package org.apache.archiva.redback.authorization.rbac.evaluator;

import javax.inject.Inject;
import javax.inject.Named;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserManagerException;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.springframework.stereotype.Service;

@Service("permissionEvaluator")
/* loaded from: input_file:org/apache/archiva/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.class */
public class DefaultPermissionEvaluator implements PermissionEvaluator {

    @Inject
    @Named("userManager#default")
    private UserManager userManager;

    @Override // org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluator
    public boolean evaluate(Permission permission, String str, String str2, String str3) throws PermissionEvaluationException {
        String identifier = permission.getResource().getIdentifier();
        if (identifier.startsWith("${") && "username".equals(identifier.substring(2, identifier.indexOf(125)))) {
            try {
                identifier = this.userManager.findUser(str3).getUsername();
            } catch (UserManagerException e) {
                throw new PermissionEvaluationException("trouble finding user: " + e.getMessage(), e);
            } catch (UserNotFoundException e2) {
                throw new PermissionEvaluationException("unable to locate user to retrieve username", e2);
            }
        }
        if (permission.getOperation().getName().equals(str)) {
            return "*".equals(permission.getResource().getIdentifier()) || str2 == null || identifier.equals(str2);
        }
        return false;
    }

    public UserManager getUserManager() {
        return this.userManager;
    }

    public void setUserManager(UserManager userManager) {
        this.userManager = userManager;
    }
}
