package org.mentawai.filter;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import org.mentawai.action.BaseLoginAction;
import org.mentawai.ajax.AjaxAction;
import org.mentawai.authorization.AuthorizationManager;
import org.mentawai.authorization.Group;
import org.mentawai.authorization.Permission;
import org.mentawai.core.Action;
import org.mentawai.core.Filter;
import org.mentawai.core.InvocationChain;

/* loaded from: input_file:org/mentawai/filter/AuthorizationFilter.class */
public class AuthorizationFilter implements Filter {
    public static final String ACCESSDENIED = "accessdenied";
    public static final String AJAX_DENIED = "ajax_denied";
    private List<String> groups;
    private String permission;

    public AuthorizationFilter(String str) {
        this.groups = null;
        this.permission = null;
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        this.groups = new ArrayList(stringTokenizer.countTokens());
        while (stringTokenizer.hasMoreTokens()) {
            this.groups.add(stringTokenizer.nextToken().trim());
        }
    }

    public AuthorizationFilter(List list) {
        this.groups = null;
        this.permission = null;
        this.groups = new ArrayList(list.size());
        for (Object obj : list) {
            if (obj instanceof Group) {
                this.groups.add(((Group) obj).getName());
            } else if (obj instanceof String) {
                this.groups.add((String) obj);
            }
        }
    }

    public AuthorizationFilter(Permission permission) {
        this.groups = null;
        this.permission = null;
        this.permission = permission.getName();
    }

    public AuthorizationFilter(String str, Permission permission) {
        this(str);
        this.permission = permission.getName();
    }

    public AuthorizationFilter(List list, Permission permission) {
        this(list);
        this.permission = permission.getName();
    }

    @Override // org.mentawai.core.Filter
    public String filter(InvocationChain invocationChain) throws Exception {
        Action action = invocationChain.getAction();
        List userGroups = BaseLoginAction.getUserGroups(action.getSession());
        if (userGroups == null || userGroups.size() == 0) {
            return action instanceof AjaxAction ? "ajax_denied" : "accessdenied";
        }
        boolean z = false;
        if (this.groups != null && this.groups.size() > 0) {
            int i = 0;
            while (i < this.groups.size()) {
                int i2 = 0;
                while (i2 < userGroups.size()) {
                    if (userGroups.get(i2).toString().equals(this.groups.get(i).toString())) {
                        z = true;
                        i = this.groups.size();
                        i2 = userGroups.size();
                    }
                    i2++;
                }
                i++;
            }
            if (!z) {
                return action instanceof AjaxAction ? "ajax_denied" : "accessdenied";
            }
        }
        if (this.permission != null && this.permission.length() > 0) {
            Iterator it = userGroups.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (AuthorizationManager.check(it.next().toString(), this.permission)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                return action instanceof AjaxAction ? "ajax_denied" : "accessdenied";
            }
        }
        return !z ? action instanceof AjaxAction ? "ajax_denied" : "accessdenied" : invocationChain.invoke();
    }

    @Override // org.mentawai.core.Filter
    public void destroy() {
    }
}
