package com.googlecode.common.web.controller;

import com.googlecode.common.protocol.Permission;
import com.googlecode.common.protocol.admin.AuthUserDTO;
import com.googlecode.common.service.AdminService;
import com.googlecode.common.service.CommonResponses;
import com.googlecode.common.service.PermissionService;
import com.googlecode.common.service.ex.OperationFailedException;
import com.googlecode.common.web.ServletHelpers;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/googlecode/common/web/controller/CommonAuthController.class */
public abstract class CommonAuthController {
    protected final Logger log = LoggerFactory.getLogger(getClass());

    @Autowired
    private AdminService adminService;

    @Autowired
    private PermissionService permissionService;

    protected String[] getAuthInfo(HttpServletRequest httpServletRequest) {
        String[] basicAuthInfo = ServletHelpers.getBasicAuthInfo(httpServletRequest);
        if (basicAuthInfo != null && basicAuthInfo.length == 2) {
            return basicAuthInfo;
        }
        if (this.log.isWarnEnabled()) {
            this.log.warn("No authorization data provided");
        }
        throw new OperationFailedException(CommonResponses.AUTHENTICATION_FAILED, "Authentication failed");
    }

    protected AuthUserDTO authUser(HttpServletRequest httpServletRequest) {
        return this.adminService.authUser(ServletHelpers.getAuthToken(httpServletRequest));
    }

    protected void checkUserPermission(AuthUserDTO authUserDTO, Permission permission) {
        if (!hasUserPermission(authUserDTO, permission)) {
            throw new OperationFailedException(CommonResponses.ACCESS_DENIED, "Access denied for specified entity");
        }
    }

    protected void checkUserAnyPermissions(AuthUserDTO authUserDTO, Permission... permissionArr) {
        List<Integer> safeGetRoles = authUserDTO.safeGetRoles();
        for (Permission permission : permissionArr) {
            if (this.permissionService.hasRolePermission(safeGetRoles, permission)) {
                return;
            }
        }
        throw new OperationFailedException(CommonResponses.ACCESS_DENIED, "Access denied for specified entity");
    }

    protected void checkUserAllPermissions(AuthUserDTO authUserDTO, Permission permission, Permission permission2) {
        checkUserPermission(authUserDTO, permission);
        checkUserPermission(authUserDTO, permission2);
    }

    protected boolean hasUserPermission(AuthUserDTO authUserDTO, Permission permission) {
        return this.permissionService.hasRolePermission(authUserDTO.safeGetRoles(), permission);
    }
}
