package org.broadleafcommerce.openadmin.server.security.remote;

import java.util.Iterator;
import java.util.List;
import javax.annotation.Resource;
import org.broadleafcommerce.openadmin.client.datasource.dynamic.operation.EntityOperationType;
import org.broadleafcommerce.openadmin.client.security.AdminUser;
import org.broadleafcommerce.openadmin.client.service.AdminSecurityService;
import org.broadleafcommerce.openadmin.client.service.ServiceException;
import org.broadleafcommerce.openadmin.security.SecurityConfig;
import org.broadleafcommerce.openadmin.server.security.domain.AdminPermission;
import org.broadleafcommerce.openadmin.server.security.domain.AdminRole;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Service;

@Service("blAdminSecurityRemoteService")
/* loaded from: input_file:WEB-INF/lib/broadleaf-open-admin-platform-1.5.0-M3-2.jar:org/broadleafcommerce/openadmin/server/security/remote/AdminSecurityServiceRemote.class */
public class AdminSecurityServiceRemote implements AdminSecurityService {
    private static final String ANONYMOUS_USER_NAME = "roleAnonymous";

    @Resource(name = "blAdminSecurityService")
    protected org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService securityService;
    private List<SecurityConfig> securityConfigs;

    @Override // org.broadleafcommerce.openadmin.client.service.AdminSecurityService
    public AdminUser getAdminUser() {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null || authentication.getName().equals(ANONYMOUS_USER_NAME)) {
            return null;
        }
        org.broadleafcommerce.openadmin.server.security.domain.AdminUser readAdminUserByUserName = this.securityService.readAdminUserByUserName(((User) authentication.getPrincipal()).getUsername());
        AdminUser adminUser = new AdminUser();
        for (AdminRole adminRole : readAdminUserByUserName.getAllRoles()) {
            adminUser.getRoles().add(adminRole.getName());
            Iterator<AdminPermission> it = adminRole.getAllPermissions().iterator();
            while (it.hasNext()) {
                adminUser.getPermissions().add(it.next().getName());
            }
        }
        adminUser.setUserName(readAdminUserByUserName.getLogin());
        return adminUser;
    }

    public void securityCheck(String str, EntityOperationType entityOperationType) throws ServiceException {
        if (this.securityConfigs != null) {
            for (SecurityConfig securityConfig : this.securityConfigs) {
                if (str != null && str.equals(securityConfig.getCeilingEntityFullyQualifiedName()) && entityOperationType != null && securityConfig.getRequiredTypes().contains(entityOperationType)) {
                    boolean z = false;
                    AdminUser adminUser = getAdminUser();
                    Iterator<String> it = securityConfig.getRoles().iterator();
                    while (true) {
                        if (it.hasNext()) {
                            String next = it.next();
                            if (adminUser.getRoles() != null && adminUser.getRoles().contains(next)) {
                                z = true;
                                break;
                            }
                        } else {
                            Iterator<String> it2 = securityConfig.getPermissions().iterator();
                            while (true) {
                                if (!it2.hasNext()) {
                                    break;
                                }
                                String next2 = it2.next();
                                if (adminUser.getPermissions() != null && adminUser.getPermissions().contains(next2)) {
                                    z = true;
                                    break;
                                }
                            }
                        }
                    }
                    if (!z) {
                        throw new ServiceException("Security Check Failed: AdminSecurityServiceRemote");
                    }
                    return;
                }
            }
        }
    }

    public List<SecurityConfig> getSecurityConfigs() {
        return this.securityConfigs;
    }

    public void setSecurityConfigs(List<SecurityConfig> list) {
        this.securityConfigs = list;
    }
}
