package ome.security.basic;

import java.util.Iterator;
import java.util.List;
import ome.model.annotations.Annotation;
import ome.model.annotations.CommentAnnotation;
import ome.security.ACLVoter;
import ome.security.EventProvider;
import ome.security.SecurityFilter;
import ome.security.SystemTypes;
import ome.security.policy.PolicyService;
import ome.services.sessions.SessionManager;
import ome.services.sessions.SessionManagerImpl;
import ome.services.sessions.SessionProvider;
import ome.system.Roles;
import ome.system.ServiceFactory;

/* loaded from: input_file:ome/security/basic/BasicSecuritySystemReadOnly.class */
public class BasicSecuritySystemReadOnly extends BasicSecuritySystem {
    public BasicSecuritySystemReadOnly(OmeroInterceptor omeroInterceptor, SystemTypes systemTypes, CurrentDetails currentDetails, SessionManager sessionManager, SessionProvider sessionProvider, EventProvider eventProvider, Roles roles, ServiceFactory serviceFactory, TokenHolder tokenHolder, List<SecurityFilter> list, PolicyService policyService, ACLVoter aCLVoter) {
        super(omeroInterceptor, systemTypes, currentDetails, sessionManager, sessionProvider, eventProvider, roles, serviceFactory, tokenHolder, list, policyService, aCLVoter);
    }

    @Override // ome.security.basic.BasicSecuritySystem
    protected boolean isGroupContextPermitted(long j, long j2) {
        Iterator linkedAnnotationIterator = this.sessionProvider.findSessionById(j, this.sf).linkedAnnotationIterator();
        while (linkedAnnotationIterator.hasNext()) {
            CommentAnnotation commentAnnotation = (Annotation) linkedAnnotationIterator.next();
            if ((commentAnnotation instanceof CommentAnnotation) && SessionManagerImpl.GROUP_SUDO_NS.equals(commentAnnotation.getNs()) && this.roles.isRootUser(commentAnnotation.getDetails().getOwner()) && !isGroupContextPermitted(j2, commentAnnotation.getTextValue())) {
                return false;
            }
        }
        return true;
    }
}
