package org.squashtest.tm.service.internal.security;

import java.lang.reflect.Field;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.inject.Inject;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.domain.PermissionFactory;
import org.springframework.security.acls.model.Permission;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.aspectj.AnnotationTransactionAspect;
import org.squashtest.tm.security.acls.CustomPermission;
import org.squashtest.tm.service.security.PermissionEvaluationService;
import org.squashtest.tm.service.security.UserContextService;

@Transactional(readOnly = true)
@Service("squashtest.core.security.PermissionEvaluationService")
/* loaded from: input_file:org/squashtest/tm/service/internal/security/AclPermissionEvaluationService.class */
public class AclPermissionEvaluationService implements PermissionEvaluationService {

    @Inject
    private UserContextService userContextService;

    @Inject
    private PermissionEvaluator permissionEvaluator;

    @Inject
    private PermissionFactory permissionFactory;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_1;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_2;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_3;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_4;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_5;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_6;

    private boolean hasRoleOrPermissionOnObject(String str, Permission permission, Object obj) {
        if (this.userContextService.hasRole(str)) {
            return true;
        }
        return this.permissionEvaluator.hasPermission(this.userContextService.getPrincipal(), obj, permission);
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean hasRoleOrPermissionOnObject(String str, String str2, Object obj) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_0);
                boolean hasRoleOrPermissionOnObject = hasRoleOrPermissionOnObject(str, this.permissionFactory.buildFromName(str2), obj);
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hasRoleOrPermissionOnObject;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean hasRoleOrPermissionOnObject(String str, String str2, Long l, String str3) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_1);
                boolean hasPermissionOnObject = this.userContextService.hasRole(str) ? true : hasPermissionOnObject(str2, l, str3);
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hasPermissionOnObject;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean canRead(Object obj) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_2);
                boolean hasRoleOrPermissionOnObject = hasRoleOrPermissionOnObject("ROLE_ADMIN", "READ", obj);
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hasRoleOrPermissionOnObject;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean hasRole(String str) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_3);
                boolean hasRole = this.userContextService.hasRole(str);
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hasRole;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean hasMoreThanRead(Object obj) {
        boolean z;
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_4);
                boolean z2 = false;
                if (this.userContextService.hasRole("ROLE_ADMIN")) {
                    z2 = true;
                } else {
                    Authentication principal = this.userContextService.getPrincipal();
                    Field[] fields = CustomPermission.class.getFields();
                    for (int i = 0; i < fields.length; i++) {
                        try {
                            if (!fields[i].getName().equals("READ") && this.permissionEvaluator.hasPermission(principal, obj, fields[i].getName())) {
                                z = true;
                                break;
                            }
                        } catch (IllegalArgumentException e) {
                            if (!Arrays.asList("Unknown permission 'RESERVED_ON'", "Unknown permission 'RESERVED_OFF'", "Unknown permission 'THIRTY_TWO_RESERVED_OFF'").contains(e.getMessage())) {
                                throw e;
                            }
                        }
                    }
                }
                z = z2;
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return z;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public boolean hasPermissionOnObject(String str, Long l, String str2) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_5);
                boolean hasPermission = this.permissionEvaluator.hasPermission(this.userContextService.getPrincipal(), l, str2, this.permissionFactory.buildFromName(str));
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hasPermission;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    @Override // org.squashtest.tm.service.security.PermissionEvaluationService
    public Map<Permission, Boolean> listPermissionsOnObject(Object obj) {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_6);
                HashMap hashMap = new HashMap(13);
                hashMap.put(BasePermission.READ, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", BasePermission.READ.toString(), obj)));
                hashMap.put(BasePermission.WRITE, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", BasePermission.WRITE.toString(), obj)));
                hashMap.put(BasePermission.CREATE, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", BasePermission.CREATE.toString(), obj)));
                hashMap.put(BasePermission.DELETE, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", BasePermission.DELETE.toString(), obj)));
                hashMap.put(BasePermission.ADMINISTRATION, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", BasePermission.ADMINISTRATION.toString(), obj)));
                hashMap.put(CustomPermission.MANAGEMENT, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.MANAGEMENT.toString(), obj)));
                hashMap.put(CustomPermission.EXPORT, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.EXPORT.toString(), obj)));
                hashMap.put(CustomPermission.EXECUTE, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.EXECUTE.toString(), obj)));
                hashMap.put(CustomPermission.LINK, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.LINK.toString(), obj)));
                hashMap.put(CustomPermission.IMPORT, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.IMPORT.toString(), obj)));
                hashMap.put(CustomPermission.ATTACH, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.ATTACH.toString(), obj)));
                hashMap.put(CustomPermission.EXTENDED_DELETE, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.EXTENDED_DELETE.toString(), obj)));
                hashMap.put(CustomPermission.READ_UNASSIGNED, Boolean.valueOf(hasRoleOrPermissionOnObject("ROLE_ADMIN", CustomPermission.READ_UNASSIGNED.toString(), obj)));
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
                return hashMap;
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    static {
        Factory factory = new Factory("AclPermissionEvaluationService.java", Class.forName("org.squashtest.tm.service.internal.security.AclPermissionEvaluationService"));
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "hasRoleOrPermissionOnObject", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.String:java.lang.String:java.lang.Object:", "role:permissionName:object:", "", "boolean"), 67);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "hasRoleOrPermissionOnObject", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.String:java.lang.String:java.lang.Long:java.lang.String:", "role:permissionName:entityId:entityClassName:", "", "boolean"), 72);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "canRead", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.Object:", "object:", "", "boolean"), 85);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "hasRole", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.String:", "role:", "", "boolean"), 90);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "hasMoreThanRead", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.Object:", "object:", "", "boolean"), 95);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "hasPermissionOnObject", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.String:java.lang.Long:java.lang.String:", "permissionName:entityId:entityClassName:", "", "boolean"), 123);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "listPermissionsOnObject", "org.squashtest.tm.service.internal.security.AclPermissionEvaluationService", "java.lang.Object:", "object:", "", "java.util.Map"), 132);
    }
}
