package org.overlord.apiman.dt.api.security.impl;

import java.util.HashSet;
import java.util.Set;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import org.overlord.apiman.dt.api.beans.idm.PermissionType;
import org.overlord.apiman.dt.api.core.IIdmStorage;
import org.overlord.apiman.dt.api.core.exceptions.StorageException;
import org.overlord.apiman.dt.api.security.ISecurityContext;
import org.overlord.apiman.dt.api.security.i18n.Messages;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ApplicationScoped
/* loaded from: input_file:WEB-INF/lib/apiman-dt-api-security-1.0.0.Alpha1.jar:org/overlord/apiman/dt/api/security/impl/DefaultSecurityContext.class */
public class DefaultSecurityContext implements ISecurityContext {
    private static Logger logger = LoggerFactory.getLogger(DefaultSecurityContext.class);
    private static final ThreadLocal<HttpServletRequest> servletRequest = new ThreadLocal<>();
    private static final ThreadLocal<IndexedPermissions> permissions = new ThreadLocal<>();

    @Inject
    IIdmStorage idmStorage;

    @Override // org.overlord.apiman.dt.api.security.ISecurityContext
    public String getRequestHeader(String str) {
        return servletRequest.get().getHeader(str);
    }

    @Override // org.overlord.apiman.dt.api.security.ISecurityContext
    public String getCurrentUser() {
        return servletRequest.get().getRemoteUser();
    }

    @Override // org.overlord.apiman.dt.api.security.ISecurityContext
    public boolean isAdmin() {
        return servletRequest.get().isUserInRole("apiadmin");
    }

    @Override // org.overlord.apiman.dt.api.security.ISecurityContext
    public boolean hasPermission(PermissionType permissionType, String str) {
        if (isAdmin()) {
            return true;
        }
        return getPermissions().hasQualifiedPermission(permissionType.toString(), str);
    }

    @Override // org.overlord.apiman.dt.api.security.ISecurityContext
    public Set<String> getPermittedOrganizations(PermissionType permissionType) {
        return getPermissions().getOrgQualifiers(permissionType.toString());
    }

    private IndexedPermissions getPermissions() {
        IndexedPermissions indexedPermissions = permissions.get();
        if (indexedPermissions == null) {
            indexedPermissions = loadPermissions();
            permissions.set(indexedPermissions);
        }
        return indexedPermissions;
    }

    private IndexedPermissions loadPermissions() {
        String remoteUser = servletRequest.get().getRemoteUser();
        try {
            return new IndexedPermissions(this.idmStorage.getPermissions(remoteUser));
        } catch (StorageException e) {
            logger.error(Messages.getString("DefaultSecurityContext.ErrorLoadingPermissions") + remoteUser, e);
            return new IndexedPermissions(new HashSet());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void setServletRequest(HttpServletRequest httpServletRequest) {
        servletRequest.set(httpServletRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void clearPermissions() {
        permissions.remove();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void clearServletRequest() {
        servletRequest.remove();
    }
}
