package org.iplass.mtp.impl.auth.authorize.builtin.webapi;

import org.iplass.mtp.impl.auth.AuthContextHolder;
import org.iplass.mtp.impl.auth.authorize.builtin.TenantAuthorizeContext;
import org.iplass.mtp.impl.command.SessionBinding;
import org.iplass.mtp.impl.core.ExecuteContext;
import org.iplass.mtp.impl.script.Script;
import org.iplass.mtp.impl.script.ScriptContext;
import org.iplass.mtp.webapi.permission.WebApiParameter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/iplass/mtp/impl/auth/authorize/builtin/webapi/WebApiPermissionEntry.class */
public class WebApiPermissionEntry {
    private static final Logger logger = LoggerFactory.getLogger(WebApiPermissionEntry.class);
    private static final String SCRIPT_PREFIX = "WebApiPermissionEntry_parameterCond";
    private String role;
    private Script parameterCondition;
    private boolean isScriptError;

    /* JADX INFO: Access modifiers changed from: package-private */
    public WebApiPermissionEntry(String str, String str2, String str3) {
        this.isScriptError = false;
        this.role = str;
        if (str3 != null) {
            try {
                this.parameterCondition = ExecuteContext.getCurrentContext().getTenantContext().getScriptEngine().createScript(str3, "WebApiPermissionEntry_parameterCond_" + str2);
            } catch (RuntimeException e) {
                logger.error("parameter condition expression is invalid, so set permission to Not Allowed: " + str3, e);
                this.isScriptError = true;
            }
        }
    }

    public boolean hasParam() {
        return this.parameterCondition != null;
    }

    public String getRole() {
        return this.role;
    }

    public boolean isPermit(AuthContextHolder authContextHolder, String str, WebApiParameter webApiParameter, TenantAuthorizeContext tenantAuthorizeContext) {
        if (this.isScriptError) {
            return false;
        }
        if (this.parameterCondition == null) {
            return true;
        }
        ScriptContext newScriptContext = ExecuteContext.getCurrentContext().getTenantContext().getScriptEngine().newScriptContext();
        newScriptContext.setAttribute("user", authContextHolder.newUserBinding(tenantAuthorizeContext));
        newScriptContext.setAttribute("session", SessionBinding.newSessionBinding());
        newScriptContext.setAttribute("webApi", str);
        newScriptContext.setAttribute("parameter", new WebApiParameterBinding(webApiParameter));
        try {
            Boolean bool = (Boolean) this.parameterCondition.eval(newScriptContext);
            return bool != null && bool.booleanValue();
        } catch (RuntimeException e) {
            logger.error("can not eval condition expression. so return not Allowed:" + e.getMessage(), e);
            return false;
        }
    }
}
