package com.liferay.portal.service.permission;

import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Group;
import com.liferay.portal.kernel.model.Organization;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.permission.BaseModelPermissionChecker;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.service.OrganizationLocalServiceUtil;
import com.liferay.portal.kernel.service.UserGroupRoleLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.service.permission.OrganizationPermissionUtil;
import com.liferay.portal.kernel.service.permission.UserPermission;
import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
import com.liferay.portal.kernel.util.PortalUtil;
import java.util.List;
import org.apache.portals.bridges.struts.StrutsPortlet;

@OSGiBeanProperties(property = {"model.class.name=com.liferay.portal.kernel.model.User"})
/* loaded from: input_file:com/liferay/portal/service/permission/UserPermissionImpl.class */
public class UserPermissionImpl implements BaseModelPermissionChecker, UserPermission {
    private static final Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);

    public void check(PermissionChecker permissionChecker, long j, long[] jArr, String str) throws PrincipalException {
        if (!contains(permissionChecker, j, jArr, str)) {
            throw new PrincipalException.MustHavePermission(permissionChecker, User.class.getName(), j, new String[]{str});
        }
    }

    public void check(PermissionChecker permissionChecker, long j, String str) throws PrincipalException {
        if (!contains(permissionChecker, j, str)) {
            throw new PrincipalException.MustHavePermission(permissionChecker, User.class.getName(), j, new String[]{str});
        }
    }

    public void checkBaseModel(PermissionChecker permissionChecker, long j, long j2, String str) throws PortalException {
        List userOrganizations = OrganizationLocalServiceUtil.getUserOrganizations(j2);
        long[] jArr = new long[userOrganizations.size()];
        for (int i = 0; i < userOrganizations.size(); i++) {
            jArr[i] = ((Organization) userOrganizations.get(i)).getOrganizationId();
        }
        check(permissionChecker, j2, jArr, str);
    }

    public boolean contains(PermissionChecker permissionChecker, long j, long[] jArr, String str) {
        User user = null;
        try {
            if (j != -1) {
                user = UserLocalServiceUtil.getUserById(j);
                if (!str.equals(StrutsPortlet.VIEW_REQUEST) && !permissionChecker.isOmniadmin()) {
                    if (PortalUtil.isOmniadmin(user)) {
                        return false;
                    }
                    if (!permissionChecker.isCompanyAdmin() && PortalUtil.isCompanyAdmin(user)) {
                        return false;
                    }
                }
                if (permissionChecker.hasOwnerPermission(permissionChecker.getCompanyId(), User.class.getName(), j, user.getContact().getUserId(), str)) {
                    return true;
                }
                if ((permissionChecker.getUserId() == j && !str.equals("PERMISSIONS")) || permissionChecker.hasPermission((Group) null, User.class.getName(), j, str)) {
                    return true;
                }
            } else if (permissionChecker.hasPermission((Group) null, User.class.getName(), User.class.getName(), str)) {
                return true;
            }
            if (user == null) {
                return false;
            }
            if (jArr == null) {
                jArr = user.getOrganizationIds();
            }
            for (long j2 : jArr) {
                Organization organization = OrganizationLocalServiceUtil.getOrganization(j2);
                if (OrganizationPermissionUtil.contains(permissionChecker, organization, "MANAGE_USERS")) {
                    if (permissionChecker.getUserId() == user.getUserId()) {
                        return true;
                    }
                    for (Organization organization2 = organization; organization2 != null; organization2 = organization2.getParentOrganization()) {
                        if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(permissionChecker.getUserId(), organization2.getGroupId(), "Organization Owner", true)) {
                            return true;
                        }
                        if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(permissionChecker.getUserId(), organization2.getGroupId(), "Organization Administrator", true) && !UserGroupRoleLocalServiceUtil.hasUserGroupRole(user.getUserId(), organization.getGroupId(), "Organization Administrator", true) && !UserGroupRoleLocalServiceUtil.hasUserGroupRole(user.getUserId(), organization.getGroupId(), "Organization Owner", true)) {
                            return true;
                        }
                    }
                }
            }
            return false;
        } catch (Exception e) {
            _log.error(e, e);
            return false;
        }
    }

    public boolean contains(PermissionChecker permissionChecker, long j, String str) {
        return contains(permissionChecker, j, null, str);
    }
}
