package org.jboss.seam.security.permission;

import java.io.Serializable;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.Seam;
import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.Role;
import org.jboss.seam.security.SimplePrincipal;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/jboss-seam-2.1.0.SP1.jar:org/jboss/seam/security/permission/PersistentPermissionResolver.class
 */
@Name("org.jboss.seam.security.persistentPermissionResolver")
@Scope(ScopeType.APPLICATION)
@BypassInterceptors
@Install(precedence = 0)
@Startup
/* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.EAP5.jar:org/jboss/seam/security/permission/PersistentPermissionResolver.class */
public class PersistentPermissionResolver implements PermissionResolver, Serializable {
    private PermissionStore permissionStore;
    private static final LogProvider log = Logging.getLogProvider(PersistentPermissionResolver.class);

    @Create
    public void create() {
        initPermissionStore();
    }

    protected void initPermissionStore() {
        if (this.permissionStore == null) {
            this.permissionStore = (PermissionStore) Component.getInstance((Class<?>) JpaPermissionStore.class, true);
        }
        if (this.permissionStore == null) {
            log.warn("no permission store available - please install a PermissionStore with the name '" + Seam.getComponentName(JpaPermissionStore.class) + "' if persistent permissions are required.");
        }
    }

    public PermissionStore getPermissionStore() {
        return this.permissionStore;
    }

    public void setPermissionStore(PermissionStore permissionStore) {
        this.permissionStore = permissionStore;
    }

    @Override // org.jboss.seam.security.permission.PermissionResolver
    public boolean hasPermission(Object obj, String str) {
        if (this.permissionStore == null) {
            return false;
        }
        Identity instance = Identity.instance();
        if (!instance.isLoggedIn()) {
            return false;
        }
        List<Permission> listPermissions = this.permissionStore.listPermissions(obj, str);
        String name = instance.getPrincipal().getName();
        for (Permission permission : listPermissions) {
            if ((permission.getRecipient() instanceof SimplePrincipal) && name.equals(permission.getRecipient().getName())) {
                return true;
            }
            if (permission.getRecipient() instanceof Role) {
                Role role = (Role) permission.getRecipient();
                if (role.isConditional()) {
                    if (RuleBasedPermissionResolver.instance().checkConditionalRole(role.getName(), obj, str)) {
                        return true;
                    }
                } else if (instance.hasRole(role.getName())) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // org.jboss.seam.security.permission.PermissionResolver
    public void filterSetByAction(Set<Object> set, String str) {
        if (this.permissionStore == null) {
            return;
        }
        Identity instance = Identity.instance();
        if (instance.isLoggedIn()) {
            List<Permission> listPermissions = this.permissionStore.listPermissions(set, str);
            String name = instance.getPrincipal().getName();
            Iterator<Object> it = set.iterator();
            while (it.hasNext()) {
                Object next = it.next();
                Iterator<Permission> it2 = listPermissions.iterator();
                while (true) {
                    if (it2.hasNext()) {
                        Permission next2 = it2.next();
                        if (next2.getTarget().equals(next)) {
                            if ((next2.getRecipient() instanceof SimplePrincipal) && name.equals(next2.getRecipient().getName())) {
                                it.remove();
                                break;
                            }
                            if (next2.getRecipient() instanceof Role) {
                                Role role = (Role) next2.getRecipient();
                                if (role.isConditional()) {
                                    if (RuleBasedPermissionResolver.instance().checkConditionalRole(role.getName(), next, str)) {
                                        it.remove();
                                        break;
                                    }
                                } else if (instance.hasRole(role.getName())) {
                                    it.remove();
                                    break;
                                }
                            } else {
                                continue;
                            }
                        }
                    }
                }
            }
        }
    }
}
