package pl.edu.icm.yadda.aas.proxy;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.client.YaddaObligationsAwareResult;
import pl.edu.icm.yadda.aas.client.backend.BackendAuthorizerRequest;
import pl.edu.icm.yadda.aas.handler.HeaderFieldBasedSecurityRequestHandler;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.AbstractBackendAuthorizerAware;
import pl.edu.icm.yadda.service2.GenericResponse;
import pl.edu.icm.yadda.service2.YaddaError;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service2.session.AddDocumentsRequest;
import pl.edu.icm.yadda.service2.session.ConnectRequest;
import pl.edu.icm.yadda.service2.session.ISessionAwareService;
import pl.edu.icm.yadda.service2.session.RemoveDocumentsRequest;
import pl.edu.icm.yadda.service2.session.SessionAwareRequest;
import pl.edu.icm.yadda.service2.session.SessionDataResponse;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.4.18.jar:pl/edu/icm/yadda/aas/proxy/AbstractSecuredSessionAwareService.class */
public abstract class AbstractSecuredSessionAwareService<T> extends AbstractBackendAuthorizerAware implements ISessionAwareService<T> {
    public static final String BACKEND_ACTION_VALUE_ADD = "add";
    public static final String BACKEND_ACTION_VALUE_DELETE = "delete";
    private ISessionAwareService<T> service;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected ISecurityRequestHandler securityRequestHandler = new HeaderFieldBasedSecurityRequestHandler();

    protected abstract String getBackendServiceResourceValue();

    @Override // pl.edu.icm.yadda.service2.session.ISessionAwareService
    public GenericResponse add(AddDocumentsRequest<T> addDocumentsRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest(BACKEND_ACTION_VALUE_ADD, getBackendServiceResourceValue(), this.securityRequestHandler.extract(addDocumentsRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.service.add(addDocumentsRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new GenericResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new GenericResponse(evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to add element!");
        return new GenericResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to add element!"));
    }

    @Override // pl.edu.icm.yadda.service2.session.ISessionAwareService
    public GenericResponse delete(RemoveDocumentsRequest removeDocumentsRequest) {
        AbstractBackendAuthorizerAware.ObligationContext obligationContext = new AbstractBackendAuthorizerAware.ObligationContext();
        YaddaObligationsAwareResult<Boolean> evaluateBackendAccess = evaluateBackendAccess(new BackendAuthorizerRequest("delete", getBackendServiceResourceValue(), this.securityRequestHandler.extract(removeDocumentsRequest)), obligationContext);
        if (evaluateBackendAccess.getData().booleanValue()) {
            if (obligationContext.understoodAll()) {
                return this.service.delete(removeDocumentsRequest);
            }
            this.log.error("some obligations were not understood: " + obligationContext.getObligsCVS());
            return new GenericResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "some obligations were not understood"));
        }
        if (evaluateBackendAccess.getError() != null) {
            return new GenericResponse(evaluateBackendAccess.getError());
        }
        this.log.warn("Permission not granted to delete element!");
        return new GenericResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to delete element!"));
    }

    @Override // pl.edu.icm.yadda.service2.session.ISessionAwareService
    public GenericResponse commit(SessionAwareRequest sessionAwareRequest) {
        return this.service.commit(sessionAwareRequest);
    }

    @Override // pl.edu.icm.yadda.service2.session.ISessionAwareService
    public SessionDataResponse connect(ConnectRequest connectRequest) {
        return this.service.connect(connectRequest);
    }

    @Override // pl.edu.icm.yadda.service2.session.ISessionAwareService
    public GenericResponse rollback(SessionAwareRequest sessionAwareRequest) {
        return this.service.rollback(sessionAwareRequest);
    }

    public void setSecurityRequestHandler(ISecurityRequestHandler iSecurityRequestHandler) {
        this.securityRequestHandler = iSecurityRequestHandler;
    }

    public void setService(ISessionAwareService<T> iSessionAwareService) {
        this.service = iSessionAwareService;
    }
}
