package org.dcache.xrootd.core;

import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import org.dcache.xrootd.plugins.AuthorizationFactory;
import org.dcache.xrootd.protocol.XrootdProtocol;
import org.dcache.xrootd.protocol.messages.AbstractResponseMessage;
import org.dcache.xrootd.protocol.messages.CloseRequest;
import org.dcache.xrootd.protocol.messages.DirListRequest;
import org.dcache.xrootd.protocol.messages.LocateRequest;
import org.dcache.xrootd.protocol.messages.MkDirRequest;
import org.dcache.xrootd.protocol.messages.MvRequest;
import org.dcache.xrootd.protocol.messages.OpenRequest;
import org.dcache.xrootd.protocol.messages.PathRequest;
import org.dcache.xrootd.protocol.messages.PrepareRequest;
import org.dcache.xrootd.protocol.messages.ProtocolRequest;
import org.dcache.xrootd.protocol.messages.QueryRequest;
import org.dcache.xrootd.protocol.messages.ReadRequest;
import org.dcache.xrootd.protocol.messages.ReadVRequest;
import org.dcache.xrootd.protocol.messages.RmDirRequest;
import org.dcache.xrootd.protocol.messages.RmRequest;
import org.dcache.xrootd.protocol.messages.SetRequest;
import org.dcache.xrootd.protocol.messages.StatRequest;
import org.dcache.xrootd.protocol.messages.StatxRequest;
import org.dcache.xrootd.protocol.messages.SyncRequest;
import org.dcache.xrootd.protocol.messages.WriteRequest;
import org.dcache.xrootd.protocol.messages.XrootdRequest;
import org.dcache.xrootd.util.OpaqueStringParser;
import org.dcache.xrootd.util.ParseException;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelHandler;
import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.MessageEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ChannelHandler.Sharable
/* loaded from: input_file:org/dcache/xrootd/core/XrootdAuthorizationHandler.class */
public class XrootdAuthorizationHandler extends XrootdRequestHandler {
    private static final Logger _log = LoggerFactory.getLogger(XrootdAuthorizationHandler.class);
    private final AuthorizationFactory _authorizationFactory;

    public XrootdAuthorizationHandler(AuthorizationFactory authorizationFactory) {
        this._authorizationFactory = authorizationFactory;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnStat(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, StatRequest statRequest) throws XrootdException {
        authorize(messageEvent, statRequest, XrootdProtocol.FilePerm.READ);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnStatx(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, StatxRequest statxRequest) throws XrootdException {
        if (statxRequest.getPaths().length == 0) {
            throw new XrootdException(3001, "no paths specified");
        }
        String[] paths = statxRequest.getPaths();
        String[] opaques = statxRequest.getOpaques();
        int[] iArr = new int[paths.length];
        for (int i = 0; i < paths.length; i++) {
            paths[i] = authorize(messageEvent, statxRequest, XrootdProtocol.FilePerm.READ, paths[i], opaques[i]);
        }
        statxRequest.setPaths(paths);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnRm(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, RmRequest rmRequest) throws XrootdException {
        if (rmRequest.getPath().isEmpty()) {
            throw new XrootdException(3001, "no path specified");
        }
        authorize(messageEvent, rmRequest, XrootdProtocol.FilePerm.DELETE);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnRmDir(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, RmDirRequest rmDirRequest) throws XrootdException {
        if (rmDirRequest.getPath().isEmpty()) {
            throw new XrootdException(3001, "no path specified");
        }
        authorize(messageEvent, rmDirRequest, XrootdProtocol.FilePerm.DELETE);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnMkDir(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, MkDirRequest mkDirRequest) throws XrootdException {
        if (mkDirRequest.getPath().isEmpty()) {
            throw new XrootdException(3001, "no path specified");
        }
        authorize(messageEvent, mkDirRequest, XrootdProtocol.FilePerm.WRITE);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnMv(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, MvRequest mvRequest) throws XrootdException {
        if (mvRequest.getSourcePath().isEmpty()) {
            throw new XrootdException(3001, "No source path specified");
        }
        if (mvRequest.getTargetPath().isEmpty()) {
            throw new XrootdException(3001, "No target path specified");
        }
        mvRequest.setSourcePath(authorize(messageEvent, mvRequest, XrootdProtocol.FilePerm.DELETE, mvRequest.getSourcePath(), mvRequest.getOpaque()));
        mvRequest.setTargetPath(authorize(messageEvent, mvRequest, XrootdProtocol.FilePerm.WRITE, mvRequest.getTargetPath(), mvRequest.getOpaque()));
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnDirList(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, DirListRequest dirListRequest) throws XrootdException {
        if (dirListRequest.getPath().isEmpty()) {
            throw new XrootdException(3001, "no source path specified");
        }
        authorize(messageEvent, dirListRequest, XrootdProtocol.FilePerm.READ);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnPrepare(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, PrepareRequest prepareRequest) {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public Void doOnLocate(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, LocateRequest locateRequest) throws XrootdException {
        String path = locateRequest.getPath();
        if (!path.startsWith("*")) {
            path = authorize(messageEvent, locateRequest, XrootdProtocol.FilePerm.READ, path, locateRequest.getOpaque());
        } else if (!path.equals("*")) {
            path = authorize(messageEvent, locateRequest, XrootdProtocol.FilePerm.READ, path.substring(1), locateRequest.getOpaque());
        }
        locateRequest.setPath(path);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnOpen(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, OpenRequest openRequest) throws XrootdException {
        authorize(messageEvent, openRequest, (openRequest.isNew() || openRequest.isReadWrite()) ? XrootdProtocol.FilePerm.WRITE : XrootdProtocol.FilePerm.READ);
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnRead(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, ReadRequest readRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnReadV(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, ReadVRequest readVRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnWrite(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, WriteRequest writeRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnSync(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, SyncRequest syncRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnClose(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, CloseRequest closeRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    public AbstractResponseMessage doOnProtocolRequest(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, ProtocolRequest protocolRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    protected Object doOnQuery(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, QueryRequest queryRequest) throws XrootdException {
        String str;
        String str2;
        switch (queryRequest.getReqcode()) {
            case XrootdProtocol.kXR_Qcksum /* 3 */:
            case 4:
                String args = queryRequest.getArgs();
                int indexOf = args.indexOf(63);
                if (indexOf > -1) {
                    str = args.substring(0, indexOf);
                    str2 = args.substring(indexOf + 1);
                } else {
                    str = args;
                    str2 = "";
                }
                queryRequest.setArgs(authorize(messageEvent, queryRequest, XrootdProtocol.FilePerm.READ, str, str2));
                break;
        }
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    @Override // org.dcache.xrootd.core.XrootdRequestHandler
    protected Object doOnSet(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent, SetRequest setRequest) throws XrootdException {
        channelHandlerContext.sendUpstream(messageEvent);
        return null;
    }

    private void authorize(MessageEvent messageEvent, PathRequest pathRequest, XrootdProtocol.FilePerm filePerm) throws XrootdException {
        pathRequest.setPath(authorize(messageEvent, pathRequest, filePerm, pathRequest.getPath(), pathRequest.getOpaque()));
    }

    private String authorize(MessageEvent messageEvent, XrootdRequest xrootdRequest, XrootdProtocol.FilePerm filePerm, String str, String str2) throws XrootdException {
        try {
            Channel channel = messageEvent.getChannel();
            return this._authorizationFactory.createHandler().authorize(xrootdRequest.getSubject(), (InetSocketAddress) channel.getLocalAddress(), (InetSocketAddress) channel.getRemoteAddress(), str, OpaqueStringParser.getOpaqueMap(str2), xrootdRequest.getRequestId(), filePerm);
        } catch (SecurityException e) {
            throw new XrootdException(3010, "Permission denied: " + e.getMessage());
        } catch (GeneralSecurityException e2) {
            throw new XrootdException(3012, "Authorization check failed: " + e2.getMessage());
        } catch (ParseException e3) {
            throw new XrootdException(3010, "Invalid opaque data: " + e3.getMessage() + " (opaque=" + str2 + ")");
        }
    }
}
