package org.iternine.jeppetto.dao.hibernate;

import java.io.Serializable;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.hibernate.Criteria;
import org.hibernate.HibernateException;
import org.hibernate.SessionFactory;
import org.hibernate.classic.Session;
import org.hibernate.criterion.Restrictions;
import org.iternine.jeppetto.dao.AccessControlContext;
import org.iternine.jeppetto.dao.AccessControlException;
import org.iternine.jeppetto.dao.AccessType;
import org.iternine.jeppetto.dao.annotation.AccessControl;
import org.iternine.jeppetto.dao.annotation.Accessor;

/* loaded from: input_file:org/iternine/jeppetto/dao/hibernate/AccessControlHelper.class */
public class AccessControlHelper {
    private SessionFactory sessionFactory;

    public void setSessionFactory(SessionFactory sessionFactory) {
        this.sessionFactory = sessionFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createEntry(Class<?> cls, Serializable serializable, String str, AccessType accessType) {
        if (accessType == AccessType.None) {
            return;
        }
        Session currentSession = this.sessionFactory.getCurrentSession();
        AccessControlEntry accessControlEntry = new AccessControlEntry();
        accessControlEntry.setObjectType(cls.getSimpleName());
        accessControlEntry.setObjectId(serializable.toString());
        accessControlEntry.setAccessibleBy(str);
        accessControlEntry.setAccessType(accessType.shortName());
        currentSession.save(accessControlEntry);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteEntry(Class<?> cls, Serializable serializable, String str) {
        Session currentSession = this.sessionFactory.getCurrentSession();
        Criteria createCriteria = currentSession.createCriteria(AccessControlEntry.class);
        createCriteria.add(Restrictions.eq("objectType", cls.getSimpleName()));
        createCriteria.add(Restrictions.eq("objectId", serializable.toString()));
        createCriteria.add(Restrictions.eq("accessibleBy", str));
        Iterator it = createCriteria.list().iterator();
        while (it.hasNext()) {
            currentSession.delete(it.next());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteAllEntries(Class<?> cls, Serializable serializable) {
        Session currentSession = this.sessionFactory.getCurrentSession();
        Criteria createCriteria = currentSession.createCriteria(AccessControlEntry.class);
        createCriteria.add(Restrictions.eq("objectType", cls.getSimpleName()));
        createCriteria.add(Restrictions.eq("objectId", serializable.toString()));
        Iterator it = createCriteria.list().iterator();
        while (it.hasNext()) {
            currentSession.delete(it.next());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, AccessType> getEntries(Class<?> cls, Serializable serializable) {
        HashMap hashMap = new HashMap();
        Criteria createCriteria = this.sessionFactory.getCurrentSession().createCriteria(AccessControlEntry.class);
        createCriteria.add(Restrictions.eq("objectType", cls.getSimpleName()));
        createCriteria.add(Restrictions.eq("objectId", serializable.toString()));
        for (AccessControlEntry accessControlEntry : createCriteria.list()) {
            hashMap.put(accessControlEntry.getAccessibleBy(), AccessType.getAccessTypeFromShortName(accessControlEntry.getAccessType()));
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void validateContextAllows(Class<?> cls, Serializable serializable, AccessControlContext accessControlContext, AccessType accessType) {
        if (!annotationAllowsAccess(cls, accessControlContext, accessType) && !accessControlEntryAllows(cls, serializable, accessControlContext.getAccessId(), accessType)) {
            throw new AccessControlException("Can't access object [" + serializable + "] for " + accessType + " with " + accessControlContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean annotationAllowsAccess(Class<?> cls, AccessControlContext accessControlContext, AccessType accessType) {
        AccessControl accessControlAnnotation;
        if (accessType == null || (accessControlAnnotation = getAccessControlAnnotation(cls)) == null) {
            return false;
        }
        Set roles = accessControlContext.getRoles();
        for (Accessor accessor : accessControlAnnotation.accessors()) {
            if (accessor.access().allows(accessType)) {
                if (accessor.type() == Accessor.Type.Anyone) {
                    return true;
                }
                if (accessor.type() == Accessor.Type.Role && roles != null && roles.contains(accessor.typeValue())) {
                    return true;
                }
            }
        }
        return false;
    }

    boolean accessControlEntryAllows(Class<?> cls, Serializable serializable, String str, AccessType accessType) {
        if (accessType == AccessType.None) {
            return false;
        }
        org.hibernate.Session session = null;
        try {
            session = this.sessionFactory.openSession();
            Criteria createCriteria = session.createCriteria(AccessControlEntry.class);
            createCriteria.add(Restrictions.eq("objectType", cls.getSimpleName()));
            createCriteria.add(Restrictions.eq("objectId", serializable.toString()));
            createCriteria.add(Restrictions.eq("accessibleBy", str));
            if (accessType == AccessType.Read) {
                createCriteria.add(Restrictions.in("accessType", Arrays.asList(AccessType.Read.shortName(), AccessType.ReadWrite.shortName())));
            } else {
                createCriteria.add(Restrictions.eq("accessType", AccessType.ReadWrite.shortName()));
            }
            boolean z = createCriteria.uniqueResult() != null;
            if (session != null) {
                try {
                    session.close();
                } catch (HibernateException e) {
                }
            }
            return z;
        } catch (Throwable th) {
            if (session != null) {
                try {
                    session.close();
                } catch (HibernateException e2) {
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AccessControl getAccessControlAnnotation(Class<?> cls) {
        while (cls != null) {
            AccessControl annotation = cls.getAnnotation(AccessControl.class);
            if (annotation != null) {
                return annotation;
            }
            cls = cls.getSuperclass();
        }
        return null;
    }
}
