package li.strolch.privilege.model;

import java.text.MessageFormat;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import li.strolch.privilege.base.AccessDeniedException;
import li.strolch.privilege.base.PrivilegeException;
import li.strolch.privilege.i18n.PrivilegeMessages;
import li.strolch.privilege.policy.PrivilegePolicy;

/* loaded from: input_file:WEB-INF/lib/li.strolch.privilege-1.4.3.jar:li/strolch/privilege/model/PrivilegeContext.class */
public class PrivilegeContext {
    private UserRep userRep;
    private Certificate certificate;
    private Map<String, IPrivilege> privileges;
    private Map<String, PrivilegePolicy> policies;

    public PrivilegeContext(UserRep userRep, Certificate certificate, Map<String, IPrivilege> map, Map<String, PrivilegePolicy> map2) {
        this.userRep = userRep;
        this.certificate = certificate;
        this.privileges = Collections.unmodifiableMap(new HashMap(map));
        this.policies = Collections.unmodifiableMap(new HashMap(map2));
    }

    public UserRep getUserRep() {
        return this.userRep;
    }

    public Certificate getCertificate() {
        return this.certificate;
    }

    public String getUsername() {
        return this.userRep.getUsername();
    }

    public Set<String> getPrivilegeNames() {
        return this.privileges.keySet();
    }

    public void assertHasPrivilege(String str) {
        if (!this.privileges.containsKey(str)) {
            throw new AccessDeniedException(MessageFormat.format(PrivilegeMessages.getString("Privilege.noprivilege.user"), this.userRep.getUsername(), str));
        }
    }

    public IPrivilege getPrivilege(String str) {
        assertHasPrivilege(str);
        return this.privileges.get(str);
    }

    public PrivilegePolicy getPolicy(String str) {
        PrivilegePolicy privilegePolicy = this.policies.get(str);
        if (privilegePolicy == null) {
            throw new PrivilegeException(MessageFormat.format("The PrivilegePolicy {0} does not exist on the PrivilegeContext!", str));
        }
        return privilegePolicy;
    }

    public void validateAction(Restrictable restrictable) throws AccessDeniedException, PrivilegeException {
        String privilegeName = restrictable.getPrivilegeName();
        IPrivilege iPrivilege = this.privileges.get(privilegeName);
        if (iPrivilege == null) {
            throw new AccessDeniedException(MessageFormat.format(PrivilegeMessages.getString("Privilege.accessdenied.noprivilege"), getUsername(), privilegeName, restrictable.getClass().getName()));
        }
        getPolicy(iPrivilege.getPolicy()).validateAction(this, iPrivilege, restrictable);
    }
}
