package com.axelor.auth;

import com.axelor.auth.db.Permission;
import com.axelor.auth.db.Role;
import com.axelor.auth.db.User;
import com.axelor.db.JpaSecurity;
import com.google.common.base.Objects;
import com.google.common.collect.Sets;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Set;

/* loaded from: input_file:com/axelor/auth/AuthResolver.class */
final class AuthResolver {
    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean hasAccess(Permission permission, JpaSecurity.AccessType accessType) {
        if (accessType == null) {
            return true;
        }
        switch (accessType) {
            case READ:
                return permission.getCanRead() == Boolean.TRUE;
            case WRITE:
                return permission.getCanWrite() == Boolean.TRUE;
            case CREATE:
                return permission.getCanCreate() == Boolean.TRUE;
            case REMOVE:
                return permission.getCanRemove() == Boolean.TRUE;
            case EXPORT:
                return permission.getCanExport() == Boolean.TRUE;
            default:
                return false;
        }
    }

    private Set<Permission> filterPermissions(Set<Permission> set, String str, JpaSecurity.AccessType accessType) {
        if (set == null || set.isEmpty()) {
            return Sets.newLinkedHashSet();
        }
        LinkedHashSet newLinkedHashSet = Sets.newLinkedHashSet();
        for (Permission permission : set) {
            if (Objects.equal(str, permission.getObject()) && (permission.getCondition() == null || hasAccess(permission, accessType))) {
                newLinkedHashSet.add(permission);
            }
        }
        if (!newLinkedHashSet.isEmpty()) {
            return newLinkedHashSet;
        }
        String str2 = str.substring(0, str.lastIndexOf(46)) + ".*";
        for (Permission permission2 : set) {
            if (Objects.equal(str2, permission2.getObject()) && (permission2.getCondition() == null || hasAccess(permission2, accessType))) {
                newLinkedHashSet.add(permission2);
            }
        }
        return newLinkedHashSet;
    }

    public Set<Permission> resolve(User user, String str, JpaSecurity.AccessType accessType) {
        Set<Permission> filterPermissions = filterPermissions(user.getPermissions(), str, accessType);
        if (filterPermissions.isEmpty() && user.getRoles() != null) {
            Iterator<Role> it = user.getRoles().iterator();
            while (it.hasNext()) {
                filterPermissions.addAll(filterPermissions(it.next().getPermissions(), str, accessType));
            }
        }
        if (filterPermissions.isEmpty() && user.getGroup() != null) {
            filterPermissions.addAll(filterPermissions(user.getGroup().getPermissions(), str, accessType));
        }
        if (filterPermissions.isEmpty() && user.getGroup() != null && user.getGroup().getRoles() != null) {
            Iterator<Role> it2 = user.getGroup().getRoles().iterator();
            while (it2.hasNext()) {
                filterPermissions.addAll(filterPermissions(it2.next().getPermissions(), str, accessType));
            }
        }
        return filterPermissions;
    }
}
