package org.phenotips.data.permissions.rest.internal.utils;

import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.phenotips.data.permissions.AccessLevel;
import org.phenotips.data.permissions.EntityAccess;
import org.phenotips.data.permissions.EntityPermissionsManager;
import org.phenotips.entities.PrimaryEntity;
import org.phenotips.entities.PrimaryEntityManager;
import org.phenotips.entities.PrimaryEntityResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.users.User;
import org.xwiki.users.UserManager;

/* loaded from: input_file:WEB-INF/lib/entity-access-rules-rest-1.4-rc-3.jar:org/phenotips/data/permissions/rest/internal/utils/EntityAccessContext.class */
public class EntityAccessContext {
    private Logger logger = LoggerFactory.getLogger((Class<?>) EntityAccessContext.class);
    private PrimaryEntity entity;
    private User currentUser;
    private EntityAccess entityAccess;
    private EntityPermissionsManager manager;
    private DocumentReferenceResolver<String> userOrGroupResolver;

    /* JADX WARN: Type inference failed for: r1v5, types: [org.phenotips.entities.PrimaryEntity] */
    public EntityAccessContext(String str, String str2, AccessLevel accessLevel, PrimaryEntityResolver primaryEntityResolver, UserManager userManager, EntityPermissionsManager entityPermissionsManager, DocumentReferenceResolver<String> documentReferenceResolver) throws WebApplicationException {
        this.manager = entityPermissionsManager;
        PrimaryEntityManager<?> entityManager = primaryEntityResolver.getEntityManager(str2);
        if (entityManager == null) {
            this.logger.debug("No such entity type: [{}]", str2);
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        this.entity = entityManager.get(str);
        if (this.entity == null) {
            this.logger.debug("No such entity record: [{}]", str);
            throw new WebApplicationException(Response.Status.NOT_FOUND);
        }
        this.userOrGroupResolver = documentReferenceResolver;
        this.entityAccess = this.manager.getEntityAccess(this.entity);
        initializeUser(accessLevel, userManager, this.logger);
    }

    private void initializeUser(AccessLevel accessLevel, UserManager userManager, Logger logger) {
        this.currentUser = userManager.getCurrentUser();
        if (this.entityAccess.hasAccessLevel(this.currentUser == null ? null : this.currentUser.getProfileDocument(), accessLevel)) {
            return;
        }
        logger.debug("{} access denied to user [{}] on entity record [{}]", accessLevel.getName(), this.currentUser, this.entity.getId());
        throw new WebApplicationException(Response.Status.FORBIDDEN);
    }

    public PrimaryEntity getEntity() {
        return this.entity;
    }

    public User getCurrentUser() {
        return this.currentUser;
    }

    public EntityAccess getEntityAccess() {
        return this.entityAccess;
    }

    public void checkCollaboratorInfo(String str, String str2) throws WebApplicationException {
        if (StringUtils.isBlank(str)) {
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("The collaborator id was not provided").build());
        }
        if (this.userOrGroupResolver.resolve(str, new Object[0]) == null) {
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Unknown collaborator: " + str).build());
        }
        if (StringUtils.isBlank(str2)) {
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("The collaborator's access level was not provided").build());
        }
        if (this.manager.resolveAccessLevel(str2) == null) {
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Invalid access level requested: " + str2).build());
        }
    }
}
