package org.dspace.app.rest.security;

import java.io.Serializable;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.UUID;
import org.dspace.app.rest.model.patch.Operation;
import org.dspace.app.rest.model.patch.Patch;
import org.dspace.app.rest.repository.patch.operation.EPersonPasswordReplaceOperation;
import org.dspace.app.rest.utils.ContextUtil;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.core.Constants;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.service.EPersonService;
import org.dspace.services.RequestService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/dspace/app/rest/security/EPersonRestPermissionEvaluatorPlugin.class */
public class EPersonRestPermissionEvaluatorPlugin extends RestObjectPermissionEvaluatorPlugin {
    private static final Logger log = LoggerFactory.getLogger(EPersonRestPermissionEvaluatorPlugin.class);

    @Autowired
    AuthorizeService authorizeService;

    @Autowired
    private RequestService requestService;

    @Autowired
    private EPersonService ePersonService;

    @Override // org.dspace.app.rest.security.RestObjectPermissionEvaluatorPlugin
    public boolean hasDSpacePermission(Authentication authentication, Serializable serializable, String str, DSpaceRestPermission dSpaceRestPermission) {
        DSpaceRestPermission convert = DSpaceRestPermission.convert(dSpaceRestPermission);
        if ((!DSpaceRestPermission.READ.equals(convert) && !DSpaceRestPermission.WRITE.equals(convert) && !DSpaceRestPermission.DELETE.equals(convert)) || Constants.getTypeID(str) != 7) {
            return false;
        }
        try {
            EPerson findByEmail = this.ePersonService.findByEmail(ContextUtil.obtainContext(this.requestService.getCurrentRequest().getServletRequest()), (String) authentication.getPrincipal());
            UUID fromString = UUID.fromString(serializable.toString());
            if (findByEmail == null) {
                return false;
            }
            return fromString.equals(findByEmail.getID());
        } catch (SQLException e) {
            log.error(e.getMessage(), e);
            return false;
        }
    }

    @Override // org.dspace.app.rest.security.RestObjectPermissionEvaluatorPlugin
    public boolean hasPatchPermission(Authentication authentication, Serializable serializable, String str, Patch patch) {
        if (!hasPermission(authentication, serializable, str, "WRITE")) {
            return false;
        }
        Iterator<Operation> it = patch.getOperations().iterator();
        while (it.hasNext()) {
            if (!it.next().getPath().contentEquals(EPersonPasswordReplaceOperation.OPERATION_PASSWORD_CHANGE)) {
                return false;
            }
        }
        return true;
    }
}
