package org.broadleafcommerce.openadmin.server.security.remote;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import javax.annotation.Resource;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.broadleafcommerce.common.exception.ServiceException;
import org.broadleafcommerce.common.security.service.ExploitProtectionService;
import org.broadleafcommerce.common.web.SandBoxContext;
import org.broadleafcommerce.openadmin.dto.PersistencePackage;
import org.broadleafcommerce.openadmin.dto.SectionCrumb;
import org.broadleafcommerce.openadmin.server.security.domain.AdminPermission;
import org.broadleafcommerce.openadmin.server.security.domain.AdminRole;
import org.springframework.cglib.core.CollectionUtils;
import org.springframework.cglib.core.Transformer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;

@Service("blAdminSecurityRemoteService")
/* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/remote/AdminSecurityServiceRemote.class */
public class AdminSecurityServiceRemote implements AdminSecurityService, SecurityVerifier {
    private static final String ANONYMOUS_USER_NAME = "anonymousUser";
    private static final Log LOG = LogFactory.getLog(AdminSecurityServiceRemote.class);

    @Resource(name = "blAdminSecurityService")
    protected org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService securityService;

    @Resource(name = "blExploitProtectionService")
    protected ExploitProtectionService exploitProtectionService;

    @Override // org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityService
    public AdminUser getAdminUser() throws ServiceException {
        org.broadleafcommerce.openadmin.server.security.domain.AdminUser persistentAdminUser = getPersistentAdminUser();
        if (persistentAdminUser == null) {
            return null;
        }
        AdminUser adminUser = new AdminUser();
        for (AdminRole adminRole : persistentAdminUser.getAllRoles()) {
            adminUser.getRoles().add(adminRole.getName());
            Iterator<AdminPermission> it = adminRole.getAllPermissions().iterator();
            while (it.hasNext()) {
                adminUser.getPermissions().add(it.next().getName());
            }
        }
        Iterator<AdminPermission> it2 = persistentAdminUser.getAllPermissions().iterator();
        while (it2.hasNext()) {
            adminUser.getPermissions().add(it2.next().getName());
        }
        adminUser.setUserName(persistentAdminUser.getLogin());
        adminUser.setCurrentSandBoxId(String.valueOf(SandBoxContext.getSandBoxContext().getSandBoxId()));
        adminUser.setEmail(persistentAdminUser.getEmail());
        adminUser.setName(persistentAdminUser.getName());
        adminUser.setPhoneNumber(persistentAdminUser.getPhoneNumber());
        adminUser.setId(persistentAdminUser.getId());
        return adminUser;
    }

    @Override // org.broadleafcommerce.openadmin.server.security.remote.SecurityVerifier
    public org.broadleafcommerce.openadmin.server.security.domain.AdminUser getPersistentAdminUser() {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null || authentication.getName().equals(ANONYMOUS_USER_NAME)) {
            return null;
        }
        return this.securityService.readAdminUserByUserName(((UserDetails) authentication.getPrincipal()).getUsername());
    }

    @Override // org.broadleafcommerce.openadmin.server.security.remote.SecurityVerifier
    public void securityCheck(PersistencePackage persistencePackage, EntityOperationType entityOperationType) throws ServiceException {
        HashSet hashSet = new HashSet();
        hashSet.add(persistencePackage.getCeilingEntityFullyQualifiedClassname());
        if (!ArrayUtils.isEmpty(persistencePackage.getSectionCrumbs())) {
            hashSet.addAll(CollectionUtils.transform(Arrays.asList(persistencePackage.getSectionCrumbs()), new Transformer() { // from class: org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote.1
                public Object transform(Object obj) {
                    return ((SectionCrumb) obj).getSectionIdentifier();
                }
            }));
        }
        securityCheck((String[]) hashSet.toArray(new String[hashSet.size()]), entityOperationType);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.remote.SecurityVerifier
    public void securityCheck(String str, EntityOperationType entityOperationType) throws ServiceException {
        securityCheck(new String[]{str}, entityOperationType);
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x00df  */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0136 A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void securityCheck(java.lang.String[] r6, org.broadleafcommerce.openadmin.server.security.remote.EntityOperationType r7) throws org.broadleafcommerce.common.exception.ServiceException {
        /*
            Method dump skipped, instructions count: 311
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote.securityCheck(java.lang.String[], org.broadleafcommerce.openadmin.server.security.remote.EntityOperationType):void");
    }
}
