package br.gov.frameworkdemoiselle.internal.interceptor;

import br.gov.frameworkdemoiselle.annotation.Name;
import br.gov.frameworkdemoiselle.internal.producer.LoggerProducer;
import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer;
import br.gov.frameworkdemoiselle.security.AuthorizationException;
import br.gov.frameworkdemoiselle.security.RequiredPermission;
import br.gov.frameworkdemoiselle.security.SecurityContext;
import br.gov.frameworkdemoiselle.security.User;
import br.gov.frameworkdemoiselle.util.Beans;
import br.gov.frameworkdemoiselle.util.ResourceBundle;
import br.gov.frameworkdemoiselle.util.Strings;
import java.io.Serializable;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import org.slf4j.Logger;

@RequiredPermission
@Interceptor
/* loaded from: input_file:br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.class */
public class RequiredPermissionInterceptor implements Serializable {
    private static final long serialVersionUID = 1;
    private SecurityContext securityContext;
    private static ResourceBundle bundle;
    private static Logger logger;

    @AroundInvoke
    public Object manage(InvocationContext invocationContext) throws Exception {
        String resource = getResource(invocationContext);
        String operation = getOperation(invocationContext);
        String str = null;
        if (getSecurityContext().isLoggedIn()) {
            str = getUsername();
            getLogger().trace(getBundle().getString("access-checking", str, operation, resource));
        }
        if (getSecurityContext().hasPermission(resource, operation)) {
            getLogger().debug(getBundle().getString("access-allowed", str, operation, resource));
            return invocationContext.proceed();
        }
        getLogger().error(getBundle().getString("access-denied", str, operation, resource));
        throw new AuthorizationException(getBundle().getString("access-denied-ui", resource, operation));
    }

    private String getUsername() {
        String str = "";
        User user = getSecurityContext().getUser();
        if (user != null && user.getId() != null) {
            str = user.getId();
        }
        return str;
    }

    private String getResource(InvocationContext invocationContext) {
        RequiredPermission requiredPermission = (RequiredPermission) invocationContext.getMethod().getAnnotation(RequiredPermission.class);
        return (requiredPermission == null || Strings.isEmpty(requiredPermission.resource())) ? invocationContext.getTarget().getClass().getAnnotation(Name.class) == null ? invocationContext.getTarget().getClass().getSimpleName() : ((Name) invocationContext.getTarget().getClass().getAnnotation(Name.class)).value() : requiredPermission.resource();
    }

    private String getOperation(InvocationContext invocationContext) {
        RequiredPermission requiredPermission = (RequiredPermission) invocationContext.getMethod().getAnnotation(RequiredPermission.class);
        return (requiredPermission == null || Strings.isEmpty(requiredPermission.operation())) ? invocationContext.getMethod().getAnnotation(Name.class) == null ? invocationContext.getMethod().getName() : ((Name) invocationContext.getMethod().getAnnotation(Name.class)).value() : requiredPermission.operation();
    }

    private SecurityContext getSecurityContext() {
        if (this.securityContext == null) {
            this.securityContext = (SecurityContext) Beans.getReference(SecurityContext.class);
        }
        return this.securityContext;
    }

    private static ResourceBundle getBundle() {
        if (bundle == null) {
            bundle = ResourceBundleProducer.create("demoiselle-core-bundle");
        }
        return bundle;
    }

    private static Logger getLogger() {
        if (logger == null) {
            logger = LoggerProducer.create(RequiredPermissionInterceptor.class);
        }
        return logger;
    }
}
