package com.googlecode.wicketelements.security;

import com.googlecode.jbp.common.requirements.Reqs;
import com.googlecode.wicketelements.security.annotations.EnableAction;
import com.googlecode.wicketelements.security.annotations.InstantiateAction;
import com.googlecode.wicketelements.security.annotations.RenderAction;
import java.util.List;
import org.apache.wicket.Component;
import org.apache.wicket.Page;
import org.apache.wicket.authorization.Action;
import org.apache.wicket.authorization.IAuthorizationStrategy;
import org.apache.wicket.request.component.IRequestableComponent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/googlecode/wicketelements/security/AnnotationAuthorizationStrategy.class */
public class AnnotationAuthorizationStrategy implements IAuthorizationStrategy {
    private static final transient Logger LOGGER = LoggerFactory.getLogger("wicketelements.security");
    private final SecurityCheck securityCheck;

    public AnnotationAuthorizationStrategy(SecurityCheck securityCheck) {
        Reqs.PARAM_REQ.Object.requireNotNull(securityCheck, "SecurityCheck object must not be null.");
        this.securityCheck = securityCheck;
    }

    public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> cls) {
        LOGGER.debug("Checking if instantiation is authorized for {}", cls.getName());
        Reqs.PARAM_REQ.Object.requireNotNull(cls, "The component's class parameter must not be null.");
        if (this.securityCheck.isSignInRequired()) {
            LOGGER.debug("Sign in is required.");
            if (!SecureSession.get().isAuthenticated()) {
                LOGGER.debug("User is not authenticated.");
                if (Page.class.isAssignableFrom(cls)) {
                    LOGGER.debug("Component is a Page.");
                    if (!this.securityCheck.isErrorPage(cls) && !this.securityCheck.isSignInPage(cls) && !this.securityCheck.isSignOutPage(cls)) {
                        return false;
                    }
                    LOGGER.debug("Page is an error, sign in or sign out page.");
                    return true;
                }
            }
        }
        if (!this.securityCheck.isSecurityAnnotatedComponent(cls)) {
            return true;
        }
        return this.securityCheck.isAllSecurityConstraintsSatisfiedForInstantiation(cls, this.securityCheck.findSecurityConstraintsForInstantiation(cls)) && this.securityCheck.isAtLeastOnePermissionGivenToUser(this.securityCheck.findImpliedPermissions(cls, InstantiateAction.class));
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean isActionAuthorized(Component component, Action action) {
        Reqs.PARAM_REQ.Object.requireNotNull(component, "The component parameter must not be null.");
        Reqs.PARAM_REQ.Object.requireNotNull(action, "The action parameter must not be null.");
        Class<?> cls = component.getClass();
        if (!this.securityCheck.isSecurityAnnotatedComponent(cls)) {
            LOGGER.debug("No security annotation on the component.  Action is authorized.");
            return true;
        }
        if (SecureSession.get().getUser() == null) {
            return true;
        }
        Object obj = null;
        List<Class<? extends SecurityConstraint>> list = null;
        if (Component.RENDER.equals(action)) {
            obj = RenderAction.class;
            list = this.securityCheck.findSecurityConstraintsForRender(component);
        } else if (Component.ENABLE.equals(action)) {
            obj = EnableAction.class;
            if (!isActionAuthorized(component.getParent(), action)) {
                return false;
            }
            list = this.securityCheck.findSecurityConstraintsForEnable(component);
        }
        if (obj == null) {
            throw new IllegalStateException("Action is unknown (Render or Enable expected).: " + action);
        }
        return this.securityCheck.isAllSecurityConstraintsSatisfiedForAction(component, list) && this.securityCheck.isAtLeastOnePermissionGivenToUser(this.securityCheck.findImpliedPermissions(cls, obj));
    }
}
