package org.pentaho.platform.engine.security;

import java.security.Principal;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.engine.IAclHolder;
import org.pentaho.platform.api.engine.IAclSolutionFile;
import org.pentaho.platform.api.engine.IAclVoter;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.api.engine.ISolutionFile;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;

/* loaded from: input_file:org/pentaho/platform/engine/security/SecurityHelper.class */
public class SecurityHelper {
    public static final String SESSION_PRINCIPAL = "SECURITY_PRINCIPAL";
    private static final Log logger = LogFactory.getLog(SecurityHelper.class);
    public static final String DefaultAnonymousRole = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-role", "Anonymous");
    public static final String DefaultAnonymousUser = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-user", "anonymousUser");

    public static Authentication getAuthentication(IPentahoSession iPentahoSession, boolean z) {
        Authentication authentication = (Principal) iPentahoSession.getAttribute(SESSION_PRINCIPAL);
        if (logger.isDebugEnabled()) {
            logger.debug("principal from IPentahoSession: " + authentication);
            if (null != authentication) {
                logger.debug("principal class: " + authentication.getClass().getName());
            }
        }
        if (authentication instanceof Authentication) {
            if (logger.isDebugEnabled()) {
                logger.debug("principal is an instance of Authentication");
            }
            return authentication;
        }
        if (authentication != null) {
            if (logger.isDebugEnabled()) {
                logger.debug("principal is not an instance of Authentication");
                logger.debug("attempting role fetch with username");
            }
            List rolesForUser = PentahoSystem.getUserDetailsRoleListService().getRolesForUser(authentication.getName());
            if (logger.isDebugEnabled()) {
                logger.debug("rolesForUser from roleListService:" + rolesForUser);
            }
            if (!rolesForUser.isEmpty()) {
                GrantedAuthority[] grantedAuthorityArr = new GrantedAuthority[rolesForUser.size()];
                for (int i = 0; i < rolesForUser.size(); i++) {
                    grantedAuthorityArr[i] = new GrantedAuthorityImpl((String) rolesForUser.get(i));
                }
                return new UsernamePasswordAuthenticationToken(authentication.getName(), (Object) null, grantedAuthorityArr);
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("either principal is null or user has no roles");
        }
        if (z) {
            if (logger.isDebugEnabled()) {
                logger.debug("there is no principal in IPentahoSession");
                logger.debug("creating token with username anonymous and role Anonymous");
            }
            return new UsernamePasswordAuthenticationToken(DefaultAnonymousUser, (Object) null, new GrantedAuthorityImpl[]{new GrantedAuthorityImpl(DefaultAnonymousRole)});
        }
        if (!logger.isDebugEnabled()) {
            return null;
        }
        logger.debug("there is no principal in IPentahoSession");
        logger.debug("and allowAnonymous is false");
        return null;
    }

    public static Principal getPrincipal(IPentahoSession iPentahoSession) {
        return (Principal) iPentahoSession.getAttribute(SESSION_PRINCIPAL);
    }

    public static void setPrincipal(Principal principal, IPentahoSession iPentahoSession) {
        iPentahoSession.setAttribute(SESSION_PRINCIPAL, principal);
    }

    public static boolean isPentahoAdministrator(IPentahoSession iPentahoSession) {
        return ((IAclVoter) PentahoSystem.get(IAclVoter.class, iPentahoSession)).isPentahoAdministrator(iPentahoSession);
    }

    public static boolean isGranted(IPentahoSession iPentahoSession, GrantedAuthority grantedAuthority) {
        return ((IAclVoter) PentahoSystem.get(IAclVoter.class, iPentahoSession)).isGranted(iPentahoSession, grantedAuthority);
    }

    public static boolean canHaveACLS(ISolutionFile iSolutionFile) {
        if (iSolutionFile.isDirectory()) {
            return true;
        }
        return PentahoSystem.getACLFileExtensionList().contains(iSolutionFile.getExtension());
    }

    public static boolean hasAccess(IAclHolder iAclHolder, int i, IPentahoSession iPentahoSession) {
        int i2;
        IAclVoter iAclVoter = (IAclVoter) PentahoSystem.get(IAclVoter.class, iPentahoSession);
        switch (i) {
            case 0:
                i2 = 1;
                break;
            case 1:
            case 2:
                i2 = 8;
                break;
            case 3:
                i2 = 16;
                break;
            case 4:
                i2 = 60;
                break;
            default:
                i2 = 1;
                break;
        }
        return iAclVoter.hasAccess(iPentahoSession, iAclHolder, i2);
    }

    public static boolean hasAccess(IAclSolutionFile iAclSolutionFile, int i, IPentahoSession iPentahoSession) {
        int i2;
        if (iAclSolutionFile == null) {
            return false;
        }
        if (!iAclSolutionFile.isDirectory()) {
            List aCLFileExtensionList = PentahoSystem.getACLFileExtensionList();
            String fileName = iAclSolutionFile.getFileName();
            int lastIndexOf = fileName.lastIndexOf(46);
            if (lastIndexOf < 0 || aCLFileExtensionList.indexOf(fileName.substring(lastIndexOf)) < 0) {
                return true;
            }
        }
        IAclVoter iAclVoter = (IAclVoter) PentahoSystem.get(IAclVoter.class, iPentahoSession);
        switch (i) {
            case 1:
                i2 = 1;
                break;
            case 2:
                i2 = 2;
                break;
            case 4:
                i2 = 4;
                break;
            case 8:
                i2 = 8;
                break;
            case 16:
                i2 = 16;
                break;
            case 32:
                i2 = 32;
                break;
            case 60:
                return isPentahoAdministrator(iPentahoSession);
            default:
                i2 = 1;
                break;
        }
        return iAclVoter.hasAccess(iPentahoSession, iAclSolutionFile, i2);
    }
}
