package org.dcache.chimera.posix;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/dcache/chimera/posix/UnixPermissionHandler.class */
public class UnixPermissionHandler implements AclHandler {
    private static Logger _log = LoggerFactory.getLogger(UnixPermissionHandler.class);
    private static UnixPermissionHandler HANDLER = new UnixPermissionHandler();

    private UnixPermissionHandler() {
    }

    public static UnixPermissionHandler getInstance() {
        return HANDLER;
    }

    private static boolean inGroup(User user, int i) {
        int gid = ((UnixUser) user).getGID();
        int[] gids = ((UnixUser) user).getGIDS();
        boolean z = false;
        if (i == gid) {
            z = true;
        } else {
            int length = gids.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length) {
                    break;
                }
                if (i == gids[i2]) {
                    z = true;
                    break;
                }
                i2++;
            }
        }
        return z;
    }

    @Override // org.dcache.chimera.posix.AclHandler
    public boolean isAllowed(Acl acl, User user, int i) {
        boolean z = false;
        int uid = ((UnixUser) user).getUID();
        if (!(acl instanceof UnixAcl)) {
            return false;
        }
        int owner = ((UnixAcl) acl).getOwner();
        int group = ((UnixAcl) acl).getGroup();
        int permission = ((UnixAcl) acl).getPermission();
        if (_log.isDebugEnabled()) {
            StringBuilder sb = new StringBuilder("ACL request : ");
            sb.append("user=").append(((UnixUser) user).getUID()).append(":").append(((UnixUser) user).getGID());
            sb.append(" ");
            sb.append("file=").append(owner).append(":").append(group);
            sb.append(" ");
            sb.append("action=");
            switch (i) {
                case 0:
                    sb.append("ACL_READ");
                    break;
                case 1:
                default:
                    sb.append("ACL_UNKNOWN");
                    break;
                case 2:
                    sb.append("ACL_WRITE");
                    break;
                case 3:
                    sb.append("ACL_DELETE");
                    break;
                case 4:
                    sb.append("ACL_LOOKUP");
                    break;
                case 5:
                    sb.append("ACL_ADMINISTER");
                    break;
                case 6:
                    sb.append("ACL_INSERT");
                    break;
                case 7:
                    sb.append("ACL_LOCK");
                    break;
                case 8:
                    sb.append("ACL_EXECUTE");
                    break;
            }
            _log.debug(sb.toString());
        }
        switch (uid) {
            case -12:
                z = false;
                break;
            case 0:
                z = true;
                break;
            default:
                switch (i) {
                    case 0:
                        if (owner != uid) {
                            if (!inGroup(user, group)) {
                                z = (permission & 4) == 4;
                                break;
                            } else {
                                z = (permission & 32) == 32;
                                break;
                            }
                        } else {
                            z = (permission & 256) == 256;
                            break;
                        }
                    case 2:
                        if (owner != uid) {
                            if (!inGroup(user, group)) {
                                z = (permission & 2) == 2;
                                break;
                            } else {
                                z = (permission & 16) == 16;
                                break;
                            }
                        } else {
                            z = (permission & 128) == 128;
                            break;
                        }
                    case 3:
                        z = isAllowed(acl, user, 2);
                        if ((permission & 512) == 512) {
                            System.out.println("Sticky bit set!");
                            z = z && isAllowed(acl, user, 5);
                            break;
                        }
                        break;
                    case 4:
                        z = isAllowed(acl, user, 0) && isAllowed(acl, user, 8);
                        break;
                    case 5:
                        z = owner == uid;
                        break;
                    case 6:
                        z = isAllowed(acl, user, 2);
                        break;
                    case 7:
                        z = true;
                        break;
                    case 8:
                        if (owner != uid) {
                            if (!inGroup(user, group)) {
                                z = (permission & 1) == 1;
                                break;
                            } else {
                                z = (permission & 8) == 8;
                                break;
                            }
                        } else {
                            z = (permission & 64) == 64;
                            break;
                        }
                }
        }
        _log.debug("IsAllowed: " + z);
        return z;
    }
}
