package org.springframework.security.taglibs.authz;

import java.util.HashSet;
import java.util.StringTokenizer;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.TagSupport;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.BeanFactoryUtils;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;
import org.springframework.context.ApplicationContext;
import org.springframework.security.Authentication;
import org.springframework.security.acl.AclEntry;
import org.springframework.security.acl.AclManager;
import org.springframework.security.acl.basic.BasicAclEntry;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.util.ExpressionEvaluationUtils;

/* loaded from: input_file:org/springframework/security/taglibs/authz/AclTag.class */
public class AclTag extends TagSupport {
    protected static final Log logger;
    private Object domainObject;
    private String hasPermission = "";
    static Class class$org$springframework$security$taglibs$authz$AclTag;
    static Class class$java$lang$Object;
    static Class class$org$springframework$security$acl$AclManager;

    public int doStartTag() throws JspException {
        Object obj;
        Class cls;
        Class cls2;
        if (null == this.hasPermission || "".equals(this.hasPermission)) {
            return 0;
        }
        try {
            Integer[] parseIntegersString = parseIntegersString(ExpressionEvaluationUtils.evaluateString("hasPermission", this.hasPermission, ((TagSupport) this).pageContext));
            if (this.domainObject instanceof String) {
                String str = (String) this.domainObject;
                if (class$java$lang$Object == null) {
                    cls2 = class$("java.lang.Object");
                    class$java$lang$Object = cls2;
                } else {
                    cls2 = class$java$lang$Object;
                }
                obj = ExpressionEvaluationUtils.evaluate("domainObject", str, cls2, ((TagSupport) this).pageContext);
            } else {
                obj = this.domainObject;
            }
            if (obj == null) {
                if (!logger.isDebugEnabled()) {
                    return 1;
                }
                logger.debug("domainObject resolved to null, so including tag body");
                return 1;
            }
            if (SecurityContextHolder.getContext().getAuthentication() == null) {
                if (!logger.isDebugEnabled()) {
                    return 0;
                }
                logger.debug("SecurityContextHolder did not return a non-null Authentication object, so skipping tag body");
                return 0;
            }
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            ApplicationContext context = getContext(((TagSupport) this).pageContext);
            if (class$org$springframework$security$acl$AclManager == null) {
                cls = class$("org.springframework.security.acl.AclManager");
                class$org$springframework$security$acl$AclManager = cls;
            } else {
                cls = class$org$springframework$security$acl$AclManager;
            }
            String[] beanNamesForTypeIncludingAncestors = BeanFactoryUtils.beanNamesForTypeIncludingAncestors(context, cls, false, false);
            if (beanNamesForTypeIncludingAncestors.length == 0) {
                throw new JspException(new StringBuffer().append("No AclManager would found the application context: ").append(context.toString()).toString());
            }
            AclManager aclManager = (AclManager) context.getBean(beanNamesForTypeIncludingAncestors[0]);
            AclEntry[] acls = aclManager.getAcls(obj, authentication);
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("Authentication: '").append(authentication).append("' has: ").append(acls == null ? 0 : acls.length).append(" AclEntrys for domain object: '").append(obj).append("' from AclManager: '").append(aclManager.toString()).append("'").toString());
            }
            if (acls == null || acls.length == 0) {
                return 0;
            }
            for (int i = 0; i < acls.length; i++) {
                if (acls[i] instanceof BasicAclEntry) {
                    BasicAclEntry basicAclEntry = (BasicAclEntry) acls[i];
                    for (int i2 = 0; i2 < parseIntegersString.length; i2++) {
                        if (basicAclEntry.isPermitted(parseIntegersString[i2].intValue())) {
                            if (!logger.isDebugEnabled()) {
                                return 1;
                            }
                            logger.debug(new StringBuffer().append("Including tag body as found permission: ").append(parseIntegersString[i2]).append(" due to AclEntry: '").append(basicAclEntry).append("'").toString());
                            return 1;
                        }
                    }
                }
            }
            if (!logger.isDebugEnabled()) {
                return 0;
            }
            logger.debug("No permission, so skipping tag body");
            return 0;
        } catch (NumberFormatException e) {
            throw new JspException(e);
        }
    }

    protected ApplicationContext getContext(PageContext pageContext) {
        return WebApplicationContextUtils.getRequiredWebApplicationContext(pageContext.getServletContext());
    }

    public Object getDomainObject() {
        return this.domainObject;
    }

    public String getHasPermission() {
        return this.hasPermission;
    }

    private Integer[] parseIntegersString(String str) throws NumberFormatException {
        HashSet hashSet = new HashSet();
        StringTokenizer stringTokenizer = new StringTokenizer(str, StringArrayPropertyEditor.DEFAULT_SEPARATOR, false);
        while (stringTokenizer.hasMoreTokens()) {
            hashSet.add(new Integer(stringTokenizer.nextToken()));
        }
        return (Integer[]) hashSet.toArray(new Integer[0]);
    }

    public void setDomainObject(Object obj) {
        this.domainObject = obj;
    }

    public void setHasPermission(String str) {
        this.hasPermission = str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$taglibs$authz$AclTag == null) {
            cls = class$("org.springframework.security.taglibs.authz.AclTag");
            class$org$springframework$security$taglibs$authz$AclTag = cls;
        } else {
            cls = class$org$springframework$security$taglibs$authz$AclTag;
        }
        logger = LogFactory.getLog(cls);
    }
}
