package ch.systemsx.cisd.openbis.generic.shared.authorization.predicate;

import ch.systemsx.cisd.common.exceptions.Status;
import ch.systemsx.cisd.openbis.generic.shared.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
import ch.systemsx.cisd.openbis.generic.shared.dto.DatabaseInstancePE;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.DatabaseInstanceIdentifier;
import java.util.List;

/* loaded from: input_file:lib/dss_client.jar:ch/systemsx/cisd/openbis/generic/shared/authorization/predicate/DatabaseInstanceIdentifierPredicate.class */
public final class DatabaseInstanceIdentifierPredicate extends AbstractDatabaseInstancePredicate<DatabaseInstanceIdentifier> {
    private final boolean isReadAccess;
    static final /* synthetic */ boolean $assertionsDisabled;

    static {
        $assertionsDisabled = !DatabaseInstanceIdentifierPredicate.class.desiredAssertionStatus();
    }

    public DatabaseInstanceIdentifierPredicate(boolean z) {
        this.isReadAccess = z;
    }

    private static final boolean isMatching(List<RoleWithIdentifier> list, String str, boolean z) {
        for (RoleWithIdentifier roleWithIdentifier : list) {
            RoleWithHierarchy.RoleLevel roleLevel = roleWithIdentifier.getRoleLevel();
            if (roleLevel.equals(RoleWithHierarchy.RoleLevel.INSTANCE) && roleWithIdentifier.getAssignedDatabaseInstance().getUuid().equals(str)) {
                return true;
            }
            if (roleLevel.equals(RoleWithHierarchy.RoleLevel.SPACE) && roleWithIdentifier.getAssignedSpace().getDatabaseInstance().getUuid().equals(str) && z) {
                return true;
            }
        }
        return false;
    }

    @Override // ch.systemsx.cisd.openbis.generic.shared.authorization.predicate.AbstractPredicate
    public final String getCandidateDescription() {
        return "database instance identifier";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final Status doEvaluation(PersonPE personPE, List<RoleWithIdentifier> list, DatabaseInstanceIdentifier databaseInstanceIdentifier) {
        if (!$assertionsDisabled && !this.initialized) {
            throw new AssertionError("Predicate has not been initialized");
        }
        DatabaseInstancePE databaseInstance = getDatabaseInstance(databaseInstanceIdentifier);
        return isMatching(list, databaseInstance.getUuid(), this.isReadAccess) ? Status.OK : Status.createError(createErrorMsg(databaseInstance, personPE.getUserId()));
    }

    private String createErrorMsg(DatabaseInstancePE databaseInstancePE, String str) {
        return String.format("User '%s' does not have enough privileges to %s database instance '%s'.", str, this.isReadAccess ? "read from" : "modify", databaseInstancePE.getCode());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ch.systemsx.cisd.openbis.generic.shared.authorization.predicate.AbstractPredicate
    public /* bridge */ /* synthetic */ Status doEvaluation(PersonPE personPE, List list, Object obj) {
        return doEvaluation(personPE, (List<RoleWithIdentifier>) list, (DatabaseInstanceIdentifier) obj);
    }
}
