package it.openutils.hibernate.security.filter;

import it.openutils.hibernate.security.dataobject.SecurityRule;
import it.openutils.hibernate.security.filter.utils.SecurityRuleUtils;
import it.openutils.hibernate.security.services.SecurityRuleManager;
import java.util.List;
import org.acegisecurity.Authentication;
import org.acegisecurity.ConfigAttributeDefinition;
import org.acegisecurity.vote.AccessDecisionVoter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.ReflectiveMethodInvocation;

/* loaded from: input_file:it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.class */
public class SecurityRuleAccessDecisionVoter extends SecurityRuleBaseHandler implements AccessDecisionVoter {
    private static Logger log = LoggerFactory.getLogger(SecurityRuleAccessDecisionVoter.class);
    private SecurityRuleManager securityRuleManager;
    private SecurityRuleUtils ruleUtils = new SecurityRuleUtils();

    public int vote(Authentication authentication, Object obj, ConfigAttributeDefinition configAttributeDefinition) {
        List<String> rolesFromAuthentication = this.ruleUtils.getRolesFromAuthentication(authentication);
        if (!(obj instanceof ReflectiveMethodInvocation)) {
            return 0;
        }
        for (Object obj2 : ((ReflectiveMethodInvocation) obj).getArguments()) {
            log.debug("Evaluating argument {}", obj2);
            List<SecurityRule> rulesForRoles = this.securityRuleManager.getRulesForRoles(this.ruleUtils.getClassName(obj2), rolesFromAuthentication);
            if (rulesForRoles != null && !rulesForRoles.isEmpty()) {
                return (this.ruleUtils.checkPermissions(rulesForRoles, configAttributeDefinition) && this.ruleUtils.checkRules(rulesForRoles, obj2)) ? 1 : -1;
            }
        }
        return 0;
    }

    public void setSecurityRuleManager(SecurityRuleManager securityRuleManager) {
        this.securityRuleManager = securityRuleManager;
    }
}
