package org.molgenis.security.permission;

import java.util.Collection;
import java.util.Iterator;
import org.molgenis.security.core.PermissionService;
import org.molgenis.security.core.runas.SystemSecurityToken;
import org.molgenis.security.core.utils.SecurityUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/lib/molgenis-security-6.1.0.jar:org/molgenis/security/permission/PermissionServiceImpl.class */
public class PermissionServiceImpl implements PermissionService {
    @Override // org.molgenis.security.core.PermissionService
    public boolean hasPermissionOnPlugin(String str, org.molgenis.security.core.Permission permission) {
        return hasPermission(str, permission, SecurityUtils.AUTHORITY_PLUGIN_PREFIX);
    }

    @Override // org.molgenis.security.core.PermissionService
    public boolean hasPermissionOnEntityType(String str, org.molgenis.security.core.Permission permission) {
        return hasPermission(str, permission, SecurityUtils.AUTHORITY_ENTITY_PREFIX);
    }

    private boolean hasPermission(String str, org.molgenis.security.core.Permission permission, String str2) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        String str3 = str2 + permission.toString() + '_' + str;
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        if (authorities == null) {
            return false;
        }
        Iterator<? extends GrantedAuthority> it = authorities.iterator();
        while (it.hasNext()) {
            String authority = it.next().getAuthority();
            if (authority.equals(SecurityUtils.AUTHORITY_SU) || authority.equals(SystemSecurityToken.ROLE_SYSTEM) || authority.equals(str3)) {
                return true;
            }
        }
        return false;
    }
}
