package com.manydesigns.portofino.security;

import com.manydesigns.portofino.PortofinoProperties;
import com.manydesigns.portofino.actions.ActionDescriptor;
import com.manydesigns.portofino.actions.ActionLogic;
import com.manydesigns.portofino.actions.Permissions;
import com.manydesigns.portofino.resourceactions.ActionInstance;
import com.manydesigns.portofino.resourceactions.ResourceAction;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.configuration2.Configuration;
import org.apache.commons.vfs2.FileObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/manydesigns/portofino/security/SecurityLogic.class */
public class SecurityLogic {
    public static final String copyright = "Copyright (C) 2005-2020 ManyDesigns srl";
    public static final String GROUP_ALL = "group.all";
    public static final String GROUP_ANONYMOUS = "group.anonymous";
    public static final String GROUP_REGISTERED = "group.registered";
    public static final String GROUP_ADMINISTRATORS = "group.administrators";
    public static final String GROUP_ALL_DEFAULT = "all";
    public static final String GROUP_ANONYMOUS_DEFAULT = "anonymous";
    public static final String GROUP_REGISTERED_DEFAULT = "registered";
    public static final String GROUP_ADMINISTRATORS_DEFAULT = "administrators";
    public static final Logger logger = LoggerFactory.getLogger(SecurityLogic.class);

    public static Permissions calculateActualPermissions(ActionInstance actionInstance) {
        ArrayList arrayList = new ArrayList();
        while (actionInstance != null) {
            arrayList.add(0, actionInstance.getActionDescriptor());
            actionInstance = actionInstance.getParent();
        }
        return calculateActualPermissions(new Permissions(), arrayList);
    }

    public static Permissions calculateActualPermissions(Permissions permissions, List<ActionDescriptor> list) {
        Permissions permissions2 = new Permissions();
        Map<String, AccessLevel> actualLevels = permissions2.getActualLevels();
        actualLevels.putAll(permissions.getActualLevels());
        Iterator<ActionDescriptor> it = list.iterator();
        while (it.hasNext()) {
            for (Map.Entry<String, AccessLevel> entry : it.next().getPermissions().getActualLevels().entrySet()) {
                String key = entry.getKey();
                AccessLevel value = entry.getValue();
                if (actualLevels.get(key) != AccessLevel.DENY && value != null) {
                    actualLevels.put(key, value);
                }
            }
        }
        if (list.size() > 0) {
            permissions2.getActualPermissions().putAll(list.get(list.size() - 1).getPermissions().getActualPermissions());
        } else {
            permissions2.getActualPermissions().putAll(permissions.getActualPermissions());
        }
        return permissions2;
    }

    public static RequiresPermissions getRequiresPermissionsAnnotation(Method method, Class<?> cls) {
        RequiresPermissions requiresPermissions = (RequiresPermissions) method.getAnnotation(RequiresPermissions.class);
        if (requiresPermissions != null) {
            logger.debug("Action method requires specific permissions: {}", method);
        } else {
            requiresPermissions = (RequiresPermissions) cls.getAnnotation(RequiresPermissions.class);
            if (requiresPermissions != null) {
                logger.debug("Action class requires specific permissions: {}", cls);
            }
        }
        return requiresPermissions;
    }

    public static boolean satisfiesRequiresAdministrator(Object obj, Method method, boolean z) {
        logger.debug("Checking if action or method required administrator");
        boolean z2 = false;
        if (method.isAnnotationPresent(RequiresAdministrator.class)) {
            logger.debug("Action method requires administrator: {}", method);
            z2 = true;
        } else {
            Class<?> cls = obj.getClass();
            while (true) {
                Class<?> cls2 = cls;
                if (cls2 == null) {
                    break;
                }
                if (cls2.isAnnotationPresent(RequiresAdministrator.class)) {
                    logger.debug("Action class requires administrator: {}", cls2);
                    z2 = true;
                    break;
                }
                cls = cls2.getSuperclass();
            }
        }
        if (!(z2 && !z)) {
            return true;
        }
        logger.debug("User is not an administrator");
        return false;
    }

    public static String getAdministratorsGroup(Configuration configuration) {
        return configuration.getString(GROUP_ADMINISTRATORS, GROUP_ADMINISTRATORS_DEFAULT);
    }

    public static String getAllGroup(Configuration configuration) {
        return configuration.getString(GROUP_ALL, GROUP_ALL_DEFAULT);
    }

    public static String getAnonymousGroup(Configuration configuration) {
        return configuration.getString(GROUP_ANONYMOUS, GROUP_ANONYMOUS_DEFAULT);
    }

    public static String getRegisteredGroup(Configuration configuration) {
        return configuration.getString(GROUP_REGISTERED, GROUP_REGISTERED_DEFAULT);
    }

    public static void installLogin(FileObject fileObject, Configuration configuration, Class<? extends ResourceAction> cls) throws Exception {
        String string = configuration.getString(PortofinoProperties.LOGIN_PATH);
        String str = string != null ? string.startsWith("/") ? "file:" + string.substring(1) : "file:" + string : "res:" + cls.getPackage().getName().replace('.', '/');
        ActionLogic.unmount(fileObject, ":auth");
        ActionLogic.mount(fileObject, ":auth", str);
    }
}
