package org.gcube.informationsystem.resourceregistry.contexts.security;

import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.ORule;
import java.util.UUID;
import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
import org.gcube.informationsystem.resourceregistry.contexts.security.SecurityContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/gcube/informationsystem/resourceregistry/contexts/security/ShadowContextSecurityContext.class */
public class ShadowContextSecurityContext extends SecurityContext {
    private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
    private static final String SHADOW_CONTEXT_SECURITY_CONTEXT = "cccccccc-cccc-cccc-cccc-cccccccccccc";
    private static final UUID SHADOW_CONTEXT_SECURITY_CONTEXT_UUID = UUID.fromString(SHADOW_CONTEXT_SECURITY_CONTEXT);
    private static ShadowContextSecurityContext instance;

    public static ShadowContextSecurityContext getInstance() throws ResourceRegistryException {
        if (instance == null) {
            instance = new ShadowContextSecurityContext();
            ContextUtility.getInstance().addSecurityContext(SHADOW_CONTEXT_SECURITY_CONTEXT, instance);
        }
        return instance;
    }

    private ShadowContextSecurityContext() throws ResourceRegistryException {
        super(SHADOW_CONTEXT_SECURITY_CONTEXT_UUID, false);
    }

    @Override // org.gcube.informationsystem.resourceregistry.contexts.security.SecurityContext
    protected boolean isHierarchicalMode() {
        return false;
    }

    @Override // org.gcube.informationsystem.resourceregistry.contexts.security.SecurityContext
    protected ORole addExtraRules(ORole oRole, SecurityContext.PermissionMode permissionMode) {
        logger.trace("Adding extra rules for {}", oRole.getName());
        switch (permissionMode) {
            case WRITER:
                oRole.addRule(ORule.ResourceGeneric.CLUSTER, (String) null, ORole.PERMISSION_ALL);
                oRole.addRule(ORule.ResourceGeneric.SYSTEM_CLUSTERS, (String) null, ORole.PERMISSION_ALL);
                oRole.addRule(ORule.ResourceGeneric.CLASS, (String) null, ORole.PERMISSION_ALL);
                break;
            case READER:
                oRole.addRule(ORule.ResourceGeneric.CLUSTER, (String) null, ORole.PERMISSION_READ);
                oRole.addRule(ORule.ResourceGeneric.SYSTEM_CLUSTERS, (String) null, ORole.PERMISSION_READ);
                oRole.addRule(ORule.ResourceGeneric.CLASS, (String) null, ORole.PERMISSION_READ);
                break;
        }
        return oRole;
    }
}
