package com.epam.ta.reportportal.auth.permissions;

import com.epam.ta.reportportal.database.entity.user.UserRole;
import com.epam.ta.reportportal.exception.PermissionNotDefinedException;
import com.google.common.base.Preconditions;
import java.io.Serializable;
import java.util.Map;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

/* loaded from: input_file:BOOT-INF/classes/com/epam/ta/reportportal/auth/permissions/ReportPortalPermissionEvaluator.class */
class ReportPortalPermissionEvaluator implements PermissionEvaluator {
    private static final GrantedAuthority ADMIN_AUTHORITY = new SimpleGrantedAuthority(UserRole.ADMINISTRATOR.getAuthority());
    private Map<String, Permission> permissionNameToPermissionMap;
    private boolean allowAllToAdmin;

    public ReportPortalPermissionEvaluator(Map<String, Permission> map) {
        this(map, true);
    }

    public ReportPortalPermissionEvaluator(Map<String, Permission> map, boolean z) {
        this.permissionNameToPermissionMap = (Map) Preconditions.checkNotNull(map);
        this.allowAllToAdmin = z;
    }

    @Override // org.springframework.security.access.PermissionEvaluator
    public boolean hasPermission(Authentication authentication, Object obj, Object obj2) {
        boolean z = false;
        if (canHandle(authentication, obj, obj2)) {
            z = checkPermission(authentication, obj, (String) obj2);
        }
        return z;
    }

    private boolean canHandle(Authentication authentication, Object obj, Object obj2) {
        return (obj == null || authentication == null || !String.class.equals(obj2.getClass())) ? false : true;
    }

    private boolean checkPermission(Authentication authentication, Object obj, String str) {
        verifyPermissionIsDefined(str);
        if (this.allowAllToAdmin && authentication.isAuthenticated() && authentication.getAuthorities().contains(ADMIN_AUTHORITY)) {
            return true;
        }
        return this.permissionNameToPermissionMap.get(str).isAllowed(authentication, obj);
    }

    private void verifyPermissionIsDefined(String str) {
        if (!this.permissionNameToPermissionMap.containsKey(str)) {
            throw new PermissionNotDefinedException("No permission with key " + str + " is defined in " + getClass().toString());
        }
    }

    @Override // org.springframework.security.access.PermissionEvaluator
    public boolean hasPermission(Authentication authentication, Serializable serializable, String str, Object obj) {
        throw new PermissionNotDefinedException("Id and Class permissions are not supperted by " + getClass().toString());
    }
}
