package org.phenotips.studies.family.internal;

import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.xpath.compiler.Keywords;
import org.phenotips.data.permissions.Owner;
import org.phenotips.security.authorization.AuthorizationModule;
import org.phenotips.security.authorization.AuthorizationService;
import org.phenotips.studies.family.Family;
import org.phenotips.studies.family.FamilyRepository;
import org.xwiki.bridge.DocumentAccessBridge;
import org.xwiki.component.annotation.Component;
import org.xwiki.model.EntityType;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.security.authorization.Right;
import org.xwiki.users.User;

@Singleton
@Component
@Named("family-owner-access")
/* loaded from: input_file:WEB-INF/lib/family-studies-api-1.5-SNAPSHOT.jar:org/phenotips/studies/family/internal/OwnerAccessAuthorizationModule.class */
public class OwnerAccessAuthorizationModule implements AuthorizationModule {

    @Inject
    private FamilyRepository familyRepository;

    @Inject
    private DocumentAccessBridge dab;

    @Inject
    @Named(Keywords.FUNC_CURRENT_STRING)
    private DocumentReferenceResolver<EntityReference> resolver;

    @Inject
    @Named(Keywords.FUNC_CURRENT_STRING)
    private DocumentReferenceResolver<String> strResolver;

    @Inject
    private AuthorizationService auth;

    @Override // org.phenotips.security.authorization.AuthorizationModule
    public int getPriority() {
        return 400;
    }

    @Override // org.phenotips.security.authorization.AuthorizationModule
    public Boolean hasAccess(User user, Right right, EntityReference entityReference) {
        Family family;
        if (!ObjectUtils.allNotNull(right, entityReference) || right.getTargetedEntityType() == null || !right.getTargetedEntityType().contains(EntityType.DOCUMENT) || (family = this.familyRepository.get(entityReference.toString())) == null) {
            return null;
        }
        String str = (String) this.dab.getProperty(family.getDocumentReference(), this.resolver.resolve(Owner.CLASS_REFERENCE, new Object[0]), "owner");
        DocumentReference resolve = this.strResolver.resolve(str, new Object[0]);
        if (isGuestOwner(str, user) || (user != null && resolve.equals(user.getProfileDocument()))) {
            return true;
        }
        return this.auth.hasAccess(user, Right.ADMIN, entityReference) ? true : null;
    }

    private boolean isGuestOwner(String str, User user) {
        return StringUtils.isEmpty(str) && (user == null || user.getProfileDocument() == null);
    }
}
