package com.microsoft.omadm.platforms.afw.policy;

import android.annotation.TargetApi;
import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.content.IntentFilter;
import android.os.Build;
import android.os.UserManager;
import com.google.gson.Gson;
import com.google.gson.JsonSyntaxException;
import com.microsoft.intune.mam.client.app.startup.PermissionManager;
import com.microsoft.omadm.EnrollmentSettings;
import com.microsoft.omadm.OMADMSettings;
import com.microsoft.omadm.OMADMStatusCode;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.exception.OMADMStatusException;
import com.microsoft.omadm.platforms.afw.AfwSettings;
import com.microsoft.omadm.platforms.android.NativeSettings;
import com.microsoft.omadm.platforms.android.policy.NativePolicyManager;
import java.util.List;
import java.util.logging.Logger;
import javax.inject.Inject;

/* loaded from: classes.dex */
public class AfwPolicyManager extends NativePolicyManager {
    public static final String GOOGLE_ACCOUNT_TYPE = "com.google";
    private final AfwSettings afwSettings;
    private final UserManager userManager;
    private static final Logger LOGGER = Logger.getLogger(AfwPolicyManager.class.getName());
    private static final String[] DANGEROUS_PERMISSION_LIST = {"android.permission.WRITE_EXTERNAL_STORAGE", "android.permission.READ_PHONE_STATE", PermissionManager.PERMISSION_GET_ACCOUNTS};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class PermissionActionItem {
        private String action;
        private String permission;

        private PermissionActionItem() {
        }

        public String getAction() {
            return this.action;
        }

        public String getPermission() {
            return this.permission;
        }

        public void setBehavior(String str) {
            this.action = str;
        }

        public void setPermission(String str) {
            this.permission = str;
        }
    }

    /* loaded from: classes.dex */
    private class PermissionActions {
        private List<PermissionActionItem> permissionActions;

        private PermissionActions() {
        }

        public List<PermissionActionItem> getPermissionActions() {
            return this.permissionActions;
        }

        public void setPermissionActionsList(List<PermissionActionItem> list) {
            this.permissionActions = list;
        }
    }

    @Inject
    @TargetApi(17)
    public AfwPolicyManager(Context context, OMADMSettings oMADMSettings, EnrollmentSettings enrollmentSettings, NativeSettings nativeSettings, AfwSettings afwSettings) {
        super(context, oMADMSettings, enrollmentSettings, nativeSettings);
        this.afwSettings = afwSettings;
        if (Build.VERSION.SDK_INT >= 17) {
            this.userManager = (UserManager) context.getSystemService("user");
        } else {
            this.userManager = null;
        }
    }

    @TargetApi(23)
    private static int convertActionStringToInt(String str) throws OMADMException {
        char c = 65535;
        switch (str.hashCode()) {
            case -1895938684:
                if (str.equals("Prompt")) {
                    c = 0;
                    break;
                }
                break;
            case -651933555:
                if (str.equals("AutoGrant")) {
                    c = 1;
                    break;
                }
                break;
            case 1502889083:
                if (str.equals("AutoDeny")) {
                    c = 2;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                return 0;
            case 1:
                return 1;
            case 2:
                return 2;
            default:
                throw new OMADMException("Unknown action string.");
        }
    }

    @TargetApi(21)
    public void addCrossProfileIntentFilter(IntentFilter intentFilter, int i) {
        this.devicePolicyManager.addCrossProfileIntentFilter(this.componentName, intentFilter, i);
    }

    @TargetApi(21)
    public void addUserRestriction(String str) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on non AFW devices.");
        }
        this.devicePolicyManager.addUserRestriction(this.componentName, str);
    }

    @TargetApi(21)
    public void clearCrossProfileIntentFilters() {
        this.devicePolicyManager.clearCrossProfileIntentFilters(this.componentName);
    }

    @TargetApi(21)
    public void clearUserRestriction(String str) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on non AFW devices.");
        }
        this.devicePolicyManager.clearUserRestriction(this.componentName, str);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    public void disable() throws OMADMException {
        if (!isProfileOwner()) {
            throw new OMADMException("Cannot remove managed profile, app is currently not a profile owner.");
        }
        wipeDevice(true);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    @TargetApi(21)
    public boolean getAllowFingerprintForUnlock() throws OMADMException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to M.");
        }
        return getKeyguardFeaturesEnabled(32, getDeviceWidePolicyManager());
    }

    @TargetApi(21)
    public boolean getAllowScreenShot() throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to Lollipop.");
        }
        return !this.devicePolicyManager.getScreenCaptureDisabled(this.componentName);
    }

    @TargetApi(23)
    public int getDefaultAppPermissionPolicy() throws OMADMException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to M.");
        }
        try {
            return this.devicePolicyManager.getPermissionPolicy(this.componentName);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager
    protected DevicePolicyManager getDeviceWidePolicyManager() {
        return (Build.VERSION.SDK_INT < 24 || !isProfileOwner()) ? this.devicePolicyManager : this.devicePolicyManager.getParentProfileInstance(this.componentName);
    }

    @TargetApi(21)
    public boolean getDisableUnredactedNotifications() throws OMADMException {
        return !getKeyguardFeaturesEnabled(8, this.devicePolicyManager);
    }

    @TargetApi(23)
    public void grantCompanyPortalPermissions() {
        if (Build.VERSION.SDK_INT < 23) {
            LOGGER.info("Calling setPermissionGrantState for Android before M is not possible.");
            return;
        }
        for (String str : DANGEROUS_PERMISSION_LIST) {
            if (!this.devicePolicyManager.setPermissionGrantState(this.componentName, this.context.getPackageName(), str, 1)) {
                LOGGER.warning("Failed to grant Work Profile Company Portal the permission: " + str);
            }
        }
    }

    @TargetApi(21)
    public boolean hasUserRestriction(String str) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on non AFW devices.");
        }
        if (this.userManager == null) {
            throw new OMADMException("User manager is null. We can't get the user restriction information on " + str);
        }
        return this.userManager.hasUserRestriction(str);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    public boolean isDeviceAdmin() throws OMADMException {
        return false;
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    public boolean isEnabled() {
        return isProfileOwner();
    }

    public boolean isWorkPasswordCompliant() throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            long passwordExpiration = this.devicePolicyManager.getPasswordExpiration(this.componentName);
            if (this.devicePolicyManager.isActivePasswordSufficient()) {
                if (passwordExpiration != 0) {
                    if (passwordExpiration - System.currentTimeMillis() > 0) {
                    }
                }
                return true;
            }
            return false;
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public boolean isWorkPasswordRequired() {
        if (Build.VERSION.SDK_INT < 24) {
            return false;
        }
        return this.afwSettings.getInt(AfwSettings.WORK_PASSWORD_ENABLED, 1) == 0;
    }

    @TargetApi(24)
    public boolean removeUserCertificate(String str) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMException("Remove user certificates not supported on devices prior to N.");
        }
        return this.devicePolicyManager.removeKeyPair(this.componentName, str);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    public void resetPassword(String str) throws OMADMException {
        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices.");
    }

    @TargetApi(21)
    public void setAccountManagementDisabled(String str, boolean z) {
        this.devicePolicyManager.setAccountManagementDisabled(this.componentName, str, z);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    @TargetApi(21)
    public void setAllowFingerprintForUnlock(boolean z) throws OMADMException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to M.");
        }
        setKeyguardFeaturesEnabled(32, z, getDeviceWidePolicyManager());
    }

    @TargetApi(21)
    public void setAllowScreenShot(boolean z) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to Lollipop.");
        }
        this.devicePolicyManager.setScreenCaptureDisabled(this.componentName, !z);
    }

    @TargetApi(21)
    public void setAllowWorkFingerprintForUnlock(boolean z) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        setKeyguardFeaturesEnabled(32, z, this.devicePolicyManager);
    }

    public void setApplicationRestrictionsManagingPackage(String str) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            LOGGER.info("Calling setApplicationRestrictionsManagingPackage for Android L-M is not necessary; ignoring.");
            return;
        }
        try {
            this.devicePolicyManager.setApplicationRestrictionsManagingPackage(this.componentName, str);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    @TargetApi(23)
    public void setDefaultAppPermissionPolicy(int i) throws OMADMException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to M.");
        }
        try {
            this.devicePolicyManager.setPermissionPolicy(this.componentName, i);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    @TargetApi(21)
    public void setDisableUnredactedNotifications(boolean z) throws OMADMException {
        setKeyguardFeaturesEnabled(8, !z, this.devicePolicyManager);
    }

    @TargetApi(23)
    public void setPermissionGrantState(String str, String str2) throws OMADMException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on non AFW devices.");
        }
        try {
            PermissionActions permissionActions = (PermissionActions) new Gson().fromJson(str2, PermissionActions.class);
            if (permissionActions != null) {
                for (PermissionActionItem permissionActionItem : permissionActions.getPermissionActions()) {
                    this.devicePolicyManager.setPermissionGrantState(this.componentName, str, permissionActionItem.getPermission(), convertActionStringToInt(permissionActionItem.getAction()));
                }
            }
        } catch (JsonSyntaxException e) {
            throw new OMADMException("Failure while parsing the permission action list.");
        }
    }

    @TargetApi(21)
    public void setProfileEnabled() throws OMADMException {
        try {
            this.devicePolicyManager.setProfileEnabled(this.componentName);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    @TargetApi(21)
    public void setUserRestriction(String str, boolean z) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on non AFW devices.");
        }
        if (z) {
            addUserRestriction(str);
        } else {
            clearUserRestriction(str);
        }
    }

    public void setWorkMaximumFailedPasswordsForWipe(int i) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setMaximumFailedPasswordsForWipe(this.componentName, i);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public void setWorkMaximumTimeToLock(long j) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setMaximumTimeToLock(this.componentName, j);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public void setWorkPasswordExpiration(long j) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setPasswordExpirationTimeout(this.componentName, j);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public void setWorkPasswordHistoryLength(int i) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setPasswordHistoryLength(this.componentName, i);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public void setWorkPasswordMinimumLength(int i) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setPasswordMinimumLength(this.componentName, i);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    public void setWorkPasswordQuality(int i) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        try {
            this.devicePolicyManager.setPasswordQuality(this.componentName, i);
        } catch (Exception e) {
            throw new OMADMException(e);
        }
    }

    @TargetApi(21)
    public void setWorkTrustAgentsEnabled(boolean z) throws OMADMException {
        if (Build.VERSION.SDK_INT < 24) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_SUPPORTED, "Not supported on AFW devices prior to N.");
        }
        setKeyguardFeaturesEnabled(16, z, this.devicePolicyManager);
    }

    @Override // com.microsoft.omadm.platforms.android.policy.NativePolicyManager, com.microsoft.omadm.platforms.IPolicyManager
    public boolean shouldStartEncryption() {
        return false;
    }

    @TargetApi(21)
    public void uninstallCaCert(byte[] bArr) throws OMADMException {
        if (Build.VERSION.SDK_INT < 21) {
            throw new OMADMException("Remove CA certificates not supported on devices prior to L.");
        }
        this.devicePolicyManager.uninstallCaCert(this.componentName, bArr);
    }
}
