package org.phenotips.data.permissions.internal;

import javax.inject.Inject;
import org.apache.commons.lang3.ObjectUtils;
import org.phenotips.data.permissions.Visibility;
import org.phenotips.entities.PrimaryEntity;
import org.phenotips.entities.PrimaryEntityResolver;
import org.phenotips.security.authorization.AuthorizationModule;
import org.xwiki.model.EntityType;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.security.authorization.Right;
import org.xwiki.users.User;

/* loaded from: input_file:WEB-INF/lib/patient-access-rules-api-1.4-SNAPSHOT.jar:org/phenotips/data/permissions/internal/VisibilityAccessAuthorizationModule.class */
public class VisibilityAccessAuthorizationModule implements AuthorizationModule {

    @Inject
    private PrimaryEntityResolver resolver;

    @Inject
    private EntityVisibilityManager helper;

    @Override // org.phenotips.security.authorization.AuthorizationModule
    public int getPriority() {
        return 200;
    }

    @Override // org.phenotips.security.authorization.AuthorizationModule
    public Boolean hasAccess(User user, Right right, EntityReference entityReference) {
        PrimaryEntity resolveEntity;
        Visibility visibility;
        if (!ObjectUtils.allNotNull(right, entityReference) || right.getTargetedEntityType() == null || !right.getTargetedEntityType().contains(EntityType.DOCUMENT) || (resolveEntity = this.resolver.resolveEntity(entityReference.toString())) == null || (visibility = this.helper.getVisibility(resolveEntity)) == null) {
            return null;
        }
        Right grantedRight = visibility.getDefaultAccessLevel().getGrantedRight();
        if (user == null || user.getProfileDocument() == null) {
            return null;
        }
        return (grantedRight.equals(right) || (grantedRight.getImpliedRights() != null && grantedRight.getImpliedRights().contains(right))) ? true : null;
    }
}
