package com.manydesigns.portofino.security;

import com.manydesigns.elements.ElementsThreadLocals;
import com.manydesigns.portofino.actions.Permissions;
import com.manydesigns.portofino.config.ConfigurationSource;
import com.manydesigns.portofino.operations.Operation;
import com.manydesigns.portofino.resourceactions.ActionInstance;
import com.manydesigns.portofino.resourceactions.ResourceAction;
import com.manydesigns.portofino.spring.PortofinoSpringConfiguration;
import java.io.IOException;
import java.lang.reflect.Method;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import org.apache.commons.configuration2.Configuration;
import org.apache.commons.vfs2.FileObject;

/* loaded from: input_file:com/manydesigns/portofino/security/SecurityFacade.class */
public abstract class SecurityFacade {
    public abstract boolean hasPermissions(Configuration configuration, Permissions permissions, AccessLevel accessLevel, String... strArr);

    public boolean hasPermissions(Configuration configuration, Permissions permissions, RequiresPermissions requiresPermissions) {
        return hasPermissions(configuration, permissions, requiresPermissions.level(), requiresPermissions.permissions());
    }

    public boolean hasPermissions(Configuration configuration, ActionInstance actionInstance, AccessLevel accessLevel, String... strArr) {
        return hasPermissions(configuration, SecurityLogic.calculateActualPermissions(actionInstance), accessLevel, strArr);
    }

    public boolean hasPermissions(Configuration configuration, Permissions permissions, Method method, Class<?> cls) {
        SecurityLogic.logger.debug("Checking action permissions");
        RequiresPermissions requiresPermissionsAnnotation = SecurityLogic.getRequiresPermissionsAnnotation(method, cls);
        if (requiresPermissionsAnnotation != null) {
            return hasPermissions(configuration, permissions, requiresPermissionsAnnotation);
        }
        return true;
    }

    public boolean hasPermissions(Configuration configuration, Method method, Class cls, ActionInstance actionInstance) {
        RequiresPermissions requiresPermissionsAnnotation = SecurityLogic.getRequiresPermissionsAnnotation(method, cls);
        if (requiresPermissionsAnnotation != null) {
            return hasPermissions(configuration, SecurityLogic.calculateActualPermissions(actionInstance), requiresPermissionsAnnotation);
        }
        return true;
    }

    public boolean hasPermissions(Configuration configuration, ActionInstance actionInstance, Method method) {
        SecurityLogic.logger.debug("Checking action permissions");
        RequiresPermissions requiresPermissionsAnnotation = SecurityLogic.getRequiresPermissionsAnnotation(method, actionInstance.getActionClass());
        if (requiresPermissionsAnnotation != null) {
            return hasPermissions(configuration, actionInstance, requiresPermissionsAnnotation.level(), requiresPermissionsAnnotation.permissions());
        }
        return true;
    }

    public boolean isOperationAllowed(ResourceAction resourceAction, Configuration configuration, HttpServletRequest httpServletRequest, Operation operation, Method method) {
        return isAdministrator((ServletRequest) httpServletRequest) || ((resourceAction.getActionInstance() == null || hasPermissions(configuration, operation.getMethod(), resourceAction.getClass(), resourceAction.getActionInstance())) && SecurityLogic.satisfiesRequiresAdministrator(resourceAction, method, false));
    }

    public boolean isOperationAllowed(HttpServletRequest httpServletRequest, ActionInstance actionInstance, ResourceAction resourceAction, Method method) {
        String requestURI;
        boolean hasPermissions;
        if (!SecurityLogic.satisfiesRequiresAdministrator(resourceAction, method, isAdministrator((ServletRequest) httpServletRequest))) {
            return false;
        }
        SecurityLogic.logger.debug("Checking actionDescriptor permissions");
        if (!(!isAdministrator((ServletRequest) httpServletRequest))) {
            return true;
        }
        ConfigurationSource configurationSource = (ConfigurationSource) httpServletRequest.getServletContext().getAttribute(PortofinoSpringConfiguration.CONFIGURATION_SOURCE);
        if (actionInstance != null) {
            SecurityLogic.logger.debug("The protected resource is a actionDescriptor action");
            requestURI = actionInstance.getPath();
            hasPermissions = hasPermissions(configurationSource.getProperties(), actionInstance, method);
        } else {
            SecurityLogic.logger.debug("The protected resource is a regular JAX-RS resource");
            requestURI = httpServletRequest.getRequestURI();
            hasPermissions = hasPermissions(configurationSource.getProperties(), new Permissions(), method, resourceAction.getClass());
        }
        if (hasPermissions) {
            return true;
        }
        SecurityLogic.logger.info("Access to {} is forbidden", requestURI);
        return false;
    }

    public boolean isAdministrator(ServletRequest servletRequest) {
        return isAdministrator(((ConfigurationSource) ElementsThreadLocals.getServletContext().getAttribute(PortofinoSpringConfiguration.CONFIGURATION_SOURCE)).getProperties());
    }

    public abstract boolean isAdministrator(Configuration configuration);

    public abstract Object getSecurityUtilsBean();

    public abstract Object getUserId();

    public abstract Set<String> getGroups();

    public abstract void setup(FileObject fileObject, String str, String str2) throws IOException;

    public abstract boolean isUserAuthenticated();

    public abstract Map getUsers();

    public abstract void checkWebResourceIsAccessible(ContainerRequestContext containerRequestContext, Object obj, Method method);
}
