package com.atlassian.bamboo.security;

import com.atlassian.bamboo.build.Build;
import com.atlassian.bamboo.build.BuildManager;
import com.atlassian.bamboo.configuration.AdministrationConfiguration;
import com.atlassian.bamboo.persister.Persister;
import com.atlassian.bamboo.security.acegi.acls.BambooPermission;
import com.atlassian.bamboo.security.acegi.acls.HibernateObjectIdentityImpl;
import com.atlassian.bamboo.user.BambooUserManager;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collection;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.acls.MutableAclService;
import org.acegisecurity.acls.NotFoundException;
import org.acegisecurity.acls.Permission;
import org.acegisecurity.acls.sid.SidRetrievalStrategy;
import org.acegisecurity.adapters.PrincipalAcegiUserToken;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/bamboo/security/BambooPermissionManagerImpl.class */
public class BambooPermissionManagerImpl implements BambooPermissionManager {
    private static final Logger log = Logger.getLogger(BambooPermissionManagerImpl.class);
    public static final String ROLE_AMDIN = "ROLE_ADMIN";
    private Persister persister;
    private MutableAclService aclService;
    private SidRetrievalStrategy sidRetrievalStrategy;
    private BuildManager buildManager;
    private GrantedAuthority[] overrideAuthorities = new GrantedAuthority[0];
    private BambooUserManager bambooUserManager;

    public boolean hasPermission(Authentication authentication, String str, Object obj) {
        if (authentication != null) {
            for (int i = 0; i < authentication.getAuthorities().length; i++) {
                for (int i2 = 0; i2 < this.overrideAuthorities.length; i2++) {
                    if (this.overrideAuthorities[i2].getAuthority().equals(authentication.getAuthorities()[i].getAuthority())) {
                        return true;
                    }
                }
            }
        }
        try {
            return this.aclService.readAclById(new HibernateObjectIdentityImpl(obj)).isGranted(new Permission[]{BambooPermission.buildFromName(str)}, this.sidRetrievalStrategy.getSids(authentication), false);
        } catch (NotFoundException e) {
            return false;
        }
    }

    public boolean hasPermission(String str, Object obj) {
        return hasPermission(SecurityContextHolder.getContext().getAuthentication(), str, obj);
    }

    public boolean hasPermission(String str, String str2, Object obj) {
        UserDetails loadUserByUsername = this.bambooUserManager.loadUserByUsername(str);
        if (loadUserByUsername != null) {
            return hasPermission((Authentication) new PrincipalAcegiUserToken("USER_TOKEN_KEY", loadUserByUsername.getUsername(), loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities(), loadUserByUsername), str2, obj);
        }
        return false;
    }

    public boolean hasPlanPermission(String str, String str2) {
        Build buildByKey = this.buildManager.getBuildByKey(str2);
        if (buildByKey != null) {
            return hasPermission(str, buildByKey);
        }
        return false;
    }

    public boolean hasGlobalPermission(String str) {
        return hasPermission(str, GlobalApplicationSecureObject.INSTANCE);
    }

    public Collection<Permission> getPermissionsForPlan(String str) {
        ArrayList newArrayList = Lists.newArrayList();
        Build buildByKey = this.buildManager.getBuildByKey(str);
        if (buildByKey != null) {
            for (Permission permission : BambooPermission.getPlanPermissions()) {
                if (hasPermission(BambooPermission.determineNameFromPermission(permission), buildByKey)) {
                    newArrayList.add(permission);
                }
            }
        }
        return newArrayList;
    }

    public boolean isEnableSignup() {
        AdministrationConfiguration administrationConfiguration = this.persister.getAdministrationConfiguration();
        if (administrationConfiguration != null) {
            return administrationConfiguration.isEnableSignup();
        }
        return false;
    }

    @Deprecated
    public boolean isEnableAnonymousAccess() {
        AdministrationConfiguration administrationConfiguration = this.persister.getAdministrationConfiguration();
        if (administrationConfiguration != null) {
            return administrationConfiguration.isEnableAnonymousAccess();
        }
        return false;
    }

    public Persister getPersister() {
        return this.persister;
    }

    public void setPersister(Persister persister) {
        this.persister = persister;
    }

    public void setAclService(MutableAclService mutableAclService) {
        this.aclService = mutableAclService;
    }

    public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy) {
        this.sidRetrievalStrategy = sidRetrievalStrategy;
    }

    public void setBuildManager(BuildManager buildManager) {
        this.buildManager = buildManager;
    }

    public void setOverrideAuthorities(GrantedAuthority[] grantedAuthorityArr) {
        this.overrideAuthorities = grantedAuthorityArr;
    }

    public void setBambooUserManager(BambooUserManager bambooUserManager) {
        this.bambooUserManager = bambooUserManager;
    }
}
