package org.pentaho.platform.web.http.api.resources.utils;

import java.util.Collections;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.engine.IAuthorizationPolicy;
import org.pentaho.platform.api.engine.IUserRoleListService;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.pentaho.platform.repository2.unified.ServerRepositoryPaths;
import org.pentaho.platform.repository2.unified.jcr.JcrTenantUtils;

/* loaded from: input_file:org/pentaho/platform/web/http/api/resources/utils/SystemUtils.class */
public class SystemUtils {
    private static final Log logger = LogFactory.getLog(SystemUtils.class);

    public static boolean canAdminister() {
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        return iAuthorizationPolicy.isAllowed("org.pentaho.repository.read") && iAuthorizationPolicy.isAllowed("org.pentaho.repository.create") && iAuthorizationPolicy.isAllowed("org.pentaho.security.administerSecurity");
    }

    public static boolean canUpload(String str) {
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        boolean z = iAuthorizationPolicy.isAllowed("org.pentaho.repository.read") && iAuthorizationPolicy.isAllowed("org.pentaho.repository.create") && (iAuthorizationPolicy.isAllowed("org.pentaho.security.administerSecurity") || iAuthorizationPolicy.isAllowed("org.pentaho.security.publish"));
        return (z || StringUtils.isEmpty(str)) ? z : validateAccessToHomeFolder(str);
    }

    public static boolean canDownload(String str) {
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        IUserRoleListService iUserRoleListService = (IUserRoleListService) PentahoSystem.get(IUserRoleListService.class);
        String name = PentahoSessionHolder.getSession().getName();
        boolean z = iAuthorizationPolicy.isAllowed("org.pentaho.repository.read") && iAuthorizationPolicy.isAllowed("org.pentaho.repository.create") && (iAuthorizationPolicy.isAllowed("org.pentaho.security.administerSecurity") || !Collections.disjoint(iUserRoleListService.getRolesForUser(JcrTenantUtils.getUserNameUtils().getTenant(name), name), PentahoSystem.getDownloadRolesList()));
        return (z || StringUtils.isEmpty(str)) ? z : validateAccessToHomeFolder(str);
    }

    public static boolean validateAccessToHomeFolder(String str) {
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        boolean z = false;
        String name = PentahoSessionHolder.getSession().getName();
        String userHomeFolderPath = ServerRepositoryPaths.getUserHomeFolderPath(JcrTenantUtils.getUserNameUtils().getTenant(name), JcrTenantUtils.getUserNameUtils().getPrincipleName(name));
        if (userHomeFolderPath != null && userHomeFolderPath.length() > 0) {
            z = (ServerRepositoryPaths.getTenantRootFolderPath() + str).contains(userHomeFolderPath);
        }
        return z && iAuthorizationPolicy.isAllowed("org.pentaho.repository.create") && iAuthorizationPolicy.isAllowed("org.pentaho.repository.read");
    }
}
