package org.iplass.mtp.web.template.tags;

import java.util.regex.Pattern;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
import javax.servlet.jsp.tagext.TryCatchFinally;
import org.iplass.mtp.auth.AuthContext;
import org.iplass.mtp.auth.Permission;
import org.iplass.mtp.impl.auth.AuthContextHolder;
import org.iplass.mtp.impl.auth.AuthService;
import org.iplass.mtp.impl.core.ExecuteContext;
import org.iplass.mtp.spi.ServiceRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/iplass/mtp/web/template/tags/AuthTag.class */
public class AuthTag extends TagSupport implements TryCatchFinally {
    private static final long serialVersionUID = 1;
    private static Logger log = LoggerFactory.getLogger(AuthTag.class);
    private static Pattern sp = Pattern.compile("[,\\s]+");
    private String role;
    private Permission permission;
    private AuthContextHolder doAuthContext;
    private AuthContextHolder prev;
    private Boolean privileged = Boolean.FALSE;
    private AuthService authService = ServiceRegistry.getRegistry().getService(AuthService.class);

    public Boolean getPrivileged() {
        return this.privileged;
    }

    public void setPrivileged(Boolean bool) {
        this.privileged = bool;
    }

    public String getRole() {
        return this.role;
    }

    public void setRole(String str) {
        this.role = str;
    }

    public Permission getPermission() {
        return this.permission;
    }

    public void setPermission(Permission permission) {
        this.permission = permission;
    }

    public int doStartTag() throws JspException {
        AuthContext currentContext = AuthContext.getCurrentContext();
        if (this.role != null) {
            boolean z = false;
            if (this.role.indexOf(44) < 0) {
                z = currentContext.userInRole(this.role);
            } else {
                for (String str : sp.split(this.role)) {
                    z |= z | currentContext.userInRole(str);
                    if (z) {
                        break;
                    }
                }
            }
            if (!z) {
                if (!log.isDebugEnabled()) {
                    return 0;
                }
                log.debug("userInRole(\"" + this.role + "\") == false, SKIP_BODY");
                return 0;
            }
        }
        if (this.permission != null && !currentContext.checkPermission(this.permission)) {
            if (!log.isDebugEnabled()) {
                return 0;
            }
            log.debug("checkPermission(" + this.permission + ") == false, SKIP_BODY");
            return 0;
        }
        if (this.privileged == null || !this.privileged.booleanValue()) {
            return 1;
        }
        this.doAuthContext = AuthContextHolder.getAuthContext().privilegedAuthContextHolder();
        this.prev = this.authService.doSecuredActionPre(this.doAuthContext, ExecuteContext.getCurrentContext());
        return 1;
    }

    public void doCatch(Throwable th) throws Throwable {
        throw th;
    }

    public void doFinally() {
        if (this.privileged != null && this.privileged.booleanValue()) {
            this.authService.doSecuredActionPost(this.doAuthContext, true, this.prev, ExecuteContext.getCurrentContext());
        }
        this.doAuthContext = null;
        this.prev = null;
        this.privileged = Boolean.FALSE;
        this.role = null;
        this.permission = null;
    }
}
