package org.granite.tide.spring.security;

import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;
import org.granite.tide.annotations.TideEnabled;
import org.springframework.security.acls.domain.DefaultPermissionFactory;
import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
import org.springframework.security.acls.model.AclService;
import org.springframework.security.acls.model.NotFoundException;
import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
import org.springframework.security.acls.model.Permission;
import org.springframework.security.acls.model.Sid;
import org.springframework.security.acls.model.SidRetrievalStrategy;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

@TideEnabled
/* loaded from: input_file:WEB-INF/lib/granite-spring-2.3.2.GA.jar:org/granite/tide/spring/security/AclIdentity3.class */
public class AclIdentity3 extends Identity3 {
    private SidRetrievalStrategy sidRetrievalStrategy;
    private ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy;
    private AclService aclService = null;

    public AclIdentity3() {
        this.sidRetrievalStrategy = null;
        this.objectIdentityRetrievalStrategy = null;
        this.sidRetrievalStrategy = new SidRetrievalStrategyImpl();
        this.objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl();
    }

    public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy) {
        this.sidRetrievalStrategy = sidRetrievalStrategy;
    }

    public void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy) {
        this.objectIdentityRetrievalStrategy = objectIdentityRetrievalStrategy;
    }

    public void setAclService(AclService aclService) {
        this.aclService = aclService;
    }

    public boolean hasPermission(Object obj, String str) {
        if (obj == null) {
            return true;
        }
        try {
            List<Permission> parsePermissionsString = parsePermissionsString(str);
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication == null) {
                return false;
            }
            List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
            try {
                return this.aclService.readAclById(this.objectIdentityRetrievalStrategy.getObjectIdentity(obj), sids).isGranted(parsePermissionsString, sids, false);
            } catch (NotFoundException e) {
                return false;
            }
        } catch (NumberFormatException e2) {
            throw new RuntimeException(e2);
        }
    }

    private List<Permission> parsePermissionsString(String str) throws NumberFormatException {
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",", false);
        DefaultPermissionFactory defaultPermissionFactory = new DefaultPermissionFactory();
        while (stringTokenizer.hasMoreTokens()) {
            arrayList.add(defaultPermissionFactory.buildFromMask(new Integer(stringTokenizer.nextToken()).intValue()));
        }
        return arrayList;
    }
}
