package com.adobe.cfsetup.settings.service;

import coldfusion.ServiceBase;
import coldfusion.compiler.ASTruntimeCall;
import coldfusion.nosql.NoSQLDataSourceConsumer;
import coldfusion.runtime.Array;
import coldfusion.runtime.Struct;
import coldfusion.security.SecurityUtils;
import coldfusion.server.ConfigMap;
import coldfusion.server.ServiceException;
import coldfusion.util.FastHashtable;
import coldfusion.util.FileUtils;
import com.adobe.cfsetup.MessageHandler;
import com.adobe.cfsetup.PasswordUtils;
import com.adobe.cfsetup.Util;
import com.adobe.cfsetup.base.EntryPoint;
import com.adobe.cfsetup.base.GenericSetting;
import com.adobe.cfsetup.base.MultilevelSetting;
import com.adobe.cfsetup.base.SettingInstanceProvider;
import com.adobe.cfsetup.constants.CFSetupConstants;
import com.adobe.cfsetup.constants.Category;
import com.adobe.cfsetup.constants.Messages;
import com.adobe.cfsetup.exception.CFSetupException;
import com.adobe.cfsetup.settings.DatasourceSettings;
import com.adobe.cfsetup.settings.JvmSettings;
import com.adobe.cfsetup.settings.simple.AdminPasswordSettings;
import com.adobe.cfsetup.validation.SettingValidation;
import com.adobe.cfsetup.validation.ValidationDetails;
import com.adobe.coldfusion.connector.connectorinstaller.CIConstants;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import java.util.Vector;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.cxf.phase.Phase;
import org.apache.solr.common.params.SpatialParams;
import org.apache.solr.spelling.suggest.fst.AnalyzingInfixLookupFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:config/cfsetup/cfsetup.jar:com/adobe/cfsetup/settings/service/SecurityService.class */
public class SecurityService extends ServiceBase {
    private ConfigMap settings = null;
    private File file;
    private String selectedPath;
    private Properties seedProperties;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SecurityService.class);
    public static Set<String> allTags = new HashSet(Arrays.asList("cfcontent", "cfdirectory", "cffile", "cfobject", "cfregistry", "cfexecute", "cfftp", "cfmail", "cflog", "cfcollection", "cfcookie", "cfhttp", "cfhttpparam", "cfindex", "cfldap", "cfinvoke", "cfschedule", "cfsearch", "cftransaction", "cfpop", "cfquery", "cfinsert", "cfupdate", "cfstoredproc", "cfgridupdate", "cfdocument", "cfreport", "cfthread", "cfimage", "cffeed", "cfexchangeconnection", "cfexchangecalendar", "cfexchangemail", "cfexchangecontact", "cfexchangetask", "cfpdf", "cfprint", "cfdbinfo", "cfobjectcache", "cfsharepoint", "cfspreadsheet", "cfcache", "cfimap", "cffileupload", "cfexchangeconversation", "cfexchangefolder", "cfwebsocket", "cfhtmltopdf"));
    public static Set<String> allFunctions = new HashSet(Arrays.asList(ASTruntimeCall.CREATEOBJECT, "createobject(com)", "createobject(corba)", "createobject(java)", "createobject(.net)", "createobject(webservice)", "directoryexists", "expandpath", "fileopen", "fileexists", "filecopy", "filemove", "filedelete", "fileread", "fileupload", "fileuploadall", "filewrite", "filesetattribute", "filesetaccessmode", "filesetlastmodified", "getfileinfo", "directorycreate", "directorycopy", "directorylist", "directorydelete", "directoryrename", "getdirectoryfrompath", "getfilefrompath", "getgatewayhelper", "getprinterinfo", "getprofilestring", "gettempdirectory", "gettempfile", "gettemplatepath", "getbasetemplatepath", "loadcfobject", "savecfobject", "sendgatewaymessage", "setprofilestring", "createdynamicproxy", "cachegetallids", "cachegetsession", "cacheremoveall", "cacheregionnew", "cacheregionremove", "cachesetproperties", "removecachedquery", "getcpuusage", "getsystemfreememory", "getsystemtotalmemory", "gettotalspace", "getfreespace", "getpagecontext", "islocalhost", "objectsave", "objectload", "getcloudservice", "getmongoservice"));
    public static Set<String> allRuntimePerms = new HashSet(Arrays.asList("accessClassInPackage.*", "accessDeclaredMembers", "createSecurityManager", "defineClassInPackage.*", "enableContextClassLoaderOverride", "getClassLoader", "getenv.*", "getProtectionDomain", "getStackTrace", "modifyThread", "preferences", "queuePrintJob", "readFileDescriptor", "setContextClassLoader", "setDefaultUncaughtExceptionHandler", "shutdownHooks", "stopThread", "writeFileDescriptor"));
    private static List<String> securityConfigSettings = Arrays.asList(CFSetupConstants.ADMIN_USERID_REQUIRED, CFSetupConstants.ADMIN_SECURITY_ENABLED, "allowconcurrentadminlogin", CFSetupConstants.RDS_ENABLED, CFSetupConstants.SECURE_PROFILE_ENABLED, CFSetupConstants.RDS_SECURITY_ENABLED, CFSetupConstants.RDS_USE_SINGLE_PASSWORD);

    public SecurityService(File file, String str) {
        this.selectedPath = str;
        this.file = file;
        try {
            load();
        } catch (ServiceException e) {
            throw new CFSetupException("Error while loading security setting, ", e);
        }
    }

    @Override // coldfusion.ServiceBase
    public void load() throws ServiceException {
        try {
            this.settings = (ConfigMap) deserialize(this.file);
            this.settings.init(this, "configuration");
        } catch (Exception e) {
            throw new ServiceException(e);
        }
    }

    public Map getUsersMap() {
        HashMap hashMap = new HashMap();
        if (this.settings.get("AuthorizedUsers") != null) {
            hashMap = (HashMap) this.settings.get("AuthorizedUsers");
        }
        HashMap hashMap2 = new HashMap();
        for (Map.Entry entry : hashMap.entrySet()) {
            String str = (String) entry.getKey();
            HashMap hashMap3 = (HashMap) entry.getValue();
            HashMap hashMap4 = new HashMap();
            hashMap2.put(str, hashMap4);
            fillMap(hashMap4, Category.USER);
            hashMap3.entrySet().forEach(obj -> {
                String str2 = (String) ((Map.Entry) obj).getKey();
                Object value = ((Map.Entry) obj).getValue();
                if ("roles".equalsIgnoreCase(str2) || CFSetupConstants.EXPOSED_SERVICES.equalsIgnoreCase(str2)) {
                    hashMap4.put(str2, new HashSet((List) value));
                } else if (CFSetupConstants.SANDBOXES.equalsIgnoreCase(str2)) {
                    ((Vector) value).forEach(obj -> {
                        Struct struct = (Struct) obj;
                        String str3 = (String) struct.get("CLASS");
                        String str4 = (String) struct.get("TARGET");
                        if (CFSetupConstants.FILE_PERMISSION_KEY.equals(str3)) {
                            String str5 = "";
                            for (String str6 : ((String) struct.get("ACTION")).split(",")) {
                                if (Phase.READ.equalsIgnoreCase(str6)) {
                                    str5 = str5 + "r";
                                }
                                if ("execute".equalsIgnoreCase(str6)) {
                                    str5 = str5 + "x";
                                }
                                if (Phase.WRITE.equalsIgnoreCase(str6)) {
                                    str5 = str5 + NoSQLDataSourceConsumer.W;
                                }
                                if ("delete".equalsIgnoreCase(str6)) {
                                    str5 = str5 + SpatialParams.DISTANCE;
                                }
                            }
                            str4 = (StringUtils.isBlank(str5) ? "" : str5 + ":") + str4;
                            ((Set) hashMap4.get(CFSetupConstants.SANDBOXES)).add(str4);
                        }
                        if (CFSetupConstants.ENABLED_DATASOURCES.equals(str3)) {
                            ((Set) hashMap4.get("datasources")).add(str4);
                        }
                    });
                } else {
                    hashMap4.put(str2, value);
                }
            });
        }
        return Collections.unmodifiableMap(hashMap2);
    }

    public Map getIpMap() {
        HashMap hashMap = new HashMap();
        HashSet hashSet = (this.settings.get(CFSetupConstants.ALLOWED_SERVICES_IP) == null || StringUtils.isBlank((String) this.settings.get(CFSetupConstants.ALLOWED_SERVICES_IP))) ? new HashSet() : new HashSet(Arrays.asList(((String) this.settings.get(CFSetupConstants.ALLOWED_SERVICES_IP)).split(",")));
        HashSet hashSet2 = (this.settings.get(CFSetupConstants.ALLOWED_ADMIN_IP) == null || StringUtils.isBlank((String) this.settings.get(CFSetupConstants.ALLOWED_ADMIN_IP))) ? new HashSet() : new HashSet(Arrays.asList(((String) this.settings.get(CFSetupConstants.ALLOWED_ADMIN_IP)).split(",")));
        hashMap.put(CFSetupConstants.ALLOWED_SERVICES_IP, hashSet);
        hashMap.put(CFSetupConstants.ALLOWED_ADMIN_IP, hashSet2);
        return hashMap;
    }

    public boolean updateIp(Map map) {
        Set set = (Set) map.get(CFSetupConstants.ALLOWED_SERVICES_IP);
        Set set2 = (Set) map.get(CFSetupConstants.ALLOWED_ADMIN_IP);
        this.settings.put(CFSetupConstants.ALLOWED_SERVICES_IP, StringUtils.join(set, ","));
        this.settings.put(CFSetupConstants.ALLOWED_ADMIN_IP, StringUtils.join(set2, ","));
        serialize(this.settings, this.file);
        return true;
    }

    public Map getSandboxMap() {
        HashMap hashMap = new HashMap();
        String str = "";
        String str2 = "";
        if (this.settings.get(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME) == null) {
            return hashMap;
        }
        for (Map.Entry entry : ((ConfigMap) ((ConfigMap) this.settings.get(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME)).get("/")).entrySet()) {
            String str3 = (String) entry.getKey();
            List<Struct> list = (List) entry.getValue();
            HashMap hashMap2 = new HashMap();
            fillMap(hashMap2, Category.SANDBOX);
            for (Struct struct : list) {
                String str4 = (String) struct.get("CLASS");
                String str5 = (String) struct.get("ACTION");
                String str6 = (String) struct.get("TARGET");
                if (str4.equalsIgnoreCase(CFSetupConstants.DISABLED_FUNCTION_KEY)) {
                    str = str6.substring(1);
                } else if (str4.equalsIgnoreCase(CFSetupConstants.DISABLED_TAG_KEY)) {
                    str2 = str6.substring(1);
                } else {
                    if (hashMap2.get(str4) == null) {
                        hashMap2.put(str4, new HashSet());
                    }
                    ((Set) hashMap2.get(str4)).add(StringUtils.isEmpty(str5) ? str6 : str5 + (CFSetupConstants.FILE_PERMISSION_KEY.equalsIgnoreCase(str4) ? ":" : ";") + str6);
                }
            }
            if (!StringUtils.isEmpty(str)) {
                str = str.substring(1);
            }
            if (!StringUtils.isEmpty(str2)) {
                str2 = str2.substring(1);
            }
            HashSet hashSet = StringUtils.isEmpty(str) ? new HashSet() : new HashSet(Arrays.asList(str.split(",")));
            HashSet hashSet2 = StringUtils.isEmpty(str2) ? new HashSet() : new HashSet(Arrays.asList(str2.split(",")));
            hashMap2.put(CFSetupConstants.DISABLED_FUNCTION_KEY, hashSet);
            hashMap2.put(CFSetupConstants.DISABLED_TAG_KEY, hashSet2);
            HashSet hashSet3 = new HashSet(allFunctions);
            HashSet hashSet4 = new HashSet(allTags);
            hashSet3.removeAll(hashSet);
            hashSet4.removeAll(hashSet2);
            if (hashSet.contains("*")) {
                hashSet3 = new HashSet();
            }
            if (hashSet2.contains("*")) {
                hashSet4 = new HashSet();
            }
            hashMap2.put(CFSetupConstants.ENABLED_FUNCTION_KEY, hashSet3);
            hashMap2.put(CFSetupConstants.ENABLED_TAG_KEY, hashSet4);
            HashSet hashSet5 = new HashSet(allRuntimePerms);
            hashSet5.removeAll((Collection) hashMap2.get(CFSetupConstants.ENABLED_RUNTIME_PERMISSION));
            if (((Set) hashMap2.get(CFSetupConstants.ENABLED_RUNTIME_PERMISSION)).contains("*")) {
                hashSet5 = new HashSet();
            }
            hashMap2.put(CFSetupConstants.DISABLED_RUNTIME_PERMISSION, hashSet5);
            HashSet hashSet6 = CollectionUtils.isEmpty((Collection) hashMap2.get(CFSetupConstants.ENABLED_DATASOURCES)) ? new HashSet() : new HashSet(Arrays.asList(StringUtils.join((Collection) hashMap2.get(CFSetupConstants.ENABLED_DATASOURCES), ",").split(",")));
            hashMap2.put(CFSetupConstants.ENABLED_DATASOURCES, hashSet6);
            HashSet hashSet7 = new HashSet(new DatasourceSettings(this.selectedPath).getMap().keySet());
            if (hashSet6.contains("*")) {
                hashSet7 = new HashSet();
            } else {
                hashSet7.removeAll(hashSet6);
            }
            hashMap2.put(CFSetupConstants.DISABLED_DATASOURCES, hashSet7);
            hashMap.put(str3, hashMap2);
        }
        return hashMap;
    }

    public Map getMap() {
        return Collections.unmodifiableMap(this.settings);
    }

    public Map getSecurityConfigMap() {
        HashMap hashMap = new HashMap();
        for (String str : securityConfigSettings) {
            Object obj = this.settings.containsKey(str) ? this.settings.get(str) : false;
            if (obj instanceof String) {
                obj = Boolean.valueOf((String) obj);
            }
            hashMap.put(str, obj);
        }
        return Collections.unmodifiableMap(hashMap);
    }

    public boolean updateSecurityConfigData(Map<String, Object> map) {
        for (String str : securityConfigSettings) {
            if (map.containsKey(str)) {
                Object obj = map.get(str);
                if (str.equalsIgnoreCase(CFSetupConstants.RDS_SECURITY_ENABLED) || str.equalsIgnoreCase(CFSetupConstants.RDS_ENABLED)) {
                    obj = String.valueOf(obj);
                }
                this.settings.put(str, obj);
            }
        }
        Set set = (Set) map.get(CFSetupConstants.ALLOWED_SERVICES_IP);
        Set set2 = (Set) map.get(CFSetupConstants.ALLOWED_ADMIN_IP);
        this.settings.put(CFSetupConstants.ALLOWED_SERVICES_IP, StringUtils.join(set, ","));
        this.settings.put(CFSetupConstants.ALLOWED_ADMIN_IP, StringUtils.join(set2, ","));
        serialize(this.settings, this.file);
        return true;
    }

    public boolean updateSandboxEnabledStatus(boolean z) {
        String str;
        String str2;
        ConfigMap configMap = this.settings != null ? (ConfigMap) this.settings.get(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME) : new ConfigMap();
        ConfigMap configMap2 = configMap != null ? (ConfigMap) configMap.get("/") : new ConfigMap();
        if (Util.isEnterprise(this.selectedPath)) {
            str = new File(new File(this.selectedPath).getParent()).getParent() + File.separator + "CFIDE" + File.separator;
            str2 = new File(this.selectedPath).getParent() + File.separator;
        } else {
            str = this.selectedPath + File.separator + CIConstants.wwwroot + File.separator + "CFIDE" + File.separator;
            str2 = this.selectedPath + File.separator + CIConstants.wwwroot + File.separator + "WEB-INF" + File.separator;
        }
        if (configMap2.get(str) == null) {
            configMap2.put(str, generateSandboxAdminMap());
        }
        if (configMap2.get(str2) == null) {
            configMap2.put(str2, generateSandboxAdminMap());
        }
        configMap.put("/", configMap2);
        this.settings.put(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME, configMap);
        if (((Boolean) this.settings.get(CFSetupConstants.SANDBOX_ENABLED_SETTING_KEY)).booleanValue() != z && !Util.isEnterprise(this.selectedPath)) {
            JvmSettings jvmSettings = new JvmSettings(this.selectedPath);
            if (z) {
                HashMap hashMap = new HashMap();
                hashMap.put(JvmService.JAVA_ARGS, "-Djava.security.manager -Djava.security.policy=" + this.selectedPath + File.separator + "lib" + File.separator + "coldfusion.policy -Djava.security.auth.policy=" + this.selectedPath + File.separator + "lib" + File.separator + "neo_jaas.policy");
                jvmSettings.addService(hashMap);
            } else {
                jvmSettings.deleteSandboxArgs();
            }
        }
        this.settings.put(CFSetupConstants.SANDBOX_ENABLED_SETTING_KEY, Boolean.valueOf(z));
        serialize(this.settings, this.file);
        return true;
    }

    public String getSandboxEnabledStatus() {
        return String.valueOf(this.settings.get(CFSetupConstants.SANDBOX_ENABLED_SETTING_KEY));
    }

    public boolean updateSandboxData(Map map, String str, boolean z) {
        ConfigMap configMap = (ConfigMap) this.settings.get(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME);
        ConfigMap configMap2 = new ConfigMap();
        for (Map.Entry entry : map.entrySet()) {
            String str2 = (String) entry.getKey();
            HashMap hashMap = (HashMap) entry.getValue();
            fillMap(hashMap, Category.SANDBOX);
            configMap2.put(str2, mapToVector(hashMap));
        }
        configMap.put("/", configMap2);
        this.settings.put(AnalyzingInfixLookupFactory.CONTEXTS_FIELD_NAME, configMap);
        serialize(this.settings, this.file);
        return true;
    }

    private Vector mapToVector(Object obj) {
        Vector vector = new Vector();
        for (Map.Entry entry : ((Map) obj).entrySet()) {
            String str = (String) entry.getKey();
            Object value = entry.getValue();
            if (!CFSetupConstants.ENABLED_FUNCTION_KEY.equalsIgnoreCase(str) && !CFSetupConstants.ENABLED_TAG_KEY.equalsIgnoreCase(str) && !CFSetupConstants.DISABLED_DATASOURCES.equalsIgnoreCase(str) && !CFSetupConstants.DISABLED_RUNTIME_PERMISSION.equalsIgnoreCase(str)) {
                if (CFSetupConstants.DISABLED_FUNCTION_KEY.equalsIgnoreCase(str) || CFSetupConstants.DISABLED_TAG_KEY.equalsIgnoreCase(str)) {
                    vector.add(getSandboxStruct(CollectionUtils.isEmpty((Set) value) ? "*" : "*-" + StringUtils.join((Set) value, ",").toLowerCase(), "", str));
                } else if (CFSetupConstants.ENABLED_DATASOURCES.equalsIgnoreCase(str)) {
                    for (String str2 : (Set) value) {
                        if (StringUtils.isNotBlank(str2)) {
                            vector.add(getSandboxStruct(str2, "", str));
                        }
                    }
                } else if (CFSetupConstants.FILE_PERMISSION_KEY.equalsIgnoreCase(str)) {
                    Iterator it = ((Set) value).iterator();
                    while (it.hasNext()) {
                        vector.add(getFileSandboxStruct((String) it.next()));
                    }
                } else if (value instanceof String) {
                    String[] split = ((String) value).split(";");
                    vector.add(getSandboxStruct(split.length == 1 ? split[0] : split[1], split.length == 1 ? "" : split[0], str));
                } else if (value instanceof Set) {
                    Iterator it2 = ((Set) value).iterator();
                    while (it2.hasNext()) {
                        String[] split2 = ((String) it2.next()).split(";");
                        vector.add(getSandboxStruct(split2.length == 1 ? split2[0] : split2[1], split2.length == 1 ? "" : split2[0], str));
                    }
                }
            }
        }
        return vector;
    }

    public boolean updateUserData(Map map) {
        FastHashtable fastHashtable = new FastHashtable();
        for (Map.Entry entry : map.entrySet()) {
            HashMap hashMap = new HashMap();
            String str = (String) entry.getKey();
            HashMap hashMap2 = (HashMap) entry.getValue();
            fillMap(hashMap2, Category.USER);
            if (!hashMap2.containsKey("description")) {
                hashMap2.put("description", "");
            }
            for (Map.Entry entry2 : hashMap2.entrySet()) {
                String str2 = (String) entry2.getKey();
                Object value = entry2.getValue();
                if (CFSetupConstants.SANDBOXES.equalsIgnoreCase(str2)) {
                    Set set = (Set) value;
                    Array array = hashMap.get(CFSetupConstants.SANDBOXES) == null ? new Array() : (Array) hashMap.get(CFSetupConstants.SANDBOXES);
                    Iterator it = set.iterator();
                    while (it.hasNext()) {
                        array.add(getFileSandboxStruct((String) it.next()));
                    }
                    hashMap.put(CFSetupConstants.SANDBOXES, array);
                } else if ("datasources".equalsIgnoreCase(str2)) {
                    Set set2 = (Set) value;
                    Array array2 = hashMap.get(CFSetupConstants.SANDBOXES) == null ? new Array() : (Array) hashMap.get(CFSetupConstants.SANDBOXES);
                    if (set2.contains("*")) {
                        set2.clear();
                        set2.add("*");
                    }
                    Iterator it2 = set2.iterator();
                    while (it2.hasNext()) {
                        array2.add(getSandboxStruct((String) it2.next(), "", CFSetupConstants.ENABLED_DATASOURCES));
                    }
                    hashMap.put(CFSetupConstants.SANDBOXES, array2);
                } else if (CFSetupConstants.EXPOSED_SERVICES.toLowerCase().equalsIgnoreCase(str2)) {
                    Array array3 = new Array();
                    Iterator it3 = ((Set) value).iterator();
                    while (it3.hasNext()) {
                        array3.add((String) it3.next());
                    }
                    hashMap.put(CFSetupConstants.EXPOSED_SERVICES, array3);
                } else if ("roles".equalsIgnoreCase(str2)) {
                    Array array4 = new Array();
                    Set set3 = (Set) value;
                    if (set3.contains("coldfusion.administrator")) {
                        set3.add("coldfusion.adminapi");
                    }
                    Iterator it4 = set3.iterator();
                    while (it4.hasNext()) {
                        array4.add((String) it4.next());
                    }
                    hashMap.put("roles", array4);
                } else {
                    hashMap.put(str2, value);
                }
            }
            fastHashtable.put(str, hashMap);
        }
        this.settings.put("AuthorizedUsers", fastHashtable);
        serialize(this.settings, this.file);
        return true;
    }

    public Set<String> loadResource(String str, String str2) {
        String str3 = str + File.separator + "lib" + File.separator + "cfusion.jar";
        if (!new File(str3).exists()) {
            str3 = str + File.separator + ".." + File.separator + "lib" + File.separator + "cfusion.jar";
        }
        try {
            InputStream resourceAsStream = new URLClassLoader(new URL[]{new File(str3).toURI().toURL()}, getClass().getClassLoader()).getResourceAsStream(str2);
            Properties properties = new Properties();
            properties.load(resourceAsStream);
            return (Set) Collections.list(properties.keys()).stream().map(obj -> {
                return (String) obj;
            }).collect(Collectors.toSet());
        } catch (IOException e) {
            logger.error("Failed to load built-in properties", (Throwable) e);
            return new HashSet();
        }
    }

    private Struct getFileSandboxStruct(String str) {
        String substring = str.substring(0, str.indexOf(":") == -1 ? 0 : str.indexOf(":"));
        String substring2 = str.substring(str.indexOf(":") + 1);
        Struct struct = new Struct();
        struct.put("TARGET", substring2.equals("*") ? "<<ALL FILES>>" : substring2);
        struct.put("ACTION", Util.getFilePermissionsValue(substring));
        struct.put("CLASS", CFSetupConstants.FILE_PERMISSION_KEY);
        return struct;
    }

    public void setSeed(String str, final String str2, final String str3, final String str4) throws Exception {
        if (str != null) {
            str = SecurityUtils.hash(str, "SHA-256", "", "").substring(0, 16);
        }
        if (str.equals(str2)) {
            return;
        }
        final String str5 = str;
        this.seedProperties = new Properties();
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.adobe.cfsetup.settings.service.SecurityService.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityService.this.seedProperties.setProperty("seed", str5);
                SecurityService.this.seedProperties.setProperty("algorithm", str3);
                SecurityService.this.storeSeedProperties(str4);
                SecurityService.this.updateEncryptedSettingsWithNewSeed(str2, str5, str4);
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void storeSeedProperties(String str) {
        FileOutputStream fileOutputStream = null;
        String str2 = str + File.separatorChar + "lib" + File.separatorChar + PasswordUtils.SEEDFILE;
        File file = new File(str2);
        boolean isHidden = file.isHidden();
        if (isHidden) {
            try {
                try {
                    FileUtils.setFileAttributes(file, "NORMAL");
                } catch (Exception e) {
                    throw new CFSetupException(e);
                }
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e2) {
                    }
                }
                throw th;
            }
        }
        file.setExecutable(false, false);
        file.setReadable(true, true);
        file.setWritable(true, true);
        fileOutputStream = new FileOutputStream(file);
        this.seedProperties.store(fileOutputStream, (String) null);
        if (fileOutputStream != null) {
            try {
                fileOutputStream.close();
            } catch (Exception e3) {
            }
        }
        try {
            FileUtils.setUnixModes(str2, 600);
            if (isHidden) {
                FileUtils.setFileAttributes(file, "HIDDEN");
            }
        } catch (Exception e4) {
        }
    }

    public void updateEncryptedSettingsWithNewSeed(String str, String str2, String str3) {
        EntryPoint.isSilent = true;
        Set<Category> categoriesWithEncryptedFields = SettingValidation.getInstance().getCategoriesWithEncryptedFields();
        MessageHandler.getInstance().showInfo(Messages.getString("encryptingWithNewSeed"));
        try {
            Iterator<Category> it = categoriesWithEncryptedFields.iterator();
            while (it.hasNext()) {
                GenericSetting settingInstanceFromCFHome = SettingInstanceProvider.getInstance().getSettingInstanceFromCFHome(str3, it.next(), false);
                for (String str4 : (Set) Optional.ofNullable(SettingValidation.getInstance().getEncryptedFields(settingInstanceFromCFHome.getCategory())).orElse(new HashSet())) {
                    if (!(settingInstanceFromCFHome instanceof MultilevelSetting) || settingInstanceFromCFHome.getCategory() == Category.SOLR) {
                        String setting = settingInstanceFromCFHome.getSetting(str4, null);
                        if (StringUtils.isNotBlank(setting) && !"null".equalsIgnoreCase(setting)) {
                            settingInstanceFromCFHome.setSetting(str4, PasswordUtils.reEncryptWithNewSeed(setting, str, str2), null);
                        }
                    } else {
                        for (String str5 : settingInstanceFromCFHome.getMap().keySet()) {
                            String setting2 = settingInstanceFromCFHome.getSetting(str4, str5);
                            if (StringUtils.isNotBlank(setting2) && !"null".equalsIgnoreCase(setting2)) {
                                settingInstanceFromCFHome.setSetting(str4, PasswordUtils.reEncryptWithNewSeed(setting2, str, str2), str5);
                            }
                        }
                    }
                }
            }
            AdminPasswordSettings adminPasswordSettings = (AdminPasswordSettings) SettingInstanceProvider.getInstance().getSettingInstanceFromCFHome(str3, Category.SECURITY, false);
            adminPasswordSettings.setSetting(AdminPasswordSettings.RDSPASSWORD, PasswordUtils.decryptPassword(adminPasswordSettings.getRdspassword(), str), str2);
            EntryPoint.isSilent = false;
        } catch (Exception e) {
            EntryPoint.isSilent = false;
        } catch (Throwable th) {
            EntryPoint.isSilent = false;
            throw th;
        }
    }

    private Struct getSandboxStruct(String str, String str2, String str3) {
        Struct struct = new Struct();
        struct.put("TARGET", str);
        struct.put("ACTION", str2);
        struct.put("CLASS", str3);
        return struct;
    }

    public void fillMap(Map map, Category category) {
        for (Map.Entry<String, ValidationDetails> entry : SettingValidation.getInstance().getcategoryValidationMap(category).entrySet()) {
            String key = entry.getKey();
            ValidationDetails value = entry.getValue();
            if (!value.isRestricted() && value.isList() && !map.containsKey(key)) {
                map.put(key, new HashSet());
            }
        }
    }

    private static Vector generateSandboxAdminMap() {
        Vector vector = new Vector();
        vector.add(new Struct());
        ((Struct) vector.get(0)).put("ACTION", "");
        ((Struct) vector.get(0)).put("CLASS", "java.io.SerializablePermission");
        ((Struct) vector.get(0)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(1)).put("ACTION", "read,write");
        ((Struct) vector.get(1)).put("CLASS", CFSetupConstants.PROPERTY_PERMISSION_KEY);
        ((Struct) vector.get(1)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(2)).put("ACTION", "");
        ((Struct) vector.get(2)).put("CLASS", "java.net.NetPermission");
        ((Struct) vector.get(2)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(3)).put("ACTION", "");
        ((Struct) vector.get(3)).put("CLASS", "java.sql.SQLPermission");
        ((Struct) vector.get(3)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(4)).put("ACTION", "");
        ((Struct) vector.get(4)).put("CLASS", "java.security.SecurityPermission");
        ((Struct) vector.get(4)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(5)).put("ACTION", "connect,resolve");
        ((Struct) vector.get(5)).put("CLASS", CFSetupConstants.SOCKET_PERMISSION_KEY);
        ((Struct) vector.get(5)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(6)).put("ACTION", "");
        ((Struct) vector.get(6)).put("CLASS", CFSetupConstants.ENABLED_RUNTIME_PERMISSION);
        ((Struct) vector.get(6)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(7)).put("ACTION", "");
        ((Struct) vector.get(7)).put("CLASS", CFSetupConstants.ENABLED_DATASOURCES);
        ((Struct) vector.get(7)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(8)).put("ACTION", "read,write,execute,delete");
        ((Struct) vector.get(8)).put("CLASS", CFSetupConstants.FILE_PERMISSION_KEY);
        ((Struct) vector.get(8)).put("TARGET", "<<ALL FILES>>");
        vector.add(new Struct());
        ((Struct) vector.get(9)).put("ACTION", "read,write,execute,delete");
        ((Struct) vector.get(9)).put("CLASS", CFSetupConstants.VFILE_PERMISSION_KEY);
        ((Struct) vector.get(9)).put("TARGET", "ram:///-");
        vector.add(new Struct());
        ((Struct) vector.get(10)).put("ACTION", "read,write,execute,delete");
        ((Struct) vector.get(10)).put("CLASS", CFSetupConstants.VFILE_PERMISSION_KEY);
        ((Struct) vector.get(10)).put("TARGET", "ram:///");
        vector.add(new Struct());
        ((Struct) vector.get(11)).put("ACTION", "");
        ((Struct) vector.get(11)).put("CLASS", CFSetupConstants.DISABLED_FUNCTION_KEY);
        ((Struct) vector.get(11)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(12)).put("ACTION", "");
        ((Struct) vector.get(12)).put("CLASS", "org.osgi.framework.AdminPermission");
        ((Struct) vector.get(12)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(13)).put("ACTION", "get,register");
        ((Struct) vector.get(13)).put("CLASS", CFSetupConstants.OSGISERVICE_PERMISSION_KEY);
        ((Struct) vector.get(13)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(14)).put("ACTION", "");
        ((Struct) vector.get(14)).put("CLASS", "java.lang.reflect.ReflectPermission");
        ((Struct) vector.get(14)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(15)).put("ACTION", "");
        ((Struct) vector.get(15)).put("CLASS", CFSetupConstants.DISABLED_TAG_KEY);
        ((Struct) vector.get(15)).put("TARGET", "*");
        vector.add(new Struct());
        ((Struct) vector.get(16)).put("ACTION", "");
        ((Struct) vector.get(16)).put("CLASS", "coldfusion.tagext.lang.ModulePermission");
        ((Struct) vector.get(16)).put("TARGET", "*");
        return vector;
    }

    private Struct getRuntimePermissionStruct(String str, String str2) {
        if (str == null) {
            str = "*";
        }
        if (str2 == null) {
            str2 = "";
        }
        Struct struct = new Struct();
        struct.put("CLASS", CFSetupConstants.ENABLED_RUNTIME_PERMISSION);
        struct.put("TARGET", str);
        struct.put("ACTION", str2);
        return struct;
    }

    public static boolean isRestrictedPath(String str) {
        return "ram:///-".equalsIgnoreCase(str) || "ram:///-".equalsIgnoreCase(str) || "ALL FILES".equalsIgnoreCase(str);
    }
}
