package org.ow2.play.commons.accesscontrol;

import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import eu.play_project.play_commons.constants.Namespace;
import java.io.IOException;
import org.ontoware.rdf2go.exception.ModelRuntimeException;
import org.ontoware.rdf2go.impl.jena.ModelImplJena;
import org.ontoware.rdf2go.model.Model;
import org.ontoware.rdf2go.model.Syntax;
import org.ow2.play.commons.accesscontrol.api.Access;
import org.ow2.play.commons.accesscontrol.api.AccessManagementException;
import org.ow2.play.commons.accesscontrol.api.Permission;

/* loaded from: input_file:org/ow2/play/commons/accesscontrol/AccessImpl.class */
public class AccessImpl implements Access {
    private static String PREFIXES;
    private Model permissions;

    static {
        PREFIXES = "";
        for (Namespace namespace : new Namespace[]{Namespace.RDF, Namespace.FOAF, Namespace.SIOC, Namespace.STREAMS, Namespace.GROUP, Namespace.PERMISSION, Namespace.ACL}) {
            PREFIXES = String.valueOf(PREFIXES) + String.format("prefix %s: <%s> \n", namespace.getPrefix(), namespace.getUri());
        }
    }

    public AccessImpl() throws AccessManagementException {
        flushPermissions();
    }

    public AccessImpl(Model model) throws AccessManagementException {
        flushPermissions(model);
    }

    @Override // org.ow2.play.commons.accesscontrol.api.Access
    public boolean check(String str, String str2, Permission permission) {
        return checkViaGroupMembership(str, str2, permission) || checkDirectPermission(str, str2, permission) || checkViaAgentClass(str, str2, permission);
    }

    public boolean checkViaGroupMembership(String str, String str2, Permission permission) {
        return this.permissions.sparqlAsk(String.valueOf(PREFIXES) + String.format("ASK WHERE {<%1$s> sioc:member_of ?group . [ acl:agent ?group ; acl:accessTo <%2$s> ; acl:mode <%3$s> ]}", str, str2, permission.toString()));
    }

    public boolean checkDirectPermission(String str, String str2, Permission permission) {
        return this.permissions.sparqlAsk(String.valueOf(PREFIXES) + String.format("ASK WHERE {[ acl:agent <%1$s> ; acl:accessTo <%2$s> ; acl:mode <%3$s> ]}", str, str2, permission.toString()));
    }

    public boolean checkViaAgentClass(String str, String str2, Permission permission) {
        return this.permissions.sparqlAsk(String.valueOf(PREFIXES) + String.format("ASK WHERE {<%1$s> rdf:type ?class . [ acl:accessTo <%2$s> ; acl:mode <%3$s> ; acl:agentClass ?class ]}", str, str2, permission.toString()));
    }

    @Override // org.ow2.play.commons.accesscontrol.api.Access
    public void flushPermissions() throws AccessManagementException {
        ModelImplJena modelImplJena = new ModelImplJena(ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM_RULE_INF));
        modelImplJena.open();
        flushPermissions(modelImplJena);
    }

    private void flushPermissions(Model model) throws AccessManagementException {
        if (this.permissions != null) {
            this.permissions.close();
        }
        this.permissions = model;
        try {
            this.permissions.readFrom(getClass().getClassLoader().getResourceAsStream("vocabularies/foaf.rdf"), Syntax.RdfXml);
            this.permissions.readFrom(getClass().getClassLoader().getResourceAsStream("vocabularies/sioc.rdf"), Syntax.RdfXml);
            this.permissions.readFrom(getClass().getClassLoader().getResourceAsStream("vocabularies/acl.rdf"), Syntax.RdfXml);
            this.permissions.readFrom(getClass().getClassLoader().getResourceAsStream("permissions.ttl"), Syntax.Turtle);
        } catch (ModelRuntimeException e) {
            throw new AccessManagementException("Error while parsing permission information from storage.", e);
        } catch (IOException e2) {
            throw new AccessManagementException("IO error while fetching permission information from storage.", e2);
        }
    }
}
