package org.broadleafcommerce.openadmin.server.security.remote;

import java.util.Iterator;
import javax.annotation.Resource;
import org.broadleafcommerce.openadmin.client.BLCMain;
import org.broadleafcommerce.openadmin.client.datasource.dynamic.operation.EntityOperationType;
import org.broadleafcommerce.openadmin.client.security.AdminUser;
import org.broadleafcommerce.openadmin.client.service.AdminSecurityService;
import org.broadleafcommerce.openadmin.client.service.ServiceException;
import org.broadleafcommerce.openadmin.client.translation.grouping.GroupingTranslator;
import org.broadleafcommerce.openadmin.server.security.domain.AdminPermission;
import org.broadleafcommerce.openadmin.server.security.domain.AdminRole;
import org.broadleafcommerce.openadmin.server.security.service.type.PermissionType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Service;

@Service("blAdminSecurityRemoteService")
/* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/remote/AdminSecurityServiceRemote.class */
public class AdminSecurityServiceRemote implements AdminSecurityService {
    private static final String ANONYMOUS_USER_NAME = "roleAnonymous";

    @Resource(name = "blAdminSecurityService")
    protected org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService securityService;
    private boolean isEntitySecurityExplicit = true;

    /* renamed from: org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote$1, reason: invalid class name */
    /* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/remote/AdminSecurityServiceRemote$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType = new int[EntityOperationType.values().length];

        static {
            try {
                $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[EntityOperationType.ADD.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[EntityOperationType.FETCH.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[EntityOperationType.REMOVE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[EntityOperationType.UPDATE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[EntityOperationType.INSPECT.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    @Override // org.broadleafcommerce.openadmin.client.service.AdminSecurityService
    public AdminUser getAdminUser() {
        org.broadleafcommerce.openadmin.server.security.domain.AdminUser persistentAdminUser = getPersistentAdminUser();
        if (persistentAdminUser == null) {
            return null;
        }
        AdminUser adminUser = new AdminUser();
        for (AdminRole adminRole : persistentAdminUser.getAllRoles()) {
            adminUser.getRoles().add(adminRole.getName());
            Iterator<AdminPermission> it = adminRole.getAllPermissions().iterator();
            while (it.hasNext()) {
                adminUser.getPermissions().add(it.next().getName());
            }
        }
        adminUser.setUserName(persistentAdminUser.getLogin());
        adminUser.setCurrentSandBoxId(String.valueOf(persistentAdminUser.getCurrentSandbox().getId()));
        return adminUser;
    }

    public org.broadleafcommerce.openadmin.server.security.domain.AdminUser getPersistentAdminUser() {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null || authentication.getName().equals(ANONYMOUS_USER_NAME)) {
            return null;
        }
        return this.securityService.readAdminUserByUserName(((User) authentication.getPrincipal()).getUsername());
    }

    public void securityCheck(String str, EntityOperationType entityOperationType) throws ServiceException {
        PermissionType permissionType;
        if (str == null) {
            throw new ServiceException("Security Check Failed: ceilingEntityFullyQualifiedName not specified");
        }
        org.broadleafcommerce.openadmin.server.security.domain.AdminUser persistentAdminUser = getPersistentAdminUser();
        switch (AnonymousClass1.$SwitchMap$org$broadleafcommerce$openadmin$client$datasource$dynamic$operation$EntityOperationType[entityOperationType.ordinal()]) {
            case BLCMain.DEBUG /* 1 */:
                permissionType = PermissionType.CREATE;
                break;
            case 2:
                permissionType = PermissionType.READ;
                break;
            case 3:
                permissionType = PermissionType.DELETE;
                break;
            case 4:
                permissionType = PermissionType.UPDATE;
                break;
            case 5:
                permissionType = PermissionType.READ;
                break;
            default:
                permissionType = PermissionType.OTHER;
                break;
        }
        if (this.securityService.isUserQualifiedForOperationOnCeilingEntity(persistentAdminUser, permissionType, str)) {
            return;
        }
        if (this.isEntitySecurityExplicit || this.securityService.doesOperationExistForCeilingEntity(permissionType, str)) {
            throw new ServiceException("Security Check Failed for entity operation: " + entityOperationType.toString() + " (" + str + GroupingTranslator.GROUPENDCHAR);
        }
    }

    public boolean isEntitySecurityExplicit() {
        return this.isEntitySecurityExplicit;
    }

    public void setEntitySecurityExplicit(boolean z) {
        this.isEntitySecurityExplicit = z;
    }
}
