package com.ecyrd.jspwiki.auth.user;

import com.ecyrd.jspwiki.NoRequiredPropertyException;
import com.ecyrd.jspwiki.WikiEngine;
import com.ecyrd.jspwiki.auth.NoSuchPrincipalException;
import com.ecyrd.jspwiki.auth.WikiPrincipal;
import com.ecyrd.jspwiki.auth.WikiSecurityException;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.security.Principal;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashSet;
import java.util.Properties;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/ecyrd/jspwiki/auth/user/XMLUserDatabase.class */
public class XMLUserDatabase extends AbstractUserDatabase {
    public static final String PROP_USERDATABASE = "jspwiki.xmlUserDatabaseFile";
    private static final String DEFAULT_USERDATABASE = "userdatabase.xml";
    private static final String CREATED = "created";
    private static final String EMAIL = "email";
    private static final String FULL_NAME = "fullName";
    private static final String LOGIN_NAME = "loginName";
    private static final String LAST_MODIFIED = "lastModified";
    private static final String PASSWORD = "password";
    private static final String USER_TAG = "user";
    private static final String WIKI_NAME = "wikiName";
    private Document c_dom = null;
    private DateFormat c_defaultFormat = DateFormat.getDateTimeInstance();
    private DateFormat c_format = new SimpleDateFormat("yyyy.MM.dd 'at' HH:mm:ss:SSS z");
    private File c_file = null;
    private long c_lastCheck = 0;
    private long c_lastModified = 0;

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public synchronized void commit() throws WikiSecurityException {
        if (this.c_dom == null) {
            log.fatal("User database doesn't exist in memory.");
        }
        File file = new File(new StringBuffer(String.valueOf(this.c_file.getAbsolutePath())).append(".new").toString());
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(file), "UTF-8"));
            bufferedWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
            bufferedWriter.write("<users>\n");
            NodeList elementsByTagName = this.c_dom.getDocumentElement().getElementsByTagName(USER_TAG);
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Element element = (Element) elementsByTagName.item(i);
                bufferedWriter.write("<user ");
                bufferedWriter.write("loginName");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("loginName")).append("\" ").toString());
                bufferedWriter.write("wikiName");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("wikiName")).append("\" ").toString());
                bufferedWriter.write("fullName");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("fullName")).append("\" ").toString());
                bufferedWriter.write("email");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("email")).append("\" ").toString());
                bufferedWriter.write("password");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("password")).append("\" ").toString());
                bufferedWriter.write("created");
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute("created")).append("\" ").toString());
                bufferedWriter.write(LAST_MODIFIED);
                bufferedWriter.write(new StringBuffer("=\"").append(element.getAttribute(LAST_MODIFIED)).append("\" ").toString());
                bufferedWriter.write(" />\n");
            }
            bufferedWriter.write("</users>");
            bufferedWriter.close();
            File file2 = new File(new StringBuffer(String.valueOf(this.c_file.getAbsolutePath())).append(".old").toString());
            if (file2.exists() && !file2.delete()) {
                log.error(new StringBuffer("Could not delete old user database backup: ").append(file2).toString());
            }
            if (!this.c_file.renameTo(file2)) {
                log.error(new StringBuffer("Could not create user database backup: ").append(file2).toString());
            }
            if (file.renameTo(this.c_file)) {
                return;
            }
            log.error(new StringBuffer("Could not save database: ").append(file2).append(" restoring backup.").toString());
            if (!file2.renameTo(this.c_file)) {
                log.error("Restore failed. Check the file permissions.");
            }
            log.error(new StringBuffer("Could not save database: ").append(this.c_file).append(". Check the file permissions").toString());
        } catch (IOException e) {
            throw new WikiSecurityException(e.getLocalizedMessage());
        }
    }

    @Override // com.ecyrd.jspwiki.auth.user.UserDatabase
    public void deleteByLoginName(String str) throws NoSuchPrincipalException, WikiSecurityException {
        if (this.c_dom == null) {
            throw new WikiSecurityException("FATAL: database does not exist");
        }
        NodeList elementsByTagName = this.c_dom.getDocumentElement().getElementsByTagName(USER_TAG);
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            if (element.getAttribute("loginName").equals(str)) {
                this.c_dom.getDocumentElement().removeChild(element);
                return;
            }
        }
        throw new NoSuchPrincipalException(new StringBuffer("Not in database: ").append(str).toString());
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public UserProfile findByEmail(String str) throws NoSuchPrincipalException {
        UserProfile findByAttribute = findByAttribute("email", str);
        if (findByAttribute != null) {
            return findByAttribute;
        }
        throw new NoSuchPrincipalException(new StringBuffer("Not in database: ").append(str).toString());
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public UserProfile findByFullName(String str) throws NoSuchPrincipalException {
        UserProfile findByAttribute = findByAttribute("fullName", str);
        if (findByAttribute != null) {
            return findByAttribute;
        }
        throw new NoSuchPrincipalException(new StringBuffer("Not in database: ").append(str).toString());
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public UserProfile findByLoginName(String str) throws NoSuchPrincipalException {
        UserProfile findByAttribute = findByAttribute("loginName", str);
        if (findByAttribute != null) {
            return findByAttribute;
        }
        throw new NoSuchPrincipalException(new StringBuffer("Not in database: ").append(str).toString());
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public UserProfile findByWikiName(String str) throws NoSuchPrincipalException {
        UserProfile findByAttribute = findByAttribute("wikiName", str);
        if (findByAttribute != null) {
            return findByAttribute;
        }
        throw new NoSuchPrincipalException(new StringBuffer("Not in database: ").append(str).toString());
    }

    @Override // com.ecyrd.jspwiki.auth.user.UserDatabase
    public Principal[] getWikiNames() throws WikiSecurityException {
        if (this.c_dom == null) {
            throw new IllegalStateException("FATAL: database does not exist");
        }
        HashSet hashSet = new HashSet();
        NodeList elementsByTagName = this.c_dom.getElementsByTagName(USER_TAG);
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            String attribute = ((Element) elementsByTagName.item(i)).getAttribute("wikiName");
            if (attribute == null) {
                log.warn("Detected null wiki name in XMLUserDataBase. Check your user database.");
            } else {
                hashSet.add(new WikiPrincipal(attribute, "wikiName"));
            }
        }
        return (Principal[]) hashSet.toArray(new Principal[hashSet.size()]);
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public void initialize(WikiEngine wikiEngine, Properties properties) throws NoRequiredPropertyException {
        File file;
        if (wikiEngine.getRootPath() == null) {
            log.warn("Cannot identify JSPWiki root path");
            file = new File("WEB-INF/userdatabase.xml").getAbsoluteFile();
        } else {
            file = new File(new StringBuffer(String.valueOf(wikiEngine.getRootPath())).append("/WEB-INF/").append(DEFAULT_USERDATABASE).toString());
        }
        String property = properties.getProperty(PROP_USERDATABASE);
        if (property == null) {
            log.error(new StringBuffer("XML user database property jspwiki.xmlUserDatabaseFile not found; trying ").append(file).toString());
            this.c_file = file;
        } else {
            this.c_file = new File(property);
        }
        log.info(new StringBuffer("XML user database at ").append(this.c_file.getAbsolutePath()).toString());
        buildDOM();
    }

    private void buildDOM() {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setValidating(false);
        newInstance.setExpandEntityReferences(false);
        newInstance.setIgnoringComments(true);
        newInstance.setNamespaceAware(false);
        try {
            this.c_dom = newInstance.newDocumentBuilder().parse(this.c_file);
            log.debug("Database successfully initialized");
            this.c_lastModified = this.c_file.lastModified();
            this.c_lastCheck = System.currentTimeMillis();
        } catch (FileNotFoundException e) {
            log.info("User database not found; creating from scratch...");
        } catch (IOException e2) {
            log.error(new StringBuffer("IO error: ").append(e2.getMessage()).toString());
        } catch (ParserConfigurationException e3) {
            log.error(new StringBuffer("Configuration error: ").append(e3.getMessage()).toString());
        } catch (SAXException e4) {
            log.error(new StringBuffer("SAX error: ").append(e4.getMessage()).toString());
        }
        if (this.c_dom == null) {
            try {
                this.c_dom = newInstance.newDocumentBuilder().newDocument();
                this.c_dom.appendChild(this.c_dom.createElement(JDBCUserDatabase.DEFAULT_DB_TABLE));
            } catch (ParserConfigurationException e5) {
                log.fatal("Could not create in-memory DOM");
            }
        }
    }

    private void checkForRefresh() {
        if (System.currentTimeMillis() - this.c_lastCheck <= 60000 || this.c_file.lastModified() <= this.c_lastModified) {
            return;
        }
        buildDOM();
    }

    @Override // com.ecyrd.jspwiki.auth.user.UserDatabase
    public boolean isSharedWithContainer() {
        return false;
    }

    @Override // com.ecyrd.jspwiki.auth.user.AbstractUserDatabase, com.ecyrd.jspwiki.auth.user.UserDatabase
    public void save(UserProfile userProfile) throws WikiSecurityException {
        if (this.c_dom == null) {
            log.fatal(new StringBuffer("Could not save profile ").append(userProfile).append(" database does not exist").toString());
            throw new IllegalStateException("FATAL: database does not exist");
        }
        checkForRefresh();
        String loginName = userProfile.getLoginName();
        NodeList elementsByTagName = this.c_dom.getElementsByTagName(USER_TAG);
        Element element = null;
        boolean z = true;
        int i = 0;
        while (true) {
            if (i >= elementsByTagName.getLength()) {
                break;
            }
            Element element2 = (Element) elementsByTagName.item(i);
            if (element2.getAttribute("loginName").equals(loginName)) {
                element = element2;
                z = false;
                break;
            }
            i++;
        }
        Date date = new Date(System.currentTimeMillis());
        if (z) {
            userProfile.setCreated(date);
            log.info(new StringBuffer("Creating new user ").append(loginName).toString());
            element = this.c_dom.createElement(USER_TAG);
            this.c_dom.getDocumentElement().appendChild(element);
            setAttribute(element, "created", this.c_format.format(date));
        }
        setAttribute(element, LAST_MODIFIED, this.c_format.format(date));
        setAttribute(element, "loginName", userProfile.getLoginName());
        setAttribute(element, "fullName", userProfile.getFullname());
        setAttribute(element, "wikiName", userProfile.getWikiName());
        setAttribute(element, "email", userProfile.getEmail());
        String password = userProfile.getPassword();
        if (password != null && !password.equals("") && !element.getAttribute("password").equals(password)) {
            setAttribute(element, "password", new StringBuffer("{SHA}").append(getHash(password)).toString());
        }
        if (z) {
            userProfile.setCreated(date);
        }
        userProfile.setLastModified(date);
    }

    private UserProfile findByAttribute(String str, String str2) {
        if (this.c_dom == null) {
            throw new IllegalStateException("FATAL: database does not exist");
        }
        checkForRefresh();
        NodeList elementsByTagName = this.c_dom.getElementsByTagName(USER_TAG);
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            if (element.getAttribute(str).equals(str2)) {
                DefaultUserProfile defaultUserProfile = new DefaultUserProfile();
                defaultUserProfile.setLoginName(element.getAttribute("loginName"));
                defaultUserProfile.setFullname(element.getAttribute("fullName"));
                defaultUserProfile.setWikiName(element.getAttribute("wikiName"));
                defaultUserProfile.setPassword(element.getAttribute("password"));
                defaultUserProfile.setEmail(element.getAttribute("email"));
                String attribute = element.getAttribute("created");
                String attribute2 = element.getAttribute(LAST_MODIFIED);
                try {
                    defaultUserProfile.setCreated(this.c_format.parse(attribute));
                    defaultUserProfile.setLastModified(this.c_format.parse(attribute2));
                } catch (ParseException e) {
                    try {
                        defaultUserProfile.setCreated(this.c_defaultFormat.parse(attribute));
                        defaultUserProfile.setLastModified(this.c_defaultFormat.parse(attribute2));
                    } catch (ParseException e2) {
                        log.warn(new StringBuffer("Could not parse 'created' or 'lastModified' attribute for  profile '").append(defaultUserProfile.getLoginName()).append("'.").append(" It may have been tampered with.").toString());
                    }
                }
                return defaultUserProfile;
            }
        }
        return null;
    }

    private void setAttribute(Element element, String str, String str2) {
        if (str2 != null) {
            element.setAttribute(str, str2);
        }
    }
}
