package org.webswing.server.api.util;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.webswing.server.api.base.UrlHandler;
import org.webswing.server.common.model.security.WebswingAction;
import org.webswing.server.common.service.security.AbstractWebswingUser;
import org.webswing.server.common.service.security.impl.WebswingSecuritySubject;

/* loaded from: input_file:org/webswing/server/api/util/SecurityUtil.class */
public class SecurityUtil {
    private static final Logger log = LoggerFactory.getLogger(SecurityUtil.class);
    public static final String CLIENT_IP_SESSION_ATTR = "webswingClientIp";

    public static AbstractWebswingUser getUser(UrlHandler urlHandler) {
        return resolveUser(WebswingSecuritySubject.get(), urlHandler);
    }

    public static AbstractWebswingUser resolveUser(WebswingSecuritySubject webswingSecuritySubject, UrlHandler urlHandler) {
        AbstractWebswingUser userForSecuredPath;
        String securedPath = urlHandler.getSecuredPath();
        if (webswingSecuritySubject == null || securedPath == null) {
            return null;
        }
        AbstractWebswingUser userForSecuredPath2 = webswingSecuritySubject.getUserForSecuredPath(securedPath);
        return (userForSecuredPath2 == null && (userForSecuredPath = webswingSecuritySubject.getUserForSecuredPath(urlHandler.getRootHandler().getSecuredPath())) != null && userForSecuredPath.isPermitted(WebswingAction.master_admin_access.name())) ? userForSecuredPath : userForSecuredPath2;
    }

    public static Object getFromSecuritySession(String str) {
        return WebswingSecuritySubject.get().getAttribute(str);
    }

    public static void setToSecuritySession(String str, Object obj) {
        WebswingSecuritySubject.get().setAttribute(str, obj);
    }
}
