package pl.edu.icm.yadda.aas.proxy;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.client.YaddaObligationsAwareResult;
import pl.edu.icm.yadda.aas.client.backend.BackendAuthorizerRequest;
import pl.edu.icm.yadda.aas.handler.HeaderFieldBasedSecurityRequestHandler;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.AbstractBackendAuthorizerAware;
import pl.edu.icm.yadda.service2.GenericRequest;
import pl.edu.icm.yadda.service2.GetFeaturesRequest;
import pl.edu.icm.yadda.service2.GetFeaturesResponse;
import pl.edu.icm.yadda.service2.GetVersionResponse;
import pl.edu.icm.yadda.service2.YaddaError;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service3.process.ProcessService;
import pl.edu.icm.yadda.service3.process.protocol.FeedProcessRequest;
import pl.edu.icm.yadda.service3.process.protocol.ListProcessesResponse;
import pl.edu.icm.yadda.service3.process.protocol.ProcessRequest;
import pl.edu.icm.yadda.service3.process.protocol.ProcessResponse;
import pl.edu.icm.yadda.service3.process.protocol.ProcessStatsRequest;
import pl.edu.icm.yadda.service3.process.protocol.ProcessStatsResponse;
import pl.edu.icm.yadda.service3.process.protocol.StartProcessRequest;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.1.0-polindex.jar:pl/edu/icm/yadda/aas/proxy/SecuredProcessService.class */
public class SecuredProcessService extends AbstractBackendAuthorizerAware implements ProcessService {
    public static final String BACKEND_RESOURCE_VALUE_PROCESS_MAN = "process-manager";
    public static final String BACKEND_ACTION_VALUE_MANAGE = "manage";
    protected ProcessService securedProcessService;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected ISecurityRequestHandler securityRequestHandler = new HeaderFieldBasedSecurityRequestHandler();

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetVersionResponse getVersionResponse(GenericRequest genericRequest) {
        return this.securedProcessService.getVersionResponse(genericRequest);
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetFeaturesResponse getFeatures(GetFeaturesRequest getFeaturesRequest) {
        GetFeaturesResponse features = this.securedProcessService.getFeatures(getFeaturesRequest);
        features.getFeatures().add(SecurityConstants.FEATURE_REQUIRES_AUTHORIZATION);
        return features;
    }

    @Override // pl.edu.icm.yadda.service3.process.ProcessService
    public ProcessResponse start(StartProcessRequest startProcessRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("manage", "process-manager", this.securityRequestHandler.extract(startProcessRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.securedProcessService.start(startProcessRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new ProcessResponse(startProcessRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new ProcessResponse(startProcessRequest.getProcessId(), evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to start process!");
        return new ProcessResponse(startProcessRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to start process!"));
    }

    @Override // pl.edu.icm.yadda.service3.process.ProcessService
    public <I> ProcessResponse feed(FeedProcessRequest<I> feedProcessRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("manage", "process-manager", this.securityRequestHandler.extract(feedProcessRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.securedProcessService.feed(feedProcessRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new ProcessResponse(feedProcessRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new ProcessResponse(feedProcessRequest.getProcessId(), evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to feed process!");
        return new ProcessResponse(feedProcessRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to feed process!"));
    }

    @Override // pl.edu.icm.yadda.service3.process.ProcessService
    public ProcessResponse interrupt(ProcessRequest processRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("manage", "process-manager", this.securityRequestHandler.extract(processRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.securedProcessService.interrupt(processRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new ProcessResponse(processRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new ProcessResponse(processRequest.getProcessId(), evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to interrupt process!");
        return new ProcessResponse(processRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to interrupt process!"));
    }

    @Override // pl.edu.icm.yadda.service3.process.ProcessService
    public ProcessStatsResponse getStats(ProcessStatsRequest processStatsRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("manage", "process-manager", this.securityRequestHandler.extract(processStatsRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.securedProcessService.getStats(processStatsRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new ProcessStatsResponse(processStatsRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new ProcessStatsResponse(processStatsRequest.getProcessId(), evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to get process stats!");
        return new ProcessStatsResponse(processStatsRequest.getProcessId(), new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to get process stats!"));
    }

    @Override // pl.edu.icm.yadda.service3.process.ProcessService
    public ListProcessesResponse listRunningProcesses(GenericRequest genericRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("manage", "process-manager", this.securityRequestHandler.extract(genericRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.securedProcessService.listRunningProcesses(genericRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new ListProcessesResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new ListProcessesResponse(evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to list running processes!");
        return new ListProcessesResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to list running processes!"));
    }

    public void setSecuredProcessService(ProcessService processService) {
        this.securedProcessService = processService;
    }

    public void setSecurityRequestHandler(ISecurityRequestHandler iSecurityRequestHandler) {
        this.securityRequestHandler = iSecurityRequestHandler;
    }
}
