package co.pishfa.security.service.handler;

import co.pishfa.accelerate.persistence.query.QueryBuilder;
import co.pishfa.security.entity.authentication.Domain;
import co.pishfa.security.entity.authentication.Identity;
import co.pishfa.security.entity.authorization.BaseSecuredEntity;
import co.pishfa.security.repo.DomainRepo;

@ScopeHandler("domain")
/* loaded from: input_file:co/pishfa/security/service/handler/DomainPermissionHandler.class */
public class DomainPermissionHandler extends DomainsPermissionHandler {
    @Override // co.pishfa.security.service.handler.DomainsPermissionHandler
    protected boolean checkDomain(Identity identity, BaseSecuredEntity baseSecuredEntity) {
        if (baseSecuredEntity.getDomain() != null) {
            return baseSecuredEntity.getDomain().equals(identity.getUser().getDomain());
        }
        return true;
    }

    @Override // co.pishfa.security.service.handler.DomainsPermissionHandler
    protected void addDomainConditions(QueryBuilder<BaseSecuredEntity> queryBuilder, Domain domain) {
        if (domain == null) {
            queryBuilder.append(" and e.domain.id = :shared_id ");
        } else {
            queryBuilder.append(" and (e.domain.id = :shared_id or e.domain.id = :sec_domain_id) ").with("sec_domain_id", domain.getId());
        }
        queryBuilder.with("shared_id", DomainRepo.getInstance().getSharedDomainId());
    }
}
