package com.u2ware.springfield.security.authorization;

import com.u2ware.springfield.security.Navigation;
import com.u2ware.springfield.security.NavigationVisitor;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.servlet.ServletContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.vote.AffirmativeBased;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.context.ServletContextAware;

/* loaded from: input_file:com/u2ware/springfield/security/authorization/AccessDecisionManager.class */
public class AccessDecisionManager extends AffirmativeBased implements ServletContextAware {
    protected final Log logger;
    private ServletContext servletContext;
    SavedRequestAwareAuthenticationSuccessHandler j;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/u2ware/springfield/security/authorization/AccessDecisionManager$Visitor.class */
    public class Visitor implements NavigationVisitor {
        private AntPathMatcher antPathMatcher = new AntPathMatcher();
        private String attribute = "hasRole('ROLE_ANONYMOUS')";
        private String requestPath;

        public Visitor(FilterInvocation filterInvocation) {
            String requestUrl = filterInvocation.getRequestUrl();
            AccessDecisionManager.this.logger.debug(requestUrl);
            int indexOf = requestUrl.indexOf("?");
            String substring = indexOf > 0 ? requestUrl.substring(0, indexOf) : requestUrl;
            AccessDecisionManager.this.logger.debug(substring);
            this.requestPath = substring;
        }

        @Override // com.u2ware.springfield.security.NavigationVisitor
        public void visit(Navigation navigation) {
            if (navigation.getPattern() != null && this.antPathMatcher.match(navigation.getPattern(), this.requestPath) && StringUtils.hasText(navigation.getAccess())) {
                AccessDecisionManager.this.logger.debug("\t" + navigation);
                this.attribute = navigation.getAccess();
            }
        }

        public String getAttribute() {
            return this.attribute;
        }
    }

    public AccessDecisionManager(List<AccessDecisionVoter> list) {
        super(list);
        this.logger = LogFactory.getLog(getClass());
    }

    public void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }

    public void decide(Authentication authentication, Object obj, Collection<ConfigAttribute> collection) throws AccessDeniedException {
        try {
            this.logger.debug("Access Decide Start : " + obj);
            String createConfigAttribute = createConfigAttribute(authentication, obj);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AuthorityAttribute(createConfigAttribute));
            super.decide(authentication, obj, arrayList);
            this.logger.debug("Access Decide End : " + obj);
        } catch (AccessDeniedException e) {
            this.logger.debug(e.getMessage());
            this.logger.debug("Access Decide End : " + obj);
            throw e;
        }
    }

    private String createConfigAttribute(Authentication authentication, Object obj) {
        Visitor visitor = new Visitor((FilterInvocation) obj);
        ((Navigation) this.servletContext.getAttribute(Navigation.OBJECT_NAME)).travel(visitor);
        return visitor.getAttribute();
    }
}
