package org.forgerock.openam.rest.authz;

import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.delegation.DelegationEvaluator;
import com.sun.identity.delegation.DelegationPermissionFactory;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import org.forgerock.authz.filter.api.AuthorizationResult;
import org.forgerock.authz.filter.crest.api.CrestAuthorizationModule;
import org.forgerock.json.resource.ActionRequest;
import org.forgerock.json.resource.CreateRequest;
import org.forgerock.json.resource.DeleteRequest;
import org.forgerock.json.resource.InternalServerErrorException;
import org.forgerock.json.resource.PatchRequest;
import org.forgerock.json.resource.QueryRequest;
import org.forgerock.json.resource.ReadRequest;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.json.resource.UpdateRequest;
import org.forgerock.openam.authz.PrivilegeAuthzModule;
import org.forgerock.openam.authz.PrivilegeDefinition;
import org.forgerock.openam.core.CoreWrapper;
import org.forgerock.services.context.Context;
import org.forgerock.util.promise.Promise;
import org.forgerock.util.promise.Promises;

/* loaded from: input_file:org/forgerock/openam/rest/authz/CrestPrivilegeAuthzModule.class */
public class CrestPrivilegeAuthzModule extends PrivilegeAuthzModule implements CrestAuthorizationModule {
    @Inject
    public CrestPrivilegeAuthzModule(DelegationEvaluator delegationEvaluator, @Named("CrestPrivilegeDefinitions") Map<String, PrivilegeDefinition> map, DelegationPermissionFactory delegationPermissionFactory, CoreWrapper coreWrapper, SSOTokenManager sSOTokenManager) {
        super(delegationEvaluator, map, delegationPermissionFactory, coreWrapper, sSOTokenManager);
    }

    public String getName() {
        return PrivilegeAuthzModule.NAME;
    }

    public Promise<AuthorizationResult, ResourceException> authorizeRead(Context context, ReadRequest readRequest) {
        return evaluateAsPromise(context, READ);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeQuery(Context context, QueryRequest queryRequest) {
        return evaluateAsPromise(context, READ);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeCreate(Context context, CreateRequest createRequest) {
        return evaluateAsPromise(context, MODIFY);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeUpdate(Context context, UpdateRequest updateRequest) {
        return evaluateAsPromise(context, MODIFY);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeDelete(Context context, DeleteRequest deleteRequest) {
        return evaluateAsPromise(context, MODIFY);
    }

    public Promise<AuthorizationResult, ResourceException> authorizePatch(Context context, PatchRequest patchRequest) {
        return evaluateAsPromise(context, MODIFY);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeAction(Context context, ActionRequest actionRequest) {
        String action = actionRequest.getAction();
        PrivilegeDefinition privilegeDefinition = this.actionToDefinition.get(action);
        return privilegeDefinition == null ? Promises.newResultPromise(AuthorizationResult.accessDenied("No privilege mapping for requested action " + action)) : evaluateAsPromise(context, privilegeDefinition);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Promise<AuthorizationResult, ResourceException> evaluateAsPromise(Context context, PrivilegeDefinition privilegeDefinition) {
        try {
            return Promises.newResultPromise(evaluate(context, privilegeDefinition));
        } catch (InternalServerErrorException e) {
            return e.asPromise();
        }
    }
}
