package com.e2eq.framework.model.persistent.morphia.interceptors;

import com.e2eq.framework.model.securityrules.PrincipalContext;
import com.e2eq.framework.model.securityrules.ResourceContext;
import com.e2eq.framework.model.securityrules.RuleContext;
import com.e2eq.framework.model.securityrules.RuleEffect;
import com.e2eq.framework.model.securityrules.SecurityCheckException;
import com.e2eq.framework.model.securityrules.SecurityCheckResponse;
import com.e2eq.framework.model.securityrules.SecurityContext;
import com.e2eq.framework.util.SecurityUtils;
import dev.morphia.Datastore;
import dev.morphia.EntityListener;
import dev.morphia.annotations.PrePersist;
import io.quarkus.logging.Log;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import java.util.Optional;
import org.bson.Document;
import org.jboss.logging.Logger;

@ApplicationScoped
/* loaded from: input_file:com/e2eq/framework/model/persistent/morphia/interceptors/PermissionRuleInterceptor.class */
public class PermissionRuleInterceptor implements EntityListener {

    @Inject
    RuleContext ruleContext;

    public boolean hasAnnotation(Class cls) {
        return false;
    }

    @PrePersist
    public void prePersist(Object obj, Document document, Datastore datastore) {
        super.prePersist(obj, document, datastore);
        if (!SecurityContext.getResourceContext().isPresent()) {
            Log.warn("No Resource Context found there for no permission check executed for entity:" + obj.getClass().getName() + " Document:" + document.toJson());
            return;
        }
        if (!SecurityContext.getResourceContext().get().getAction().equals("save") && !SecurityContext.getResourceContext().get().getAction().equals("update") && !SecurityContext.getResourceContext().get().getAction().equals(SecurityUtils.any) && Log.isEnabled(Logger.Level.WARN)) {
            Log.warn("pre persist called but action expected to be save or update and is:" + SecurityContext.getResourceContext().get().getAction());
        }
        doCheck();
    }

    void doCheck() {
        Optional<PrincipalContext> principalContext = SecurityContext.getPrincipalContext();
        Optional<ResourceContext> resourceContext = SecurityContext.getResourceContext();
        if (principalContext.isPresent() && resourceContext.isPresent()) {
            SecurityCheckResponse checkRules = this.ruleContext.checkRules(principalContext.get(), resourceContext.get());
            if (checkRules.getFinalEffect().equals(RuleEffect.ALLOW)) {
                return;
            }
            Log.error(checkRules.toString());
            throw new SecurityCheckException(checkRules);
        }
    }
}
