package org.exoplatform.services.rest.ext.method.filter;

import java.lang.annotation.Annotation;
import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.exoplatform.services.rest.impl.ApplicationContextImpl;
import org.exoplatform.services.rest.method.MethodInvokerFilter;
import org.exoplatform.services.rest.resource.GenericMethodResource;

/* loaded from: input_file:APP-INF/lib/exo.ws.rest.ext-2.2.12-GA.jar:org/exoplatform/services/rest/ext/method/filter/MethodAccessFilter.class */
public class MethodAccessFilter implements MethodInvokerFilter {
    @Override // org.exoplatform.services.rest.method.MethodInvokerFilter
    public void accept(GenericMethodResource genericMethodResource) throws WebApplicationException {
        Annotation annotation;
        Class<? extends Annotation> annotationType;
        Annotation[] annotations = genericMethodResource.getMethod().getAnnotations();
        int length = annotations.length;
        for (int i = 0; i < length && (annotationType = (annotation = annotations[i]).annotationType()) != PermitAll.class; i++) {
            if (annotationType == DenyAll.class) {
                throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity("You do not have access rights to this resource, please contact your administrator. ").type("text/plain").build());
            }
            if (annotationType == RolesAllowed.class) {
                SecurityContext securityContext = ApplicationContextImpl.getCurrent().getSecurityContext();
                for (String str : getAllowedRoles(annotation)) {
                    if (securityContext.isUserInRole(str)) {
                        return;
                    }
                }
                throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity("You do not have access rights to this resource, please contact your administrator. ").type("text/plain").build());
            }
        }
    }

    private static String[] getAllowedRoles(Annotation annotation) {
        return ((RolesAllowed) annotation).value();
    }
}
