package org.jasig.portlet.announcements.service;

import javax.portlet.PortletRequest;
import org.jasig.portlet.announcements.UnauthorizedException;
import org.jasig.portlet.announcements.model.Topic;
import org.jasig.portlet.announcements.model.UserRoles;

/* loaded from: input_file:WEB-INF/classes/org/jasig/portlet/announcements/service/UserPermissionChecker.class */
public final class UserPermissionChecker implements UserRoles {
    public static final String GUEST_USERNAME = "guest";
    private final boolean admin;
    private final boolean moderator;
    private final boolean author;
    private final boolean audience;
    private final String userName;
    private final boolean guest;

    /* JADX INFO: Access modifiers changed from: package-private */
    public UserPermissionChecker(PortletRequest portletRequest, Topic topic) {
        this.guest = portletRequest.getRemoteUser() == null;
        this.userName = this.guest ? GUEST_USERNAME : portletRequest.getRemoteUser();
        if (portletRequest.isUserInRole(UserRoles.PORTAL_ADMIN_ROLE_NAME) || inRoleForTopic(portletRequest, UserRoles.ADMIN_ROLE_NAME, topic)) {
            this.author = true;
            this.moderator = true;
            this.admin = true;
        } else if (inRoleForTopic(portletRequest, UserRoles.MODERATOR_ROLE_NAME, topic)) {
            this.admin = false;
            this.author = true;
            this.moderator = true;
        } else if (inRoleForTopic(portletRequest, UserRoles.AUTHOR_ROLE_NAME, topic)) {
            this.moderator = false;
            this.admin = false;
            this.author = true;
        } else {
            this.author = false;
            this.moderator = false;
            this.admin = false;
        }
        this.audience = inRoleForTopic(portletRequest, UserRoles.AUDIENCE_ROLE_NAME, topic);
    }

    public static boolean inRoleForTopic(PortletRequest portletRequest, String str, Topic topic) {
        boolean z = portletRequest.getRemoteUser() == null;
        if (!z && isPortalAdmin(portletRequest)) {
            return true;
        }
        String remoteUser = z ? GUEST_USERNAME : portletRequest.getRemoteUser();
        for (String str2 : topic.getGroup(str)) {
            if (str2.startsWith("USER.")) {
                if (str2.split("\\.")[1].equalsIgnoreCase(remoteUser)) {
                    return true;
                }
            } else if (portletRequest.isUserInRole(str2)) {
                return true;
            }
        }
        return false;
    }

    public static boolean isPortalAdmin(PortletRequest portletRequest) {
        return portletRequest.isUserInRole(UserRoles.PORTAL_ADMIN_ROLE_NAME);
    }

    public boolean isGuest() {
        return this.guest;
    }

    public String getUserName() {
        return this.userName;
    }

    public boolean isAdmin() {
        return this.admin;
    }

    public boolean isModerator() {
        return this.moderator;
    }

    public boolean isAuthor() {
        return this.author;
    }

    public boolean isAudience() {
        return this.audience;
    }

    public boolean canEditTopic() {
        return isAuthor() || isModerator() || isAdmin();
    }

    public void validateCanEditTopic() {
        if (!canEditTopic()) {
            throw new UnauthorizedException("You do not have access to this topic!");
        }
    }
}
