package org.eclipse.emf.cdo.internal.server;

import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.eclipse.emf.cdo.internal.server.LDAPUserAuthenticator;
import org.eclipse.emf.cdo.server.IRepositoryProtector;
import org.eclipse.emf.cdo.server.ISession;
import org.eclipse.emf.cdo.spi.server.AbstractOperationAuthorizer;
import org.eclipse.net4j.util.factory.ProductCreationException;
import org.eclipse.net4j.util.security.operations.OperationAuthorizer;

/* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer.class */
public abstract class LDAPOperationAuthorizer extends AbstractOperationAuthorizer<ISession> {
    private final Set<String> dns;

    /* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer$Factory.class */
    public static abstract class Factory extends AbstractOperationAuthorizer.Factory<ISession> {
        public Factory(String str) {
            super(str);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.eclipse.emf.cdo.spi.server.AbstractOperationAuthorizer.Factory
        /* renamed from: create, reason: merged with bridge method [inline-methods] */
        public OperationAuthorizer<ISession> create2(String str, String str2) throws ProductCreationException {
            HashSet hashSet = new HashSet();
            if (str2 != null) {
                for (String str3 : str2.split(",")) {
                    String trim = str3.trim();
                    if (trim.length() != 0) {
                        hashSet.add(trim);
                    }
                }
            }
            return create(str, hashSet);
        }

        protected abstract LDAPOperationAuthorizer create(String str, Set<String> set) throws ProductCreationException;
    }

    /* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer$RequireGroup.class */
    public static final class RequireGroup extends LDAPOperationAuthorizer {

        /* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer$RequireGroup$Factory.class */
        public static final class Factory extends Factory {
            public static final String TYPE = "ldapRequireGroup";

            public Factory() {
                super(TYPE);
            }

            @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer.Factory
            protected RequireUser create(String str, Set<String> set) throws ProductCreationException {
                return new RequireUser(str, set);
            }

            @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer.Factory
            protected /* bridge */ /* synthetic */ LDAPOperationAuthorizer create(String str, Set set) throws ProductCreationException {
                return create(str, (Set<String>) set);
            }
        }

        public RequireGroup(String str, Set<String> set) {
            super(str, set);
        }

        @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer
        protected boolean authorizeOperation(LDAPUserAuthenticator.LDAPUserInfo lDAPUserInfo, Set<String> set) {
            Iterator<LDAPUserAuthenticator.LDAPDN> it = lDAPUserInfo.groupDNs().iterator();
            while (it.hasNext()) {
                if (set.contains(it.next())) {
                    return true;
                }
            }
            return false;
        }
    }

    /* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer$RequireUser.class */
    public static final class RequireUser extends LDAPOperationAuthorizer {

        /* loaded from: input_file:org/eclipse/emf/cdo/internal/server/LDAPOperationAuthorizer$RequireUser$Factory.class */
        public static final class Factory extends Factory {
            public static final String TYPE = "ldapRequireUser";

            public Factory() {
                super(TYPE);
            }

            @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer.Factory
            protected RequireUser create(String str, Set<String> set) throws ProductCreationException {
                return new RequireUser(str, set);
            }

            @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer.Factory
            protected /* bridge */ /* synthetic */ LDAPOperationAuthorizer create(String str, Set set) throws ProductCreationException {
                return create(str, (Set<String>) set);
            }
        }

        public RequireUser(String str, Set<String> set) {
            super(str, set);
        }

        @Override // org.eclipse.emf.cdo.internal.server.LDAPOperationAuthorizer
        protected boolean authorizeOperation(LDAPUserAuthenticator.LDAPUserInfo lDAPUserInfo, Set<String> set) {
            return set.contains(lDAPUserInfo.userDN());
        }
    }

    public LDAPOperationAuthorizer(String str, Set<String> set) {
        super(str);
        this.dns = set;
    }

    public final Set<String> getDNs() {
        return this.dns;
    }

    /* renamed from: authorizeOperation, reason: avoid collision after fix types in other method */
    protected String authorizeOperation2(ISession iSession, Map<String, Object> map) {
        IRepositoryProtector protector = iSession.getManager().getRepository().getProtector();
        if (protector == null) {
            return "No repository protector";
        }
        String userID = iSession.getUserID();
        if (userID == null) {
            return "No user ID";
        }
        LDAPUserAuthenticator.LDAPUserInfo lDAPUserInfo = (LDAPUserAuthenticator.LDAPUserInfo) protector.getUserInfo(userID);
        if (lDAPUserInfo == null) {
            return "User " + userID + " is not authenticated";
        }
        if (authorizeOperation(lDAPUserInfo, this.dns)) {
            return null;
        }
        return "User " + userID + " is not authorized";
    }

    protected abstract boolean authorizeOperation(LDAPUserAuthenticator.LDAPUserInfo lDAPUserInfo, Set<String> set);

    @Override // org.eclipse.emf.cdo.spi.server.AbstractOperationAuthorizer
    protected /* bridge */ /* synthetic */ String authorizeOperation(ISession iSession, Map map) {
        return authorizeOperation2(iSession, (Map<String, Object>) map);
    }
}
