package pl.edu.icm.yadda.desklight.services.impl.security;

import java.util.Set;
import pl.edu.icm.yadda.aal.AalSession;
import pl.edu.icm.yadda.aal.AuthorizationService;
import pl.edu.icm.yadda.aal.model2.catalog.ISecurityEntryBuilder;
import pl.edu.icm.yadda.aal.model2.catalog.SecurityEntry;
import pl.edu.icm.yadda.aal.model2.catalog.SecurityEntryBuilder;
import pl.edu.icm.yadda.desklight.services.security.AccessControl;
import pl.edu.icm.yadda.desklight.services.security.AccessValidator;
import pl.edu.icm.yadda.desklight.services.security.DLSecurityException;
import pl.edu.icm.yadda.desklight.services.security.PermissionDeniedException;
import pl.edu.icm.yadda.desklight.services.security.ServiceSecurityException;

/* loaded from: input_file:pl/edu/icm/yadda/desklight/services/impl/security/AALBasedAccessControl.class */
public class AALBasedAccessControl implements AccessControl, AccessValidator {
    protected AalSession session;
    protected AuthorizationService authService;
    protected ISecurityEntryBuilder securityEntryBuilder = new SecurityEntryBuilder();

    public AALBasedAccessControl(AuthorizationService authorizationService) {
        this.authService = authorizationService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasValidSession() {
        return (this.session == null || !this.session.isValid() || this.session.getLogin() == null) ? false : true;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessValidator
    public boolean haveAccess(String str, String str2) {
        boolean z = false;
        if (hasValidSession()) {
            z = this.authService.isAuthorized(this.session.getId(), str + "/" + str2);
        }
        return z;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessValidator
    public boolean haveAccessToObject(String str, String str2, String str3, String str4, String str5, String str6, String[] strArr) {
        boolean z = false;
        if (hasValidSession()) {
            StringBuilder sb = new StringBuilder(str + "/" + str2 + "/" + str3);
            if (str4 != null) {
                sb.append("/").append(str4);
                if (str5 != null) {
                    sb.append("/").append(str5);
                }
            }
            z = this.authService.isAuthorized(this.session.getId(), sb.toString());
        }
        return z;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public void tryToAccessObject(String str, String str2, String str3, String str4, String str5) throws DLSecurityException {
        if (!haveAccessToObject(str, str2, str3, str4, str5, null, null)) {
            throw new PermissionDeniedException("Permission denied to module " + str + " object of type " + str3 + " and level in hierarchy " + str5 + " on the level " + str2);
        }
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public void tryToAccessInternal(String str, String str2) throws ServiceSecurityException {
        if (!hasValidSession()) {
            throw new ServiceSecurityException("Not logged in.");
        }
        if (!haveAccess(str, str2)) {
            throw new ServiceSecurityException("Permission denied to module " + str + " on the level " + str2);
        }
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public boolean hasRole(String str) {
        if (this.session != null) {
            return this.session.hasRole(str);
        }
        return false;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public Set<String> getRoles() {
        return this.session.getRoles().getKeys();
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public void tryToAccess(String str, String str2) throws DLSecurityException {
        if (!haveAccess(str, str2)) {
            throw new PermissionDeniedException("Permission denied to module " + str + " on the level " + str2);
        }
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.AccessControl
    public SecurityEntry getSecurityEntry(String str, String str2) {
        return this.securityEntryBuilder.buildEntry(this.session, str, str2, "localhost");
    }

    public void setSession(AalSession aalSession) {
        this.session = aalSession;
    }
}
