package org.kawanfw.sql.api.server.firewall;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TreeSet;
import java.util.logging.Level;
import org.kawanfw.sql.api.server.DefaultDatabaseConfigurator;
import org.kawanfw.sql.api.server.StatementAnalyzer;
import org.kawanfw.sql.api.util.firewall.CsvRulesManagerLoader;
import org.kawanfw.sql.api.util.firewall.DatabaseUserTableTriplet;
import org.kawanfw.sql.api.util.firewall.TableAllowStatements;
import org.kawanfw.sql.metadata.AceQLMetaData;
import org.kawanfw.sql.servlet.injection.properties.PropertiesFileStore;
import org.kawanfw.sql.util.FrameworkDebug;

/* loaded from: input_file:org/kawanfw/sql/api/server/firewall/CsvRulesManager.class */
public class CsvRulesManager extends DefaultSqlFirewallManager implements SqlFirewallManager {
    private static boolean DEBUG = FrameworkDebug.isSet(CsvRulesManager.class);
    private Map<DatabaseUserTableTriplet, TableAllowStatements> mapTableAllowStatementsSet = null;

    @Override // org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager, org.kawanfw.sql.api.server.firewall.SqlFirewallManager
    public boolean allowSqlRunAfterAnalysis(String str, String str2, Connection connection, String str3, String str4, boolean z, List<Object> list) throws IOException, SQLException {
        loadRules(str2, connection);
        return isAllowed(str, str2, str4, list);
    }

    @Override // org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager, org.kawanfw.sql.api.server.firewall.SqlFirewallManager
    public void runIfStatementRefused(String str, String str2, Connection connection, String str3, boolean z, String str4, List<Object> list) throws IOException, SQLException {
        new DefaultDatabaseConfigurator().getLogger().log(Level.WARNING, "Client username " + str + " (IP: " + str3 + ") has been denied by CsvRulesManager SqlFirewallManager executing the statement: " + str4 + ".");
    }

    private boolean isAllowed(String str, String str2, String str3, List<Object> list) throws SQLException {
        StatementAnalyzer statementAnalyzer = new StatementAnalyzer(str3, list);
        List<String> tables = statementAnalyzer.getTables();
        String lowerCase = statementAnalyzer.getStatementName().toLowerCase();
        debug("");
        debug("Testing statement: " + lowerCase + ":");
        Iterator<String> it = tables.iterator();
        while (it.hasNext()) {
            String lowerCase2 = it.next().toLowerCase();
            TableAllowStatements tableAllowStatements = this.mapTableAllowStatementsSet.get(new DatabaseUserTableTriplet(str2, "public", "all"));
            debug("public and all -  tableAllowStatements: " + tableAllowStatements + ":");
            if (tableAllowStatements != null && isAllowed(tableAllowStatements, lowerCase)) {
                return true;
            }
            TableAllowStatements tableAllowStatements2 = this.mapTableAllowStatementsSet.get(new DatabaseUserTableTriplet(str2, "public", lowerCase2));
            debug("public -  tableAllowStatements: " + tableAllowStatements2 + ":");
            if (tableAllowStatements2 != null && isAllowed(tableAllowStatements2, lowerCase)) {
                return true;
            }
            TableAllowStatements tableAllowStatements3 = this.mapTableAllowStatementsSet.get(new DatabaseUserTableTriplet(str2, str, "all"));
            debug("all -  tableAllowStatements: " + tableAllowStatements3 + ":");
            if (tableAllowStatements3 != null && isAllowed(tableAllowStatements3, lowerCase)) {
                return true;
            }
            TableAllowStatements tableAllowStatements4 = this.mapTableAllowStatementsSet.get(new DatabaseUserTableTriplet(str2, str, lowerCase2));
            debug("tableAllowStatements: " + tableAllowStatements4 + ":");
            if (tableAllowStatements4 != null && isAllowed(tableAllowStatements4, lowerCase)) {
                return true;
            }
        }
        return false;
    }

    private boolean isAllowed(TableAllowStatements tableAllowStatements, String str) {
        if (str.equals("delete")) {
            return tableAllowStatements.isDeleteAllowed();
        }
        if (str.equals("insert")) {
            return tableAllowStatements.isInsertAllowe();
        }
        if (str.equals("select")) {
            return tableAllowStatements.isSelectAllowed();
        }
        if (str.equals("update")) {
            return tableAllowStatements.isUpdateAllowed();
        }
        return false;
    }

    private void loadRules(String str, Connection connection) throws FileNotFoundException, SQLException, IOException {
        if (this.mapTableAllowStatementsSet == null) {
            File csvFile = getCsvFile(str);
            List<String> tableNames = new AceQLMetaData(connection).getTableNames();
            TreeSet treeSet = new TreeSet();
            Iterator<String> it = tableNames.iterator();
            while (it.hasNext()) {
                treeSet.add(it.next().toLowerCase());
            }
            treeSet.add("all");
            CsvRulesManagerLoader csvRulesManagerLoader = new CsvRulesManagerLoader(csvFile, str, treeSet);
            csvRulesManagerLoader.load();
            this.mapTableAllowStatementsSet = csvRulesManagerLoader.getMapTableAllowStatementsSet();
            Set<TableAllowStatements> tableAllowStatementsSet = csvRulesManagerLoader.getTableAllowStatementsSet();
            debug("CsvRulesManager Rules Loaded:");
            Iterator<TableAllowStatements> it2 = tableAllowStatementsSet.iterator();
            while (it2.hasNext()) {
                debug(it2.next().toString());
            }
        }
    }

    private static File getCsvFile(String str) throws FileNotFoundException {
        File file = PropertiesFileStore.get();
        Objects.requireNonNull(file, "file cannot be null!");
        if (!file.exists()) {
            throw new FileNotFoundException("The properties file does not exist: " + file);
        }
        File file2 = new File(PropertiesFileStore.get().getParentFile() + File.separator + str + "_rules_manager.csv");
        if (file2.exists()) {
            return file2;
        }
        throw new FileNotFoundException("The CSV rules files does not exist: " + file2);
    }

    private void debug(String str) {
        if (DEBUG) {
            System.out.println(new Date() + " " + str);
        }
    }
}
