package org.valkyriercp.security.support;

import java.lang.ref.WeakReference;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.valkyriercp.core.Authorizable;
import org.valkyriercp.security.SecurityController;

/* loaded from: input_file:org/valkyriercp/security/support/AbstractSecurityController.class */
public abstract class AbstractSecurityController implements SecurityController, InitializingBean {
    private AccessDecisionManager accessDecisionManager;
    public static final String VISIBLE_TRACKS_AUTHORIZED_ACTION = "visibleTracksAuthorized";
    private final Log logger = LogFactory.getLog(getClass());
    private List controlledObjects = new ArrayList();
    private Authentication lastAuthentication = null;
    private HashSet postProcessorActionIds = new HashSet();
    private String postProcessorActionsToRun = "";

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSecurityController() {
        registerPostProcessorAction(VISIBLE_TRACKS_AUTHORIZED_ACTION);
    }

    protected abstract Object getSecuredObject();

    protected abstract List<ConfigAttribute> getConfigAttributeDefinition(Object obj);

    public void setPostProcessorActionsToRun(String str) {
        this.postProcessorActionsToRun = str;
    }

    public String getPostProcessorActionsToRun() {
        return this.postProcessorActionsToRun;
    }

    protected void registerPostProcessorAction(String str) {
        if (this.postProcessorActionIds.contains(str)) {
            throw new IllegalArgumentException("Post-processor Action '" + str + "' is already registered");
        }
        this.postProcessorActionIds.add(str);
    }

    @Override // org.valkyriercp.security.AuthenticationAware
    public void setAuthenticationToken(Authentication authentication) {
        setLastAuthentication(authentication);
        runAuthorization();
    }

    protected void runAuthorization() {
        boolean shouldAuthorize = shouldAuthorize(getLastAuthentication());
        Iterator it = this.controlledObjects.iterator();
        while (it.hasNext()) {
            Authorizable authorizable = (Authorizable) ((WeakReference) it.next()).get();
            if (authorizable == null) {
                it.remove();
            } else {
                updateControlledObject(authorizable, shouldAuthorize);
            }
        }
    }

    protected void updateControlledObject(Authorizable authorizable, boolean z) {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("setAuthorized( " + z + ") on: " + authorizable);
        }
        authorizable.setAuthorized(z);
        runPostProcessorActions(authorizable, z);
    }

    protected void runPostProcessorActions(Object obj, boolean z) {
        String postProcessorActionsToRun = getPostProcessorActionsToRun();
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Run post-processors actions: " + postProcessorActionsToRun);
        }
        for (String str : StringUtils.commaDelimitedListToStringArray(postProcessorActionsToRun)) {
            doPostProcessorAction(str, obj, z);
        }
    }

    protected void doPostProcessorAction(String str, Object obj, boolean z) {
        if (VISIBLE_TRACKS_AUTHORIZED_ACTION.equals(str)) {
            setVisibilityOnControlledObject(obj, z);
        }
    }

    private void setVisibilityOnControlledObject(Object obj, boolean z) {
        try {
            obj.getClass().getMethod("setVisible", Boolean.TYPE).invoke(obj, new Boolean(z));
        } catch (IllegalAccessException e) {
            this.logger.error("Could not call setVisible", e);
        } catch (NoSuchMethodException unused) {
            System.out.println("NO setVisible method on object: " + obj);
        } catch (InvocationTargetException e2) {
            this.logger.error("Could not call setVisible", e2);
        }
    }

    protected boolean shouldAuthorize(Authentication authentication) {
        Assert.state(getAccessDecisionManager() != null, "The AccessDecisionManager can not be null!");
        boolean z = false;
        if (authentication != null) {
            try {
                getAccessDecisionManager().decide(authentication, getSecuredObject(), getConfigAttributeDefinition(getSecuredObject()));
                z = true;
            } catch (AccessDeniedException unused) {
            }
        }
        return z;
    }

    @Override // org.valkyriercp.security.SecurityController
    public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) {
        this.accessDecisionManager = accessDecisionManager;
    }

    @Override // org.valkyriercp.security.SecurityController
    public AccessDecisionManager getAccessDecisionManager() {
        return this.accessDecisionManager;
    }

    @Override // org.valkyriercp.security.SecurityController
    public void setControlledObjects(List list) {
        this.controlledObjects = new ArrayList(list.size());
        for (Object obj : list) {
            if (!(obj instanceof Authorizable)) {
                throw new IllegalArgumentException("Controlled object must implement Authorizable, got " + obj.getClass());
            }
            addAndPrepareControlledObject((Authorizable) obj);
        }
    }

    @Override // org.valkyriercp.security.SecurityController
    public void addControlledObject(Authorizable authorizable) {
        addAndPrepareControlledObject(authorizable);
    }

    private void addAndPrepareControlledObject(Authorizable authorizable) {
        this.controlledObjects.add(new WeakReference(authorizable));
        updateControlledObject(authorizable, shouldAuthorize(getLastAuthentication()));
    }

    @Override // org.valkyriercp.security.SecurityController
    public Object removeControlledObject(Authorizable authorizable) {
        Authorizable authorizable2 = null;
        Iterator it = this.controlledObjects.iterator();
        while (it.hasNext()) {
            Authorizable authorizable3 = (Authorizable) ((WeakReference) it.next()).get();
            if (authorizable3 == null) {
                it.remove();
            } else if (authorizable3.equals(authorizable)) {
                authorizable2 = authorizable3;
                it.remove();
            }
        }
        return authorizable2;
    }

    protected void setLastAuthentication(Authentication authentication) {
        this.lastAuthentication = authentication;
    }

    protected Authentication getLastAuthentication() {
        return this.lastAuthentication;
    }

    public void afterPropertiesSet() throws Exception {
        String[] commaDelimitedListToStringArray = StringUtils.commaDelimitedListToStringArray(getPostProcessorActionsToRun());
        for (int i = 0; i < commaDelimitedListToStringArray.length; i++) {
            if (!this.postProcessorActionIds.contains(commaDelimitedListToStringArray[i])) {
                throw new IllegalArgumentException("Requested post-processor action '" + commaDelimitedListToStringArray[i] + "' is not registered.");
            }
        }
    }
}
