package org.mycore.frontend.classeditor.access;

import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Response;
import org.apache.log4j.Logger;
import org.mycore.access.MCRAccessManager;
import org.mycore.datamodel.classifications2.MCRCategoryID;
import org.mycore.frontend.classeditor.utils.MCRCategUtils;
import org.mycore.frontend.jersey.filter.access.MCRResourceAccessChecker;

/* loaded from: input_file:org/mycore/frontend/classeditor/access/MCRClassificationWritePermission.class */
public class MCRClassificationWritePermission implements MCRResourceAccessChecker {
    public static final String PERMISSION_CREATE = "create-class";
    private static Logger LOGGER = Logger.getLogger(MCRClassificationWritePermission.class);

    public boolean isPermitted(ContainerRequestContext containerRequestContext) {
        String convertStreamToString = convertStreamToString(containerRequestContext.getEntityStream());
        try {
            HashMap<MCRCategoryID, String> categoryIDMap = MCRCategUtils.getCategoryIDMap(convertStreamToString);
            if (categoryIDMap == null) {
                LOGGER.error("Could not parse " + convertStreamToString);
                return false;
            }
            for (Map.Entry<MCRCategoryID, String> entry : categoryIDMap.entrySet()) {
                MCRCategoryID key = entry.getKey();
                if (!hasPermission(key, entry.getValue())) {
                    LOGGER.info("Permission " + key.getRootID() + " denied on classification " + key);
                    return false;
                }
            }
            return true;
        } catch (Exception e) {
            throw new WebApplicationException(e, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Unable to check permission for request " + containerRequestContext.getUriInfo().getRequestUri() + " containing entity value " + convertStreamToString).build());
        }
    }

    private boolean hasPermission(MCRCategoryID mCRCategoryID, String str) {
        return str.equals("new") ? MCRAccessManager.checkPermission(PERMISSION_CREATE) : MCRAccessManager.checkPermission(mCRCategoryID.getRootID(), "writedb");
    }
}
