package com.cloud.tmc.kernel.security.g;

import com.cloud.tmc.kernel.log.TmcLogger;
import com.cloud.tmc.kernel.security.b;
import com.cloud.tmc.kernel.security.c;
import com.cloud.tmc.kernel.security.d;
import com.cloud.tmc.kernel.security.e;
import com.cloud.tmc.kernel.security.f;
import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes2.dex */
public class a implements b {
    private com.cloud.tmc.kernel.security.a a;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.cloud.tmc.kernel.security.g.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public class C0125a implements c.a {
        C0125a(a aVar, b.a aVar2) {
        }
    }

    private void c(c cVar, List<f> list, b.a aVar) {
        cVar.inquiry(list, new C0125a(this, aVar));
    }

    private boolean d(f fVar, d dVar) throws AccessControlException {
        List<? extends f> permissions = dVar.permissions();
        if (permissions == null) {
            return false;
        }
        Iterator<? extends f> it = permissions.iterator();
        while (it.hasNext()) {
            if (it.next().authority().equalsIgnoreCase(fVar.authority())) {
                return true;
            }
        }
        return false;
    }

    @Override // com.cloud.tmc.kernel.security.b
    public void a(com.cloud.tmc.kernel.security.a aVar) {
        this.a = aVar;
    }

    @Override // com.cloud.tmc.kernel.security.b
    public boolean b(c cVar, List<? extends e> list, b.a aVar) throws AccessControlException {
        d group = cVar.getGroup();
        com.cloud.tmc.kernel.security.a aVar2 = this.a;
        if (aVar2 != null && !aVar2.needPermissionCheck(cVar, list)) {
            TmcLogger.c("TmcKernel:Permission", "not need check permission");
            return false;
        }
        ArrayList arrayList = new ArrayList();
        for (e eVar : list) {
            f permit = eVar.permit();
            if (permit != null) {
                if (group == null) {
                    throw new AccessControlException("the " + cVar + " not in any group.");
                }
                if (d(permit, group)) {
                    TmcLogger.c("TmcKernel:Permission", "access" + cVar.hashCode() + " has group permission [" + permit.authority() + "] ,group is [" + group.groupName() + "]");
                } else if (this.a.c(permit, cVar)) {
                    TmcLogger.c("TmcKernel:Permission", "access" + cVar.hashCode() + " has single permission [" + permit.authority() + "]");
                    if (this.a.b(permit, cVar)) {
                        arrayList.add(permit);
                    }
                } else {
                    com.cloud.tmc.kernel.security.a aVar3 = this.a;
                    if (aVar3 == null || !aVar3.a(permit, cVar)) {
                        TmcLogger.c("TmcKernel:Permission", "access" + cVar.hashCode() + " no permission:" + permit.authority() + " when access " + eVar);
                        throw new AccessControlException(cVar + " no permission:" + permit.authority() + " when access " + eVar);
                    }
                    TmcLogger.c("TmcKernel:Permission", "access" + cVar.hashCode() + " has custom permission [" + permit.authority() + "]");
                }
            }
        }
        if (arrayList.isEmpty()) {
            return false;
        }
        c(cVar, arrayList, aVar);
        return true;
    }
}
