package com.airwatch.email;

import android.annotation.SuppressLint;
import android.app.admin.DeviceAdminReceiver;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.ContentProviderOperation;
import android.content.ContentUris;
import android.content.Context;
import android.content.Intent;
import android.content.OperationApplicationException;
import android.database.Cursor;
import android.os.Build;
import android.os.RemoteException;
import android.support.v4.widget.ExploreByTouchHelper;
import android.util.Log;
import com.airwatch.email.activity.StartupActivity;
import com.airwatch.email.service.AdminBroadcastProcessorService;
import com.airwatch.email.utility.EmailUtility;
import com.airwatch.emailcommon.provider.AccountStorage;
import com.airwatch.emailcommon.provider.EmailContent;
import com.airwatch.emailcommon.provider.Policy;
import com.airwatch.emailcommon.provider.model.Account;
import com.airwatch.emailcommon.utility.TextUtilities;
import com.airwatch.emailcommon.utility.Utility;
import com.airwatch.exchange.AbstractSyncService;
import com.google.common.annotations.VisibleForTesting;
import java.util.ArrayList;

/* loaded from: classes.dex */
public class SecurityPolicy {
    private static SecurityPolicy a = null;
    private Context b;
    private final AccountStorage c;
    private DevicePolicyManager d = null;
    private final ComponentName e = new ComponentName(Email.b(), (Class<?>) PolicyAdmin.class);
    private Policy f = null;

    /* loaded from: classes.dex */
    public static class PolicyAdmin extends DeviceAdminReceiver {
        @Override // android.app.admin.DeviceAdminReceiver
        public CharSequence onDisableRequested(Context context, Intent intent) {
            AdminBroadcastProcessorService.a(context, 2);
            return context.getString(R.string.disable_admin_warning);
        }

        @Override // android.app.admin.DeviceAdminReceiver
        public void onDisabled(Context context, Intent intent) {
        }

        @Override // android.app.admin.DeviceAdminReceiver
        public void onEnabled(Context context, Intent intent) {
            AdminBroadcastProcessorService.a(context, 1);
        }

        @Override // android.app.admin.DeviceAdminReceiver
        public void onPasswordChanged(Context context, Intent intent) {
            AdminBroadcastProcessorService.a(context, 3);
        }

        @Override // android.app.admin.DeviceAdminReceiver
        public void onPasswordExpiring(Context context, Intent intent) {
            AdminBroadcastProcessorService.a(context, 4);
        }
    }

    private SecurityPolicy(Context context) {
        this.b = context.getApplicationContext();
        this.c = new AccountStorage(this.b);
    }

    public static synchronized SecurityPolicy a(Context context) {
        SecurityPolicy securityPolicy;
        synchronized (SecurityPolicy.class) {
            if (a == null) {
                a = new SecurityPolicy(context.getApplicationContext());
            }
            securityPolicy = a;
        }
        return securityPolicy;
    }

    public static void a(Context context, int i) {
        SecurityPolicy a2 = a(context);
        switch (i) {
            case 1:
                a2.a(true);
                StartupActivity.a(context);
                return;
            case 2:
                a2.a(false);
                ConfigurationManager.a().b();
                EmailUtility.k();
                EmailUtility.g();
                EmailUtility.h();
                return;
            case 3:
                new AccountStorage(context).d();
                NotificationController.a(context).a();
                return;
            case 4:
                Context context2 = a2.b;
                long longValue = Utility.a(context2, Policy.j, Policy.g, "passwordExpirationDays>0", (String[]) null, "passwordExpirationDays ASC", 0, (Long) (-1L)).longValue();
                long b = longValue < 0 ? -1L : Policy.b(context2, longValue);
                if (b != -1) {
                    if (!(a2.i().getPasswordExpiration(a2.e) - System.currentTimeMillis() < 0)) {
                        NotificationController.a(a2.b).c(b);
                        return;
                    } else {
                        if (a(context2, Controller.a(context2))) {
                            NotificationController.a(a2.b).d(b);
                            return;
                        }
                        return;
                    }
                }
                return;
            default:
                return;
        }
    }

    public static void a(Context context, long j, boolean z) {
        Account a2 = new AccountStorage(context).a(j);
        if (a2 != null) {
            a(context, a2, z);
        }
    }

    private static void a(Context context, Account account, boolean z) {
        if (z) {
            account.k |= 32;
        } else {
            account.k &= -33;
        }
        new AccountStorage(context).c(account);
    }

    private void a(boolean z) {
        if (!z) {
            b(this.b);
            return;
        }
        ConfigurationManager a2 = ConfigurationManager.a();
        if (a2.c()) {
            b(this.b);
            StartupActivity.a(Email.b());
            a2.a(false);
        }
    }

    @VisibleForTesting
    private static boolean a(Context context, Controller controller) {
        Account a2;
        Cursor query = context.getContentResolver().query(Policy.j, Policy.g, "passwordExpirationDays>0", null, null);
        boolean z = false;
        while (query.moveToNext()) {
            try {
                long b = Policy.b(context, query.getLong(0));
                if (b >= 0 && (a2 = new AccountStorage(context).a(b)) != null) {
                    a(context, a2, true);
                    controller.k(b);
                    z = true;
                }
            } finally {
                query.close();
            }
        }
        return z;
    }

    private void b(Context context) {
        Cursor query = context.getContentResolver().query(AccountStorage.a, EmailContent.g, "policyKey IS NOT NULL AND policyKey!=0", null, null);
        try {
            Log.w("Email/SecurityPolicy", "Email administration disabled; deleting " + query.getCount() + " secured account(s)");
            while (query.moveToNext()) {
                Controller.a(context).a(query.getLong(0), context);
            }
            query.close();
            a();
            EmailUtility.k();
        } catch (Throwable th) {
            query.close();
            throw th;
        }
    }

    @VisibleForTesting
    private Policy g() {
        Policy policy = new Policy();
        policy.l = ExploreByTouchHelper.INVALID_ID;
        policy.k = ExploreByTouchHelper.INVALID_ID;
        policy.m = Integer.MAX_VALUE;
        policy.o = ExploreByTouchHelper.INVALID_ID;
        policy.n = Integer.MAX_VALUE;
        policy.p = ExploreByTouchHelper.INVALID_ID;
        policy.q = Integer.MAX_VALUE;
        policy.r = false;
        policy.s = false;
        policy.t = false;
        Cursor query = this.b.getContentResolver().query(Policy.j, Policy.G, null, null, null);
        Policy policy2 = new Policy();
        boolean z = false;
        while (query.moveToNext()) {
            try {
                policy2.a(query);
                if (Email.a) {
                    Log.d("Email/SecurityPolicy", "Aggregate from: " + policy2);
                }
                policy.l = Math.max(policy2.l, policy.l);
                policy.k = Math.max(policy2.k, policy.k);
                if (policy2.m > 0) {
                    policy.m = Math.min(policy2.m, policy.m);
                }
                if (policy2.q > 0) {
                    policy.q = Math.min(policy2.q, policy.q);
                }
                if (policy2.o > 0) {
                    policy.o = Math.max(policy2.o, policy.o);
                }
                if (policy2.n > 0) {
                    policy.n = Math.min(policy2.n, policy.n);
                }
                if (policy2.p > 0) {
                    policy.p = Math.max(policy2.p, policy.p);
                }
                policy.r |= policy2.r;
                policy.s |= policy2.s;
                policy.v |= policy2.v;
                z = true;
            } finally {
                query.close();
            }
        }
        if (!z) {
            if (Email.a) {
                Log.d("Email/SecurityPolicy", "Calculated Aggregate: no policy");
            }
            return Policy.H;
        }
        if (policy.l == Integer.MIN_VALUE) {
            policy.l = 0;
        }
        if (policy.k == Integer.MIN_VALUE) {
            policy.k = 0;
        }
        if (policy.m == Integer.MAX_VALUE) {
            policy.m = 0;
        }
        if (policy.q == Integer.MAX_VALUE) {
            policy.q = 0;
        }
        if (policy.o == Integer.MIN_VALUE) {
            policy.o = 0;
        }
        if (policy.n == Integer.MAX_VALUE) {
            policy.n = 0;
        }
        if (policy.p == Integer.MIN_VALUE) {
            policy.p = 0;
        }
        if (Email.a) {
            Log.d("Email/SecurityPolicy", "Calculated Aggregate: " + policy);
        }
        return policy;
    }

    private synchronized Policy h() {
        if (this.f == null) {
            this.f = g();
        }
        return this.f;
    }

    private synchronized DevicePolicyManager i() {
        if (this.d == null) {
            this.d = (DevicePolicyManager) this.b.getSystemService("device_policy");
        }
        return this.d;
    }

    private synchronized void j() {
        this.f = null;
        b();
    }

    public final synchronized void a() {
        this.f = null;
    }

    public final void a(long j) {
        Account a2 = this.c.a(j);
        if (a2 == null) {
            return;
        }
        if (Email.a) {
            if (a2.r == 0) {
                Log.d("Email/SecurityPolicy", "policiesRequired for " + a2.b + ": none");
            } else {
                Policy a3 = Policy.a(this.b, a2.r);
                if (a3 == null) {
                    Log.w("Email/SecurityPolicy", "No policy??");
                } else {
                    Log.d("Email/SecurityPolicy", "policiesRequired for " + a2.b + ": " + a3);
                }
            }
        }
        a(this.b, a2, true);
        NotificationController.a(this.b).a(a2);
    }

    public final void a(long j, Policy policy, String str) {
        Account a2 = this.c.a(j);
        Policy a3 = a2.r > 0 ? Policy.a(this.b, a2.r) : null;
        if ((a3 == null || !a3.equals(policy)) || !TextUtilities.c(str, a2.q)) {
            Context context = this.b;
            ArrayList<ContentProviderOperation> arrayList = new ArrayList<>();
            if (policy != null) {
                policy.d();
                arrayList.add(ContentProviderOperation.newInsert(Policy.j).withValues(policy.a()).build());
                arrayList.add(ContentProviderOperation.newUpdate(ContentUris.withAppendedId(AccountStorage.a, a2.a)).withValueBackReference("policyKey", 0).withValue("securitySyncKey", str).build());
            } else {
                arrayList.add(ContentProviderOperation.newUpdate(ContentUris.withAppendedId(AccountStorage.a, a2.a)).withValue("securitySyncKey", null).withValue("policyKey", 0).build());
            }
            if (a2.r > 0) {
                arrayList.add(ContentProviderOperation.newDelete(ContentUris.withAppendedId(Policy.j, a2.r)).build());
            }
            try {
                context.getContentResolver().applyBatch("com.airwatch.email.provider", arrayList);
                new AccountStorage(context).a(a2);
            } catch (OperationApplicationException e) {
            } catch (RemoteException e2) {
                throw new IllegalStateException("Exception setting account policy.");
            }
            if (EmailUtility.i()) {
                j();
            }
        } else {
            Log.d("AirWatchEmail", "setAccountPolicy; policy unchanged");
        }
        boolean z = false;
        if (!a(policy)) {
            z = true;
            Log.d("AirWatchEmail", "Notify policies for " + a2.b + " are not being enforced.");
            NotificationController.a(this.b).a(a2);
        }
        a(this.b, a2, z);
    }

    public final boolean a(Policy policy) {
        int b = b(policy);
        if (Email.a && b != 0) {
            StringBuilder sb = new StringBuilder("isActive for " + policy + ": ");
            if (b == 0) {
                sb.append("true");
            } else {
                sb.append("FALSE -> ");
            }
            if ((b & 1) != 0) {
                sb.append("no_admin ");
            }
            if ((b & 2) != 0) {
                sb.append("config ");
            }
            if ((b & 4) != 0) {
                sb.append("password ");
            }
            if ((b & 8) != 0) {
                sb.append("encryption ");
            }
            Log.d("Email/SecurityPolicy", sb.toString());
        }
        return b == 0;
    }

    public final int b(Policy policy) {
        if (policy == null) {
            policy = h();
        }
        if (policy == Policy.H || !EmailUtility.i()) {
            return 0;
        }
        DevicePolicyManager i = i();
        if (!e()) {
            return 1;
        }
        int i2 = (policy.l <= 0 || i.getPasswordMinimumLength(this.e) >= policy.l) ? 0 : 4;
        if (policy.k > 0) {
            if (i.getPasswordQuality(this.e) < policy.e()) {
                i2 |= 4;
            }
            if (!i.isActivePasswordSufficient()) {
                i2 |= 4;
            }
        }
        if (policy.q > 0 && i.getMaximumTimeToLock(this.e) > policy.q * AbstractSyncService.SECONDS) {
            i2 |= 2;
        }
        if (policy.n > 0) {
            long passwordExpirationTimeout = i.getPasswordExpirationTimeout(this.e);
            if (passwordExpirationTimeout == 0 || passwordExpirationTimeout > policy.f()) {
                i2 |= 4;
            }
            if (i.getPasswordExpiration(this.e) - System.currentTimeMillis() < 0) {
                i2 |= 4;
            }
        }
        if (policy.o > 0 && i.getPasswordHistoryLength(this.e) < policy.o) {
            i2 |= 2;
        }
        if (policy.p > 0 && i.getPasswordMinimumNonLetter(this.e) < policy.p) {
            i2 |= 4;
        }
        if (policy.s && i().getStorageEncryptionStatus() != 3) {
            i2 |= 8;
        }
        if (policy.v && !i.getCameraDisabled(this.e)) {
            i2 |= 2;
        }
        return i2;
    }

    @SuppressLint({"NewApi"})
    public final void b() {
        DevicePolicyManager i = i();
        Policy h = h();
        if (h == Policy.H) {
            if (Email.a) {
                Log.d("Email/SecurityPolicy", "setActivePolicies: none, remove admin");
            }
            i.removeActiveAdmin(this.e);
            return;
        }
        if (e()) {
            if (Email.a) {
                Log.d("Email/SecurityPolicy", "setActivePolicies: " + h);
            }
            i.setPasswordQuality(this.e, h.e());
            i.setPasswordMinimumLength(this.e, h.l);
            i.setMaximumTimeToLock(this.e, h.q * AbstractSyncService.SECONDS);
            i.setMaximumFailedPasswordsForWipe(this.e, h.m);
            long passwordExpirationTimeout = i.getPasswordExpirationTimeout(this.e);
            long f = h.f();
            if (passwordExpirationTimeout != f) {
                i.setPasswordExpirationTimeout(this.e, f);
            }
            i.setPasswordHistoryLength(this.e, h.o);
            i.setPasswordMinimumSymbols(this.e, 0);
            i.setPasswordMinimumNumeric(this.e, 0);
            i.setPasswordMinimumNonLetter(this.e, h.p);
            i.setCameraDisabled(this.e, h.v);
            i.setStorageEncryption(this.e, h.s);
            if (Build.VERSION.SDK_INT >= 17) {
                i.setKeyguardDisabledFeatures(this.e, h.k != 0 ? Integer.MAX_VALUE : 0);
            }
        }
    }

    public final void c() {
        NotificationController.a(this.b).b();
    }

    public final void d() {
        DevicePolicyManager i = i();
        if (!EmailUtility.i()) {
            EmailUtility.d();
        } else if (i.isAdminActive(this.e)) {
            i.wipeData(1);
        } else {
            Log.d("AirWatchEmail", "Could not remote wipe because not device admin.");
        }
    }

    public final boolean e() {
        if (!EmailUtility.i()) {
            return true;
        }
        DevicePolicyManager i = i();
        return i.isAdminActive(this.e) && i.hasGrantedPolicy(this.e, 6) && i.hasGrantedPolicy(this.e, 7) && i.hasGrantedPolicy(this.e, 8);
    }

    public final ComponentName f() {
        return this.e;
    }

    void setContext(Context context) {
        this.b = context;
    }
}
