package coldfusion.security;

import coldfusion.flash.FlashProxy;
import coldfusion.license.LicenseManager;
import coldfusion.util.Utils;
import java.io.File;
import java.net.URL;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import java.util.TreeMap;
import javax.security.auth.Policy;
import javax.security.auth.Subject;

/* loaded from: input_file:coldfusion/security/UserPolicy.class */
public class UserPolicy extends Policy {
    private static final String ALL_TEMPLATES = "/*";
    private static final Permissions ALL_PERMISSIONS = new Permissions();
    private Policy p;
    private TreeMap grants;
    private Object[] array;

    public UserPolicy(Policy policy, Map map) {
        this.p = policy;
        setNewPermissions(map);
    }

    public synchronized void setNewPermissions(Map map) {
        this.grants = new TreeMap(map);
        this.array = this.grants.keySet().toArray();
    }

    public PermissionCollection getPermissions(Subject subject, CodeSource codeSource) {
        PermissionCollection permissionCollection;
        URL location = codeSource.getLocation();
        String url = location != null ? location.toString() : null;
        if (url == null || url.length() == 0) {
            return this.p.getPermissions(subject, codeSource);
        }
        if ((url.endsWith(FlashProxy.CF_FILE_EXTENSION) || url.endsWith(FlashProxy.CFC_FILE_EXTENSION)) && (permissionCollection = getPermissionCollection(subject, url)) != null) {
            return permissionCollection;
        }
        return this.p.getPermissions(subject, codeSource);
    }

    private PermissionCollection getPermissionCollection(Subject subject, String str) {
        subject.getPrincipals();
        for (int length = this.array.length; length > 0; length--) {
            String str2 = (String) this.array[length - 1];
            try {
                if (!LicenseManager.checkSandboxSecurity()) {
                    if (ALL_TEMPLATES.equals(str2)) {
                        return (PermissionCollection) this.grants.get(ALL_TEMPLATES);
                    }
                    if ((str2.endsWith("WEB-INF") || str2.endsWith("CFIDE") || str2.endsWith(new StringBuffer().append("CFIDE").append(File.separator).toString()) || str2.endsWith(new StringBuffer().append("WEB-INF").append(File.separator).toString())) && str.startsWith(((URL) AccessController.doPrivileged(new PrivilegedExceptionAction(this, Utils.getCanonicalFile(str2)) { // from class: coldfusion.security.UserPolicy.2
                        private final File val$cpath;
                        private final UserPolicy this$0;

                        {
                            this.this$0 = this;
                            this.val$cpath = r5;
                        }

                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            return this.val$cpath.toURL();
                        }
                    })).toString())) {
                        return (PermissionCollection) this.grants.get(str2);
                    }
                } else if (!ALL_TEMPLATES.equals(str2) && str.startsWith(((URL) AccessController.doPrivileged(new PrivilegedExceptionAction(this, Utils.getCanonicalFile(str2)) { // from class: coldfusion.security.UserPolicy.1
                    private final File val$cpath;
                    private final UserPolicy this$0;

                    {
                        this.this$0 = this;
                        this.val$cpath = r5;
                    }

                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return this.val$cpath.toURL();
                    }
                })).toString())) {
                    return (PermissionCollection) this.grants.get(str2);
                }
            } catch (Exception e) {
            }
        }
        return ALL_PERMISSIONS;
    }

    public void refresh() {
        this.p.refresh();
    }

    static {
        ALL_PERMISSIONS.add(new AllPermission());
    }
}
