package com.sshtools.server.policy;

import com.sshtools.common.Connection;
import com.sshtools.server.PermissionType;
import com.sshtools.server.ShellPolicy;
import com.sshtools.server.SshServerContext;
import com.sshtools.server.policy.permissions.MountPermission;
import com.sshtools.server.policy.permissions.MountPermissions;
import com.sshtools.server.policy.permissions.ShellCommandPermission;
import com.sshtools.server.vshell.ShellPermission;
import java.io.IOException;
import java.security.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sshtools/server/policy/ShellPolicyPermissions.class */
public class ShellPolicyPermissions extends ShellPolicy implements PolicyPermissions {
    protected SecurityManager securityManager;
    private static final Logger log = LoggerFactory.getLogger(ShellPolicyPermissions.class);

    public ShellPolicyPermissions(SecurityManager securityManager) {
        this.securityManager = securityManager;
    }

    public void assertPermission(Connection<SshServerContext> connection, PermissionType permissionType, String... strArr) {
        if (permissionType instanceof MountPermissions) {
            if (!PolicyPermissionsProvider.checkPermission(this.securityManager, connection, new MountPermission(strArr[0], strArr[1], permissionType.getName()))) {
                throw new SecurityException("Permission denied for " + connection.getUsername() + " to use  " + strArr[0]);
            }
        } else if (permissionType instanceof ShellPermission) {
            if (!PolicyPermissionsProvider.checkPermission(this.securityManager, connection, new ShellCommandPermission(strArr[0], strArr.length == 1 ? "run" : strArr[1]))) {
                throw new SecurityException("Permission denied for " + connection.getUsername() + " to use  " + strArr[0]);
            }
        }
    }

    public boolean checkPermission(Connection<SshServerContext> connection, PermissionType permissionType, String... strArr) {
        try {
            assertPermission(connection, permissionType, strArr);
            log.debug("Accept " + connection.getUsername() + ". " + permissionType.getName());
            return true;
        } catch (SecurityException e) {
            log.warn("Rejected " + connection.getUsername() + ". " + e.getMessage());
            return false;
        }
    }

    @Override // com.sshtools.server.policy.PolicyPermissions
    public void grant(String str, String[] strArr, String str2, String[] strArr2) throws IOException {
        ((PolicyPermissionsProvider) Policy.getPolicy()).grant(str, strArr, str2, strArr2);
    }

    @Override // com.sshtools.server.policy.PolicyPermissions
    public void revoke(String str, String[] strArr, String str2, String[] strArr2) throws IOException {
        ((PolicyPermissionsProvider) Policy.getPolicy()).revoke(str, strArr, str2, strArr2);
    }
}
