package com.atlassian.stash.internal.user;

import com.atlassian.event.api.EventListener;
import com.atlassian.plugin.spring.AvailableToPlugins;
import com.atlassian.stash.event.request.RequestEndedEvent;
import com.atlassian.stash.i18n.I18nService;
import com.atlassian.stash.internal.annotation.NotProfiled;
import com.atlassian.stash.request.RequestContext;
import com.atlassian.stash.user.EscalatedSecurityContext;
import com.atlassian.stash.user.Permission;
import com.atlassian.stash.user.PreAuthenticationFailedException;
import com.atlassian.stash.user.SecurityService;
import com.atlassian.stash.user.StashAuthenticationContext;
import com.atlassian.stash.user.StashUser;
import com.atlassian.stash.user.UserService;
import com.atlassian.stash.util.Operation;
import com.atlassian.stash.web.conditions.AbstractPermissionCondition;
import com.google.common.base.Preconditions;
import java.util.Collection;
import java.util.EnumSet;
import java.util.Set;
import javax.annotation.Nonnull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

@NotProfiled
@AvailableToPlugins(SecurityService.class)
@Service("securityService")
/* loaded from: input_file:WEB-INF/lib/stash-service-impl-3.10.2.jar:com/atlassian/stash/internal/user/DefaultSecurityService.class */
public class DefaultSecurityService implements SecurityService {
    private final StashAuthenticationContext authenticationContext;
    private final I18nService i18nService;
    private final RequestContext requestContext;
    private final UserService userService;

    @Autowired
    public DefaultSecurityService(StashAuthenticationContext stashAuthenticationContext, I18nService i18nService, RequestContext requestContext, UserService userService) {
        this.authenticationContext = stashAuthenticationContext;
        this.i18nService = i18nService;
        this.requestContext = requestContext;
        this.userService = userService;
    }

    @Override // com.atlassian.stash.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext anonymously(@Nonnull String str) {
        return new DefaultEscalatedSecurityContext((String) Preconditions.checkNotNull(str, "reason"), null, this.requestContext);
    }

    @Override // com.atlassian.stash.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext impersonating(@Nonnull StashUser stashUser, @Nonnull String str) {
        return new DefaultEscalatedSecurityContext((String) Preconditions.checkNotNull(str, "reason"), (StashUser) Preconditions.checkNotNull(stashUser, "user"), this.requestContext);
    }

    @Override // com.atlassian.stash.user.DeprecatedSecurityService
    public <T, E extends Throwable> T doAnonymously(@Nonnull String str, @Nonnull Operation<T, E> operation) throws Throwable {
        return (T) anonymously(str).call(operation);
    }

    @Override // com.atlassian.stash.user.DeprecatedSecurityService
    public <T, E extends Throwable> T doAsUser(@Nonnull String str, @Nonnull String str2, @Nonnull Operation<T, E> operation) throws Throwable {
        StashUser userByName = this.userService.getUserByName((String) Preconditions.checkNotNull(str2, "username"));
        if (userByName == null) {
            throw new PreAuthenticationFailedException(this.i18nService.createKeyedMessage("stash.service.user.preauthfail", str2));
        }
        return (T) impersonating(userByName, str).call(operation);
    }

    @Override // com.atlassian.stash.user.DeprecatedSecurityService
    public <T, E extends Throwable> T doWithPermission(@Nonnull String str, @Nonnull Permission permission, @Nonnull Operation<T, E> operation) throws Throwable {
        return (T) withPermission(permission, str).call(operation);
    }

    @Override // com.atlassian.stash.user.DeprecatedSecurityService
    public <T, E extends Throwable> T doWithPermissions(@Nonnull String str, @Nonnull Collection<Permission> collection, @Nonnull Operation<T, E> operation) throws Throwable {
        return (T) withPermissions(EnumSet.copyOf((Collection) collection), str).call(operation);
    }

    @EventListener
    public void onRequestEnded(RequestEndedEvent requestEndedEvent) {
        SecurityContextHolder.clearContext();
    }

    @Override // com.atlassian.stash.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull String str) {
        return new DefaultEscalatedSecurityContext((String) Preconditions.checkNotNull(str, "reason"), this.authenticationContext.getCurrentUser(), this.requestContext).withPermission((Permission) Preconditions.checkNotNull(permission, AbstractPermissionCondition.PERMISSION));
    }

    @Override // com.atlassian.stash.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull Object obj, @Nonnull String str) {
        return new DefaultEscalatedSecurityContext((String) Preconditions.checkNotNull(str, "reason"), this.authenticationContext.getCurrentUser(), this.requestContext).withPermission(obj, (Permission) Preconditions.checkNotNull(permission, AbstractPermissionCondition.PERMISSION));
    }

    @Override // com.atlassian.stash.user.SecurityService
    @Nonnull
    public EscalatedSecurityContext withPermissions(@Nonnull Set<Permission> set, @Nonnull String str) {
        return new DefaultEscalatedSecurityContext((String) Preconditions.checkNotNull(str, "reason"), this.authenticationContext.getCurrentUser(), this.requestContext).withPermissions((Set) Preconditions.checkNotNull(set, "permissions"));
    }
}
