package de.frachtwerk.essencium.backend.security.permission;

import de.frachtwerk.essencium.backend.model.AbstractBaseUser;
import de.frachtwerk.essencium.backend.model.Role;
import de.frachtwerk.essencium.backend.model.dto.RoleDto;
import de.frachtwerk.essencium.backend.security.BasicApplicationRight;
import de.frachtwerk.essencium.backend.service.RoleService;
import java.io.Serializable;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:de/frachtwerk/essencium/backend/security/permission/RolePermissionEvaluator.class */
public class RolePermissionEvaluator<ID extends Serializable, USER extends AbstractBaseUser<ID>> implements EntityPermissionEvaluator {
    private static final Set<Class<?>> SUPPORTED_CLASSES = Set.of(Role.class, RoleDto.class);
    private final RoleService roleService;

    @Autowired
    public RolePermissionEvaluator(RoleService roleService) {
        this.roleService = roleService;
    }

    public boolean hasPermission(Authentication authentication, Object obj, Object obj2) {
        AbstractBaseUser abstractBaseUser = (AbstractBaseUser) authentication.getPrincipal();
        if (obj2.equals("create")) {
            return abstractBaseUser.hasAuthority(BasicApplicationRight.ROLE_CREATE);
        }
        return false;
    }

    public boolean hasPermission(Authentication authentication, Serializable serializable, String str, Object obj) {
        AbstractBaseUser abstractBaseUser = (AbstractBaseUser) authentication.getPrincipal();
        if (!str.equals(Role.class.getSimpleName())) {
            return false;
        }
        try {
            String str2 = (String) obj;
            boolean z = -1;
            switch (str2.hashCode()) {
                case -1335458389:
                    if (str2.equals("delete")) {
                        z = 2;
                        break;
                    }
                    break;
                case -838846263:
                    if (str2.equals("update")) {
                        z = true;
                        break;
                    }
                    break;
                case 3496342:
                    if (str2.equals("read")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return abstractBaseUser.hasAuthority(BasicApplicationRight.ROLE_READ);
                case true:
                    return abstractBaseUser.hasAuthority(BasicApplicationRight.ROLE_UPDATE) && !this.roleService.getById((String) serializable).isProtected();
                case true:
                    return abstractBaseUser.hasAuthority(BasicApplicationRight.ROLE_DELETE) && !this.roleService.getById((String) serializable).isProtected();
                default:
                    return false;
            }
        } catch (ClassCastException e) {
            return false;
        }
    }

    @Override // de.frachtwerk.essencium.backend.security.permission.EntityPermissionEvaluator
    public boolean supports(String str) {
        return SUPPORTED_CLASSES.stream().map((v0) -> {
            return v0.getSimpleName();
        }).anyMatch(str2 -> {
            return str2.equals(str);
        });
    }

    @Override // de.frachtwerk.essencium.backend.security.permission.EntityPermissionEvaluator
    public boolean supports(Class<?> cls) {
        return SUPPORTED_CLASSES.contains(cls);
    }
}
