package org.jboss.security.acl;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.jboss.security.PicketBoxMessages;
import org.jboss.security.authorization.AuthorizationException;
import org.jboss.security.authorization.Resource;
import org.jboss.security.identity.Identity;
import org.jboss.security.identity.Role;
import org.jboss.security.identity.RoleGroup;

/* loaded from: input_file:org/jboss/security/acl/RoleBasedACLProviderImpl.class */
public class RoleBasedACLProviderImpl extends ACLProviderImpl {
    @Override // org.jboss.security.acl.ACLProviderImpl
    public <T> Set<T> getEntitlements(Class<T> cls, Resource resource, Identity identity) throws AuthorizationException {
        if (identity.getRole() == null) {
            return super.getEntitlements(cls, resource, identity);
        }
        if (!EntitlementEntry.class.equals(cls)) {
            return null;
        }
        HashSet hashSet = new HashSet();
        List<Role> arrayList = new ArrayList<>();
        getAllRoles(identity.getRole(), arrayList);
        for (Role role : arrayList) {
            ACLPermission initialPermissions = super.getInitialPermissions(resource, role.getRoleName());
            if (initialPermissions != null) {
                super.fillEntitlements(hashSet, resource, role.getRoleName(), initialPermissions);
            }
        }
        return hashSet;
    }

    @Override // org.jboss.security.acl.ACLProviderImpl
    public boolean isAccessGranted(Resource resource, Identity identity, ACLPermission aCLPermission) throws AuthorizationException {
        if (identity.getRole() == null) {
            return super.isAccessGranted(resource, identity, aCLPermission);
        }
        if (this.strategy == null) {
            throw new AuthorizationException(PicketBoxMessages.MESSAGES.unableToLocateACLWithNoStrategyMessage());
        }
        ACL acl = this.strategy.getACL(resource);
        if (acl == null) {
            throw new AuthorizationException(PicketBoxMessages.MESSAGES.unableToLocateACLForResourceMessage(resource != null ? resource.toString() : null));
        }
        ArrayList arrayList = new ArrayList();
        getAllRoles(identity.getRole(), arrayList);
        Iterator<Role> it = arrayList.iterator();
        while (it.hasNext()) {
            ACLEntry entry = acl.getEntry(it.next().getRoleName());
            if (entry != null && entry.checkPermission(aCLPermission)) {
                return true;
            }
        }
        return false;
    }

    protected void getAllRoles(Role role, List<Role> list) {
        if (!(role instanceof RoleGroup)) {
            list.add(role);
            return;
        }
        Iterator it = ((RoleGroup) role).getRoles().iterator();
        while (it.hasNext()) {
            getAllRoles((Role) it.next(), list);
        }
    }
}
