package com.samsung.android.email.newsecurity.policy.exchange;

import android.content.ComponentName;
import android.content.ContentResolver;
import android.content.ContentValues;
import android.content.Context;
import android.content.Intent;
import android.database.Cursor;
import com.samsung.android.email.common.newsecurity.manager.DPMManager;
import com.samsung.android.email.common.newsecurity.manager.SemNotificationManager;
import com.samsung.android.email.common.newsecurity.util.SecurityAccountHelper;
import com.samsung.android.email.common.newsecurity.util.SecurityStatusUtil;
import com.samsung.android.email.common.service.EmailSetService;
import com.samsung.android.email.newsecurity.DaggerNewSecurityComponent;
import com.samsung.android.email.sync.exchange.controller.EasAccountSyncController;
import com.samsung.android.email.sync.helper.EmailSyncManager;
import com.samsung.android.emailcommon.account.AttachmentUtility;
import com.samsung.android.emailcommon.basic.log.SemPolicyLog;
import com.samsung.android.emailcommon.newsecurity.ITPolicyConst;
import com.samsung.android.emailcommon.provider.Account;
import com.samsung.android.emailcommon.provider.BodyUtilities;
import com.samsung.android.emailcommon.provider.EmailContent;
import com.samsung.android.emailcommon.provider.HostAuth;
import com.samsung.android.emailcommon.provider.Mailbox;
import com.samsung.android.emailcommon.provider.Provider;
import java.util.concurrent.TimeUnit;
import javax.inject.Inject;

/* loaded from: classes2.dex */
public class DeviceSecurityPolicyImpl implements DeviceSecurityPolicy {
    private final String TAG = DeviceSecurityPolicyImpl.class.getSimpleName();
    private final Context mContext;

    @Inject
    PolicyDatabaseOperator mPolicyDatabaseOperator;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Inject
    public DeviceSecurityPolicyImpl(Context context) {
        this.mContext = context;
        DaggerNewSecurityComponent.factory().create(context).inject(this);
    }

    private void deactivateAdmin(ComponentName componentName) {
        SemPolicyLog.d("%s::processDeactivatingAdmin() remove ActiveAdmin as no policy", this.TAG);
        try {
            DPMManager.removeActiveAdmin(this.mContext, componentName);
            DPMManager.setAdminPolicy(this.mContext, false, null);
            sendBroadcastPolicyChangedToSettingsReceiver();
        } catch (Exception e) {
            SemPolicyLog.e("%s::processDeactivatingAdmin() has exception[%s]", this.TAG, e.getMessage());
        }
    }

    private void deleteSyncedDataSync(long j) {
        try {
            AttachmentUtility.deleteAllAccountAttachmentFiles(this.mContext, j);
            BodyUtilities.deleteAllAccountBodyFiles(this.mContext, j);
            this.mPolicyDatabaseOperator.deleteAllMailboxesExceptInbox(j);
            this.mPolicyDatabaseOperator.deleteAllRemainingMessages(j);
            updateNullAccountSyncKey(j);
            updateNullMailboxSyncKey(j);
            SemNotificationManager.getInstance().deleteNewMessageNotifications(this.mContext, j);
            EasAccountSyncController.getInstance(this.mContext, j).deleteAccountPIMDataFrom();
        } catch (Exception e) {
            SemPolicyLog.e(this.TAG, "deleteSyncedDataSync() has exception : ", e.getMessage());
        }
    }

    private void disableSmartLockDependingOnPasswordQuality(ComponentName componentName, ITPolicyHashMap iTPolicyHashMap) {
        try {
            int passwordQuality = iTPolicyHashMap.getPasswordQuality();
            if (passwordQuality >= 131072 && DPMManager.isActivePasswordSufficient(this.mContext)) {
                DPMManager.setDisableKeyguardFeatures(this.mContext, componentName, 16);
            } else if (passwordQuality < 131072) {
                DPMManager.setDisableKeyguardFeatures(this.mContext, componentName, 0);
            }
        } catch (SecurityException e) {
            SemPolicyLog.e("%s::disableSmartLockUponPasswordQuality(), setDisableKeyguardFeatures(KEYGUARD_DISABLE_FEATURES_NONE) has exception[%s]", this.TAG, e.getMessage());
        }
    }

    private boolean doWipeExpiredAccounts(long j, Account account) {
        long j2;
        Cursor query = this.mContext.getContentResolver().query(Account.CONTENT_URI, ITPolicyConst.ACCOUNT_SECURITY_PROJECTION, null, null, null);
        if (query == null) {
            if (query != null) {
                query.close();
            }
            return false;
        }
        do {
            try {
                if (!query.moveToNext()) {
                    if (query != null) {
                        query.close();
                    }
                    return false;
                }
                j2 = query.getLong(0);
            } catch (Throwable th) {
                if (query != null) {
                    try {
                        query.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } while (j2 != j);
        SecurityAccountHelper.updateAccountSecurityHoldFlag(this.mContext, account, true);
        SecurityAccountHelper.updateAccountPasswordExpiredFlag(this.mContext, account, true);
        deleteSyncedDataSync(j2);
        if (query != null) {
            query.close();
        }
        return true;
    }

    private boolean isNoExchangeAccountInDatabase() {
        return !ITPolicyFactory.getExchangeAccountChecker().isEasAccountPresentInDB(this.mContext);
    }

    private void onAdminDisabled() {
        HostAuth restoreHostAuthWithId;
        Cursor query = this.mContext.getContentResolver().query(Account.CONTENT_URI, Account.CONTENT_PROJECTION, null, null, null);
        if (query == null) {
            if (query != null) {
                query.close();
                return;
            }
            return;
        }
        while (query.moveToNext()) {
            try {
                long j = query.getLong(6);
                if (j > 0 && (restoreHostAuthWithId = HostAuth.restoreHostAuthWithId(this.mContext, j)) != null && restoreHostAuthWithId.mProtocol.equals("eas")) {
                    long j2 = query.getLong(0);
                    ITPolicyHashMap oneAccountPolicy = this.mPolicyDatabaseOperator.getOneAccountPolicy(j2);
                    if (j2 > 0 && oneAccountPolicy != null && !oneAccountPolicy.isDefaultPolicy()) {
                        EmailSyncManager.deleteAccountSync(this.mContext, j2);
                        EmailSetService.setServicesEnabledSync(this.mContext);
                    }
                }
            } catch (Throwable th) {
                if (query != null) {
                    try {
                        query.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        if (query != null) {
            query.close();
        }
    }

    private void onPasswordChanged() {
        Cursor query = this.mContext.getContentResolver().query(Account.CONTENT_URI, new String[]{"_id", "accountType"}, null, null, null);
        if (query == null) {
            if (query != null) {
                query.close();
                return;
            }
            return;
        }
        try {
            if (query.getCount() <= 0) {
                if (query != null) {
                    query.close();
                    return;
                }
                return;
            }
            SemNotificationManager semNotificationManager = SemNotificationManager.getInstance();
            query.moveToPosition(-1);
            boolean z = true;
            boolean z2 = true;
            while (query.moveToNext()) {
                long j = query.getLong(0);
                int i = query.getInt(1);
                Account restoreAccountWithId = Account.restoreAccountWithId(this.mContext, j);
                if (restoreAccountWithId != null && Provider.isAccountTypeExchange(i)) {
                    int inactiveReasons = getInactiveReasons(j);
                    if (inactiveReasons == 0) {
                        SecurityAccountHelper.updateAccountSecurityHoldFlag(this.mContext, restoreAccountWithId, false);
                        SecurityAccountHelper.updateAccountPasswordExpiredFlag(this.mContext, restoreAccountWithId, false);
                        EasAccountSyncController.getInstance(this.mContext, j).startPush();
                    } else {
                        if ((inactiveReasons & 4) != 0) {
                            z = false;
                        } else {
                            SecurityAccountHelper.updateAccountPasswordExpiredFlag(this.mContext, restoreAccountWithId, false);
                        }
                        SecurityAccountHelper.updateAccountSecurityHoldFlag(this.mContext, restoreAccountWithId, true);
                        semNotificationManager.addPoliciesRequiredNotification(this.mContext, j);
                        z2 = false;
                    }
                    if (z) {
                        semNotificationManager.deleteOneNotification(this.mContext, (int) ((-1073741824) + j));
                        semNotificationManager.deleteOneNotification(this.mContext, (int) ((-805306368) + j));
                    }
                    if (z2) {
                        semNotificationManager.deleteOneNotification(this.mContext, (int) (j - 1879048192));
                    }
                }
            }
            if (query != null) {
                query.close();
            }
        } catch (Throwable th) {
            if (query != null) {
                try {
                    query.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void onPasswordExpiring() {
        Account restoreAccountWithId;
        long shortestPasswordExpirationAccountId = this.mPolicyDatabaseOperator.getShortestPasswordExpirationAccountId();
        if (shortestPasswordExpirationAccountId == -1 || (restoreAccountWithId = Account.restoreAccountWithId(this.mContext, shortestPasswordExpirationAccountId)) == null) {
            return;
        }
        if (!isDevicePasswordExpired()) {
            SemNotificationManager.getInstance().addPasswordExpiredNotification(this.mContext, shortestPasswordExpirationAccountId, false);
        } else if (doWipeExpiredAccounts(shortestPasswordExpirationAccountId, restoreAccountWithId)) {
            SemNotificationManager.getInstance().addPasswordExpiredNotification(this.mContext, shortestPasswordExpirationAccountId, true);
        }
    }

    private void sendBroadcastPolicyChangedToSettingsReceiver() {
        this.mContext.sendBroadcast(new Intent("com.samsung.settings.EAS_POLICY_STATE_CHANGED"));
    }

    private void setApplicationPolicies(ComponentName componentName, ITPolicyHashMap iTPolicyHashMap) {
        DPMManager.setBlockListInRom(this.mContext, componentName, iTPolicyHashMap.getBlockAppInRom());
        DPMManager.setAllowAppListThirdParty(this.mContext, componentName, iTPolicyHashMap.getAllowAppThirdParty());
        DPMManager.setAllowUnsignedInstallationPkg(this.mContext, componentName, iTPolicyHashMap.getAllowUnsignedInstallationPackages());
        DPMManager.setAllowUnsignedApp(this.mContext, componentName, iTPolicyHashMap.getAllowUnsignedApplications());
    }

    private void setDeviceEncryptionPolicies(ComponentName componentName, ITPolicyHashMap iTPolicyHashMap) {
        DPMManager.setStorageEncryption(this.mContext, componentName, iTPolicyHashMap.getRequireDeviceEncryption());
        boolean externalSDEncryption = DPMManager.getExternalSDEncryption(this.mContext, componentName);
        DPMManager.setExternalSDEncryption(this.mContext, componentName, iTPolicyHashMap.getSDCardEncryptionEnabled());
        boolean externalSDEncryption2 = DPMManager.getExternalSDEncryption(this.mContext, componentName);
        if (!externalSDEncryption || externalSDEncryption2) {
            return;
        }
        DPMManager.setAdminPolicy(this.mContext, false, null);
    }

    private void setDeviceLockScreenPolicies(ComponentName componentName, ITPolicyHashMap iTPolicyHashMap) {
        DPMManager.setPasswordQuality(this.mContext, componentName, iTPolicyHashMap.getPasswordQuality());
        DPMManager.setPasswordMinimumLength(this.mContext, componentName, iTPolicyHashMap.getMinDevicePasswordLength());
        DPMManager.setMaximumFailedPasswordsForWipe(this.mContext, componentName, iTPolicyHashMap.getMaxDevicePasswordFailedAttempts());
        DPMManager.setPasswordExpirationTimeout(this.mContext, componentName, iTPolicyHashMap.getPasswordExpirationTimeout());
        DPMManager.setPasswordHistoryLength(this.mContext, componentName, iTPolicyHashMap.getDevicePasswordHistory());
        DPMManager.setSimplePasswordEnabled(this.mContext, componentName, iTPolicyHashMap.getAllowSimpleDevicePassword());
        DPMManager.setMaximumTimeToLock(this.mContext, componentName, iTPolicyHashMap.getMaxInactivityTime() * 1000);
        DPMManager.setPasswordMinimumNonLetter(this.mContext, componentName, 0);
        if (iTPolicyHashMap.getMinPasswordComplexCharacters() == 4) {
            DPMManager.setPasswordMinimumUpperCase(this.mContext, componentName, 1);
            DPMManager.setPasswordMinimumLowerCase(this.mContext, componentName, 1);
        } else {
            DPMManager.setPasswordMinimumUpperCase(this.mContext, componentName, 0);
            DPMManager.setPasswordMinimumLowerCase(this.mContext, componentName, 0);
        }
    }

    private void setDeviceOtherPolicies(ComponentName componentName, ITPolicyHashMap iTPolicyHashMap) {
        if (SecurityStatusUtil.isDeviceReadyToSupportAllowSMSPolicy(this.mContext)) {
            DPMManager.setAllowTextMessaging(this.mContext, componentName, iTPolicyHashMap.getAllowTextMessaging());
        }
        DPMManager.setAllowStorageCard(this.mContext, componentName, iTPolicyHashMap.getAllowStorageCard());
        DPMManager.setCameraDisabled(this.mContext, componentName, !iTPolicyHashMap.getAllowCamera());
        DPMManager.setAllowWifi(this.mContext, componentName, iTPolicyHashMap.getAllowWifi());
        DPMManager.setAllowPOPIMAPEmail(this.mContext, componentName, iTPolicyHashMap.getAllowPOPIMAPEmail());
        DPMManager.setAllowIrDA(this.mContext, componentName, iTPolicyHashMap.getAllowIrDA());
        DPMManager.setAllowBrowser(this.mContext, componentName, iTPolicyHashMap.getAllowBrowser());
        DPMManager.setAllowInternetSharing(this.mContext, componentName, iTPolicyHashMap.getAllowInternetSharing());
        DPMManager.setAllowDesktopSync(this.mContext, componentName, iTPolicyHashMap.getAllowDesktopSync());
        DPMManager.notifyChanges(this.mContext, componentName, true);
        DPMManager.setAllowBluetoothMode(this.mContext, componentName, iTPolicyHashMap.getAllowBluetoothMode());
        DPMManager.notifyChanges(this.mContext, componentName, false);
    }

    private void updateNullAccountSyncKey(long j) {
        ContentResolver contentResolver = this.mContext.getContentResolver();
        String[] strArr = {Long.toString(j)};
        ContentValues contentValues = new ContentValues();
        contentValues.putNull("syncKey");
        contentResolver.update(Account.CONTENT_URI, contentValues, EmailContent.ID_SELECTION, strArr);
    }

    private void updateNullMailboxSyncKey(long j) {
        ContentResolver contentResolver = this.mContext.getContentResolver();
        String[] strArr = {Long.toString(j)};
        ContentValues contentValues = new ContentValues();
        contentValues.putNull("syncKey");
        contentResolver.update(Mailbox.CONTENT_URI, contentValues, "accountKey=?", strArr);
    }

    @Override // com.samsung.android.email.newsecurity.policy.exchange.DeviceSecurityPolicy
    public int getInactiveReasons(long j) {
        ITPolicyChecker iTPolicyChecker = ITPolicyFactory.getITPolicyChecker();
        ITPolicyHashMap aggregatedPolicy = j == -1 ? this.mPolicyDatabaseOperator.getAggregatedPolicy() : this.mPolicyDatabaseOperator.getOneAccountPolicy(j);
        int inactiveReasons = aggregatedPolicy == null ? 0 : iTPolicyChecker.getInactiveReasons(this.mContext, aggregatedPolicy);
        SemPolicyLog.d(this.TAG, "inactiveReasons=" + inactiveReasons + ", account Id: " + j);
        return inactiveReasons;
    }

    @Override // com.samsung.android.email.newsecurity.policy.exchange.DeviceSecurityPolicy
    public void handleAdminMessage(int i) {
        if (i == 1) {
            SemPolicyLog.d(this.TAG, "handleAdminMessage() DEVICE_ADMIN_MESSAGE_ENABLED ignored!!");
            return;
        }
        if (i == 2) {
            SemPolicyLog.d(this.TAG, "handleAdminMessage() DEVICE_ADMIN_MESSAGE_DISABLED");
            onAdminDisabled();
        } else if (i == 3) {
            SemPolicyLog.d(this.TAG, "handleAdminMessage() DEVICE_ADMIN_MESSAGE_PASSWORD_CHANGED");
            onPasswordChanged();
        } else {
            if (i != 4) {
                return;
            }
            SemPolicyLog.d(this.TAG, "handleAdminMessage() DEVICE_ADMIN_MESSAGE_PASSWORD_EXPIRING");
            onPasswordExpiring();
        }
    }

    @Override // com.samsung.android.email.newsecurity.policy.exchange.DeviceSecurityPolicy
    public boolean isDevicePasswordExpired() {
        return DPMManager.getPasswordExpirationTimeout(this.mContext, null) > 0 && DPMManager.getPasswordExpiration(this.mContext, null) < System.currentTimeMillis();
    }

    @Override // com.samsung.android.email.newsecurity.policy.exchange.DeviceSecurityPolicy
    public boolean isDevicePasswordExpiring() {
        return DPMManager.getPasswordExpirationTimeout(this.mContext, null) > 0 && DPMManager.getPasswordExpiration(this.mContext, null) - (TimeUnit.DAYS.toMillis(1L) * 5) <= System.currentTimeMillis();
    }

    @Override // com.samsung.android.email.newsecurity.policy.exchange.DeviceSecurityPolicy
    public void setActivePolicies() {
        ComponentName admin = DPMManager.getAdmin(this.mContext);
        ITPolicyHashMap aggregatedPolicy = this.mPolicyDatabaseOperator.getAggregatedPolicy();
        if (admin == null) {
            SemPolicyLog.w("%s::setActivePolicies() is terminated. getAdmin returned null!!", this.TAG);
            return;
        }
        if (isNoExchangeAccountInDatabase()) {
            deactivateAdmin(admin);
            return;
        }
        if (aggregatedPolicy == null || !DPMManager.isAdminActive(this.mContext, admin)) {
            return;
        }
        try {
            try {
                DPMManager.notifyChanges(this.mContext, admin, false);
                setDeviceLockScreenPolicies(admin, aggregatedPolicy);
                setDeviceEncryptionPolicies(admin, aggregatedPolicy);
                setApplicationPolicies(admin, aggregatedPolicy);
                setDeviceOtherPolicies(admin, aggregatedPolicy);
                disableSmartLockDependingOnPasswordQuality(admin, aggregatedPolicy);
            } catch (Exception e) {
                SemPolicyLog.w("%s::setActivePolicies() has exception[%s]", this.TAG, e.getMessage());
            }
        } finally {
            DPMManager.notifyChanges(this.mContext, admin, true);
        }
    }
}
