package org.ametys.cms.rights;

import java.io.UnsupportedEncodingException;
import java.util.Map;
import org.ametys.cms.repository.Content;
import org.ametys.core.right.RightManager;
import org.ametys.core.user.CurrentUserProvider;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.util.FilenameUtils;
import org.ametys.plugins.repository.AmetysObject;
import org.ametys.plugins.repository.AmetysObjectResolver;
import org.ametys.plugins.repository.UnknownAmetysObjectException;
import org.ametys.runtime.authentication.AccessDeniedException;
import org.ametys.runtime.authentication.AuthorizationRequiredException;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.cocoon.ResourceNotFoundException;
import org.apache.cocoon.acting.ServiceableAction;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.SourceResolver;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:org/ametys/cms/rights/CheckReadAccessAction.class */
public class CheckReadAccessAction extends ServiceableAction {
    protected AmetysObjectResolver _resolver;
    protected CurrentUserProvider _currentUserProvider;
    protected RightManager _rightManager;

    public void service(ServiceManager serviceManager) throws ServiceException {
        super.service(serviceManager);
        this._rightManager = (RightManager) this.manager.lookup(RightManager.ROLE);
        this._resolver = (AmetysObjectResolver) serviceManager.lookup(AmetysObjectResolver.ROLE);
        this._currentUserProvider = (CurrentUserProvider) serviceManager.lookup(CurrentUserProvider.ROLE);
    }

    public Map act(Redirector redirector, SourceResolver sourceResolver, Map map, String str, Parameters parameters) throws Exception {
        Request request = ObjectModelHelper.getRequest(map);
        UserIdentity user = this._currentUserProvider.getUser();
        AmetysObject ametysObject = getAmetysObject(parameters, request);
        if (ametysObject == null) {
            throw new ResourceNotFoundException("CheckReadAccessAction: a valid ametys object must be provided.");
        }
        if (this._rightManager.hasAnonymousReadAccess(ametysObject)) {
            return EMPTY_MAP;
        }
        if (user == null) {
            throw new AuthorizationRequiredException();
        }
        if (this._rightManager.hasReadAccess(user, ametysObject)) {
            return null;
        }
        throw new AccessDeniedException("Access to object " + ametysObject.getId() + " is not allowed for user " + user);
    }

    protected AmetysObject getAmetysObject(Parameters parameters, Request request) throws UnsupportedEncodingException {
        try {
            String parameter = parameters.getParameter("objectId", "");
            String parameter2 = parameters.getParameter("objectPath", "");
            if (StringUtils.isNotEmpty(parameter)) {
                return this._resolver.resolveById(parameter);
            }
            if (!StringUtils.isNotEmpty(parameter2)) {
                return (Content) request.getAttribute(Content.class.getName());
            }
            return this._resolver.resolveByPath(FilenameUtils.decode(parameter2));
        } catch (UnknownAmetysObjectException e) {
            return null;
        }
    }
}
