package org.fcrepo.auth.roles.basic;

import java.security.Principal;
import java.util.Set;
import javax.jcr.Session;
import org.fcrepo.auth.roles.common.AbstractRolesAuthorizationDelegate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated
/* loaded from: input_file:org/fcrepo/auth/roles/basic/BasicRolesAuthorizationDelegate.class */
public class BasicRolesAuthorizationDelegate extends AbstractRolesAuthorizationDelegate {
    public static final String EVERYONE_NAME = "EVERYONE";
    private static final Principal EVERYONE = new Principal() { // from class: org.fcrepo.auth.roles.basic.BasicRolesAuthorizationDelegate.1
        @Override // java.security.Principal
        public String getName() {
            return BasicRolesAuthorizationDelegate.EVERYONE_NAME;
        }

        @Override // java.security.Principal
        public String toString() {
            return getName();
        }
    };
    private static final Logger LOGGER = LoggerFactory.getLogger(BasicRolesAuthorizationDelegate.class);

    public boolean rolesHavePermission(Session session, String str, String[] strArr, Set<String> set) {
        LOGGER.warn("===========================");
        LOGGER.warn("This authorization provider is deprecated and will be removed in a future release of Fedora: {}", getClass());
        LOGGER.warn("===========================");
        if (set.isEmpty()) {
            LOGGER.debug("A caller without content roles can do nothing in the repository.");
            return false;
        }
        if (set.contains("admin")) {
            LOGGER.debug("Granting an admin role permission to perform any action.");
            return true;
        }
        if (set.contains("writer")) {
            if (!str.contains("/{http://fedora.info/definitions/v4/authorization#}")) {
                LOGGER.debug("Granting writer role permission to perform any action on a non-ACL node.");
                return true;
            }
            if (strArr.length == 1 && "read".equals(strArr[0])) {
                LOGGER.debug("Granting reader role permission to perform a read action.");
                return true;
            }
            LOGGER.debug("Denying writer role permission to perform an action on an ACL node.");
            return false;
        }
        if (!set.contains("reader")) {
            LOGGER.error("There are roles in session that aren't recognized by this authorization delegate: {}", set);
            return false;
        }
        if (strArr.length == 1 && "read".equals(strArr[0])) {
            LOGGER.debug("Granting reader role permission to perform a read action.");
            return true;
        }
        LOGGER.debug("Denying reader role permission to perform a non-read action.");
        return false;
    }

    public Principal getEveryonePrincipal() {
        return EVERYONE;
    }
}
