package id.onyx.obdp.server.controller.internal;

import id.onyx.obdp.server.controller.spi.NoSuchParentResourceException;
import id.onyx.obdp.server.controller.spi.NoSuchResourceException;
import id.onyx.obdp.server.controller.spi.Predicate;
import id.onyx.obdp.server.controller.spi.Request;
import id.onyx.obdp.server.controller.spi.RequestStatus;
import id.onyx.obdp.server.controller.spi.Resource;
import id.onyx.obdp.server.controller.spi.ResourceAlreadyExistsException;
import id.onyx.obdp.server.controller.spi.SystemException;
import id.onyx.obdp.server.controller.spi.UnsupportedPropertyException;
import id.onyx.obdp.server.controller.utilities.PropertyHelper;
import id.onyx.obdp.server.security.authorization.AuthorizationException;
import id.onyx.obdp.server.security.authorization.AuthorizationHelper;
import id.onyx.obdp.server.security.authorization.ResourceType;
import id.onyx.obdp.server.security.authorization.RoleAuthorization;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:id/onyx/obdp/server/controller/internal/AbstractAuthorizedResourceProvider.class */
public abstract class AbstractAuthorizedResourceProvider extends AbstractResourceProvider {
    private Set<RoleAuthorization> requiredCreateAuthorizations;
    private Set<RoleAuthorization> requiredGetAuthorizations;
    private Set<RoleAuthorization> requiredUpdateAuthorizations;
    private Set<RoleAuthorization> requiredDeleteAuthorizations;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractAuthorizedResourceProvider(Resource.Type type, Set<String> set, Map<Resource.Type, String> map) {
        super(set, map);
        this.requiredCreateAuthorizations = Collections.emptySet();
        this.requiredGetAuthorizations = Collections.emptySet();
        this.requiredUpdateAuthorizations = Collections.emptySet();
        this.requiredDeleteAuthorizations = Collections.emptySet();
        PropertyHelper.setPropertyIds(type, set);
        PropertyHelper.setKeyPropertyIds(type, map);
    }

    public Set<RoleAuthorization> getRequiredCreateAuthorizations() {
        return this.requiredCreateAuthorizations;
    }

    public void setRequiredCreateAuthorizations(Set<RoleAuthorization> set) {
        this.requiredCreateAuthorizations = createUnmodifiableSet(set);
    }

    public Set<RoleAuthorization> getRequiredGetAuthorizations() {
        return this.requiredGetAuthorizations;
    }

    public void setRequiredGetAuthorizations(Set<RoleAuthorization> set) {
        this.requiredGetAuthorizations = createUnmodifiableSet(set);
    }

    public Set<RoleAuthorization> getRequiredUpdateAuthorizations() {
        return this.requiredUpdateAuthorizations;
    }

    public void setRequiredUpdateAuthorizations(Set<RoleAuthorization> set) {
        this.requiredUpdateAuthorizations = createUnmodifiableSet(set);
    }

    public Set<RoleAuthorization> getRequiredDeleteAuthorizations() {
        return this.requiredDeleteAuthorizations;
    }

    public void setRequiredDeleteAuthorizations(Set<RoleAuthorization> set) {
        this.requiredDeleteAuthorizations = createUnmodifiableSet(set);
    }

    @Override // id.onyx.obdp.server.controller.spi.ResourceProvider
    public RequestStatus createResources(Request request) throws SystemException, UnsupportedPropertyException, ResourceAlreadyExistsException, NoSuchParentResourceException {
        Authentication authentication = AuthorizationHelper.getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            throw new AuthorizationException("Authentication data is not available, authorization to perform the requested operation is not granted");
        }
        if (isAuthorizedToCreateResources(authentication, request)) {
            return createResourcesAuthorized(request);
        }
        throw new AuthorizationException("The authenticated user does not have the appropriate authorizations to create the requested resource(s)");
    }

    @Override // id.onyx.obdp.server.controller.spi.ResourceProvider
    public Set<Resource> getResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        Authentication authentication = AuthorizationHelper.getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            throw new AuthorizationException("Authentication data is not available, authorization to perform the requested operation is not granted");
        }
        if (isAuthorizedToGetResources(authentication, request, predicate)) {
            return getResourcesAuthorized(request, predicate);
        }
        throw new AuthorizationException("The authenticated user does not have the appropriate authorizations to get the requested resource(s)");
    }

    @Override // id.onyx.obdp.server.controller.spi.ResourceProvider
    public RequestStatus updateResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        Authentication authentication = AuthorizationHelper.getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            throw new AuthorizationException("Authentication data is not available, authorization to perform the requested operation is not granted");
        }
        if (isAuthorizedToUpdateResources(authentication, request, predicate)) {
            return updateResourcesAuthorized(request, predicate);
        }
        throw new AuthorizationException("The authenticated user does not have the appropriate authorizations to update the requested resource(s)");
    }

    @Override // id.onyx.obdp.server.controller.spi.ResourceProvider
    public RequestStatus deleteResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        Authentication authentication = AuthorizationHelper.getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            throw new AuthorizationException("Authentication data is not available, authorization to perform the requested operation is not granted");
        }
        if (isAuthorizedToDeleteResources(authentication, predicate)) {
            return deleteResourcesAuthorized(request, predicate);
        }
        throw new AuthorizationException("The authenticated user does not have the appropriate authorizations to delete the requested resource(s)");
    }

    protected RequestStatus createResourcesAuthorized(Request request) throws SystemException, UnsupportedPropertyException, ResourceAlreadyExistsException, NoSuchParentResourceException {
        throw new UnsupportedOperationException("If createResources is not overwritten, then createResourcesAuthorized must be overwritten");
    }

    protected boolean isAuthorizedToCreateResources(Authentication authentication, Request request) throws SystemException {
        return AuthorizationHelper.isAuthorized(authentication, getResourceType(request, null), getResourceId(request, null), this.requiredCreateAuthorizations);
    }

    protected Set<Resource> getResourcesAuthorized(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        throw new UnsupportedOperationException("If getResources is not overwritten, then getResourcesAuthorized must be overwritten");
    }

    protected boolean isAuthorizedToGetResources(Authentication authentication, Request request, Predicate predicate) throws SystemException {
        return AuthorizationHelper.isAuthorized(authentication, getResourceType(request, predicate), getResourceId(request, predicate), this.requiredGetAuthorizations);
    }

    protected RequestStatus updateResourcesAuthorized(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        throw new UnsupportedOperationException("If updateResources is not overwritten, then updateResourcesAuthorized must be overwritten");
    }

    protected boolean isAuthorizedToUpdateResources(Authentication authentication, Request request, Predicate predicate) throws SystemException {
        return AuthorizationHelper.isAuthorized(authentication, getResourceType(request, predicate), getResourceId(request, predicate), this.requiredUpdateAuthorizations);
    }

    protected RequestStatus deleteResourcesAuthorized(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        throw new UnsupportedOperationException("If deleteResources is not overwritten, then deleteResourcesAuthorized must be overwritten");
    }

    protected boolean isAuthorizedToDeleteResources(Authentication authentication, Predicate predicate) throws SystemException {
        return AuthorizationHelper.isAuthorized(authentication, getResourceType(null, predicate), getResourceId(null, predicate), this.requiredDeleteAuthorizations);
    }

    protected ResourceType getResourceType(Request request, Predicate predicate) {
        return ResourceType.CLUSTER;
    }

    protected Long getResourceId(Request request, Predicate predicate) {
        return null;
    }

    private Set<RoleAuthorization> createUnmodifiableSet(Set<RoleAuthorization> set) {
        return set == null ? Collections.emptySet() : Collections.unmodifiableSet(new HashSet(set));
    }
}
