package org.sentilo.web.catalog.security.access.impl;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.sentilo.web.catalog.controller.CrudController;
import org.sentilo.web.catalog.domain.CatalogDocument;
import org.sentilo.web.catalog.exception.NotAllowedActionException;
import org.sentilo.web.catalog.security.access.AccessControlContext;
import org.sentilo.web.catalog.security.access.AccessControlHandler;
import org.sentilo.web.catalog.security.access.AccessControlService;
import org.sentilo.web.catalog.security.enums.ActionType;
import org.sentilo.web.catalog.service.CrudService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.stereotype.Component;
import org.springframework.util.ReflectionUtils;
import org.springframework.web.bind.annotation.RequestMapping;

@Component("accessControlHandler")
/* loaded from: input_file:WEB-INF/classes/org/sentilo/web/catalog/security/access/impl/AccessControlHandlerImpl.class */
public class AccessControlHandlerImpl implements AccessControlHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(AccessControlHandlerImpl.class);

    @Autowired
    private AccessControlService accessControlService;

    @Override // org.sentilo.web.catalog.security.access.AccessControlHandler
    public boolean checkAccess(CrudController<CatalogDocument> crudController, ActionType actionType) {
        return checkAccess(crudController, actionType, null);
    }

    @Override // org.sentilo.web.catalog.security.access.AccessControlHandler
    public boolean checkAccess(CrudController<CatalogDocument> crudController, ActionType actionType, Object obj) {
        if (!requestMustBeChecked(crudController)) {
            return true;
        }
        try {
            CrudService<CatalogDocument> service = getService(crudController);
            Object target = getTarget(crudController, obj);
            if ((target instanceof CatalogDocument) || target == null) {
                this.accessControlService.checkAccess(new AccessControlContext((CatalogDocument) target, actionType, service));
            } else if (target instanceof Collection) {
                Iterator it = ((Collection) target).iterator();
                while (it.hasNext()) {
                    this.accessControlService.checkAccess(new AccessControlContext((CatalogDocument) it.next(), actionType, service));
                }
            }
            return true;
        } catch (NotAllowedActionException e) {
            LOGGER.warn("Access to controller denied: {}", e.getMessage());
            return false;
        } catch (Exception e2) {
            LOGGER.warn("An error has happened while checking access control.", (Throwable) e2);
            return false;
        }
    }

    private boolean requestMustBeChecked(CrudController<CatalogDocument> crudController) {
        return ((RequestMapping) AnnotationUtils.findAnnotation(crudController.getClass(), RequestMapping.class)).value()[0].startsWith("/admin");
    }

    private Object getTarget(CrudController<CatalogDocument> crudController, Object obj) throws Exception {
        if (obj instanceof CatalogDocument) {
            return obj;
        }
        if (obj instanceof String[]) {
            return buildNewEntities(crudController, (String[]) obj);
        }
        if ((obj instanceof String) || obj == null) {
            return buildNewEntity(crudController, (String) (obj == null ? "-1" : obj));
        }
        return null;
    }

    private CrudService<CatalogDocument> getService(CrudController<CatalogDocument> crudController) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        return (CrudService) invokeMethod(crudController, "getService", null, new Class[0]);
    }

    private CatalogDocument buildNewEntity(CrudController<CatalogDocument> crudController, String str) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        return (CatalogDocument) invokeMethod(crudController, "buildNewEntity", str, String.class);
    }

    private List<CatalogDocument> buildNewEntities(CrudController<CatalogDocument> crudController, String[] strArr) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        return (List) invokeMethod(crudController, "buildResourceListFromIds", strArr, String[].class);
    }

    private Object invokeMethod(Object obj, String str, Object obj2, Class<?>... clsArr) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        Method findMethod = ReflectionUtils.findMethod(obj.getClass(), str, clsArr);
        ReflectionUtils.makeAccessible(findMethod);
        return obj2 == null ? findMethod.invoke(obj, new Object[0]) : findMethod.invoke(obj, obj2);
    }
}
