package com.atlassian.bamboo.security;

import com.atlassian.bamboo.configuration.AdministrationConfigurationAccessor;
import com.atlassian.bamboo.filter.AccessTypePolicy;
import com.atlassian.bamboo.spring.ComponentAccessor;
import com.atlassian.bamboo.user.Authority;
import com.atlassian.config.util.BootstrapUtils;
import com.atlassian.sal.core.permission.AccessType;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.Optional;
import java.util.function.Supplier;
import javax.validation.constraints.NotNull;
import org.acegisecurity.Authentication;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/atlassian/bamboo/security/DefaultAnnotatedPermitChecker.class */
public class DefaultAnnotatedPermitChecker implements AnnotatedPermitChecker {
    private static final Logger log = LogManager.getLogger(DefaultAnnotatedPermitChecker.class);
    private final Supplier<Authentication> currentUserSupplier;
    private final boolean allowAnonymousAccessForNotAnnotatedMembers;

    public DefaultAnnotatedPermitChecker(Authentication authentication, boolean z) {
        this.currentUserSupplier = () -> {
            return authentication;
        };
        this.allowAnonymousAccessForNotAnnotatedMembers = z;
    }

    public DefaultAnnotatedPermitChecker(Supplier<Authentication> supplier, boolean z) {
        this.currentUserSupplier = supplier;
        this.allowAnonymousAccessForNotAnnotatedMembers = z;
    }

    public boolean verifyIsPermitted(Class<?> cls, String str, Class<?>... clsArr) {
        return userHasPermission(AccessType.getAccessType(cls, str, clsArr));
    }

    public boolean verifyIsPermitted(Class<?> cls, Method method) {
        return userHasPermission(AccessType.getAccessType(cls, method.getName(), method.getParameterTypes()));
    }

    public boolean verifyIsPermitted(Class<?> cls) {
        return userHasPermission(AccessType.getAccessType(cls, "", new Class[0]));
    }

    public boolean isAllowAnonymousAccessForNotAnnotatedMembers() {
        return this.allowAnonymousAccessForNotAnnotatedMembers;
    }

    private boolean userHasPermission(@NotNull AccessType accessType) {
        return accessType != AccessType.EMPTY ? AccessTypePolicy.forAccessType(accessType, isEnableAnonymousAccess()).hasAuthority(this.currentUserSupplier.get()) : this.allowAnonymousAccessForNotAnnotatedMembers || isUserNotAnonymous(this.currentUserSupplier.get());
    }

    private static boolean isUserNotAnonymous(Authentication authentication) {
        return (authentication == null || Authority.isAnonymousUser(Arrays.asList(authentication.getAuthorities()))) ? false : true;
    }

    private boolean isEnableAnonymousAccess() {
        if (isSetupIncomplete()) {
            return true;
        }
        Optional map = Optional.ofNullable((AdministrationConfigurationAccessor) ComponentAccessor.ADMINISTRATION_CONFIGURATION_ACCESSOR.get()).map((v0) -> {
            return v0.getAdministrationConfiguration();
        });
        if (map.isEmpty()) {
            log.warn("Could not load administration configuration. Assuming Anonymous access is disabled.");
        }
        return ((Boolean) map.map((v0) -> {
            return v0.isEnableAnonymousAccess();
        }).orElse(false)).booleanValue();
    }

    private boolean isSetupIncomplete() {
        return !BootstrapUtils.getBootstrapManager().isSetupComplete();
    }

    private Method getMethod(Class<?> cls, String str, Class<?>... clsArr) throws NoSuchMethodException {
        return cls.getMethod(str, clsArr);
    }
}
