package org.loom.interceptor;

import org.apache.commons.lang.builder.ToStringBuilder;
import org.loom.config.ClassNames;
import org.loom.log.Log;
import org.loom.mapping.ParsedAction;
import org.loom.resolution.Resolution;
import org.loom.security.JeeSecurityAdapter;
import org.loom.security.SecurityAdapter;
import org.loom.security.SpringSecurityAdapter;
import org.loom.servlet.names.CssClassNames;
import org.loom.tags.Button;
import org.loom.tags.HtmlTag;
import org.loom.tags.Link;
import org.loom.util.ClassUtils;
import org.loom.validator.ButtonDecorator;
import org.loom.validator.LinkDecorator;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;

@Scope("prototype")
@Component
/* loaded from: input_file:org/loom/interceptor/SecurityInterceptorImpl.class */
public class SecurityInterceptorImpl implements SecurityInterceptor, LinkDecorator, ButtonDecorator, CreateInterceptor, InitializingBean {

    @Autowired(required = false)
    private SecurityAdapter securityAdapter;
    private String[] allowedRoles;
    private static Log log = Log.getLog();

    public void afterPropertiesSet() {
        if (this.securityAdapter == null) {
            this.securityAdapter = ClassUtils.isPresent(ClassNames.SPRING_SECURITY) ? new SpringSecurityAdapter() : new JeeSecurityAdapter();
        }
    }

    @Override // org.loom.validator.LinkDecorator
    public void decorate(Link link) {
        decorateImpl(link);
    }

    @Override // org.loom.validator.ButtonDecorator
    public void decorate(Button button) {
        decorateImpl(button);
    }

    private void decorateImpl(HtmlTag htmlTag) {
        if (this.securityAdapter.hasRole(this.allowedRoles)) {
            return;
        }
        htmlTag.addCssClass(CssClassNames.UNAUTHORIZED);
    }

    @Override // org.loom.interceptor.CreateInterceptor
    public Resolution afterCreate(ParsedAction parsedAction) {
        if (this.securityAdapter.hasRole(this.allowedRoles)) {
            return null;
        }
        log.debug("Rejecting request because the user does not have any of the roles ", this.allowedRoles);
        this.securityAdapter.throwInsufficientPermissionsException("The user does not have enough permissions");
        return null;
    }

    public String[] getAllowedRoles() {
        return this.allowedRoles;
    }

    @Override // org.loom.interceptor.SecurityInterceptor
    public void setAllowedRoles(String[] strArr) {
        this.allowedRoles = strArr;
    }

    public void setSecurityAdapter(SecurityAdapter securityAdapter) {
        this.securityAdapter = securityAdapter;
    }

    public String toString() {
        return new ToStringBuilder(this).append("allowedRoles", this.allowedRoles).toString();
    }
}
