package org.stripesstuff.plugin.security;

import java.lang.reflect.AnnotatedElement;
import java.lang.reflect.Method;
import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import net.sourceforge.stripes.action.ActionBean;
import net.sourceforge.stripes.config.DontAutoLoad;
import net.sourceforge.stripes.util.Log;

@DontAutoLoad
/* loaded from: input_file:WEB-INF/lib/stripesstuff-0.5.0.jar:org/stripesstuff/plugin/security/J2EESecurityManager.class */
public class J2EESecurityManager implements SecurityManager {
    private static final Log LOG = Log.getInstance(J2EESecurityManager.class);

    @Override // org.stripesstuff.plugin.security.SecurityManager
    public Boolean getAccessAllowed(ActionBean actionBean, Method method) {
        LOG.debug("Determining if access is allowed for " + method.getName() + " on " + actionBean.toString());
        Boolean determineAccessOnElement = determineAccessOnElement(actionBean, method, method);
        Class<?> cls = actionBean.getClass();
        while (true) {
            Class<?> cls2 = cls;
            if (determineAccessOnElement != null || cls2 == null) {
                break;
            }
            LOG.debug("Determining if access is allowed for " + cls2.getName() + " on " + actionBean.toString());
            determineAccessOnElement = determineAccessOnElement(actionBean, method, cls2);
            cls = cls2.getSuperclass();
        }
        if (determineAccessOnElement == null) {
            determineAccessOnElement = true;
        }
        return determineAccessOnElement;
    }

    protected Boolean determineAccessOnElement(ActionBean actionBean, Method method, AnnotatedElement annotatedElement) {
        Boolean bool = null;
        if (annotatedElement.isAnnotationPresent(DenyAll.class)) {
            bool = false;
        } else if (annotatedElement.isAnnotationPresent(PermitAll.class)) {
            bool = isUserAuthenticated(actionBean, method);
        } else {
            RolesAllowed annotation = annotatedElement.getAnnotation(RolesAllowed.class);
            if (annotation != null) {
                bool = isUserAuthenticated(actionBean, method);
                if (bool == null || bool.booleanValue()) {
                    bool = false;
                    String[] value = annotation.value();
                    int length = value.length;
                    int i = 0;
                    while (true) {
                        if (i < length) {
                            Boolean hasRole = hasRole(actionBean, method, value[i]);
                            if (hasRole != null && hasRole.booleanValue()) {
                                bool = true;
                                break;
                            }
                            i++;
                        } else {
                            break;
                        }
                    }
                }
            }
        }
        return bool;
    }

    protected Boolean isUserAuthenticated(ActionBean actionBean, Method method) {
        return Boolean.valueOf(actionBean.getContext().getRequest().getUserPrincipal() != null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Boolean hasRole(ActionBean actionBean, Method method, String str) {
        return Boolean.valueOf(actionBean.getContext().getRequest().isUserInRole(str));
    }
}
