package ru.ydn.wicket.wicketorientdb.security;

import com.orientechnologies.orient.core.metadata.security.ORule;
import com.orientechnologies.orient.core.metadata.security.OUser;
import java.util.Map;
import org.apache.wicket.Component;
import org.apache.wicket.Page;
import org.apache.wicket.authorization.Action;
import org.apache.wicket.authorization.IAuthorizationStrategy;
import org.apache.wicket.request.component.IRequestableComponent;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.apache.wicket.request.resource.IResource;
import org.apache.wicket.util.string.Strings;
import org.slf4j.Marker;
import ru.ydn.wicket.wicketorientdb.OrientDbWebSession;

/* loaded from: input_file:WEB-INF/lib/wicket-orientdb-1.2.jar:ru/ydn/wicket/wicketorientdb/security/OrientResourceAuthorizationStrategy.class */
public class OrientResourceAuthorizationStrategy implements IAuthorizationStrategy {
    @Override // org.apache.wicket.authorization.IAuthorizationStrategy
    public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> cls) {
        RequiredOrientResource[] requiredOrientResources;
        if (!Page.class.isAssignableFrom(cls) || (requiredOrientResources = getRequiredOrientResources(cls)) == null) {
            return true;
        }
        return checkResources(requiredOrientResources, Component.RENDER);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.wicket.authorization.IAuthorizationStrategy
    public boolean isActionAuthorized(Component component, Action action) {
        RequiredOrientResource[] requiredResources;
        RequiredOrientResource[] requiredOrientResources = getRequiredOrientResources(component.getClass());
        if (requiredOrientResources != null && !checkResources(requiredOrientResources, action)) {
            return false;
        }
        Map<String, OrientPermission[]> map = (Map) component.getMetaData(OrientPermission.REQUIRED_ORIENT_RESOURCES_KEY);
        if (map == null || checkResources(map, action)) {
            return !(component instanceof ISecuredComponent) || (requiredResources = ((ISecuredComponent) component).getRequiredResources()) == null || checkResources(requiredResources, action);
        }
        return false;
    }

    public boolean checkResources(RequiredOrientResource[] requiredOrientResourceArr, Action action) {
        for (RequiredOrientResource requiredOrientResource : requiredOrientResourceArr) {
            if (!checkResource(requiredOrientResource, action)) {
                return false;
            }
        }
        return true;
    }

    public boolean checkResource(RequiredOrientResource requiredOrientResource, Action action) {
        if (!requiredOrientResource.action().equals(action.getName())) {
            return true;
        }
        OUser user = OrientDbWebSession.get().getUser();
        if (user == null) {
            return false;
        }
        int combinedPermission = OrientPermission.combinedPermission(requiredOrientResource.permissions());
        ORule.ResourceGeneric resourceGeneric = OSecurityHelper.getResourceGeneric(requiredOrientResource.value());
        String specific = requiredOrientResource.specific();
        if (Strings.isEmpty(specific)) {
            specific = null;
        }
        if (user.checkIfAllowed(resourceGeneric, specific, combinedPermission) != null) {
            return true;
        }
        do {
            String beforeLastPathComponent = Strings.beforeLastPathComponent(specific, '.');
            specific = beforeLastPathComponent;
            if (Strings.isEmpty(beforeLastPathComponent)) {
                return false;
            }
        } while (user.checkIfAllowed(resourceGeneric, specific + "." + Marker.ANY_MARKER, combinedPermission) == null);
        return true;
    }

    public boolean checkResources(Map<String, OrientPermission[]> map, Action action) {
        for (Map.Entry<String, OrientPermission[]> entry : map.entrySet()) {
            if (!checkResource(entry.getKey(), action, entry.getValue())) {
                return false;
            }
        }
        return true;
    }

    public boolean checkResource(String str, Action action, OrientPermission[] orientPermissionArr) {
        String name = action.getName();
        int indexOf = str.indexOf(58);
        if (indexOf > 0) {
            if (!str.endsWith(name) || str.length() <= name.length() || str.charAt((str.length() - name.length()) - 1) != ':') {
                return true;
            }
            str = str.substring(0, indexOf);
        } else if (!Component.RENDER.equals(action)) {
            return true;
        }
        OUser user = OrientDbWebSession.get().getUser();
        if (user == null) {
            return false;
        }
        return (user == null || user.checkIfAllowed(OSecurityHelper.getResourceGeneric(str), OSecurityHelper.getResourceSpecific(str), OrientPermission.combinedPermission(orientPermissionArr)) == null) ? false : true;
    }

    public RequiredOrientResource[] getRequiredOrientResources(Class<?> cls) {
        RequiredOrientResources requiredOrientResources = (RequiredOrientResources) cls.getAnnotation(RequiredOrientResources.class);
        RequiredOrientResource requiredOrientResource = (RequiredOrientResource) cls.getAnnotation(RequiredOrientResource.class);
        if (requiredOrientResources == null && requiredOrientResource == null) {
            return null;
        }
        if (requiredOrientResources != null && requiredOrientResource == null) {
            return requiredOrientResources.value();
        }
        if (requiredOrientResources == null && requiredOrientResource != null) {
            return new RequiredOrientResource[]{requiredOrientResource};
        }
        if (requiredOrientResources == null || requiredOrientResource == null) {
            return null;
        }
        RequiredOrientResource[] requiredOrientResourceArr = new RequiredOrientResource[requiredOrientResources.value().length + 1];
        requiredOrientResourceArr[0] = requiredOrientResource;
        System.arraycopy(requiredOrientResources.value(), 0, requiredOrientResourceArr, 1, requiredOrientResources.value().length);
        return requiredOrientResourceArr;
    }

    @Override // org.apache.wicket.authorization.IAuthorizationStrategy
    public boolean isResourceAuthorized(IResource iResource, PageParameters pageParameters) {
        RequiredOrientResource[] requiredResources;
        RequiredOrientResource[] requiredOrientResources = getRequiredOrientResources(iResource.getClass());
        if (requiredOrientResources == null || checkResources(requiredOrientResources, Component.RENDER)) {
            return !(iResource instanceof ISecuredComponent) || (requiredResources = ((ISecuredComponent) iResource).getRequiredResources()) == null || checkResources(requiredResources, Component.RENDER);
        }
        return false;
    }
}
