package br.gov.frameworkdemoiselle.internal.interceptor;

import br.gov.frameworkdemoiselle.annotation.Name;
import br.gov.frameworkdemoiselle.security.AuthorizationException;
import br.gov.frameworkdemoiselle.security.RequiredPermission;
import br.gov.frameworkdemoiselle.security.SecurityContext;
import br.gov.frameworkdemoiselle.security.User;
import br.gov.frameworkdemoiselle.util.ResourceBundle;
import br.gov.frameworkdemoiselle.util.Strings;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import org.slf4j.Logger;

@RequiredPermission
@Interceptor
/* loaded from: input_file:br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.class */
public class RequiredPermissionInterceptor {
    private final Instance<SecurityContext> securityContext;
    private final ResourceBundle bundle;
    private final Logger logger;

    @Inject
    public RequiredPermissionInterceptor(Instance<SecurityContext> instance, @Name("demoiselle-core-bundle") ResourceBundle resourceBundle, Logger logger) {
        this.securityContext = instance;
        this.bundle = resourceBundle;
        this.logger = logger;
    }

    @AroundInvoke
    public Object manage(InvocationContext invocationContext) throws Exception {
        String resource = getResource(invocationContext);
        String operation = getOperation(invocationContext);
        String str = null;
        if (((SecurityContext) this.securityContext.get()).isLoggedIn()) {
            str = getUsername();
            this.logger.trace(this.bundle.getString("access-checking", str, operation, resource));
        }
        if (((SecurityContext) this.securityContext.get()).hasPermission(resource, operation)) {
            this.logger.debug(this.bundle.getString("access-allowed", str, operation, resource));
            return invocationContext.proceed();
        }
        this.logger.error(this.bundle.getString("access-denied", str, operation, resource));
        throw new AuthorizationException(this.bundle.getString("access-denied-ui", resource, operation));
    }

    private String getUsername() {
        String str = "";
        User user = ((SecurityContext) this.securityContext.get()).getUser();
        if (user != null && user.getId() != null) {
            str = user.getId();
        }
        return str;
    }

    private String getResource(InvocationContext invocationContext) {
        RequiredPermission requiredPermission = (RequiredPermission) invocationContext.getMethod().getAnnotation(RequiredPermission.class);
        return (requiredPermission == null || Strings.isEmpty(requiredPermission.resource())) ? invocationContext.getTarget().getClass().getAnnotation(Name.class) == null ? invocationContext.getTarget().getClass().getSimpleName() : ((Name) invocationContext.getTarget().getClass().getAnnotation(Name.class)).value() : requiredPermission.resource();
    }

    private String getOperation(InvocationContext invocationContext) {
        RequiredPermission requiredPermission = (RequiredPermission) invocationContext.getMethod().getAnnotation(RequiredPermission.class);
        return (requiredPermission == null || Strings.isEmpty(requiredPermission.operation())) ? invocationContext.getMethod().getAnnotation(Name.class) == null ? invocationContext.getMethod().getName() : ((Name) invocationContext.getMethod().getAnnotation(Name.class)).value() : requiredPermission.operation();
    }
}
