package pl.edu.icm.yadda.aas.proxy;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.client.YaddaObligationsAwareResult;
import pl.edu.icm.yadda.aas.client.backend.BackendAuthorizerRequest;
import pl.edu.icm.yadda.aas.handler.HeaderFieldBasedSecurityRequestHandler;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.AbstractBackendAuthorizerAware;
import pl.edu.icm.yadda.exports.zentralblatt.YElementToZentralBlattConverter;
import pl.edu.icm.yadda.service2.GenericRequest;
import pl.edu.icm.yadda.service2.GetFeaturesRequest;
import pl.edu.icm.yadda.service2.GetFeaturesResponse;
import pl.edu.icm.yadda.service2.GetVersionResponse;
import pl.edu.icm.yadda.service2.YaddaError;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service2.mdi.DeleteRequest;
import pl.edu.icm.yadda.service2.mdi.DeleteResponse;
import pl.edu.icm.yadda.service2.mdi.FetchRequest;
import pl.edu.icm.yadda.service2.mdi.FetchResponse;
import pl.edu.icm.yadda.service2.mdi.IMetadataIndexService;
import pl.edu.icm.yadda.service2.mdi.MatchInternalRequest;
import pl.edu.icm.yadda.service2.mdi.MatchInternalResponse;
import pl.edu.icm.yadda.service2.mdi.MatchRequest;
import pl.edu.icm.yadda.service2.mdi.MatchResponse;
import pl.edu.icm.yadda.service2.mdi.ParseReferenceRequest;
import pl.edu.icm.yadda.service2.mdi.ParseReferenceResponse;
import pl.edu.icm.yadda.service2.mdi.SaveOrUpdateRequest;
import pl.edu.icm.yadda.service2.mdi.SaveOrUpdateResponse;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-1.11.5-SNAPSHOT.jar:pl/edu/icm/yadda/aas/proxy/SecuredMetadataIndexService.class */
public class SecuredMetadataIndexService extends AbstractBackendAuthorizerAware implements IMetadataIndexService {
    public static final String BACKEND_RESOURCE_VALUE_CITE = "cite";
    public static final String BACKEND_ACTION_VALUE_EDIT = "edit";
    public static final String BACKEND_ACTION_VALUE_DELETE = "delete";
    private IMetadataIndexService service;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private ISecurityRequestHandler securityRequestHandler = new HeaderFieldBasedSecurityRequestHandler();

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public FetchResponse fetch(FetchRequest fetchRequest) {
        return this.service.fetch(fetchRequest);
    }

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public MatchResponse match(MatchRequest matchRequest) {
        return this.service.match(matchRequest);
    }

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public SaveOrUpdateResponse saveOrUpdate(SaveOrUpdateRequest saveOrUpdateRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("edit", "cite", this.securityRequestHandler.extract(saveOrUpdateRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.service.saveOrUpdate(saveOrUpdateRequest);
            }
            this.log.error("some obligations were not understood" + YElementToZentralBlattConverter.SUGGESTED_DICTIONARY_VALUE_SEPARATOR + obligationContext.getObligsCVS());
            return new SaveOrUpdateResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            SaveOrUpdateResponse saveOrUpdateResponse = new SaveOrUpdateResponse();
            saveOrUpdateResponse.setError(evaluateBackendAccess.getError());
            return saveOrUpdateResponse;
        }
        this.log.warn("Permission not granted to saveOrUpdate cite!");
        SaveOrUpdateResponse saveOrUpdateResponse2 = new SaveOrUpdateResponse();
        saveOrUpdateResponse2.setError(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to saveOrUpdate cite!"));
        return saveOrUpdateResponse2;
    }

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public DeleteResponse delete(DeleteRequest deleteRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("delete", "cite", this.securityRequestHandler.extract(deleteRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.service.delete(deleteRequest);
            }
            this.log.error("some obligations were not understood" + YElementToZentralBlattConverter.SUGGESTED_DICTIONARY_VALUE_SEPARATOR + obligationContext.getObligsCVS());
            return new DeleteResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            DeleteResponse deleteResponse = new DeleteResponse(0);
            deleteResponse.setError(evaluateBackendAccess.getError());
            return deleteResponse;
        }
        this.log.warn("Permission not granted to delete cite!");
        DeleteResponse deleteResponse2 = new DeleteResponse(0);
        deleteResponse2.setError(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to delete cite!"));
        return deleteResponse2;
    }

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public MatchInternalResponse matchInternal(MatchInternalRequest matchInternalRequest) {
        return this.service.matchInternal(matchInternalRequest);
    }

    @Override // pl.edu.icm.yadda.service2.mdi.IMetadataIndexService
    public ParseReferenceResponse parseReference(ParseReferenceRequest parseReferenceRequest) {
        return this.service.parseReference(parseReferenceRequest);
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetFeaturesResponse getFeatures(GetFeaturesRequest getFeaturesRequest) {
        GetFeaturesResponse features = this.service.getFeatures(getFeaturesRequest);
        features.getFeatures().add(SecurityConstants.FEATURE_REQUIRES_AUTHORIZATION);
        return features;
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetVersionResponse getVersionResponse(GenericRequest genericRequest) {
        return this.service.getVersionResponse(genericRequest);
    }

    public void setService(IMetadataIndexService iMetadataIndexService) {
        this.service = iMetadataIndexService;
    }

    public void setSecurityRequestHandler(ISecurityRequestHandler iSecurityRequestHandler) {
        this.securityRequestHandler = iSecurityRequestHandler;
    }
}
