package org.sakaiproject.metaobj.security.impl;

import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.exception.IdUnusedException;
import org.sakaiproject.metaobj.security.AuthorizationFacade;
import org.sakaiproject.metaobj.security.AuthorizationFailedException;
import org.sakaiproject.metaobj.shared.model.Agent;
import org.sakaiproject.metaobj.shared.model.Id;
import org.sakaiproject.service.framework.portal.PortalService;
import org.sakaiproject.service.legacy.authzGroup.AuthzGroup;
import org.sakaiproject.service.legacy.authzGroup.AuthzGroupService;
import org.sakaiproject.service.legacy.user.UserDirectoryService;

/* loaded from: input_file:WEB-INF/lib/sakai-metaobj-impl-sakai_2-1-1.jar:org/sakaiproject/metaobj/security/impl/AuthzShim.class */
public class AuthzShim implements AuthorizationFacade {
    protected final transient Log logger = LogFactory.getLog(getClass());
    private AuthzGroupService realmService;
    private PortalService portalService;
    private UserDirectoryService userDirectoryService;

    public void checkPermission(String str, Id id) throws AuthorizationFailedException {
        if (!isAuthorized(str, id)) {
            throw new AuthorizationFailedException(str, id);
        }
    }

    public void checkPermission(Agent agent, String str, Id id) throws AuthorizationFailedException {
        if (!isAuthorized(agent, str, id)) {
            throw new AuthorizationFailedException(agent, str, id);
        }
    }

    public boolean isAuthorized(String str, Id id) {
        return isAuthorized(null, str, id);
    }

    public boolean isAuthorized(Agent agent, String str, Id id) {
        String str2 = null;
        if (agent == null) {
            str2 = getUserDirectoryService().getCurrentUser().getId();
        }
        return str.equals("maintain") ? checkMaintain(str2) : getRealmService().isAllowed(str2, str, getCurrentRealm());
    }

    protected boolean checkMaintain(String str) {
        AuthzGroup authzGroup = null;
        try {
            authzGroup = getRealmService().getAuthzGroup(getCurrentRealm());
        } catch (IdUnusedException e) {
            this.logger.warn("unkown realm", e);
        }
        return authzGroup.hasRole(str, authzGroup.getMaintainRole());
    }

    protected String getCurrentRealm() {
        return new StringBuffer().append("/site/").append(getPortalService().getCurrentSiteId()).toString();
    }

    protected String getReference(Id id) {
        return null;
    }

    public List getAuthorizations(Agent agent, String str, Id id) {
        return new ArrayList();
    }

    public void createAuthorization(Agent agent, String str, Id id) {
    }

    public void deleteAuthorization(Agent agent, String str, Id id) {
    }

    public void deleteAuthorizations(Id id) {
    }

    public AuthzGroupService getRealmService() {
        return this.realmService;
    }

    public void setRealmService(AuthzGroupService authzGroupService) {
        this.realmService = authzGroupService;
    }

    public PortalService getPortalService() {
        return this.portalService;
    }

    public void setPortalService(PortalService portalService) {
        this.portalService = portalService;
    }

    public UserDirectoryService getUserDirectoryService() {
        return this.userDirectoryService;
    }

    public void setUserDirectoryService(UserDirectoryService userDirectoryService) {
        this.userDirectoryService = userDirectoryService;
    }
}
