package com.dc.base.security;

import java.util.Collection;
import java.util.Iterator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.User;

/* loaded from: classes.dex */
public class PermissionAccessDecisionVoter implements AccessDecisionVoter<Object> {
    private static final Log logger = LogFactory.getLog(PermissionAccessDecisionVoter.class);

    public boolean supports(Class<?> cls) {
        return true;
    }

    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    public int vote(Authentication authentication, Object obj, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
        String username;
        if (logger.isDebugEnabled()) {
            logger.debug("vote(Authentication, Object, Collection<ConfigAttribute>) - start");
        }
        if (collection == null) {
            if (logger.isDebugEnabled()) {
                logger.debug("vote(Authentication, Object, Collection<ConfigAttribute>) - end");
            }
            return 1;
        }
        if (authentication.getPrincipal() instanceof DcUser) {
            DcUser dcUser = (DcUser) authentication.getPrincipal();
            username = dcUser.getUsername() + "(" + dcUser.getName() + ")";
            if (dcUser.getId().equals(SecurityConsts.EMPLOPYEE_ID)) {
                return 1;
            }
        } else {
            username = authentication.getPrincipal() instanceof User ? ((User) authentication.getPrincipal()).getUsername() : "" + authentication.getPrincipal();
        }
        logger.debug(username + "正在访问安全资源url：" + obj.toString());
        if (authentication.getPrincipal() instanceof DcUser) {
            DcUser dcUser2 = (DcUser) authentication.getPrincipal();
            Iterator<ConfigAttribute> it = collection.iterator();
            while (it.hasNext()) {
                SecurityConfig securityConfig = (ConfigAttribute) it.next();
                logger.debug("需要拥有的权限编码是：" + securityConfig.getAttribute());
                if (dcUser2.hasPermission(securityConfig.getAttribute())) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("权限编码匹配成功!投通过投票!");
                        logger.debug("vote(Authentication, Object, Collection<ConfigAttribute>) - ACCESS_GRANTED end");
                    }
                    return 1;
                }
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("当前人员不具有所需的权限编码!投反对票!");
            logger.debug("vote(Authentication, Object, Collection<ConfigAttribute>) - ACCESS_DENIED end");
        }
        logger.info(username + "试图访问未被授权的安全资源url：" + obj.toString() + ", 已被服务器拦截!!");
        return -1;
    }
}
