package org.molgenis.app;

import java.util.ArrayList;
import java.util.List;
import org.molgenis.app.controller.HomeController;
import org.molgenis.security.MolgenisRoleHierarchy;
import org.molgenis.security.MolgenisWebAppSecurityConfig;
import org.molgenis.security.core.utils.SecurityUtils;
import org.molgenis.ui.security.MolgenisAccessDecisionVoter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.access.vote.AffirmativeBased;
import org.springframework.security.access.vote.RoleVoter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.web.access.expression.WebExpressionVoter;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
/* loaded from: input_file:WEB-INF/classes/org/molgenis/app/WebAppSecurityConfig.class */
public class WebAppSecurityConfig extends MolgenisWebAppSecurityConfig {

    @Autowired
    private MolgenisAccessDecisionVoter molgenisAccessDecisionVoter;

    @Autowired
    private RoleVoter roleVoter;

    @Override // org.molgenis.security.MolgenisWebAppSecurityConfig
    protected void configureUrlAuthorization(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new WebExpressionVoter());
        arrayList.add(new MolgenisAccessDecisionVoter());
        expressionInterceptUrlRegistry.accessDecisionManager(new AffirmativeBased(arrayList));
        expressionInterceptUrlRegistry.antMatchers("/").permitAll().antMatchers("/das/**").permitAll().antMatchers("/myDas/**").permitAll().antMatchers("/annotators/**").authenticated().antMatchers("/diseasematcher/**").authenticated().antMatchers("/omim/**").authenticated().antMatchers("/phenotips/**").authenticated().antMatchers("/charts/**").authenticated();
    }

    @Override // org.molgenis.security.MolgenisWebAppSecurityConfig
    protected List<GrantedAuthority> createAnonymousUserAuthorities() {
        return AuthorityUtils.createAuthorityList(SecurityUtils.getPluginReadAuthority(HomeController.ID));
    }

    @Override // org.molgenis.security.MolgenisWebAppSecurityConfig
    public RoleHierarchy roleHierarchy() {
        return new MolgenisRoleHierarchy();
    }

    @Bean
    public MolgenisAccessDecisionVoter molgenisAccessDecisionVoter() {
        return new MolgenisAccessDecisionVoter();
    }
}
