package org.craftercms.studio.api.v2.security;

import java.beans.ConstructorProperties;
import java.lang.reflect.Method;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.craftercms.commons.aop.AopUtils;
import org.craftercms.commons.security.exception.PermissionException;
import org.craftercms.commons.security.permissions.Permission;
import org.craftercms.commons.security.permissions.PermissionEvaluator;
import org.craftercms.commons.security.permissions.annotations.AbstractPermissionAnnotationHandler;
import org.craftercms.studio.api.v1.constant.StudioConstants;
import org.craftercms.studio.api.v2.exception.security.ActionsDeniedException;
import org.craftercms.studio.impl.v2.utils.security.SecurityUtils;
import org.springframework.core.annotation.Order;

@Aspect
@Order(-1)
/* loaded from: input_file:org/craftercms/studio/api/v2/security/HasAllPermissionsAnnotationHandler.class */
public class HasAllPermissionsAnnotationHandler extends AbstractPermissionAnnotationHandler {
    private static final String ERROR_KEY_EVALUATOR_NOT_FOUND = "security.permission.evaluatorNotFound";
    private static final String ERROR_KEY_EVALUATION_FAILED = "security.permission.evaluationFailed";

    @ConstructorProperties({"permissionEvaluators"})
    public HasAllPermissionsAnnotationHandler(Map<Class<?>, PermissionEvaluator<?, ?>> map) {
        super(map);
    }

    @Around("@within(org.craftercms.studio.api.v2.security.HasAllPermissions) || @annotation(org.craftercms.studio.api.v2.security.HasAllPermissions)")
    public Object checkPermissions(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        boolean z = true;
        Method actualMethod = AopUtils.getActualMethod(proceedingJoinPoint);
        HasAllPermissions hasAllPermissions = (HasAllPermissions) getHasPermissionAnnotation(actualMethod, proceedingJoinPoint, HasAllPermissions.class);
        Class<? extends Permission> type = hasAllPermissions.type();
        String[] actions = hasAllPermissions.actions();
        PermissionEvaluator permissionEvaluator = (PermissionEvaluator) this.permissionEvaluators.get(type);
        Object annotatedProtectedResource = getAnnotatedProtectedResource(actualMethod, proceedingJoinPoint.getArgs());
        if (annotatedProtectedResource == null) {
            annotatedProtectedResource = getAnnotatedProtectedResourceIds(actualMethod, proceedingJoinPoint.getArgs());
        }
        if (permissionEvaluator == null) {
            throw new PermissionException(ERROR_KEY_EVALUATOR_NOT_FOUND, new Object[]{type});
        }
        try {
            for (String str : actions) {
                z = z && permissionEvaluator.isAllowed(annotatedProtectedResource, str);
            }
            if (z) {
                return proceedingJoinPoint.proceed();
            }
            throw new ActionsDeniedException("User " + SecurityUtils.getCurrentUsername() + " does not have all of the requested permissions [" + StringUtils.join(actions, StudioConstants.STRING_SEPARATOR) + "]");
        } catch (PermissionException e) {
            throw new PermissionException(ERROR_KEY_EVALUATION_FAILED, e, new Object[0]);
        }
    }
}
