package de.terrestris.shogun2.security.access.entity;

import de.terrestris.shogun2.model.PersistentObject;
import de.terrestris.shogun2.model.User;
import de.terrestris.shogun2.model.UserGroup;
import de.terrestris.shogun2.model.security.Permission;
import de.terrestris.shogun2.model.security.PermissionCollection;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.log4j.Logger;

/* loaded from: input_file:de/terrestris/shogun2/security/access/entity/PersistentObjectPermissionEvaluator.class */
public class PersistentObjectPermissionEvaluator<E extends PersistentObject> {
    protected final Logger LOG = Logger.getLogger(getClass());
    private final Class<E> entityClass;

    public PersistentObjectPermissionEvaluator(Class<E> cls) {
        this.entityClass = cls;
    }

    public boolean hasPermission(User user, E e, Permission permission) {
        String simpleName = this.entityClass.getSimpleName();
        Set<Permission> permissions = extractUserPermissions(user, e.getUserPermissions()).getPermissions();
        if (permissions.contains(permission) || permissions.contains(Permission.ADMIN)) {
            this.LOG.trace("Granting " + permission + " access by user permissions");
            return true;
        }
        Set<Permission> permissions2 = extractGroupPermissions(user, e.getGroupPermissions()).getPermissions();
        if (permissions2.contains(permission) || permissions2.contains(Permission.ADMIN)) {
            this.LOG.trace("Granting " + permission + " access by group permissions");
            return true;
        }
        this.LOG.trace("Restricting " + permission + " access on secured object '" + simpleName + "' with ID " + e.getId());
        return false;
    }

    protected static PermissionCollection extractUserPermissions(User user, Map<User, PermissionCollection> map) {
        PermissionCollection permissionCollection = map.get(user);
        if (permissionCollection == null) {
            permissionCollection = new PermissionCollection();
        }
        return permissionCollection;
    }

    protected static PermissionCollection extractGroupPermissions(User user, Map<UserGroup, PermissionCollection> map) {
        HashSet hashSet = new HashSet();
        for (UserGroup userGroup : map.keySet()) {
            if (userGroup.getMembers().contains(user)) {
                hashSet.addAll(map.get(userGroup).getPermissions());
            }
        }
        return new PermissionCollection(hashSet);
    }

    public Class<E> getEntityClass() {
        return this.entityClass;
    }
}
