package blackboard.platform.security;

import blackboard.data.user.User;
import blackboard.persist.user.UserDbLoader;
import blackboard.persist.user.UserDbLoaderEx;
import blackboard.platform.api.PublicAPI;
import blackboard.platform.email.BbMail;
import blackboard.platform.email.BbMailManagerFactory;
import blackboard.platform.extension.service.ExtensionRegistryFactory;
import blackboard.platform.intl.BbResourceBundle;
import blackboard.platform.intl.BundleManagerFactory;
import blackboard.platform.intl.LocaleManagerFactory;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.security.escape.BaseEscapeHandler;
import blackboard.platform.security.escape.EscapeHandler;
import blackboard.platform.security.event.SecurityEvent;
import blackboard.platform.security.event.SecurityEventManager;
import blackboard.platform.security.event.codes.SecurityEventCode;
import blackboard.util.StringUtil;
import blackboard.util.XSSUtil;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import java.util.Timer;
import java.util.TimerTask;

@PublicAPI
/* loaded from: input_file:blackboard/platform/security/EscapeUtility.class */
public class EscapeUtility {
    private static final EscapeHandler BASE_HANDLER = new BaseEscapeHandler();
    private static boolean USE_EXTENSIONS = true;
    private static boolean SHOULD_EMAIL = true;

    private EscapeUtility() {
    }

    protected static void setUseExtensions(boolean z) {
        USE_EXTENSIONS = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static synchronized void emailAdministrator(String str, String str2, String str3) {
        SecurityEventManager.Factory.getInstance().fireEvent(SecurityEventCode.ESAPIB2Missing, SecurityEvent.ACTION_EXCEPTION);
        if (SHOULD_EMAIL) {
            BbResourceBundle bundle = BundleManagerFactory.getInstance().getBundle("security", LocaleManagerFactory.getInstance().getDefaultLocale().getLocale());
            String str4 = null;
            User user = null;
            try {
                user = (User) AccessController.doPrivileged(new PrivilegedExceptionAction<User>() { // from class: blackboard.platform.security.EscapeUtility.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public User run() throws Exception {
                        return UserDbLoader.Default.getInstance().loadByUserName(UserDbLoaderEx.ADMIN_USERNAME);
                    }
                });
                str4 = user.getEmailAddress();
            } catch (PrivilegedActionException e) {
                LogServiceFactory.getInstance().logError("Unexpected exception when notifying administrator of library failure.", e.getCause());
            } catch (Exception e2) {
                LogServiceFactory.getInstance().logError("Unexpected exception when notifying administrator of library failure.", e2);
            }
            if (StringUtil.isEmpty(str4)) {
                str4 = "";
            }
            final User user2 = user;
            final String str5 = str4;
            final String string = bundle.getString("utility.notification.email.subject");
            final String string2 = bundle.getString("utility.notification.email.message", str, str2, str3);
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: blackboard.platform.security.EscapeUtility.2
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        BbMail createMessage = BbMailManagerFactory.getInstance().createMessage();
                        createMessage.setTo(str5);
                        if (user2 != null) {
                            createMessage.setFrom(user2);
                        } else {
                            createMessage.setFrom(str5);
                        }
                        createMessage.setSubject(string);
                        createMessage.setBodyTrusted(string2);
                        createMessage.doNotBccSender();
                        createMessage.send();
                        return null;
                    }
                });
            } catch (PrivilegedActionException e3) {
                LogServiceFactory.getInstance().logError("Unexpected exception when notifying administrator of library failure.", e3.getCause());
            } catch (Exception e4) {
                LogServiceFactory.getInstance().logError("Unexpected exception when notifying administrator of library failure.", e4);
            }
            try {
                SHOULD_EMAIL = false;
                new Timer().schedule(new TimerTask() { // from class: blackboard.platform.security.EscapeUtility.3
                    @Override // java.util.TimerTask, java.lang.Runnable
                    public void run() {
                        boolean unused = EscapeUtility.SHOULD_EMAIL = true;
                    }
                }, 3600000L);
            } catch (Exception e5) {
                LogServiceFactory.getInstance().logError("Unexpected exception when notifying administrator of library failure.", e5);
            }
        }
    }

    private static EscapeHandler getHandler() {
        EscapeHandler escapeHandler = null;
        Iterator it = ExtensionRegistryFactory.getInstance().getExtensions(EscapeHandler.EXTENSION_POINT, true).iterator();
        if (it.hasNext()) {
            escapeHandler = USE_EXTENSIONS ? (EscapeHandler) it.next() : null;
        }
        if (null == escapeHandler) {
            escapeHandler = BASE_HANDLER;
            BbResourceBundle bundle = BundleManagerFactory.getInstance().getBundle("security", LocaleManagerFactory.getInstance().getDefaultLocale().getLocale());
            emailAdministrator(bundle.getString("utility.escape.name"), "ESAPI Security Module", bundle.getString("utility.escape.description"));
        }
        return escapeHandler;
    }

    private static boolean isTrusted(boolean z) {
        return !z && XSSUtil.isTrusted();
    }

    public static String escapeForHTML(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForHTML(str);
    }

    public static String escapeForHTML(String str) {
        return escapeForHTML(str, true);
    }

    public static String escapeForHTMLAttribute(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForHTMLAttribute(str);
    }

    public static String escapeForHTMLAttribute(String str) {
        return escapeForHTMLAttribute(str, true);
    }

    public static String escapeForJavascript(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForJavascript(str);
    }

    public static String escapeForJavascript(String str) {
        return escapeForJavascript(str, true);
    }

    public static String escapeForURL(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForURL(str);
    }

    public static String escapeForURL(String str) {
        return escapeForURL(str, true);
    }

    public static String escapeForCSS(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForCSS(str);
    }

    public static String escapeForCSS(String str) {
        return escapeForCSS(str, true);
    }

    public static String escapeForXML(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForXML(str);
    }

    public static String escapeForXML(String str) {
        return escapeForXML(str, true);
    }

    public static String escapeForXMLAttribute(String str, boolean z) {
        return isTrusted(z) ? str : getHandler().escapeForXMLAttribute(str);
    }

    public static String escapeForXMLAttribute(String str) {
        return escapeForXMLAttribute(str, true);
    }
}
