package org.phenotips.data.internal;

import java.util.Iterator;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.phenotips.data.Patient;
import org.phenotips.data.PatientRepository;
import org.phenotips.security.authorization.AuthorizationService;
import org.slf4j.Logger;
import org.xwiki.bridge.DocumentModelBridge;
import org.xwiki.component.annotation.Component;
import org.xwiki.model.EntityType;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.model.reference.EntityReferenceResolver;
import org.xwiki.model.reference.EntityReferenceSerializer;
import org.xwiki.security.authorization.Right;
import org.xwiki.users.User;
import org.xwiki.users.UserManager;

@Singleton
@Component(roles = {PatientRepository.class})
@Named("secure")
/* loaded from: input_file:org/phenotips/data/internal/SecurePatientRepository.class */
public class SecurePatientRepository implements PatientRepository {

    @Inject
    private Logger logger;

    @Inject
    private AuthorizationService access;

    @Inject
    private UserManager userManager;

    @Inject
    private PatientRepository internalService;

    @Inject
    @Named("current")
    private EntityReferenceResolver<EntityReference> currentResolver;

    @Inject
    private EntityReferenceSerializer<String> serializer;

    public EntityReference getDataSpace() {
        return this.internalService.getDataSpace();
    }

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public Patient m14create() {
        return create(this.userManager.getCurrentUser());
    }

    public synchronized Patient createNewPatient() {
        return m14create();
    }

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public Patient m13create(DocumentReference documentReference) {
        return create(this.userManager.getUser((String) this.serializer.serialize(documentReference, new Object[0])));
    }

    private Patient create(User user) {
        if (this.access.hasAccess(user, Right.EDIT, this.currentResolver.resolve(Patient.DEFAULT_DATA_SPACE, EntityType.SPACE, new Object[0]))) {
            return this.internalService.create(user.getProfileDocument());
        }
        throw new SecurityException("User not authorized to create new patients");
    }

    public Patient createNewPatient(DocumentReference documentReference) {
        return m13create(documentReference);
    }

    /* renamed from: get, reason: merged with bridge method [inline-methods] */
    public Patient m12get(String str) {
        return checkAccess((Patient) this.internalService.get(str), this.userManager.getCurrentUser());
    }

    public Patient getPatientById(String str) {
        return m12get(str);
    }

    /* renamed from: get, reason: merged with bridge method [inline-methods] */
    public Patient m11get(DocumentReference documentReference) {
        return checkAccess((Patient) this.internalService.get(documentReference), this.userManager.getCurrentUser());
    }

    /* renamed from: getByName, reason: merged with bridge method [inline-methods] */
    public Patient m10getByName(String str) {
        return checkAccess((Patient) this.internalService.getByName(str), this.userManager.getCurrentUser());
    }

    public Patient getPatientByExternalId(String str) {
        return m10getByName(str);
    }

    public Iterator<Patient> getAll() {
        return new SecurePatientIterator(this.internalService.getAll(), this.access, this.userManager.getCurrentUser());
    }

    public boolean delete(Patient patient) {
        if (checkAccess(Right.DELETE, patient, this.userManager.getCurrentUser()) == null) {
            return false;
        }
        this.internalService.delete(patient);
        return false;
    }

    /* renamed from: load, reason: merged with bridge method [inline-methods] */
    public Patient m9load(DocumentModelBridge documentModelBridge) throws IllegalArgumentException {
        return this.internalService.load(documentModelBridge);
    }

    public Patient loadPatientFromDocument(DocumentModelBridge documentModelBridge) {
        return m9load(documentModelBridge);
    }

    private Patient checkAccess(Patient patient, User user) {
        return checkAccess(Right.VIEW, patient, user);
    }

    private Patient checkAccess(Right right, Patient patient, User user) {
        if (patient != null && this.access.hasAccess(user, right, patient.getDocument())) {
            return patient;
        }
        if (patient == null) {
            return null;
        }
        this.logger.warn("Illegal access requested for patient [{}] by user [{}]", patient.getId(), user);
        throw new SecurityException("Unauthorized access");
    }
}
