package org.craftercms.studio.impl.v1.web.security.access;

import java.util.Collection;
import javax.servlet.http.HttpServletRequest;
import org.craftercms.studio.api.v1.dal.User;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;

/* loaded from: input_file:org/craftercms/studio/impl/v1/web/security/access/StudioCmisDSAPIAccessDecisionVoter.class */
public class StudioCmisDSAPIAccessDecisionVoter extends StudioAbstractAccessDecisionVoter {
    private static final Logger logger = LoggerFactory.getLogger(StudioCmisDSAPIAccessDecisionVoter.class);
    private static final String LIST = "/api/1/services/api/1/cmis/list.json";
    private static final String SEARCH = "/api/1/services/api/1/cmis/search.json";

    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    public int vote(Authentication authentication, Object obj, Collection collection) {
        int i = 0;
        String str = "";
        if (obj instanceof FilterInvocation) {
            HttpServletRequest request = ((FilterInvocation) obj).getRequest();
            str = request.getRequestURI().replace(request.getContextPath(), "");
            String parameter = request.getParameter("site_id");
            User user = null;
            try {
                user = (User) authentication.getPrincipal();
            } catch (ClassCastException e) {
                if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                    logger.info("Error getting current user", e);
                    return 0;
                }
            }
            boolean z = -1;
            switch (str.hashCode()) {
                case -955430625:
                    if (str.equals(LIST)) {
                        z = true;
                        break;
                    }
                    break;
                case 702188693:
                    if (str.equals(SEARCH)) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                case true:
                    if (user != null && isSiteMember(parameter, user)) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                    break;
                default:
                    i = 0;
                    break;
            }
        }
        logger.debug("Request: " + str + " - Access: " + i, new Object[0]);
        return i;
    }

    public boolean supports(Class cls) {
        return true;
    }
}
