package com.logonbox.vpn.drivers.windows;

import com.sshtools.liftlib.OS;
import com.sun.jna.Platform;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.attribute.AclEntry;
import java.nio.file.attribute.AclEntryPermission;
import java.nio.file.attribute.AclEntryType;
import java.nio.file.attribute.AclFileAttributeView;
import java.nio.file.attribute.UserPrincipal;
import java.nio.file.attribute.UserPrincipalLookupService;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.EnumSet;
import java.util.ResourceBundle;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/logonbox/vpn/drivers/windows/WindowsFileSecurity.class */
public class WindowsFileSecurity {
    public static final ResourceBundle BUNDLE = ResourceBundle.getBundle(WindowsFileSecurity.class.getName());
    static Logger LOG = LoggerFactory.getLogger(WindowsFileSecurity.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void restrictToUser(Path path) throws IOException {
        File file = path.toFile();
        file.setReadable(false, false);
        file.setWritable(false, false);
        file.setExecutable(false, false);
        file.setReadable(true, true);
        file.setWritable(true, true);
        if (Platform.isWindows()) {
            ArrayList arrayList = new ArrayList();
            if (OS.isAdministrator()) {
                try {
                    arrayList.add(set(true, path, "Administrators", WindowsPlatformService.SID_ADMINISTRATORS_GROUP, AclEntryType.ALLOW, AclEntryPermission.values()));
                } catch (Throwable th) {
                    LOG.debug("Failed to add administrators permission.", th);
                }
                try {
                    arrayList.add(set(true, path, "SYSTEM", WindowsPlatformService.SID_SYSTEM, AclEntryType.ALLOW, AclEntryPermission.values()));
                } catch (Throwable th2) {
                    LOG.debug("Failed to add administrators permission.", th2);
                }
            }
            if (arrayList.isEmpty()) {
                LOG.warn("Only basic permissions set for {}", path);
            } else {
                LOG.info("Setting permissions on {} to {}", path, arrayList);
                ((AclFileAttributeView) Files.getFileAttributeView(path, AclFileAttributeView.class, new LinkOption[0])).setAcl(arrayList);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void openToEveryone(Path path) throws IOException {
        AclFileAttributeView aclFileAttributeView = (AclFileAttributeView) Files.getFileAttributeView(path, AclFileAttributeView.class, new LinkOption[0]);
        ArrayList arrayList = new ArrayList();
        if (OS.isAdministrator()) {
            try {
                arrayList.add(set(true, path, "Administrators", WindowsPlatformService.SID_ADMINISTRATORS_GROUP, AclEntryType.ALLOW, AclEntryPermission.values()));
            } catch (Throwable th) {
                LOG.debug("Failed to add administrators permission.", th);
            }
            try {
                arrayList.add(set(true, path, "SYSTEM", WindowsPlatformService.SID_SYSTEM, AclEntryType.ALLOW, AclEntryPermission.values()));
            } catch (Throwable th2) {
                LOG.debug("Failed to add administrators permission.", th2);
            }
        }
        try {
            arrayList.add(set(true, path, "Everyone", WindowsPlatformService.SID_WORLD, AclEntryType.ALLOW, AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA));
        } catch (Throwable th3) {
            LOG.warn("Failed to set Everyone permission.", th3);
        }
        try {
            arrayList.add(set(true, path, "Users", WindowsPlatformService.SID_USERS, AclEntryType.ALLOW, AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA));
        } catch (Throwable th4) {
            LOG.warn("Failed to set Users permission.", th4);
        }
        if (!arrayList.isEmpty()) {
            aclFileAttributeView.setAcl(arrayList);
            return;
        }
        LOG.warn("Falling back to basic file permissions method.");
        path.toFile().setReadable(true, false);
        path.toFile().setWritable(true, false);
    }

    private static AclEntry set(boolean z, Path path, String str, String str2, AclEntryType aclEntryType, AclEntryPermission... aclEntryPermissionArr) throws IOException {
        try {
            LOG.debug("Trying to set {} or name of {} on {} as group {} : {} : {}", new Object[]{str2, str, path, Boolean.valueOf(z), aclEntryType, Arrays.asList(aclEntryPermissionArr)});
            String bestRealName = WindowsPlatformService.getBestRealName(str2, str);
            LOG.debug("Best real name : " + bestRealName);
            return perms(z, path, bestRealName, aclEntryType, aclEntryPermissionArr);
        } catch (Throwable th) {
            LOG.debug("Failed to get AclEntry using either SID of {} or name of {}. Attempting using localised name", new Object[]{str2, str, th});
            return perms(z, path, str, aclEntryType, aclEntryPermissionArr);
        }
    }

    private static AclEntry perms(boolean z, Path path, String str, AclEntryType aclEntryType, AclEntryPermission... aclEntryPermissionArr) throws IOException {
        UserPrincipalLookupService userPrincipalLookupService = path.getFileSystem().getUserPrincipalLookupService();
        UserPrincipal lookupPrincipalByGroupName = z ? userPrincipalLookupService.lookupPrincipalByGroupName(str) : userPrincipalLookupService.lookupPrincipalByName(str);
        AclEntry.Builder newBuilder = AclEntry.newBuilder();
        newBuilder.setPermissions(EnumSet.copyOf((Collection) Arrays.asList(aclEntryPermissionArr)));
        newBuilder.setPrincipal(lookupPrincipalByGroupName);
        newBuilder.setType(aclEntryType);
        return newBuilder.build();
    }
}
