package org.picketlink.idm.permission.acl.spi;

import java.io.Serializable;
import java.util.List;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.PermissionManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.permission.IdentityPermission;
import org.picketlink.idm.permission.Permission;
import org.picketlink.idm.permission.spi.PermissionVoter;

/* loaded from: input_file:WEB-INF/lib/picketlink-idm-api.jar:org/picketlink/idm/permission/acl/spi/PersistentPermissionVoter.class */
public class PersistentPermissionVoter implements PermissionVoter {
    private final PartitionManager partitionManager;

    public PersistentPermissionVoter(PartitionManager partitionManager) {
        this.partitionManager = partitionManager;
    }

    @Override // org.picketlink.idm.permission.spi.PermissionVoter
    public PermissionVoter.VotingResult hasPermission(IdentityType identityType, Object obj, String str) {
        if (identityType == null) {
            throw new IllegalArgumentException("recipient must not be null");
        }
        return checkPermission(identityType, getPermissionManager(identityType).listPermissions(obj, str));
    }

    @Override // org.picketlink.idm.permission.spi.PermissionVoter
    public PermissionVoter.VotingResult hasPermission(IdentityType identityType, Class<?> cls, Serializable serializable, String str) {
        if (identityType == null) {
            throw new IllegalArgumentException("recipient must not be null");
        }
        return checkPermission(identityType, getPermissionManager(identityType).listPermissions(cls, serializable, str));
    }

    private PermissionManager getPermissionManager(IdentityType identityType) {
        return this.partitionManager.createPermissionManager(identityType.getPartition());
    }

    private PermissionVoter.VotingResult checkPermission(IdentityType identityType, List<Permission> list) {
        RelationshipManager createRelationshipManager = this.partitionManager.createRelationshipManager();
        for (Permission permission : list) {
            if ((permission instanceof IdentityPermission) && createRelationshipManager.inheritsPrivileges(identityType, ((IdentityPermission) permission).getAssignee())) {
                return PermissionVoter.VotingResult.ALLOW;
            }
        }
        return PermissionVoter.VotingResult.NOT_APPLICABLE;
    }
}
