package org.neo4j.server.security.enterprise.auth;

import java.io.IOException;
import org.neo4j.kernel.api.security.AuthSubject;
import org.neo4j.kernel.api.security.AuthenticationResult;
import org.neo4j.kernel.api.security.exception.InvalidArgumentsException;

/* loaded from: input_file:org/neo4j/server/security/enterprise/auth/EnterpriseAuthSubject.class */
public class EnterpriseAuthSubject implements AuthSubject {
    static final String SCHEMA_READ_WRITE = "schema:read,write";
    static final String READ_WRITE = "data:read,write";
    static final String READ = "data:read";
    private final EnterpriseAuthManager authManager;
    private final ShiroSubject shiroSubject;

    public static EnterpriseAuthSubject castOrFail(AuthSubject authSubject) {
        if (authSubject instanceof EnterpriseAuthSubject) {
            return (EnterpriseAuthSubject) authSubject;
        }
        throw new IllegalArgumentException("Incorrect AuthSubject type " + authSubject.getClass().getTypeName());
    }

    public EnterpriseAuthSubject(EnterpriseAuthManager enterpriseAuthManager, ShiroSubject shiroSubject) {
        this.authManager = enterpriseAuthManager;
        this.shiroSubject = shiroSubject;
    }

    public void logout() {
        this.shiroSubject.logout();
    }

    public AuthenticationResult getAuthenticationResult() {
        return this.shiroSubject.getAuthenticationResult();
    }

    public void setPassword(String str) throws IOException, InvalidArgumentsException {
        getUserManager().setPassword(this, (String) this.shiroSubject.getPrincipal(), str);
        if (getAuthenticationResult() == AuthenticationResult.PASSWORD_CHANGE_REQUIRED) {
            this.shiroSubject.setAuthenticationResult(AuthenticationResult.SUCCESS);
        }
    }

    public EnterpriseUserManager getUserManager() {
        return this.authManager.getUserManager();
    }

    public boolean isAdmin() {
        return this.shiroSubject.isAuthenticated() && this.shiroSubject.isPermitted("*");
    }

    public boolean doesUsernameMatch(String str) {
        Object principal = this.shiroSubject.getPrincipal();
        return principal != null && str.equals(principal);
    }

    public boolean allowsReads() {
        return this.shiroSubject.isAuthenticated() && this.shiroSubject.isPermitted(READ);
    }

    public boolean allowsWrites() {
        return this.shiroSubject.isAuthenticated() && this.shiroSubject.isPermitted(READ_WRITE);
    }

    public boolean allowsSchemaWrites() {
        return this.shiroSubject.isAuthenticated() && this.shiroSubject.isPermitted(SCHEMA_READ_WRITE);
    }

    public boolean overrideOriginalMode() {
        return false;
    }

    public String name() {
        Object principal = this.shiroSubject.getPrincipal();
        return principal != null ? principal.toString() : "<missing_principal>";
    }

    ShiroSubject getShiroSubject() {
        return this.shiroSubject;
    }
}
