package com.sap.cds.services.impl.authorization;

import com.sap.cds.reflect.CdsKind;
import com.sap.cds.reflect.CdsModel;
import com.sap.cds.services.authorization.ActionAccessEventContext;
import com.sap.cds.services.authorization.AuthorizationService;
import com.sap.cds.services.authorization.EntityAccessEventContext;
import com.sap.cds.services.authorization.FunctionAccessEventContext;
import com.sap.cds.services.authorization.GetRestrictionEventContext;
import com.sap.cds.services.authorization.ServiceAccessEventContext;
import com.sap.cds.services.handler.EventHandler;
import com.sap.cds.services.handler.annotations.HandlerOrder;
import com.sap.cds.services.handler.annotations.On;
import com.sap.cds.services.handler.annotations.ServiceName;
import com.sap.cds.services.runtime.CdsRuntime;
import com.sap.cds.services.utils.CdsErrorStatuses;
import com.sap.cds.services.utils.ErrorStatusException;
import com.sap.cds.services.utils.TenantAwareCache;
import com.sap.cds.services.utils.model.Privilege;
import com.sap.cds.services.utils.model.Restriction;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ServiceName(value = {"*"}, type = {AuthorizationService.class})
/* loaded from: input_file:com/sap/cds/services/impl/authorization/AuthorizationDefaultOnHandler.class */
public class AuthorizationDefaultOnHandler implements EventHandler {
    private static final Logger logger = LoggerFactory.getLogger(AuthorizationDefaultOnHandler.class);
    private final TenantAwareCache<RestrictionLookup, CdsModel> restrictionLookupCache;
    private final TenantAwareCache<PredicateLookup, CdsModel> predicateLookupCache;
    private final boolean isEmptyAttributeValuesAreRestricted;

    /* renamed from: com.sap.cds.services.impl.authorization.AuthorizationDefaultOnHandler$1, reason: invalid class name */
    /* loaded from: input_file:com/sap/cds/services/impl/authorization/AuthorizationDefaultOnHandler$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$sap$cds$reflect$CdsKind = new int[CdsKind.values().length];

        static {
            try {
                $SwitchMap$com$sap$cds$reflect$CdsKind[CdsKind.SERVICE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$sap$cds$reflect$CdsKind[CdsKind.ENTITY.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$sap$cds$reflect$CdsKind[CdsKind.ACTION.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$sap$cds$reflect$CdsKind[CdsKind.FUNCTION.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthorizationDefaultOnHandler(CdsRuntime cdsRuntime) {
        this.restrictionLookupCache = TenantAwareCache.create(RestrictionLookup::new, cdsRuntime);
        this.predicateLookupCache = TenantAwareCache.create(PredicateLookup::new, cdsRuntime);
        this.isEmptyAttributeValuesAreRestricted = cdsRuntime.getEnvironment().getCdsProperties().getSecurity().getAuthorization().isEmptyAttributeValuesAreRestricted();
    }

    @HandlerOrder(11000)
    @On
    protected void defaultGetRestriction(GetRestrictionEventContext getRestrictionEventContext) {
        Restriction lookupFunctionRestriction;
        switch (AnonymousClass1.$SwitchMap$com$sap$cds$reflect$CdsKind[getRestrictionEventContext.getKind().ordinal()]) {
            case 1:
                lookupFunctionRestriction = ((RestrictionLookup) this.restrictionLookupCache.findOrCreate()).retrieveServiceRestriction(getRestrictionEventContext.getModel(), getRestrictionEventContext.getName());
                break;
            case 2:
                lookupFunctionRestriction = ((RestrictionLookup) this.restrictionLookupCache.findOrCreate()).retrieveEntityRestriction(getRestrictionEventContext.getModel(), getRestrictionEventContext.getName());
                break;
            case 3:
                lookupFunctionRestriction = ((RestrictionLookup) this.restrictionLookupCache.findOrCreate()).lookupActionRestriction(getRestrictionEventContext.getModel(), getRestrictionEventContext.getName(), getRestrictionEventContext.getEventName());
                break;
            case 4:
                lookupFunctionRestriction = ((RestrictionLookup) this.restrictionLookupCache.findOrCreate()).lookupFunctionRestriction(getRestrictionEventContext.getModel(), getRestrictionEventContext.getName(), getRestrictionEventContext.getEventName());
                break;
            default:
                throw new ErrorStatusException(CdsErrorStatuses.UNSUPPORTED_RESTRICTION, new Object[]{getRestrictionEventContext.getName(), getRestrictionEventContext.getKind()});
        }
        getRestrictionEventContext.setResult(lookupFunctionRestriction);
    }

    @HandlerOrder(11000)
    @On
    protected void defaultHasServiceAccess(ServiceAccessEventContext serviceAccessEventContext) {
        String accessEventName = serviceAccessEventContext.getAccessEventName();
        boolean z = true;
        Restriction serviceRestriction = RestrictionUtils.getServiceRestriction(serviceAccessEventContext.getService(), serviceAccessEventContext.getAccessServiceName(), accessEventName);
        if (serviceRestriction != null) {
            z = RestrictionUtils.passesRestriction(serviceRestriction, serviceAccessEventContext.getUserInfo(), accessEventName);
        }
        serviceAccessEventContext.setResult(z);
    }

    @HandlerOrder(11000)
    @On
    protected void defaultHasEntityAccess(EntityAccessEventContext entityAccessEventContext) {
        boolean z = true;
        String accessEventName = entityAccessEventContext.getAccessEventName();
        String accessEntityName = entityAccessEventContext.getAccessEntityName();
        Restriction entityRestriction = RestrictionUtils.getEntityRestriction(entityAccessEventContext.getService(), accessEntityName, accessEventName);
        if (entityRestriction != null && !RestrictionUtils.passesRestriction(entityRestriction, entityAccessEventContext.getUserInfo(), accessEventName)) {
            logger.debug("No authorization to send event '{}' to entity '{}'", accessEventName, accessEntityName);
            z = false;
        }
        entityAccessEventContext.setResult(z);
    }

    @HandlerOrder(11000)
    @On
    protected void defaultHasFunctionAccess(FunctionAccessEventContext functionAccessEventContext) {
        boolean z = true;
        Restriction functionRestriction = RestrictionUtils.getFunctionRestriction(functionAccessEventContext.getService(), functionAccessEventContext.getEntityName(), functionAccessEventContext.getFunctionName());
        if (functionRestriction != null) {
            z = RestrictionUtils.passesRestriction(functionRestriction, functionAccessEventContext.getUserInfo(), Privilege.PredefinedGrant.ALL.toString());
        }
        functionAccessEventContext.setResult(z);
    }

    @HandlerOrder(11000)
    @On
    protected void defaultHasActionAccess(ActionAccessEventContext actionAccessEventContext) {
        boolean z = true;
        Restriction actionRestriction = RestrictionUtils.getActionRestriction(actionAccessEventContext.getService(), actionAccessEventContext.getEntityName(), actionAccessEventContext.getActionName());
        if (actionRestriction != null) {
            z = RestrictionUtils.passesRestriction(actionRestriction, actionAccessEventContext.getUserInfo(), Privilege.PredefinedGrant.ALL.toString());
        }
        actionAccessEventContext.setResult(z);
    }

    /* JADX WARN: Code restructure failed: missing block: B:40:0x0216, code lost:
    
        if (r12 == null) goto L58;
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x022f, code lost:
    
        r12 = r18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:47:0x021b, code lost:
    
        if (r18 == null) goto L49;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x021e, code lost:
    
        r0 = com.sap.cds.ql.CQL.and(r12, r18);
     */
    /* JADX WARN: Code restructure failed: missing block: B:49:0x022a, code lost:
    
        r12 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x0228, code lost:
    
        r0 = r12;
     */
    @com.sap.cds.services.handler.annotations.HandlerOrder(11000)
    @com.sap.cds.services.handler.annotations.On
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void defaultCalcWhereCondition(com.sap.cds.services.authorization.CalcWhereConditionEventContext r9) {
        /*
            Method dump skipped, instructions count: 575
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sap.cds.services.impl.authorization.AuthorizationDefaultOnHandler.defaultCalcWhereCondition(com.sap.cds.services.authorization.CalcWhereConditionEventContext):void");
    }
}
