package org.beetl.ext.spring;

import java.util.Collections;
import java.util.UUID;
import javax.servlet.ServletContext;
import org.beetl.core.Context;
import org.beetl.core.Function;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.config.Elements;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
import org.springframework.web.context.ServletContextAware;

/* loaded from: input_file:WEB-INF/lib/beetl-2.7.21.jar:org/beetl/ext/spring/AccessUrlIfFunction.class */
public class AccessUrlIfFunction implements Function, ServletContextAware {
    private ServletContext servletContext = null;

    @Autowired
    private WebInvocationPrivilegeEvaluator privilegeEvaluator = null;

    @Override // org.springframework.web.context.ServletContextAware
    public void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }

    @Override // org.beetl.core.Function
    public Boolean call(Object[] objArr, Context context) {
        SecurityContext context2 = SecurityContextHolder.getContext();
        if (context2 == null) {
            return true;
        }
        Authentication authentication = getAuthentication(context2);
        if (objArr.length == 0 || objArr[0] == null || !(objArr[0] instanceof String)) {
            return true;
        }
        String str = (String) objArr[0];
        String str2 = "GET";
        if (objArr.length > 1 && objArr[1] != null && (objArr[1] instanceof String)) {
            str2 = (String) objArr[1];
        }
        return Boolean.valueOf(this.privilegeEvaluator.isAllowed(this.servletContext.getContextPath(), str, str2, authentication));
    }

    private Authentication getAuthentication(SecurityContext securityContext) {
        Authentication authentication = securityContext.getAuthentication();
        if (authentication == null) {
            authentication = new AnonymousAuthenticationToken(UUID.randomUUID().toString(), Elements.ANONYMOUS, Collections.singletonList(new SimpleGrantedAuthority("ROLE_ANONYMOUS")));
        }
        return authentication;
    }
}
