package org.geoserver.taskmanager.util;

import org.geoserver.catalog.Catalog;
import org.geoserver.catalog.WorkspaceInfo;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.SecureCatalogImpl;
import org.geoserver.security.WorkspaceAccessLimits;
import org.geoserver.taskmanager.data.Batch;
import org.geoserver.taskmanager.data.Configuration;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/geoserver/taskmanager/util/TaskManagerSecurityUtil.class */
public class TaskManagerSecurityUtil {

    @Autowired
    @Qualifier("rawCatalog")
    private Catalog catalog;

    @Autowired
    private SecureCatalogImpl secureCatalog;

    @Autowired
    GeoServerSecurityManager secManager;

    private WorkspaceInfo getWorkspace(String str) {
        return str == null ? this.catalog.getDefaultWorkspace() : this.catalog.getWorkspaceByName(str);
    }

    public boolean isReadable(Authentication authentication, Configuration configuration) {
        WorkspaceInfo workspace = getWorkspace(configuration.getWorkspace());
        if (workspace == null) {
            return configuration.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspace);
        return accessLimits == null || accessLimits.isReadable();
    }

    public boolean isReadable(Authentication authentication, Batch batch) {
        boolean z;
        boolean z2;
        WorkspaceInfo workspaceInfo = null;
        WorkspaceInfo workspaceInfo2 = null;
        if (batch.getConfiguration() != null) {
            workspaceInfo2 = getWorkspace(batch.getConfiguration().getWorkspace());
            if (batch.getWorkspace() != null) {
                workspaceInfo = getWorkspace(batch.getWorkspace());
            }
        } else {
            workspaceInfo = getWorkspace(batch.getWorkspace());
        }
        if (workspaceInfo != null) {
            WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo);
            z = accessLimits == null || accessLimits.isReadable();
        } else {
            z = batch.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        if (workspaceInfo2 != null) {
            WorkspaceAccessLimits accessLimits2 = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo2);
            z2 = accessLimits2 == null || accessLimits2.isReadable();
        } else {
            z2 = batch.getConfiguration() == null || batch.getConfiguration().getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        return z && z2;
    }

    public boolean isWriteable(Authentication authentication, Configuration configuration) {
        WorkspaceInfo workspace = getWorkspace(configuration.getWorkspace());
        if (workspace == null) {
            return configuration.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspace);
        return accessLimits == null || accessLimits.isWritable();
    }

    public boolean isWritable(Authentication authentication, Batch batch) {
        boolean z;
        boolean z2;
        WorkspaceInfo workspaceInfo = null;
        WorkspaceInfo workspaceInfo2 = null;
        if (batch.getConfiguration() != null) {
            workspaceInfo2 = getWorkspace(batch.getConfiguration().getWorkspace());
            if (batch.getWorkspace() != null) {
                workspaceInfo = getWorkspace(batch.getWorkspace());
            }
        } else {
            workspaceInfo = getWorkspace(batch.getWorkspace());
        }
        if (workspaceInfo != null) {
            WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo);
            z = accessLimits == null || accessLimits.isWritable();
        } else {
            z = batch.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        if (workspaceInfo2 != null) {
            WorkspaceAccessLimits accessLimits2 = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo2);
            z2 = accessLimits2 == null || accessLimits2.isWritable();
        } else {
            z2 = batch.getConfiguration() == null || batch.getConfiguration().getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        return z && z2;
    }

    public boolean isAdminable(Authentication authentication, Configuration configuration) {
        WorkspaceInfo workspace = getWorkspace(configuration.getWorkspace());
        if (workspace == null) {
            return configuration.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspace);
        return accessLimits == null || accessLimits.isAdminable();
    }

    public boolean isAdminable(Authentication authentication, Batch batch) {
        boolean z;
        boolean z2;
        WorkspaceInfo workspaceInfo = null;
        WorkspaceInfo workspaceInfo2 = null;
        if (batch.getConfiguration() != null) {
            workspaceInfo2 = getWorkspace(batch.getConfiguration().getWorkspace());
            if (batch.getWorkspace() != null) {
                workspaceInfo = getWorkspace(batch.getWorkspace());
            }
        } else {
            workspaceInfo = getWorkspace(batch.getWorkspace());
        }
        if (workspaceInfo != null) {
            WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo);
            z = accessLimits == null || accessLimits.isAdminable();
        } else {
            z = batch.getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        if (workspaceInfo2 != null) {
            WorkspaceAccessLimits accessLimits2 = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo2);
            z2 = accessLimits2 == null || accessLimits2.isAdminable();
        } else {
            z2 = batch.getConfiguration() == null || batch.getConfiguration().getWorkspace() == null || this.secManager.checkAuthenticationForAdminRole(authentication);
        }
        return z && z2;
    }

    public boolean isAdminable(Authentication authentication, WorkspaceInfo workspaceInfo) {
        WorkspaceAccessLimits accessLimits = this.secureCatalog.getResourceAccessManager().getAccessLimits(authentication, workspaceInfo);
        return accessLimits == null || accessLimits.isAdminable();
    }
}
