package ru.xpoft.vaadin.security;

import com.vaadin.navigator.NavigationStateManager;
import com.vaadin.navigator.View;
import com.vaadin.navigator.ViewDisplay;
import com.vaadin.ui.ComponentContainer;
import com.vaadin.ui.SingleComponentContainer;
import com.vaadin.ui.UI;
import java.util.Arrays;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresGuest;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.xpoft.vaadin.DiscoveryNavigator;

/* loaded from: input_file:WEB-INF/lib/spring-vaadin-integration-3.1.jar:ru/xpoft/vaadin/security/ShiroSecurityNavigator.class */
public class ShiroSecurityNavigator extends DiscoveryNavigator {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) ShiroSecurityNavigator.class);

    public ShiroSecurityNavigator(UI ui, ComponentContainer componentContainer) {
        super(ui, componentContainer);
    }

    public ShiroSecurityNavigator(UI ui, SingleComponentContainer singleComponentContainer) {
        super(ui, singleComponentContainer);
    }

    public ShiroSecurityNavigator(UI ui, ViewDisplay viewDisplay) {
        super(ui, viewDisplay);
    }

    public ShiroSecurityNavigator(UI ui, NavigationStateManager navigationStateManager, ViewDisplay viewDisplay) {
        super(ui, navigationStateManager, viewDisplay);
    }

    @Override // ru.xpoft.vaadin.DiscoveryNavigator
    protected void addCachedBeans() {
        for (DiscoveryNavigator.ViewCache viewCache : views) {
            if (hasAccess(viewCache.getClazz())) {
                logger.debug("view name: \"{}\", class: {}, viewCached: {}", viewCache.getName(), viewCache.getClazz(), Boolean.valueOf(viewCache.isCached()));
                addBeanView(viewCache.getName(), viewCache.getBeanName(), viewCache.getClazz(), viewCache.isCached());
            }
        }
    }

    @Override // ru.xpoft.vaadin.DiscoveryNavigator
    public void addBeanView(String str, Class<? extends View> cls, boolean z) {
        if (hasAccess(cls)) {
            super.addBeanView(str, cls, z);
        }
    }

    public static boolean hasAccess(Class<?> cls) {
        boolean z = true;
        if (cls.isAnnotationPresent(RequiresRoles.class)) {
            z = false;
            RequiresRoles annotation = cls.getAnnotation(RequiresRoles.class);
            String[] value = annotation.value();
            Logical logical = annotation.logical();
            if (value.length > 0) {
                Subject subject = SecurityUtils.getSubject();
                if (!subject.isAuthenticated()) {
                    return false;
                }
                if (logical == Logical.AND && subject.hasAllRoles(Arrays.asList(value))) {
                    z = true;
                }
                if (logical == Logical.OR) {
                    boolean[] hasRoles = subject.hasRoles(Arrays.asList(value));
                    int length = hasRoles.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        if (hasRoles[i]) {
                            z = true;
                            break;
                        }
                        i++;
                    }
                }
            }
        }
        if (z && cls.isAnnotationPresent(RequiresPermissions.class)) {
            z = false;
            RequiresPermissions annotation2 = cls.getAnnotation(RequiresPermissions.class);
            String[] value2 = annotation2.value();
            Logical logical2 = annotation2.logical();
            Subject subject2 = SecurityUtils.getSubject();
            if (value2.length > 0) {
                if (!subject2.isAuthenticated()) {
                    return false;
                }
                if (logical2 == Logical.AND && subject2.isPermittedAll(value2)) {
                    z = true;
                }
                if (logical2 == Logical.OR && subject2.isPermittedAll(value2)) {
                    boolean[] isPermitted = subject2.isPermitted(value2);
                    int length2 = isPermitted.length;
                    int i2 = 0;
                    while (true) {
                        if (i2 >= length2) {
                            break;
                        }
                        if (isPermitted[i2]) {
                            z = true;
                            break;
                        }
                        i2++;
                    }
                }
            }
        }
        if (z && cls.isAnnotationPresent(RequiresAuthentication.class)) {
            z = SecurityUtils.getSubject().isAuthenticated();
        }
        if (z && cls.isAnnotationPresent(RequiresGuest.class)) {
            z = SecurityUtils.getSubject().getPrincipals() == null;
        }
        if (z && cls.isAnnotationPresent(RequiresUser.class)) {
            Subject subject3 = SecurityUtils.getSubject();
            z = (subject3.getPrincipals() == null || subject3.getPrincipals().isEmpty()) ? false : true;
        }
        return z;
    }
}
