package pt.digitalis.dif.presentation.entities.system.admin.acl;

import com.google.inject.Inject;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import pt.digitalis.dif.controller.interfaces.IDIFContext;
import pt.digitalis.dif.controller.objects.RESTAction;
import pt.digitalis.dif.controller.security.managers.IAuthorizationManager;
import pt.digitalis.dif.controller.security.managers.IIdentityManager;
import pt.digitalis.dif.controller.security.objects.ACLEntry;
import pt.digitalis.dif.dem.Entity;
import pt.digitalis.dif.dem.annotations.entities.StageDefinition;
import pt.digitalis.dif.dem.annotations.parameter.Parameter;
import pt.digitalis.dif.dem.annotations.presentation.OnAJAX;
import pt.digitalis.dif.dem.annotations.security.AccessControl;
import pt.digitalis.dif.dem.annotations.stage.Callback;
import pt.digitalis.dif.dem.annotations.stage.Context;
import pt.digitalis.dif.dem.annotations.stage.InjectMessages;
import pt.digitalis.dif.dem.annotations.stage.View;
import pt.digitalis.dif.dem.interfaces.IEntity;
import pt.digitalis.dif.dem.interfaces.IStage;
import pt.digitalis.dif.dem.managers.IDEMManager;
import pt.digitalis.dif.exception.security.AuthorizationManagerException;
import pt.digitalis.dif.exception.security.IdentityManagerException;
import pt.digitalis.dif.model.dataset.DataSetException;
import pt.digitalis.dif.model.dataset.ListDataSet;
import pt.digitalis.dif.presentation.ajax.IJSONResponse;
import pt.digitalis.dif.presentation.restfull.RESTfullResponse;
import pt.digitalis.dif.presentation.views.jsp.objects.ajax.JSONResponseDataSetGrid;
import pt.digitalis.dif.presentation.views.jsp.taglibs.layout.panels.grid.AbstractCalcField;
import pt.digitalis.dif.presentation.views.jsp.taglibs.objects.definitions.panels.TreeItemDefinition;
import pt.digitalis.dif.utils.identity.GroupBean;
import pt.digitalis.dif.utils.identity.IdentityManagerCache;
import pt.digitalis.dif.utils.identity.UserBean;
import pt.digitalis.utils.common.StringUtils;
import pt.digitalis.utils.config.ConfigurationException;

@StageDefinition(name = "User Explorer", service = "accesscontrolservice")
@View(target = "internal/admin/AccessControlExplorerServices.jsp")
@Callback
@AccessControl(groups = "Administrators")
/* loaded from: input_file:WEB-INF/lib/dif-presentation-webresources-stages-2.8.2.jar:pt/digitalis/dif/presentation/entities/system/admin/acl/AccessControlExplorerServices.class */
public class AccessControlExplorerServices {

    @Inject
    protected IAuthorizationManager authorizationManager;

    @Context
    protected IDIFContext context;

    @Inject
    protected IDEMManager demManager;

    @Inject
    protected IIdentityManager identityManager;

    @InjectMessages
    protected Map<String, String> messages;

    @Parameter
    protected String selectedEntityID;

    /* loaded from: input_file:WEB-INF/lib/dif-presentation-webresources-stages-2.8.2.jar:pt/digitalis/dif/presentation/entities/system/admin/acl/AccessControlExplorerServices$ACLCalcField.class */
    private class ACLCalcField extends AbstractCalcField {
        private final String entityID;
        private final Entity entityType;
        private final Map<String, String> messages;

        public ACLCalcField(Map<String, String> map, Entity entity, String str) {
            this.messages = map;
            this.entityType = entity;
            this.entityID = str;
        }

        private String getIcon(String str, boolean z) {
            StringBuilder sb = new StringBuilder();
            sb.append("<img align=\"center\" src=\"img/");
            sb.append(str);
            sb.append("\" width=\"22\" class=\"rightPad5");
            if (z) {
                sb.append(" disabledImage");
            }
            sb.append("\"/>");
            return sb.toString();
        }

        @Override // pt.digitalis.dif.presentation.views.jsp.taglibs.layout.panels.grid.ICalcField
        public String getOrderByField() {
            return null;
        }

        @Override // pt.digitalis.dif.presentation.views.jsp.taglibs.layout.panels.grid.ICalcField
        public String getValue(Object obj, String str) throws ConfigurationException {
            ACLEntry aCLEntry = (ACLEntry) obj;
            Boolean valueOf = Boolean.valueOf((aCLEntry.getEntityType() == this.entityType && aCLEntry.getEntityID().equals(this.entityID)) ? false : true);
            if (!"access".equals(str)) {
                if ("inherited".equals(str)) {
                    return valueOf.toString();
                }
                return null;
            }
            StringBuilder sb = new StringBuilder();
            if (valueOf.booleanValue()) {
                sb.append("<span class=\"greydarktext\">");
            }
            try {
                if (aCLEntry.isPublicAccess()) {
                    sb.append(getIcon("worldIcon.png", valueOf.booleanValue()));
                    sb.append(AccessControlExplorerServices.this.messages.get("public"));
                } else if (aCLEntry.isUserACL()) {
                    UserBean userBean = IdentityManagerCache.getUsersCache(false).get(aCLEntry.getUserID());
                    sb.append(getIcon("userIcon.png", valueOf.booleanValue()));
                    sb.append(AccessControlExplorerServices.this.messages.get("user") + ": ");
                    if (userBean == null || userBean.getUser().getID().equals(userBean.getUser().getName())) {
                        sb.append(aCLEntry.getUserID());
                    } else {
                        sb.append(userBean.getUser().getName());
                        sb.append(" (" + userBean.getUser().getID() + ")");
                    }
                } else if (aCLEntry.isGroupACL()) {
                    GroupBean groupBean = IdentityManagerCache.getGroupsCache(false).get(aCLEntry.getGroupID());
                    sb.append(getIcon("usersIcon.png", valueOf.booleanValue()));
                    sb.append(AccessControlExplorerServices.this.messages.get("group") + ": ");
                    if (groupBean == null || groupBean.getGroup().getID().equals(groupBean.getGroup().getName())) {
                        sb.append(aCLEntry.getGroupID());
                    } else {
                        sb.append(groupBean.getGroup().getName());
                        sb.append(" (" + groupBean.getGroup().getID() + ")");
                    }
                }
            } catch (IdentityManagerException e) {
                e.printStackTrace();
            } catch (DataSetException e2) {
                e2.printStackTrace();
            }
            if (valueOf.booleanValue()) {
                sb.append(" | " + this.messages.get("inheritedfrom") + " ");
                sb.append(getIcon(aCLEntry.getEntityType().name().toLowerCase() + "Icon.png", true));
                sb.append(aCLEntry.getEntityType().name() + ": ");
                IEntity entity = AccessControlExplorerServices.this.demManager.getEntity(aCLEntry.getEntityType(), aCLEntry.getEntityID());
                sb.append(StringUtils.nvl(entity.getBusinessNodeName(), StringUtils.nvl(entity.getName(), entity.getID())));
                sb.append("</span>");
            }
            return sb.toString();
        }
    }

    private List<ACLEntry> filterSinglePublicACL(List<ACLEntry> list) {
        if (list.size() == 1 && list.get(0).isPublicAccess()) {
            list.clear();
        }
        return list;
    }

    public List<TreeItemDefinition> getEntities() throws IdentityManagerException {
        return new CredencialEntitiesTreeBuilder().getItems(true, true);
    }

    @OnAJAX("entityACLs")
    public IJSONResponse getEntityACLs() throws AuthorizationManagerException {
        JSONResponseDataSetGrid jSONResponseDataSetGrid = null;
        List<ACLEntry> list = null;
        Entity entity = null;
        String str = null;
        String str2 = null;
        boolean z = false;
        if (this.context.getRequest().getRestAction() == RESTAction.POST || this.context.getRequest().getRestAction() == RESTAction.DELETE) {
            jSONResponseDataSetGrid = new JSONResponseDataSetGrid(new ListDataSet(ACLEntry.class, "id", (List) null));
            str2 = jSONResponseDataSetGrid.getBeanAttributesFromJSONRequestBody(this.context).get("id");
            if (StringUtils.isNotBlank(this.selectedEntityID) && StringUtils.isNotBlank(str2)) {
                String[] split = this.selectedEntityID.split(":", 2);
                entity = Entity.valueOf(split[0]);
                str = split[1];
                boolean equals = "public".equals(str2);
                boolean z2 = false;
                boolean z3 = false;
                String str3 = null;
                String str4 = null;
                if (!equals) {
                    String[] split2 = str2.split(":");
                    z2 = "user".equalsIgnoreCase(split2[0]);
                    z3 = "group".equalsIgnoreCase(split2[0]);
                    if (z2) {
                        str3 = split2[1];
                    } else if (z3) {
                        str4 = split2[1];
                    }
                }
                if (this.context.getRequest().getRestAction() == RESTAction.POST) {
                    if (equals) {
                        this.authorizationManager.grantAccessToPublic(entity, str);
                    } else if (z2) {
                        this.authorizationManager.grantAccessToUser(str3, entity, str);
                    } else if (z3) {
                        this.authorizationManager.grantAccessToGroup(str4, entity, str);
                    }
                    z = true;
                } else if (this.context.getRequest().getRestAction() == RESTAction.DELETE) {
                    if (equals) {
                        this.authorizationManager.revokeAccessFromPublic(entity, str);
                    } else if (z2) {
                        this.authorizationManager.revokeAccessFromUser(str3, entity, str);
                    } else if (z3) {
                        this.authorizationManager.revokeAccessFromGroup(str4, entity, str);
                    }
                    jSONResponseDataSetGrid.setActionResponse(new RESTfullResponse(true, null));
                }
            } else {
                jSONResponseDataSetGrid.setActionResponse(new RESTfullResponse(false, null));
            }
        }
        if (jSONResponseDataSetGrid == null || jSONResponseDataSetGrid.getActionResponse() == null) {
            if (StringUtils.isNotBlank(this.selectedEntityID)) {
                String[] split3 = this.selectedEntityID.split(":", 2);
                if (split3.length >= 2) {
                    entity = Entity.valueOf(split3[0]);
                    str = split3[1];
                    list = new ArrayList();
                    for (ACLEntry aCLEntry : this.authorizationManager.findACLEntriesByEntity(entity, str)) {
                        if (aCLEntry.isEnabled()) {
                            list.add(aCLEntry);
                        }
                    }
                    ArrayList arrayList = new ArrayList();
                    if (entity == Entity.STAGE) {
                        IStage stage = this.demManager.getStage(str);
                        arrayList.addAll(filterSinglePublicACL(this.authorizationManager.findACLEntriesByApplication(stage.getService().getApplication().getID())));
                        arrayList.addAll(filterSinglePublicACL(this.authorizationManager.findACLEntriesByService(stage.getService().getID())));
                    } else if (entity == Entity.SERVICE) {
                        arrayList.addAll(filterSinglePublicACL(this.authorizationManager.findACLEntriesByApplication(this.demManager.getService(str).getApplication().getID())));
                    }
                    if (!arrayList.isEmpty()) {
                        list = filterSinglePublicACL(list);
                    }
                    list.addAll(0, arrayList);
                }
            }
            ListDataSet listDataSet = new ListDataSet(ACLEntry.class, "id", (List) list);
            jSONResponseDataSetGrid = new JSONResponseDataSetGrid(listDataSet);
            ACLCalcField aCLCalcField = new ACLCalcField(this.messages, entity, str);
            jSONResponseDataSetGrid.addCalculatedField("access", aCLCalcField);
            jSONResponseDataSetGrid.addCalculatedField("inherited", aCLCalcField);
            if (z) {
                jSONResponseDataSetGrid.setActionResponse(new RESTfullResponse(true, listDataSet.get(str2)));
            }
        }
        jSONResponseDataSetGrid.setHandleRESTActions(true, true, false, true, null);
        return jSONResponseDataSetGrid;
    }
}
