package de.deepamehta.accesscontrol;

import com.sun.jersey.spi.container.ContainerRequest;
import de.deepamehta.accesscontrol.event.PostLoginUserListener;
import de.deepamehta.accesscontrol.event.PostLogoutUserListener;
import de.deepamehta.config.ConfigCustomizer;
import de.deepamehta.config.ConfigDefinition;
import de.deepamehta.config.ConfigModificationRole;
import de.deepamehta.config.ConfigService;
import de.deepamehta.config.ConfigTarget;
import de.deepamehta.core.Association;
import de.deepamehta.core.AssociationType;
import de.deepamehta.core.ChildTopics;
import de.deepamehta.core.DeepaMehtaObject;
import de.deepamehta.core.RelatedTopic;
import de.deepamehta.core.Topic;
import de.deepamehta.core.TopicType;
import de.deepamehta.core.model.AssociationModel;
import de.deepamehta.core.model.SimpleValue;
import de.deepamehta.core.model.TopicModel;
import de.deepamehta.core.osgi.PluginActivator;
import de.deepamehta.core.service.DeepaMehtaEvent;
import de.deepamehta.core.service.EventListener;
import de.deepamehta.core.service.Inject;
import de.deepamehta.core.service.Transactional;
import de.deepamehta.core.service.accesscontrol.AccessControl;
import de.deepamehta.core.service.accesscontrol.AccessControlException;
import de.deepamehta.core.service.accesscontrol.Credentials;
import de.deepamehta.core.service.accesscontrol.Operation;
import de.deepamehta.core.service.accesscontrol.Permissions;
import de.deepamehta.core.service.accesscontrol.SharingMode;
import de.deepamehta.core.service.event.CheckAssociationReadAccessListener;
import de.deepamehta.core.service.event.CheckAssociationWriteAccessListener;
import de.deepamehta.core.service.event.CheckTopicReadAccessListener;
import de.deepamehta.core.service.event.CheckTopicWriteAccessListener;
import de.deepamehta.core.service.event.PostCreateAssociationListener;
import de.deepamehta.core.service.event.PostCreateTopicListener;
import de.deepamehta.core.service.event.PostUpdateAssociationListener;
import de.deepamehta.core.service.event.PostUpdateTopicListener;
import de.deepamehta.core.service.event.PreCreateTopicListener;
import de.deepamehta.core.service.event.PreUpdateTopicListener;
import de.deepamehta.core.service.event.ServiceRequestFilterListener;
import de.deepamehta.core.service.event.StaticResourceFilterListener;
import de.deepamehta.core.util.JavaUtils;
import de.deepamehta.files.FilesService;
import de.deepamehta.files.event.CheckDiskQuotaListener;
import de.deepamehta.workspaces.WorkspacesService;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.concurrent.Callable;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;

@Produces({"application/json"})
@Path("/accesscontrol")
@Consumes({"application/json"})
/* loaded from: input_file:de/deepamehta/accesscontrol/AccessControlPlugin.class */
public class AccessControlPlugin extends PluginActivator implements AccessControlService, ConfigCustomizer, CheckTopicReadAccessListener, CheckTopicWriteAccessListener, CheckAssociationReadAccessListener, CheckAssociationWriteAccessListener, PreCreateTopicListener, PreUpdateTopicListener, PostCreateTopicListener, PostCreateAssociationListener, PostUpdateTopicListener, PostUpdateAssociationListener, ServiceRequestFilterListener, StaticResourceFilterListener, CheckDiskQuotaListener {
    private static final String AUTHENTICATION_REALM = "DeepaMehta";
    private static final String LOGIN_ENABLED_TYPE = "dm4.accesscontrol.login_enabled";
    private static final String MEMBERSHIP_TYPE = "dm4.accesscontrol.membership";
    private static final String PROP_CREATOR = "dm4.accesscontrol.creator";
    private static final String PROP_OWNER = "dm4.accesscontrol.owner";
    private static final String PROP_MODIFIER = "dm4.accesscontrol.modifier";

    @Inject
    private WorkspacesService wsService;

    @Inject
    private FilesService filesService;

    @Inject
    private ConfigService configService;

    @Context
    private HttpServletRequest request;
    private static final String ANONYMOUS_READ_ALLOWED = System.getProperty("dm4.security.anonymous_read_allowed", "ALL");
    private static final String ANONYMOUS_WRITE_ALLOWED = System.getProperty("dm4.security.anonymous_write_allowed", "NONE");
    private static final GlobalRequestFilter requestFilter = new GlobalRequestFilter(ANONYMOUS_READ_ALLOWED, ANONYMOUS_WRITE_ALLOWED);
    private static final String SUBNET_FILTER = System.getProperty("dm4.security.subnet_filter", "127.0.0.1/32");
    private static final boolean NEW_ACCOUNTS_ARE_ENABLED = Boolean.parseBoolean(System.getProperty("dm4.security.new_accounts_are_enabled", "true"));
    private static final boolean IS_PUBLIC_INSTALLATION = ANONYMOUS_READ_ALLOWED.equals("ALL");
    private static DeepaMehtaEvent POST_LOGIN_USER = new DeepaMehtaEvent(PostLoginUserListener.class) { // from class: de.deepamehta.accesscontrol.AccessControlPlugin.1
        public void dispatch(EventListener eventListener, Object... objArr) {
            ((PostLoginUserListener) eventListener).postLoginUser((String) objArr[0]);
        }
    };
    private static DeepaMehtaEvent POST_LOGOUT_USER = new DeepaMehtaEvent(PostLogoutUserListener.class) { // from class: de.deepamehta.accesscontrol.AccessControlPlugin.2
        public void dispatch(EventListener eventListener, Object... objArr) {
            ((PostLogoutUserListener) eventListener).postLogoutUser((String) objArr[0]);
        }
    };
    private static Logger logger = Logger.getLogger(AccessControlPlugin.class.getName());

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @POST
    @Path("/login")
    public void login() {
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @POST
    @Path("/logout")
    public void logout() {
        _logout(this.request);
        if (IS_PUBLIC_INSTALLATION) {
            return;
        }
        throw401Unauthorized(true);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Produces({"text/plain"})
    @Path("/user")
    public String getUsername() {
        return this.dm4.getAccessControl().getUsername(this.request);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/username")
    public Topic getUsernameTopic() {
        return this.dm4.getAccessControl().getUsernameTopic(this.request);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/user/workspace")
    public Topic getPrivateWorkspace() {
        String username = getUsername();
        if (username == null) {
            throw new IllegalStateException("No user is logged in");
        }
        return this.dm4.getAccessControl().getPrivateWorkspace(username);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @POST
    @Path("/user_account")
    @Transactional
    public Topic createUserAccount(final Credentials credentials) {
        try {
            final String str = credentials.username;
            logger.info("Creating user account \"" + str + "\"");
            AccessControl accessControl = this.dm4.getAccessControl();
            Topic topic = (Topic) accessControl.runWithoutWorkspaceAssignment(new Callable<Topic>() { // from class: de.deepamehta.accesscontrol.AccessControlPlugin.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Topic call() {
                    return AccessControlPlugin.this.dm4.createTopic(AccessControlPlugin.this.mf.newTopicModel("dm4.accesscontrol.user_account", AccessControlPlugin.this.mf.newChildTopicsModel().put("dm4.accesscontrol.username", str).put("dm4.accesscontrol.password", credentials.password)));
                }
            });
            ChildTopics childTopics = topic.getChildTopics();
            RelatedTopic topic2 = childTopics.getTopic("dm4.accesscontrol.username");
            RelatedTopic topic3 = childTopics.getTopic("dm4.accesscontrol.password");
            Topic createWorkspace = this.wsService.createWorkspace(AccessControlService.DEFAULT_PRIVATE_WORKSPACE_NAME, (String) null, SharingMode.PRIVATE);
            setWorkspaceOwner(createWorkspace, str);
            long id = createWorkspace.getId();
            accessControl.assignToWorkspace(topic, id);
            accessControl.assignToWorkspace(topic3, id);
            accessControl.assignToWorkspace(topic2, accessControl.getSystemWorkspaceId());
            return topic2;
        } catch (Exception e) {
            throw new RuntimeException("Creating user account \"" + credentials.username + "\" failed", e);
        }
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/username/{username}")
    public Topic getUsernameTopic(@PathParam("username") String str) {
        return this.dm4.getAccessControl().getUsernameTopic(str);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Produces({"text/plain"})
    @Path("/workspace/{workspace_id}/owner")
    public String getWorkspaceOwner(@PathParam("workspace_id") long j) {
        if (this.dm4.hasProperty(j, PROP_OWNER)) {
            return (String) this.dm4.getProperty(j, PROP_OWNER);
        }
        return null;
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    public void setWorkspaceOwner(Topic topic, String str) {
        try {
            topic.setProperty(PROP_OWNER, str, true);
        } catch (Exception e) {
            throw new RuntimeException("Setting the workspace owner of " + info((DeepaMehtaObject) topic) + " failed (username=" + str + ")", e);
        }
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @POST
    @Path("/user/{username}/workspace/{workspace_id}")
    @Transactional
    public void createMembership(@PathParam("username") String str, @PathParam("workspace_id") long j) {
        try {
            assignMembership(this.dm4.createAssociation(this.mf.newAssociationModel(MEMBERSHIP_TYPE, this.mf.newTopicRoleModel(getUsernameTopicOrThrow(str).getId(), "dm4.core.default"), this.mf.newTopicRoleModel(j, "dm4.core.default"))));
        } catch (Exception e) {
            throw new RuntimeException("Creating membership for user \"" + str + "\" and workspace " + j + " failed", e);
        }
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    public boolean isMember(String str, long j) {
        return this.dm4.getAccessControl().isMember(str, j);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/topic/{id}")
    public Permissions getTopicPermissions(@PathParam("id") long j) {
        return getPermissions(j);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/association/{id}")
    public Permissions getAssociationPermissions(@PathParam("id") long j) {
        return getPermissions(j);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Produces({"text/plain"})
    @Path("/object/{id}/creator")
    public String getCreator(@PathParam("id") long j) {
        return this.dm4.getAccessControl().getCreator(j);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Produces({"text/plain"})
    @Path("/object/{id}/modifier")
    public String getModifier(@PathParam("id") long j) {
        if (this.dm4.hasProperty(j, PROP_MODIFIER)) {
            return (String) this.dm4.getProperty(j, PROP_MODIFIER);
        }
        return null;
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/creator/{username}/topics")
    public Collection<Topic> getTopicsByCreator(@PathParam("username") String str) {
        return this.dm4.getTopicsByProperty(PROP_CREATOR, str);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/owner/{username}/topics")
    public Collection<Topic> getTopicsByOwner(@PathParam("username") String str) {
        return this.dm4.getTopicsByProperty(PROP_OWNER, str);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/creator/{username}/assocs")
    public Collection<Association> getAssociationsByCreator(@PathParam("username") String str) {
        return this.dm4.getAssociationsByProperty(PROP_CREATOR, str);
    }

    @Override // de.deepamehta.accesscontrol.AccessControlService
    @GET
    @Path("/owner/{username}/assocs")
    public Collection<Association> getAssociationsByOwner(@PathParam("username") String str) {
        return this.dm4.getAssociationsByProperty(PROP_OWNER, str);
    }

    public void preInstall() {
        this.configService.registerConfigDefinition(new ConfigDefinition(ConfigTarget.TYPE_INSTANCES, "dm4.accesscontrol.username", this.mf.newTopicModel(LOGIN_ENABLED_TYPE, new SimpleValue(NEW_ACCOUNTS_ARE_ENABLED)), ConfigModificationRole.ADMIN, this));
    }

    public void shutdown() {
        if (this.configService != null) {
            this.configService.unregisterConfigDefinition(LOGIN_ENABLED_TYPE);
        } else {
            logger.warning("Config service is already gone");
        }
    }

    public TopicModel getConfigValue(Topic topic) {
        if (!topic.getTypeUri().equals("dm4.accesscontrol.username")) {
            throw new RuntimeException("Unexpected configurable topic: " + topic);
        }
        if (topic.getSimpleValue().toString().equals(AccessControlService.ADMIN_USERNAME)) {
            return this.mf.newTopicModel(LOGIN_ENABLED_TYPE, new SimpleValue(true));
        }
        return null;
    }

    public void checkTopicReadAccess(long j) {
        checkReadAccess(j);
    }

    public void checkTopicWriteAccess(long j) {
        checkWriteAccess(j);
    }

    public void checkAssociationReadAccess(long j) {
        checkReadAccess(j);
        long[] playerIds = this.dm4.getPlayerIds(j);
        checkReadAccess(playerIds[0]);
        checkReadAccess(playerIds[1]);
    }

    public void checkAssociationWriteAccess(long j) {
        checkWriteAccess(j);
    }

    public void preCreateTopic(TopicModel topicModel) {
        if (topicModel.getTypeUri().equals("dm4.accesscontrol.username")) {
            String simpleValue = topicModel.getSimpleValue().toString();
            if (getUsernameTopic(simpleValue) != null) {
                throw new RuntimeException("Username \"" + simpleValue + "\" exists already");
            }
        }
    }

    public void postCreateTopic(Topic topic) {
        String typeUri = topic.getTypeUri();
        if (typeUri.equals("dm4.workspaces.workspace")) {
            setWorkspaceOwner(topic);
        } else if (typeUri.equals("dm4.webclient.search")) {
            assignSearchTopic(topic);
        }
        setCreatorAndModifier(topic);
    }

    public void postCreateAssociation(Association association) {
        setCreatorAndModifier(association);
    }

    public void preUpdateTopic(Topic topic, TopicModel topicModel) {
        if (topic.getTypeUri().equals("dm4.accesscontrol.username")) {
            SimpleValue simpleValue = topicModel.getSimpleValue();
            String simpleValue2 = topic.getSimpleValue().toString();
            if (simpleValue != null && !simpleValue.toString().equals(simpleValue2)) {
                throw new RuntimeException("A Username can't be changed (tried \"" + simpleValue2 + "\" -> \"" + simpleValue + "\")");
            }
        }
    }

    public void postUpdateTopic(Topic topic, TopicModel topicModel, TopicModel topicModel2) {
        setModifier(topic);
    }

    public void postUpdateAssociation(Association association, AssociationModel associationModel, AssociationModel associationModel2) {
        if (isMembership(association.getModel()) && !isMembership(associationModel2)) {
            assignMembership(association);
        }
        setModifier(association);
    }

    public void serviceRequestFilter(ContainerRequest containerRequest) {
        requestFilter(this.request);
    }

    public void staticResourceFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        requestFilter(httpServletRequest);
    }

    public void checkDiskQuota(String str, long j, long j2) {
        if (j2 < 0) {
            logger.info("### Checking disk quota of " + userInfo(str) + " SKIPPED -- disk quota is disabled");
            return;
        }
        long occupiedSpace = getOccupiedSpace(str);
        boolean z = occupiedSpace + j <= j2;
        logger.info("### File size: " + j + " bytes, " + userInfo(str) + " occupies " + occupiedSpace + " bytes, disk quota: " + j2 + " bytes => QUOTA " + (z ? "OK" : "EXCEEDED"));
        if (!z) {
            throw new RuntimeException("Disk quota of " + userInfo(str) + " exceeded. Disk quota: " + j2 + " bytes. Currently occupied: " + occupiedSpace + " bytes.");
        }
    }

    private Topic getUsernameTopicOrThrow(String str) {
        Topic usernameTopic = getUsernameTopic(str);
        if (usernameTopic == null) {
            throw new RuntimeException("User \"" + str + "\" does not exist");
        }
        return usernameTopic;
    }

    private boolean isMembership(AssociationModel associationModel) {
        return associationModel.getTypeUri().equals(MEMBERSHIP_TYPE);
    }

    private void assignMembership(Association association) {
        this.wsService.assignToWorkspace(association, association.getTopicByType("dm4.workspaces.workspace").getId());
    }

    private void assignSearchTopic(Topic topic) {
        try {
            this.wsService.assignToWorkspace(topic, (getUsername() != null ? getPrivateWorkspace() : this.wsService.getWorkspace("dm4.workspaces.deepamehta")).getId());
        } catch (Exception e) {
            throw new RuntimeException("Assigning search topic to workspace failed", e);
        }
    }

    private long getOccupiedSpace(String str) {
        long j = 0;
        Iterator it = this.dm4.getTopicsByType("dm4.files.file").iterator();
        while (it.hasNext()) {
            long id = ((Topic) it.next()).getId();
            if (getCreator(id).equals(str)) {
                j += this.filesService.getFile(id).length();
            }
        }
        return j;
    }

    private void requestFilter(HttpServletRequest httpServletRequest) {
        logger.fine("##### " + httpServletRequest.getMethod() + " " + ((Object) httpServletRequest.getRequestURL()) + "\n      ##### \"Authorization\"=\"" + httpServletRequest.getHeader("Authorization") + "\"\n      ##### " + info(httpServletRequest.getSession(false)));
        checkRequestOrigin(httpServletRequest);
        checkAuthorization(httpServletRequest);
    }

    private void checkRequestOrigin(HttpServletRequest httpServletRequest) {
        String remoteAddr = httpServletRequest.getRemoteAddr();
        boolean isInRange = JavaUtils.isInRange(remoteAddr, SUBNET_FILTER);
        logger.fine("Remote address=\"" + remoteAddr + "\", dm4.security.subnet_filter=\"" + SUBNET_FILTER + "\" => " + (isInRange ? "ALLOWED" : "FORBIDDEN"));
        if (isInRange) {
            return;
        }
        throw403Forbidden();
    }

    private void checkAuthorization(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getSession(false) != null) {
            return;
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null ? tryLogin(new Credentials(header), httpServletRequest) : requestFilter.isAnonymousRequestAllowed(httpServletRequest)) {
            return;
        }
        throw401Unauthorized(!IS_PUBLIC_INSTALLATION);
    }

    private boolean tryLogin(Credentials credentials, HttpServletRequest httpServletRequest) {
        String str = credentials.username;
        Topic checkCredentials = checkCredentials(credentials);
        if (checkCredentials == null || !getLoginEnabled(checkCredentials)) {
            logger.info("##### Logging in as \"" + str + "\" => FAILED!");
            return false;
        }
        logger.info("##### Logging in as \"" + str + "\" => SUCCESSFUL!");
        _login(str, httpServletRequest);
        return true;
    }

    private Topic checkCredentials(Credentials credentials) {
        return this.dm4.getAccessControl().checkCredentials(credentials);
    }

    private boolean getLoginEnabled(Topic topic) {
        return this.dm4.getAccessControl().getConfigTopic(LOGIN_ENABLED_TYPE, topic.getId()).getSimpleValue().booleanValue();
    }

    private void _login(String str, HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute("username", str);
        logger.info("##### Creating new " + info(session));
        this.dm4.fireEvent(POST_LOGIN_USER, new Object[]{str});
    }

    private void _logout(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        String username = username(session);
        logger.info("##### Logging out from " + info(session));
        session.invalidate();
        this.dm4.fireEvent(POST_LOGOUT_USER, new Object[]{username});
    }

    private String username(HttpSession httpSession) {
        return this.dm4.getAccessControl().username(httpSession);
    }

    private void throw401Unauthorized(boolean z) {
        throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", (z ? "Basic" : "xBasic") + " realm=" + AUTHENTICATION_REALM).header("Content-Type", "text/html").entity("You're not authorized. Sorry.").build());
    }

    private void throw403Forbidden() {
        throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).header("Content-Type", "text/html").entity("Access is forbidden. Sorry.").build());
    }

    private void setCreatorAndModifier(DeepaMehtaObject deepaMehtaObject) {
        try {
            String username = getUsername();
            if (username == null) {
                logger.fine("Setting the creator/modifier of " + info(deepaMehtaObject) + " SKIPPED -- no user is logged in");
            } else {
                setCreatorAndModifier(deepaMehtaObject, username);
            }
        } catch (Exception e) {
            throw new RuntimeException("Setting the creator/modifier of " + info(deepaMehtaObject) + " failed", e);
        }
    }

    private void setCreatorAndModifier(DeepaMehtaObject deepaMehtaObject, String str) {
        setCreator(deepaMehtaObject, str);
        setModifier(deepaMehtaObject, str);
    }

    private void setCreator(DeepaMehtaObject deepaMehtaObject, String str) {
        try {
            deepaMehtaObject.setProperty(PROP_CREATOR, str, true);
        } catch (Exception e) {
            throw new RuntimeException("Setting the creator of " + info(deepaMehtaObject) + " failed (username=" + str + ")", e);
        }
    }

    private void setModifier(DeepaMehtaObject deepaMehtaObject) {
        String username = getUsername();
        if (username == null) {
            return;
        }
        setModifier(deepaMehtaObject, username);
    }

    private void setModifier(DeepaMehtaObject deepaMehtaObject, String str) {
        deepaMehtaObject.setProperty(PROP_MODIFIER, str, false);
    }

    private void setWorkspaceOwner(Topic topic) {
        String username = getUsername();
        if (username == null) {
            return;
        }
        setWorkspaceOwner(topic, username);
    }

    private void checkReadAccess(long j) {
        checkAccess(Operation.READ, j);
    }

    private void checkWriteAccess(long j) {
        checkAccess(Operation.WRITE, j);
    }

    private void checkAccess(Operation operation, long j) {
        if (!inRequestScope()) {
            logger.fine("### Object " + j + " is accessed by \"System\" -- " + operation + " permission is granted");
            return;
        }
        String username = getUsername();
        if (!hasPermission(username, operation, j)) {
            throw new AccessControlException(userInfo(username) + " has no " + operation + " permission for object " + j);
        }
    }

    private Permissions getPermissions(long j) {
        return new Permissions().add(Operation.WRITE, hasPermission(getUsername(), Operation.WRITE, j));
    }

    private boolean hasPermission(String str, Operation operation, long j) {
        return this.dm4.getAccessControl().hasPermission(str, operation, j);
    }

    private boolean inRequestScope() {
        try {
            this.request.getMethod();
            return true;
        } catch (IllegalStateException e) {
            return false;
        } catch (NullPointerException e2) {
            return false;
        }
    }

    private String info(DeepaMehtaObject deepaMehtaObject) {
        if (deepaMehtaObject instanceof TopicType) {
            return "topic type \"" + deepaMehtaObject.getUri() + "\" (id=" + deepaMehtaObject.getId() + ")";
        }
        if (deepaMehtaObject instanceof AssociationType) {
            return "association type \"" + deepaMehtaObject.getUri() + "\" (id=" + deepaMehtaObject.getId() + ")";
        }
        if (deepaMehtaObject instanceof Topic) {
            return "topic " + deepaMehtaObject.getId() + " (typeUri=\"" + deepaMehtaObject.getTypeUri() + "\", uri=\"" + deepaMehtaObject.getUri() + "\")";
        }
        if (deepaMehtaObject instanceof Association) {
            return "association " + deepaMehtaObject.getId() + " (typeUri=\"" + deepaMehtaObject.getTypeUri() + "\")";
        }
        throw new RuntimeException("Unexpected object: " + deepaMehtaObject);
    }

    private String userInfo(String str) {
        return "user " + (str != null ? "\"" + str + "\"" : "<anonymous>");
    }

    private String info(HttpSession httpSession) {
        return "session" + (httpSession != null ? " " + httpSession.getId() + " (username=" + username(httpSession) + ")" : ": null");
    }

    private String info(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        sb.append("    " + httpServletRequest.getMethod() + " " + httpServletRequest.getRequestURI() + "\n");
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            sb.append("\n    " + str + ":");
            Enumeration headers = httpServletRequest.getHeaders(str);
            while (headers.hasMoreElements()) {
                sb.append(" " + ((String) headers.nextElement()));
            }
        }
        return sb.toString();
    }

    static {
        logger.info("Security settings:\n  dm4.security.anonymous_read_allowed = " + requestFilter.dumpReadSetting() + "\n  dm4.security.anonymous_write_allowed = " + requestFilter.dumpWriteSetting() + "\n  dm4.security.subnet_filter = " + SUBNET_FILTER + "\n  dm4.security.new_accounts_are_enabled = " + NEW_ACCOUNTS_ARE_ENABLED);
    }
}
