package org.thingsboard.server.service.security.permission;

import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.EntityId;
import org.thingsboard.server.common.data.id.UserId;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.permission.PermissionChecker;

@Component("sysAdminPermissions")
/* loaded from: input_file:org/thingsboard/server/service/security/permission/SysAdminPermissions.class */
public class SysAdminPermissions extends AbstractPermissions {
    private static final PermissionChecker systemEntityPermissionChecker = new PermissionChecker() { // from class: org.thingsboard.server.service.security.permission.SysAdminPermissions.1
        @Override // org.thingsboard.server.service.security.permission.PermissionChecker
        public boolean hasPermission(SecurityUser securityUser, Operation operation, EntityId entityId, HasTenantId hasTenantId) {
            return hasTenantId.getTenantId() == null || hasTenantId.getTenantId().isNullUid();
        }
    };
    private static final PermissionChecker userPermissionChecker = new PermissionChecker<UserId, User>() { // from class: org.thingsboard.server.service.security.permission.SysAdminPermissions.2
        @Override // org.thingsboard.server.service.security.permission.PermissionChecker
        public boolean hasPermission(SecurityUser securityUser, Operation operation, UserId userId, User user) {
            return !Authority.CUSTOMER_USER.equals(user.getAuthority());
        }
    };

    public SysAdminPermissions() {
        put(Resource.ADMIN_SETTINGS, PermissionChecker.allowAllPermissionChecker);
        put(Resource.DASHBOARD, new PermissionChecker.GenericPermissionChecker(Operation.READ));
        put(Resource.TENANT, PermissionChecker.allowAllPermissionChecker);
        put(Resource.RULE_CHAIN, systemEntityPermissionChecker);
        put(Resource.USER, userPermissionChecker);
        put(Resource.WIDGETS_BUNDLE, systemEntityPermissionChecker);
        put(Resource.WIDGET_TYPE, systemEntityPermissionChecker);
        put(Resource.OAUTH2_CLIENT, systemEntityPermissionChecker);
        put(Resource.MOBILE_APP, systemEntityPermissionChecker);
        put(Resource.MOBILE_APP_BUNDLE, systemEntityPermissionChecker);
        put(Resource.DOMAIN, PermissionChecker.allowAllPermissionChecker);
        put(Resource.OAUTH2_CONFIGURATION_TEMPLATE, PermissionChecker.allowAllPermissionChecker);
        put(Resource.TENANT_PROFILE, PermissionChecker.allowAllPermissionChecker);
        put(Resource.TB_RESOURCE, systemEntityPermissionChecker);
        put(Resource.QUEUE, systemEntityPermissionChecker);
        put(Resource.NOTIFICATION, systemEntityPermissionChecker);
        put(Resource.MOBILE_APP_SETTINGS, PermissionChecker.allowAllPermissionChecker);
    }
}
