package pl.edu.icm.jaws.services.impl.security;

import java.io.Serializable;
import java.util.Collection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import pl.edu.icm.jaws.services.impl.repository.ExaminationRepository;
import pl.edu.icm.jaws.services.model.jaw.Examination;
import pl.edu.icm.jaws.services.model.user.Role;

@Component
/* loaded from: input_file:pl/edu/icm/jaws/services/impl/security/RoleBasedPermissionEvaluator.class */
public class RoleBasedPermissionEvaluator implements PermissionEvaluator {
    private static final Logger log = LoggerFactory.getLogger(RoleBasedPermissionEvaluator.class);

    @Autowired
    private ExaminationRepository examinationRepository;

    public boolean hasPermission(Authentication authentication, Object obj, Object obj2) {
        boolean z = false;
        if (obj instanceof Examination) {
            z = hasPermissionToExamination(authentication, (Examination) obj, Permission.fromObject(obj2));
        }
        return z;
    }

    private boolean hasPermissionToExamination(Authentication authentication, Examination examination, Permission permission) {
        boolean hasRoles = hasRoles(authentication, examination.getRequiredRole(), permission.getRequiredRole());
        if (!hasRoles) {
            log.debug("Access to examination " + examination.getId() + " forbidden for user " + authentication.getName());
        }
        return hasRoles;
    }

    public boolean hasPermission(Authentication authentication, Serializable serializable, String str, Object obj) {
        if (isExamination(str)) {
            return hasPermission(authentication, getExamination(serializable), obj);
        }
        return false;
    }

    private Examination getExamination(Serializable serializable) {
        Examination examination = null;
        try {
            examination = (Examination) this.examinationRepository.getOne((Long) serializable);
        } catch (Exception e) {
            log.error("Error when checking permission for examination " + serializable, e);
        }
        return examination;
    }

    private boolean isExamination(String str) {
        return Examination.class.getName().equals(str);
    }

    private boolean hasRoles(Authentication authentication, Role role, Role role2) {
        Collection authorities = authentication.getAuthorities();
        return authorities.contains(role.getAuthority()) && authorities.contains(role2.getAuthority());
    }
}
