package com.atlassian.stash.internal.user;

import com.atlassian.bitbucket.event.request.RequestStartedEvent;
import com.atlassian.bitbucket.permission.Permission;
import com.atlassian.bitbucket.request.RequestManager;
import com.atlassian.bitbucket.user.ApplicationUser;
import com.atlassian.bitbucket.user.EscalatedSecurityContext;
import com.atlassian.bitbucket.user.SecurityService;
import com.atlassian.event.api.EventListener;
import com.atlassian.plugin.spring.AvailableToPlugins;
import com.atlassian.stash.internal.annotation.NotProfiled;
import com.atlassian.stash.internal.permission.PermissionVoterFactory;
import com.atlassian.stash.internal.user.DefaultEscalatedSecurityContext;
import java.util.Set;
import javax.annotation.Nonnull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

@NotProfiled
@AvailableToPlugins(SecurityService.class)
@Service("securityService")
/* loaded from: input_file:WEB-INF/lib/bitbucket-service-impl-5.16.0.jar:com/atlassian/stash/internal/user/DefaultSecurityService.class */
public class DefaultSecurityService implements SecurityService {
    private final RequestManager requestManager;
    private final PermissionVoterFactory voterFactory;

    @Autowired
    public DefaultSecurityService(RequestManager requestManager, PermissionVoterFactory permissionVoterFactory) {
        this.requestManager = requestManager;
        this.voterFactory = permissionVoterFactory;
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext anonymously(@Nonnull String str) {
        return contextBuilder(str).anonymously().build();
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext escalate(@Nonnull String str) {
        return contextBuilder(str).build();
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext impersonating(@Nonnull ApplicationUser applicationUser, @Nonnull String str) {
        return contextBuilder(str).impersonating(applicationUser).build();
    }

    @EventListener
    public void onRequestStarted(RequestStartedEvent requestStartedEvent) {
        requestStartedEvent.getRequestContext().addCleanupCallback(SecurityContextHolder::clearContext);
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull String str) {
        return contextBuilder(str).withPermission(permission).build();
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull Object obj, @Nonnull String str) {
        return contextBuilder(str).withPermission(obj, permission).build();
    }

    @Override // com.atlassian.bitbucket.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermissions(@Nonnull Set<Permission> set, @Nonnull String str) {
        return contextBuilder(str).withPermissions(set).build();
    }

    private DefaultEscalatedSecurityContext.Builder contextBuilder(String str) {
        return new DefaultEscalatedSecurityContext.Builder(str, this.requestManager, this.voterFactory);
    }
}
