package pl.psnc.servlet.security;

import freemarker.template.TemplateModelException;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import pl.psnc.egov.utils.crypto.sec.MD5Crypt;
import pl.psnc.egov.utils.crypto.sec.UnixCrypt;
import pl.psnc.freemarker.HashModel;
import pl.psnc.servlet.security.EgovUser;
import pl.psnc.util.DBUtils;
import pl.psnc.util.EgovUtils;

/* loaded from: input_file:pl/psnc/servlet/security/User.class */
public class User implements EgovUser {
    private static final String ROOT_ROLE = "admin-root";
    protected String id;
    protected String username;
    protected String firstname;
    protected String lastname;
    private String adminlevel;
    private String email;
    private String phone;
    private String fax;
    private String or_id;
    protected String lastlogin;
    private static Logger clog = Logger.getLogger(User.class);
    protected Map<String, String> roles;
    protected Map<String, Map<String, Integer>> permissions;
    public EgovUser.Types type;
    protected HashModel permissionModel;

    public User() {
        this.id = null;
        this.username = null;
        this.firstname = null;
        this.lastname = null;
        this.adminlevel = null;
        this.email = null;
        this.phone = null;
        this.fax = null;
        this.or_id = null;
        this.lastlogin = null;
        this.roles = new HashMap();
        this.permissions = new HashMap();
        this.permissionModel = new HashModel();
    }

    public User(Connection connection, String str, String str2) throws Exception {
        this.id = null;
        this.username = null;
        this.firstname = null;
        this.lastname = null;
        this.adminlevel = null;
        this.email = null;
        this.phone = null;
        this.fax = null;
        this.or_id = null;
        this.lastlogin = null;
        this.roles = new HashMap();
        this.permissions = new HashMap();
        this.permissionModel = new HashModel();
        clog.debug("Retrieving user " + str);
        try {
            String[] singleRow = DBUtils.getSingleRow(connection, "select us_id, us_password, us_givenname, us_familyname, us_admin_level, us_phone, us_fax, us_email, us_or_id, to_char(us_lastlogin, 'dd/MM/rrrr HH24:MI') us_lastlogin from M_USERS where us_username = ? and (us_lockdate is null or us_lockdate > sysdate)", new String[]{str});
            if (singleRow == null) {
                throw new Exception("No such user " + str);
            }
            this.id = singleRow[0];
            String str3 = singleRow[1];
            this.username = str;
            this.firstname = singleRow[2];
            this.lastname = singleRow[3];
            this.adminlevel = singleRow[4];
            this.phone = singleRow[5];
            this.fax = singleRow[6];
            this.email = singleRow[7];
            this.or_id = singleRow[8];
            this.lastlogin = singleRow[9];
            clog.debug("id=" + this.id);
            clog.debug("username=" + str);
            clog.debug("pass=" + str3);
            clog.debug("password=" + str2);
            if (!validatePassword(str2, str3)) {
                throw new Exception("Incorrect password for user " + str);
            }
            refresh(connection);
        } catch (Exception e) {
            throw new Exception("Cannot retrieve user " + str + ", reason: " + e);
        }
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public int getId() {
        return Integer.parseInt(this.id);
    }

    public int getOrganizationId() {
        return Integer.parseInt(EgovUtils.getNumber(this.or_id, 0));
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public int getAdminLevel() {
        return Integer.parseInt(this.adminlevel);
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public String getUserName() {
        return this.username;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public boolean validatePassword(String str, String str2) throws NoSuchAlgorithmException, IOException {
        if (str2.charAt(0) != '{') {
            return str.equals(str2);
        }
        String substring = str2.substring(1, str2.indexOf(125));
        String substring2 = str2.substring(str2.indexOf(125) + 1);
        clog.debug("Digest algorithm is " + substring + ", digest is " + substring2 + " actual is " + str);
        if (substring.equalsIgnoreCase("SSHA")) {
            return validateSSHA(str, substring2);
        }
        if (substring.equalsIgnoreCase("MD5")) {
            return validateMD5(str, substring2);
        }
        if (substring.equalsIgnoreCase("crypt")) {
            return UnixCrypt.matches(substring2, str);
        }
        return false;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public void refresh(Connection connection) throws Exception {
        boolean z = false;
        this.roles.clear();
        String[] singleColumn = DBUtils.getSingleColumn(connection, "select distinct ro_name from M_USERS_ROLES, M_ROLES where ur_us_id=? and ur_ro_id=ro_id", new String[]{this.id});
        if (null != singleColumn) {
            for (int i = 0; i < singleColumn.length; i++) {
                this.roles.put(singleColumn[i], "true");
                if (singleColumn[i].equals(ROOT_ROLE)) {
                    clog.debug("root role enabled");
                    z = true;
                }
            }
        } else {
            clog.error("No roles assigned to user id: " + this.id);
        }
        this.permissions.clear();
        if (z) {
            setPermissions(connection, "select distinct pe_table, pe_object, pe_type from M_ROLES, M_ROLES_PERMISSIONS, M_PERMISSIONS where ro_id = rp_ro_id and rp_pe_id = pe_id", null);
        } else {
            setPermissions(connection, "select distinct pe_table, pe_object, pe_type from M_USERS_ROLES, M_ROLES_PERMISSIONS, M_PERMISSIONS where ur_us_id=? and ur_ro_id = rp_ro_id and rp_pe_id = pe_id", this.id);
        }
        setPermissions(connection, "select distinct pe_table, pe_object, pe_type from M_USERS_PERMISSIONS, M_PERMISSIONS where up_us_id=? and up_pe_id = pe_id", this.id);
    }

    private void setPermissions(Connection connection, String str, String str2) throws SQLException, TemplateModelException {
        PreparedStatement prepareStatement = connection.prepareStatement(str);
        if (null != str2) {
            prepareStatement.setString(1, str2);
        }
        ResultSet executeQuery = prepareStatement.executeQuery();
        while (executeQuery.next()) {
            String string = executeQuery.getString(1);
            String string2 = executeQuery.getString(2);
            int i = executeQuery.getInt(3);
            Map<String, Integer> map = this.permissions.get(string);
            if (map == null) {
                map = new HashMap();
            }
            Integer num = map.get(string2);
            if (num == null) {
                num = new Integer(0);
            }
            map.put(string2, new Integer(num.intValue() | i));
            this.permissions.put(string, map);
            putPermissionModel(string, string2, i);
        }
        executeQuery.close();
        prepareStatement.close();
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public boolean hasLoggedIn() {
        return this.id != null;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public boolean hasPermission(String str, String str2, int i) {
        if (SecurityConstants.ENTIRE_TABLE.equals(str2)) {
            return i == 0 ? hasSinglePermission(str, str2, 0) || hasSinglePermission(str, str2, 1) : hasSinglePermission(str, str2, 1);
        }
        if (!SecurityConstants.ANY.equals(str2)) {
            return i == 0 ? hasSinglePermission(str, SecurityConstants.ENTIRE_TABLE, 0) || hasSinglePermission(str, SecurityConstants.ENTIRE_TABLE, 1) || hasSinglePermission(str, str2, 0) || hasSinglePermission(str, str2, 1) : hasSinglePermission(str, SecurityConstants.ENTIRE_TABLE, 1) || hasSinglePermission(str, str2, 1);
        }
        Map<String, Integer> map = this.permissions.get(str);
        if (i == 0) {
            return map != null;
        }
        if (map == null) {
            return false;
        }
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext()) {
            if (new Integer(1).equals(map.get(it.next()))) {
                return true;
            }
        }
        return false;
    }

    private boolean hasSinglePermission(String str, String str2, int i) {
        Integer num;
        Map<String, Integer> map = this.permissions.get(str);
        if (map == null || (num = map.get(str2)) == null) {
            return false;
        }
        return (num.intValue() == 0 && i == 1) ? false : true;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public Iterator<String> getUserPermissionsIds(Connection connection) throws Exception {
        String[] singleColumn = DBUtils.getSingleColumn(connection, "select up_pe_id from M_USERS_PERMISSIONS and up_us_id = ?", new String[]{this.id});
        return singleColumn == null ? new ArrayList().iterator() : Arrays.asList(singleColumn).iterator();
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public Iterator<String> getRolesNames() {
        return this.roles.keySet().iterator();
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public Iterator<String> getRolePermissionsIds(Connection connection, String str) throws Exception {
        String[] singleColumn = DBUtils.getSingleColumn(connection, "select rp_pe_id from M_ROLES, M_ROLES_PERMISSIONS where ro_id = rp_ro_id and ro_name = ?", new String[]{str});
        return null == singleColumn ? new ArrayList().iterator() : Arrays.asList(singleColumn).iterator();
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public Iterator<String> getRolePermissionsIdsById(Connection connection, String str) throws Exception {
        String[] singleColumn = DBUtils.getSingleColumn(connection, "select rp_pe_id from M_ROLES_PERMISSIONS and rp_ro_id = ?", new String[]{str});
        return null == singleColumn ? new ArrayList().iterator() : Arrays.asList(singleColumn).iterator();
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public boolean hasRole(String str) {
        return this.roles.get(str) != null;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public HashModel asModel() {
        HashModel hashModel = new HashModel();
        hashModel.put("us_id", this.id);
        hashModel.put("us_firstname", this.firstname);
        hashModel.put("us_lastname", this.lastname);
        hashModel.put("us_username", this.username);
        hashModel.put("us_fullname", this.firstname + " " + this.lastname);
        hashModel.put("us_lastlogin", this.lastlogin);
        hashModel.put("us_admin_level", this.adminlevel);
        hashModel.put("us_or_id", this.or_id);
        hashModel.put("us_phone", this.phone);
        hashModel.put("us_email", this.email);
        HashModel hashModel2 = new HashModel();
        Iterator<String> it = this.roles.keySet().iterator();
        while (it.hasNext()) {
            String str = it.next().toString();
            hashModel2.put(str, str);
        }
        hashModel.put("roles", hashModel2);
        hashModel.put("permissions", this.permissionModel);
        return hashModel;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public void putPermissionModel(String str, String str2, int i) throws TemplateModelException {
        HashModel hashModel = this.permissionModel.get(str.toUpperCase());
        if (hashModel == null) {
            hashModel = new HashModel();
        }
        this.permissionModel.put(str.toUpperCase(), hashModel);
        HashModel hashModel2 = hashModel.get(str2.toUpperCase());
        if (hashModel2 == null) {
            hashModel2 = new HashModel();
        }
        hashModel.put(str2.toUpperCase(), hashModel2);
        hashModel2.put(String.valueOf(i), String.valueOf(i));
        if (i == 1) {
            hashModel2.put(String.valueOf(0), String.valueOf(0));
        }
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public List<String> getPermissionObjects(String str) {
        Map<String, Integer> map = this.permissions.get(str);
        ArrayList arrayList = new ArrayList();
        if (map == null) {
            return arrayList;
        }
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        return arrayList;
    }

    private boolean validateSSHA(String str, String str2) throws NoSuchAlgorithmException, IOException {
        byte[] bytes = str.getBytes();
        byte[] decode = new Base64().decode(str2.getBytes());
        System.arraycopy(decode, 0, new byte[20], 0, 20);
        byte[] bArr = new byte[decode.length - 20];
        System.arraycopy(decode, 20, bArr, 0, decode.length - 20);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(bytes);
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        byte[] bArr2 = new byte[digest.length + bArr.length];
        System.arraycopy(digest, 0, bArr2, 0, digest.length);
        System.arraycopy(bArr, 0, bArr2, digest.length, bArr.length);
        return MessageDigest.isEqual(decode, bArr2);
    }

    private boolean validateMD5(String str, String str2) throws NoSuchAlgorithmException, IOException {
        byte[] bytes = str.getBytes();
        byte[] bytes2 = str2.getBytes();
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(bytes);
        return MessageDigest.isEqual(bytes2, MD5Crypt.toHex(messageDigest.digest()));
    }

    public static String getUsernameFromId(Connection connection, String str) throws SQLException {
        return DBUtils.getSingleValue(connection, "select us_username from M_USERS where us_id=?", new String[]{str});
    }

    public static String getUserIdFromUsername(Connection connection, String str) throws SQLException {
        return DBUtils.getSingleValue(connection, "select us_id from M_USERS where us_username=?", new String[]{str});
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public boolean isForceUpdatePassword(Connection connection) throws SQLException {
        return DBUtils.getSingleValue(connection, "select us_force_update_passwd from M_USERS where us_id=?", new String[]{String.valueOf(getId())}).equals("Y") || DBUtils.getSingleValue(connection, "select count(us_lastpassword) from M_USERS where us_id=? and us_lastpassword + 180 <= sysdate", new String[]{String.valueOf(getId())}).equals(pl.psnc.servlet.security.multimikser.User.ROLE_ARTIST);
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public String getFax() {
        return this.fax;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public String getEmail() {
        return this.email;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public String getPhone() {
        return this.phone;
    }

    @Override // pl.psnc.servlet.security.EgovUser
    public EgovUser.Types getType() {
        return this.type;
    }

    public boolean isOperator(Connection connection, String str, String str2) throws SQLException {
        String[] singleColumn = DBUtils.getSingleColumn(connection, "select or_id from un_organizacje where or_op_typ=?", new String[]{str});
        for (int i = 0; singleColumn != null && i < singleColumn.length; i++) {
            if (hasSinglePermission(str2, singleColumn[i], 1)) {
                return true;
            }
        }
        return false;
    }
}
