.subject = DNUtility.getInstance().normalize(directoryString);
                    return;
                } else {
                    this.subject = directoryString;
                    return;
                }
            default:
                this.subject = directoryString;
                return;
        }
    }

    public byte getSubjectType() {
        return this.subjectType;
    }

    public void setSubjectType(byte b) {
        this.subjectType = b;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (isGrant()) {
            stringBuffer.append("grant:");
        } else {
            stringBuffer.append("deny:");
        }
        if (getPermission() != null) {
            Enumeration elements = getPermission().elements();
            while (elements.hasMoreElements()) {
                stringBuffer.append((Character) elements.nextElement());
                if (elements.hasMoreElements()) {
                    stringBuffer.append(",");
                }
            }
        }
        stringBuffer.append("#");
        if (getAttr() != null) {
            Enumeration elements2 = getAttr().elements();
            while (elements2.hasMoreElements()) {
                stringBuffer.append((DirectoryString) elements2.nextElement());
                if (elements2.hasMoreElements()) {
                    stringBuffer.append(",");
                }
            }
        }
        stringBuffer.append("#");
        if (getAuthnLevel() != null) {
            stringBuffer.append("authnLevel:");
            stringBuffer.append(getAuthnLevel()).append(":");
        }
        switch (getSubjectType()) {
            case 2:
                stringBuffer.append("public:");
                break;
            case 4:
                stringBuffer.append("subtree:").append(getSubject());
                break;
            case 8:
                stringBuffer.append("role:").append(getSubject());
                break;
            case 16:
                stringBuffer.append("group:").append(getSubject());
                break;
            case 32:
                stringBuffer.append("this:");
                break;
            case 64:
                stringBuffer.append("authzID-");
                if (isAuthzDN()) {
                    stringBuffer.append("dn:");
                } else {
                    stringBuffer.append("u:");
                }
                stringBuffer.append(getSubject());
                break;
            case 96:
                stringBuffer.append("ipAddress:").append(getSubject());
                break;
        }
        return stringBuffer.toString();
    }
}
