package org.fcrepo.auth.xacml;

import com.hp.hpl.jena.rdf.model.Model;
import com.hp.hpl.jena.rdf.model.NodeIterator;
import com.hp.hpl.jena.rdf.model.RDFNode;
import com.hp.hpl.jena.rdf.model.Resource;
import java.net.URI;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.jcr.Session;
import org.fcrepo.http.commons.session.SessionFactory;
import org.fcrepo.kernel.exception.RepositoryRuntimeException;
import org.fcrepo.kernel.identifiers.IdentifierConverter;
import org.fcrepo.kernel.impl.rdf.impl.DefaultIdentifierTranslator;
import org.fcrepo.kernel.impl.rdf.impl.PropertiesRdfContext;
import org.fcrepo.kernel.models.FedoraResource;
import org.fcrepo.kernel.services.NodeService;
import org.jboss.security.xacml.sunxacml.EvaluationCtx;
import org.jboss.security.xacml.sunxacml.attr.AnyURIAttribute;
import org.jboss.security.xacml.sunxacml.attr.AttributeValue;
import org.jboss.security.xacml.sunxacml.attr.BagAttribute;
import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
import org.jboss.security.xacml.sunxacml.ctx.Status;
import org.jboss.security.xacml.sunxacml.finder.AttributeFinderModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component("tripleAttributeFinderModule")
/* loaded from: input_file:org/fcrepo/auth/xacml/TripleAttributeFinderModule.class */
public class TripleAttributeFinderModule extends AttributeFinderModule {
    private static BagAttribute empty_bag;
    private static IdentifierConverter<Resource, FedoraResource> idTranslator;

    @Autowired
    protected SessionFactory sessionFactory;

    @Autowired
    protected NodeService nodeService;
    private static final Logger LOGGER = LoggerFactory.getLogger(TripleAttributeFinderModule.class);
    private static final Set<Integer> DESIGNATOR_TYPES = Collections.unmodifiableSet(Collections.singleton(1));

    public final boolean isDesignatorSupported() {
        return true;
    }

    public final Set<Integer> getSupportedDesignatorTypes() {
        return DESIGNATOR_TYPES;
    }

    public final EvaluationResult findAttribute(URI uri, URI uri2, URI uri3, URI uri4, EvaluationCtx evaluationCtx, int i) {
        LOGGER.debug("findAttribute({}, {}, {}, {}, {}, {})", new Object[]{uri, uri2, uri3, uri4, evaluationCtx, Integer.valueOf(i)});
        empty_bag = BagAttribute.createEmptyBag(uri);
        if (i != 1) {
            LOGGER.debug("Not looking for a resource attribute");
            return new EvaluationResult(empty_bag);
        }
        try {
            Session internalSession = this.sessionFactory.getInternalSession();
            AttributeValue attributeValue = evaluationCtx.getResourceAttribute(URI.create("http://www.w3.org/2001/XMLSchema#string"), URIConstants.ATTRIBUTEID_RESOURCE_ID, (URI) null).getAttributeValue();
            if (attributeValue.getValue().toString().isEmpty()) {
                LOGGER.debug("Context should have a resource-id attribute!");
                return new EvaluationResult(new Status(Collections.singletonList("urn:oasis:names:tc:xacml:1.0:status:processing-error"), "Resource Id not found!"));
            }
            String str = (String) attributeValue.getValue();
            Set<String> actions = PolicyUtil.getActions(evaluationCtx);
            if (actions.contains("set_property") || actions.contains("add_node")) {
                int lastIndexOf = str.lastIndexOf("/{");
                if (lastIndexOf > -1) {
                    str = str.substring(0, lastIndexOf);
                }
                if (str.isEmpty()) {
                    str = "/";
                }
            }
            try {
                FedoraResource fedoraResource = (FedoraResource) this.nodeService.find(internalSession, str);
                if (fedoraResource == null) {
                    LOGGER.debug("Cannot find a fedora resource for {}", str);
                    return new EvaluationResult(empty_bag);
                }
                String path = fedoraResource.getPath();
                idTranslator = new DefaultIdentifierTranslator(internalSession);
                LOGGER.debug("Looking for properties on modeshape path {} with repo path {}", str, path);
                try {
                    Model asModel = fedoraResource.getTriples(idTranslator, PropertiesRdfContext.class).asModel();
                    Resource resource = (Resource) idTranslator.reverse().convert(fedoraResource);
                    if (null == resource) {
                        LOGGER.debug("Cannot get subject for[{}]", fedoraResource.getPath());
                        return new EvaluationResult(new Status(Collections.singletonList("urn:oasis:names:tc:xacml:1.0:status:processing-error"), "Error retrieving properties for [" + path + "]!"));
                    }
                    LOGGER.debug("Looking for properties on graph node: {}", resource.getURI());
                    NodeIterator listObjectsOfProperty = asModel.listObjectsOfProperty(resource, asModel.createProperty(uri2.toString()));
                    HashSet hashSet = new HashSet();
                    while (listObjectsOfProperty.hasNext()) {
                        String uri5 = ((RDFNode) listObjectsOfProperty.next()).asResource().getURI();
                        LOGGER.debug("Found property: {}", uri5);
                        hashSet.add(new AnyURIAttribute(URI.create(uri5)));
                    }
                    if (!hashSet.isEmpty()) {
                        return new EvaluationResult(new BagAttribute(uri, hashSet));
                    }
                    LOGGER.debug("No matching properties found");
                    return new EvaluationResult(empty_bag);
                } catch (RepositoryRuntimeException e) {
                    LOGGER.debug("Cannot retrieve any properties for [{}]:  {}", str, e);
                    return new EvaluationResult(new Status(Collections.singletonList("urn:oasis:names:tc:xacml:1.0:status:processing-error"), "Error retrieving properties for [" + path + "]!"));
                }
            } catch (RepositoryRuntimeException e2) {
                return new EvaluationResult(empty_bag);
            }
        } catch (RepositoryRuntimeException e3) {
            LOGGER.debug("Error getting session!");
            return new EvaluationResult(new Status(Collections.singletonList("urn:oasis:names:tc:xacml:1.0:status:processing-error"), "Error getting session"));
        }
    }
}
