package ovise.handling.security.access;

import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Principal;
import ovise.contract.Contract;
import ovise.technology.environment.SystemCore;

/* loaded from: input_file:ovise/handling/security/access/AccessController.class */
public abstract class AccessController {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ovise/handling/security/access/AccessController$Instance.class */
    public static final class Instance {
        static AccessController instance;

        static {
            SystemCore instance2 = SystemCore.instance();
            instance2.getLogBook().write(SystemCore.SYS_LOG, "AccessController starting...");
            String name = AccessController.class.getName();
            if (instance2.hasProperty(name)) {
                Object property = instance2.getProperty(name);
                try {
                    instance = (AccessController) Class.forName(property.toString()).newInstance();
                } catch (Exception e) {
                    instance2.getLogBook().write(SystemCore.ERR_LOG, "AccessController starting failed: Mapping '" + property + "' for key '" + name + "' invalid.");
                    Contract.notify(e, "AccessController (" + name + "=" + property + ") kann nicht geladen oder instanziiert werden.");
                }
            } else {
                instance = new DefaultServerAccessController();
            }
            instance2.getLogBook().write(SystemCore.SYS_LOG, "AccessController started: '" + instance.getClass().getName() + "'.");
        }

        private Instance() {
        }
    }

    public static AccessController instance() {
        return Instance.instance;
    }

    public void grantAccess(Principal principal, Permission permission) throws AccessDeniedException {
        if (!checkAccess(principal, permission)) {
            throw new AccessDeniedException("Zugriff verweigert: Zugriffsberechtigung \"" + permission + "\" erforderlich");
        }
    }

    public boolean checkAccess(Principal principal, Permission permission) {
        Contract.checkNotNull(principal);
        Contract.checkNotNull(permission);
        boolean z = false;
        PermissionCollection permissions = getPermissions(principal);
        if (permissions != null) {
            z = permissions.implies(permission);
        }
        return z;
    }

    public PermissionCollection getPermissions(Principal principal) {
        Contract.checkNotNull(principal);
        return doGetPermissions(principal);
    }

    public void removePermissions(Principal principal) {
        Contract.checkNotNull(principal);
        doRemovePermissions(principal);
    }

    protected abstract PermissionCollection doGetPermissions(Principal principal);

    protected abstract void doRemovePermissions(Principal principal);
}
