package org.chorem.pollen.ui.security;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.chorem.pollen.bean.PollUri;
import org.chorem.pollen.business.persistence.Poll;
import org.chorem.pollen.services.PollenServiceContext;
import org.chorem.pollen.services.impl.SecurityService;
import org.chorem.pollen.ui.PollenUIUtils;
import org.nuiton.i18n.I18n;

/* loaded from: input_file:WEB-INF/classes/org/chorem/pollen/ui/security/PollVoteAccessRequired.class */
public class PollVoteAccessRequired extends AbstractPollenAuthorization {
    protected final AdminUserRequired adminFilter = new AdminUserRequired();

    @Override // org.apache.shiro.web.filter.AccessControlFilter
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        String isCanAccessVote;
        PollenServiceContext serviceContext = getServiceContext(servletRequest);
        PollUri pollUri = getPollUri(servletRequest);
        SecurityService securityService = (SecurityService) serviceContext.newService(SecurityService.class);
        Poll pollIdSane = getPollIdSane(pollUri, serviceContext, servletRequest);
        boolean z = pollIdSane != null;
        SecurityService.AccountIdRole accountIdRole = null;
        if (z) {
            boolean isAccessAllowed = this.adminFilter.isAccessAllowed(servletRequest, servletResponse, obj);
            if (pollUri.isAccountIdNotBlank()) {
                accountIdRole = securityService.getAccountIdRole(pollIdSane, pollUri.getAccountId());
                if (accountIdRole == SecurityService.AccountIdRole.UNDEFINED) {
                    z = false;
                    registerError(servletRequest, I18n.n_("pollen.security.error.bad.accountId", new Object[0]));
                }
            }
            if (isAccessAllowed) {
                accountIdRole = SecurityService.AccountIdRole.CREATOR;
            }
        }
        if (z && (isCanAccessVote = securityService.isCanAccessVote(pollIdSane, pollUri.getAccountId(), accountIdRole)) != null) {
            z = false;
            registerError(servletRequest, isCanAccessVote);
        }
        if (z) {
            PollenUIUtils.setAccountIdRole(servletRequest, accountIdRole);
        }
        return z;
    }
}
