package org.mentawai.filter;

import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import org.mentawai.action.BaseLoginAction;
import org.mentawai.ajax.AjaxAction;
import org.mentawai.authorization.Authorizable;
import org.mentawai.authorization.AuthorizationManager;
import org.mentawai.authorization.Group;
import org.mentawai.authorization.Permission;
import org.mentawai.core.Action;
import org.mentawai.core.Context;
import org.mentawai.core.Filter;
import org.mentawai.core.InvocationChain;

/* loaded from: input_file:org/mentawai/filter/AuthorizationFilter.class */
public class AuthorizationFilter implements Filter {
    public static final String ACCESSDENIED = "accessdenied";
    public static final String AJAX_DENIED = "ajax_denied";
    private List<String> groups;
    private List<String> permissions;
    private List<Group> listGroups;

    public AuthorizationFilter() {
        this.groups = null;
        this.permissions = null;
    }

    public AuthorizationFilter(Enum<?>... enumArr) {
        this(toString(enumArr));
    }

    private static String[] toString(Enum<?>... enumArr) {
        String[] strArr = new String[enumArr.length];
        int i = 0;
        for (Enum<?> r0 : enumArr) {
            int i2 = i;
            i++;
            strArr[i2] = r0.toString();
        }
        return strArr;
    }

    public AuthorizationFilter(String... strArr) {
        this.groups = null;
        this.permissions = null;
        this.groups = new ArrayList(strArr.length);
        if (strArr.length == 1) {
            String[] split = strArr[0].split("\\s*\\,\\s*");
            if (split.length > 1) {
                for (String str : split) {
                    this.groups.add(str);
                }
                return;
            }
        }
        for (String str2 : strArr) {
            this.groups.add(str2);
        }
    }

    public AuthorizationFilter(List<Object> list) {
        this.groups = null;
        this.permissions = null;
        this.groups = new ArrayList(list.size());
        for (Object obj : list) {
            if (obj instanceof Group) {
                this.groups.add(((Group) obj).getName());
            } else if (obj instanceof String) {
                this.groups.add((String) obj);
            } else if (obj instanceof Permission) {
                if (this.permissions == null) {
                    this.permissions = new LinkedList();
                }
                this.permissions.add(((Permission) obj).getName());
            }
        }
    }

    public AuthorizationFilter(Permission... permissionArr) {
        this.groups = null;
        this.permissions = null;
        this.permissions = new ArrayList(permissionArr.length);
        for (Permission permission : permissionArr) {
            this.permissions.add(permission.getName());
        }
    }

    public AuthorizationFilter(String str, Permission permission) {
        this(str);
        this.permissions = new ArrayList(1);
        this.permissions.add(permission.getName());
    }

    public AuthorizationFilter(List<Object> list, Permission permission) {
        this(list);
        this.permissions = new ArrayList(1);
        this.permissions.add(permission.getName());
    }

    public AuthorizationFilter(List<Object> list, Permission... permissionArr) {
        this(list);
        this.permissions = new ArrayList(permissionArr.length);
        for (Permission permission : permissionArr) {
            this.permissions.add(permission.getName());
        }
    }

    public boolean isAuthorized(Action action, String str, String str2, Object obj, List list) {
        return true;
    }

    @Override // org.mentawai.core.Filter
    public String filter(InvocationChain invocationChain) throws Exception {
        Action action = invocationChain.getAction();
        Object pojo = invocationChain.getPojo();
        Action action2 = pojo != null ? pojo : action;
        Context session = action.getSession();
        List<Object> userGroups = BaseLoginAction.getUserGroups(session);
        Object userSession = BaseLoginAction.getUserSession(session);
        boolean z = false;
        if (this.groups == null && this.permissions == null) {
            z = action2 instanceof Authorizable ? ((Authorizable) action2).authorize(invocationChain.getInnerAction(), userSession, userGroups) : isAuthorized(action, invocationChain.getActionName(), invocationChain.getInnerAction(), userSession, userGroups);
        } else {
            if (userGroups == null || userGroups.size() == 0) {
                return action2 instanceof AjaxAction ? "ajax_denied" : "accessdenied";
            }
            if (this.groups != null && this.groups.size() > 0) {
                int i = 0;
                while (i < this.groups.size()) {
                    int i2 = 0;
                    while (i2 < userGroups.size()) {
                        String str = this.groups.get(i).toString();
                        Object obj = userGroups.get(i2);
                        String str2 = null;
                        if (obj instanceof String) {
                            str2 = obj.toString();
                        } else if (obj instanceof Group) {
                            str2 = ((Group) obj).getName();
                        }
                        if (str.startsWith("!")) {
                            if (str2.equalsIgnoreCase(str.substring(1))) {
                                z = false;
                            } else {
                                z = true;
                                i = this.groups.size();
                                i2 = userGroups.size();
                            }
                        } else if (str2.equalsIgnoreCase(str)) {
                            z = true;
                            i = this.groups.size();
                            i2 = userGroups.size();
                        }
                        i2++;
                    }
                    i++;
                }
                if (!z) {
                    return action2 instanceof AjaxAction ? "ajax_denied" : "accessdenied";
                }
            }
            if (this.permissions != null && this.permissions.size() > 0) {
                for (Object obj2 : userGroups) {
                    if (obj2 instanceof List) {
                        this.listGroups = (List) obj2;
                        for (int i3 = 0; i3 < this.listGroups.size(); i3++) {
                            Group group = (Group) obj2;
                            int i4 = 0;
                            while (true) {
                                if (i4 >= this.permissions.size()) {
                                    break;
                                }
                                if (AuthorizationManager.check(group, this.permissions.get(i4).substring(1))) {
                                    z = true;
                                    break;
                                }
                                i4++;
                            }
                        }
                    } else if (obj2 instanceof String) {
                        String obj3 = obj2.toString();
                        int i5 = 0;
                        while (true) {
                            if (i5 >= this.permissions.size()) {
                                break;
                            }
                            if (AuthorizationManager.check(obj3, this.permissions.get(i5))) {
                                z = true;
                                break;
                            }
                            i5++;
                        }
                    } else if (obj2 instanceof Group) {
                        Group group2 = (Group) obj2;
                        int i6 = 0;
                        while (true) {
                            if (i6 >= this.permissions.size()) {
                                break;
                            }
                            if (AuthorizationManager.check(group2, this.permissions.get(i6))) {
                                z = true;
                                break;
                            }
                            i6++;
                        }
                    }
                }
                if (!z) {
                    return action2 instanceof AjaxAction ? "ajax_denied" : "accessdenied";
                }
            }
        }
        return !z ? action2 instanceof AjaxAction ? "ajax_denied" : "accessdenied" : invocationChain.invoke();
    }

    @Override // org.mentawai.core.Filter
    public void destroy() {
    }
}
