package org.wso2.carbon.identity.entitlement.extension;

import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.balana.attr.AttributeValue;
import org.wso2.balana.attr.BooleanAttribute;
import org.wso2.balana.attr.StringAttribute;
import org.wso2.balana.cond.Evaluatable;
import org.wso2.balana.cond.EvaluationResult;
import org.wso2.balana.cond.FunctionBase;
import org.wso2.balana.ctx.EvaluationCtx;
import org.wso2.carbon.identity.entitlement.PDPConstants;
import org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent;
import org.wso2.carbon.user.core.UserStoreException;

/* loaded from: input_file:org/wso2/carbon/identity/entitlement/extension/EvalPermissionTreeFunction.class */
public class EvalPermissionTreeFunction extends FunctionBase {
    public static final String SUBJECT_HAS_PERMISSION = "urn:oasis:names:tc:xacml:1.0:function:eval-permission-tree";
    private static final int ID_EVAL_PERMISSION_TREE = 0;
    private static final Log log = LogFactory.getLog(EvalPermissionTreeFunction.class);

    public EvalPermissionTreeFunction() {
        super(SUBJECT_HAS_PERMISSION, 0, PDPConstants.STRING_DATA_TYPE, false, 2, 2, "http://www.w3.org/2001/XMLSchema#boolean", false);
    }

    public static Set getSupportedIdentifiers() {
        HashSet hashSet = new HashSet();
        hashSet.add(SUBJECT_HAS_PERMISSION);
        return hashSet;
    }

    public EvaluationResult evaluate(List<Evaluatable> list, EvaluationCtx evaluationCtx) {
        StringAttribute[] stringAttributeArr = new AttributeValue[list.size()];
        EvaluationResult evalArgs = evalArgs(list, evaluationCtx, stringAttributeArr);
        if (evalArgs != null) {
            return evalArgs;
        }
        switch (getFunctionId()) {
            case 0:
                String trim = stringAttributeArr[0].getValue().trim();
                String trim2 = stringAttributeArr[1].getValue().trim();
                boolean z = false;
                try {
                    z = EntitlementServiceComponent.getRealmservice().getBootstrapRealm().getAuthorizationManager().isUserAuthorized(trim2, trim, "ui.execute");
                } catch (UserStoreException e) {
                    log.error("Error while authorising" + trim2 + " to perform ui.execute on " + trim, e);
                }
                evalArgs = new EvaluationResult(BooleanAttribute.getInstance(z));
                break;
        }
        return evalArgs;
    }
}
