package com.liferay.account.internal.security.permission.resource;

import com.liferay.account.model.AccountEntry;
import com.liferay.account.model.AccountEntryOrganizationRel;
import com.liferay.account.service.AccountEntryLocalService;
import com.liferay.account.service.AccountEntryOrganizationRelLocalService;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.model.Organization;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.security.permission.resource.ModelResourcePermission;
import com.liferay.portal.kernel.security.permission.resource.PortletResourcePermission;
import com.liferay.portal.kernel.service.OrganizationLocalService;
import com.liferay.portal.kernel.service.permission.OrganizationPermissionUtil;
import com.liferay.portal.kernel.util.ArrayUtil;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"model.class.name=com.liferay.account.model.AccountEntry"}, service = {ModelResourcePermission.class})
/* loaded from: input_file:com/liferay/account/internal/security/permission/resource/AccountEntryModelResourcePermission.class */
public class AccountEntryModelResourcePermission implements ModelResourcePermission<AccountEntry> {

    @Reference
    private AccountEntryLocalService _accountEntryLocalService;

    @Reference
    private AccountEntryOrganizationRelLocalService _accountEntryOrganizationRelLocalService;

    @Reference
    private OrganizationLocalService _organizationLocalService;

    @Reference(target = "(resource.name=com.liferay.account)")
    private PortletResourcePermission _portletResourcePermission;

    public void check(PermissionChecker permissionChecker, AccountEntry accountEntry, String str) throws PortalException {
        if (!contains(permissionChecker, accountEntry, str)) {
            throw new PrincipalException.MustHavePermission(permissionChecker, AccountEntry.class.getName(), accountEntry.getAccountEntryId(), new String[]{str});
        }
    }

    public void check(PermissionChecker permissionChecker, long j, String str) throws PortalException {
        if (!contains(permissionChecker, j, str)) {
            throw new PrincipalException.MustHavePermission(permissionChecker, AccountEntry.class.getName(), j, new String[]{str});
        }
    }

    public boolean contains(PermissionChecker permissionChecker, AccountEntry accountEntry, String str) throws PortalException {
        return contains(permissionChecker, accountEntry.getAccountEntryId(), str);
    }

    public boolean contains(PermissionChecker permissionChecker, long j, String str) throws PortalException {
        AccountEntry fetchAccountEntry = this._accountEntryLocalService.fetchAccountEntry(j);
        if (fetchAccountEntry != null && permissionChecker.hasOwnerPermission(permissionChecker.getCompanyId(), AccountEntry.class.getName(), j, fetchAccountEntry.getUserId(), str)) {
            return true;
        }
        List accountEntryOrganizationRels = this._accountEntryOrganizationRelLocalService.getAccountEntryOrganizationRels(j);
        long[] userOrganizationIds = this._organizationLocalService.getUserOrganizationIds(permissionChecker.getUserId(), true);
        Iterator it = accountEntryOrganizationRels.iterator();
        while (it.hasNext()) {
            Organization fetchOrganization = this._organizationLocalService.fetchOrganization(((AccountEntryOrganizationRel) it.next()).getOrganizationId());
            while (fetchOrganization != null) {
                if (Objects.equals(str, "EDIT_ORGANIZATIONS") && permissionChecker.hasPermission(fetchOrganization.getGroupId(), AccountEntry.class.getName(), j, "MANAGE_ORGANIZATIONS")) {
                    return true;
                }
                boolean contains = ArrayUtil.contains(userOrganizationIds, fetchOrganization.getOrganizationId());
                if (!Objects.equals(str, "EDIT_ORGANIZATIONS") && !Objects.equals(str, "MANAGE_ORGANIZATIONS") && contains && OrganizationPermissionUtil.contains(permissionChecker, fetchOrganization.getOrganizationId(), "MANAGE_AVAILABLE_ACCOUNTS")) {
                    return true;
                }
                if (Objects.equals(fetchOrganization, fetchOrganization) && permissionChecker.hasPermission(fetchOrganization.getGroupId(), AccountEntry.class.getName(), j, str)) {
                    return true;
                }
                if (!Objects.equals(fetchOrganization, fetchOrganization) && OrganizationPermissionUtil.contains(permissionChecker, fetchOrganization, "MANAGE_SUBORGANIZATIONS_ACCOUNTS") && ((contains && Objects.equals(str, "VIEW")) || permissionChecker.hasPermission(fetchOrganization.getGroupId(), AccountEntry.class.getName(), j, str))) {
                    return true;
                }
                fetchOrganization = fetchOrganization.getParentOrganization();
            }
        }
        long j2 = 0;
        if (fetchAccountEntry != null) {
            j2 = fetchAccountEntry.getAccountEntryGroupId();
        }
        return permissionChecker.hasPermission(j2, AccountEntry.class.getName(), j, str);
    }

    public String getModelName() {
        return AccountEntry.class.getName();
    }

    public PortletResourcePermission getPortletResourcePermission() {
        return this._portletResourcePermission;
    }
}
