package org.jsecurity.authz.aop;

import java.lang.annotation.Annotation;
import java.util.Set;
import org.jsecurity.authz.AuthorizationException;
import org.jsecurity.authz.UnauthorizedException;
import org.jsecurity.authz.annotation.RequiresPermissions;
import org.jsecurity.subject.Subject;
import org.jsecurity.util.PermissionUtils;

/* loaded from: input_file:shindig/shindig-server-1.1-BETA1-incubating.war:WEB-INF/lib/jsecurity-0.9.0.jar:org/jsecurity/authz/aop/PermissionAnnotationHandler.class */
public class PermissionAnnotationHandler extends AuthorizingAnnotationHandler {
    public PermissionAnnotationHandler() {
        super(RequiresPermissions.class);
    }

    protected String getAnnotationValue(Annotation annotation) {
        return ((RequiresPermissions) annotation).value();
    }

    @Override // org.jsecurity.authz.aop.AuthorizingAnnotationHandler
    public void assertAuthorized(Annotation annotation) throws AuthorizationException {
        if (annotation instanceof RequiresPermissions) {
            String annotationValue = getAnnotationValue(annotation);
            Set<String> permissionStrings = PermissionUtils.toPermissionStrings(annotationValue);
            Subject subject = getSubject();
            if (permissionStrings.size() == 1) {
                if (!subject.isPermitted(permissionStrings.iterator().next())) {
                    throw new UnauthorizedException("Calling Subject does not have required permission [" + annotationValue + "].  Method invocation denied.");
                }
            } else if (!subject.isPermittedAll((String[]) permissionStrings.toArray(new String[permissionStrings.size()]))) {
                throw new UnauthorizedException("Calling Subject does not have required permissions [" + annotationValue + "].  Method invocation denied.");
            }
        }
    }
}
