package pt.digitalis.dif.controller.security.managers.impl;

import com.google.inject.Inject;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import pt.digitalis.dif.controller.security.managers.IAuthorizationManager;
import pt.digitalis.dif.controller.security.managers.IIdentityManager;
import pt.digitalis.dif.controller.security.objects.ACLEntry;
import pt.digitalis.dif.controller.security.objects.IDIFGroup;
import pt.digitalis.dif.controller.security.objects.IDIFUser;
import pt.digitalis.dif.dem.Entity;
import pt.digitalis.dif.dem.interfaces.IApplication;
import pt.digitalis.dif.dem.interfaces.IService;
import pt.digitalis.dif.dem.interfaces.IStage;
import pt.digitalis.dif.dem.managers.IDEMManager;
import pt.digitalis.dif.exception.security.AuthorizationManagerException;
import pt.digitalis.dif.exception.security.IdentityManagerException;
import pt.digitalis.dif.utils.IObjectFormatter;
import pt.digitalis.dif.utils.ObjectFormatter;
import pt.digitalis.dif.utils.logging.DIFLogger;
import pt.digitalis.utils.common.StringUtils;

/* loaded from: input_file:WEB-INF/lib/dif-core-3.0.1-35-SNAPSHOT.jar:pt/digitalis/dif/controller/security/managers/impl/AbstractAuthorizationManagerImpl.class */
public abstract class AbstractAuthorizationManagerImpl implements IAuthorizationManager, IObjectFormatter {
    protected IDEMManager demManager;
    protected IIdentityManager identityManager;
    private Map<String, Set<ACLEntry>> groupAccessControlList = new ConcurrentHashMap();
    private Map<String, ACLEntry> publicAccessControlList = new ConcurrentHashMap();
    private Map<String, Set<ACLEntry>> userAccessControlList = new ConcurrentHashMap();

    @Inject
    public AbstractAuthorizationManagerImpl(IIdentityManager iIdentityManager, IDEMManager iDEMManager) {
        this.identityManager = iIdentityManager;
        this.demManager = iDEMManager;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean addACLEntry(ACLEntry aCLEntry) throws AuthorizationManagerException {
        if (aCLEntry.isUserACL()) {
            return addACLEntryToUser(aCLEntry);
        }
        if (aCLEntry.isGroupACL()) {
            return addACLEntryToGroup(aCLEntry, true);
        }
        if (aCLEntry.isPublicAccess()) {
            return addACLEntryToPublic(aCLEntry);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized boolean addACLEntryToGroup(ACLEntry aCLEntry, boolean z) throws AuthorizationManagerException {
        if (!getGroupAccessControlList().containsKey(aCLEntry.getGroupID())) {
            getGroupAccessControlList().put(aCLEntry.getGroupID(), new HashSet());
        }
        ACLEntry aCLEntry2 = null;
        Iterator<ACLEntry> it2 = getGroupAccessControlList().get(aCLEntry.getGroupID()).iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            ACLEntry next = it2.next();
            if (next.equals(aCLEntry)) {
                aCLEntry2 = next;
                break;
            }
        }
        if (aCLEntry2 != null && z) {
            getGroupAccessControlList().get(aCLEntry.getGroupID()).remove(aCLEntry2);
        }
        getGroupAccessControlList().get(aCLEntry.getGroupID()).add(aCLEntry);
        return getGroupAccessControlList().get(aCLEntry.getGroupID()).contains(aCLEntry);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean addACLEntryToPublic(ACLEntry aCLEntry) throws AuthorizationManagerException {
        if (!StringUtils.isNotBlank(aCLEntry.getEntityID())) {
            return true;
        }
        getPublicAccessControlList().put(aCLEntry.getEntityID(), aCLEntry);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean addACLEntryToUser(ACLEntry aCLEntry) throws AuthorizationManagerException {
        try {
            if (!getUserAccessControlList().containsKey(aCLEntry.getUserID())) {
                if (!this.identityManager.userExists(aCLEntry.getUserID())) {
                    return false;
                }
                getUserAccessControlList().put(aCLEntry.getUserID(), new HashSet());
                getUserAccessControlList().get(aCLEntry.getUserID()).add(aCLEntry);
                return true;
            }
            ACLEntry aCLEntry2 = null;
            Iterator<ACLEntry> it2 = getUserAccessControlList().get(aCLEntry.getUserID()).iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                ACLEntry next = it2.next();
                if (next.equals(aCLEntry)) {
                    aCLEntry2 = next;
                    break;
                }
            }
            if (aCLEntry2 != null) {
                getUserAccessControlList().get(aCLEntry.getUserID()).remove(aCLEntry2);
            }
            return getUserAccessControlList().get(aCLEntry.getUserID()).add(aCLEntry);
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("Could not access the identity manager to verify user existance!", e);
        }
    }

    protected StageAccessInfo checkAccessToGroup(IDIFGroup iDIFGroup, Entity entity, String str) throws AuthorizationManagerException {
        StageAccessInfo stageAccessInfo = StageAccessInfo.NO_ACCESS;
        try {
            StageAccessInfo hasAccessPublic = hasAccessPublic(entity, str);
            if (!hasAccessPublic.hasAccess()) {
                if (iDIFGroup == null) {
                    DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method: checkAccessToGroup(IDIFGroup group, Entity entityType, String entityID)  | group: null | EntityType: " + entity.toString() + " | entityID: " + str + " | Result: false");
                    return StageAccessInfo.NO_ACCESS;
                }
                hasAccessPublic = checkGroupDirectAccess(iDIFGroup, entity, str);
                if (!hasAccessPublic.hasAccess() || hasAccessPublic.isReadonlyAccess()) {
                    IDIFGroup parentGroup = iDIFGroup.getParentGroup();
                    if (parentGroup != null && !parentGroup.getID().equalsIgnoreCase(iDIFGroup.getID())) {
                        while (!hasAccessPublic.hasAccess() && parentGroup != null) {
                            StageAccessInfo hasAccessGroup = hasAccessGroup(parentGroup, entity, str);
                            if (!hasAccessGroup.hasAccess() || (hasAccessPublic.hasAccess() && hasAccessGroup.isReadonlyAccess())) {
                                parentGroup = parentGroup.getParentGroup();
                            } else {
                                hasAccessPublic = hasAccessGroup;
                                if (hasAccessPublic.isReadonlyAccess()) {
                                    parentGroup = parentGroup.getParentGroup();
                                }
                            }
                        }
                    }
                }
            }
            DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method: checkAccessToGroup(IDIFGroup group, Entity entityType, String entityID)  | group: " + (iDIFGroup == null ? "null" : iDIFGroup.getID()) + " | EntityType: " + entity.toString() + " | entityID: " + str + " | Result: " + hasAccessPublic);
            return hasAccessPublic;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("Could not access identity manager to check if group with ID " + iDIFGroup.getID() + " exists!", e);
        }
    }

    protected StageAccessInfo checkAccessUser(IDIFUser iDIFUser, Entity entity, String str) throws AuthorizationManagerException {
        StageAccessInfo stageAccessInfo = StageAccessInfo.NO_ACCESS;
        try {
            StageAccessInfo hasAccessPublic = hasAccessPublic(entity, str);
            if (!hasAccessPublic.hasAccess()) {
                if (iDIFUser == null) {
                    return StageAccessInfo.NO_ACCESS;
                }
                hasAccessPublic = checkUserDirectAccess(iDIFUser, entity, str);
                if (!hasAccessPublic.hasAccess()) {
                    if (iDIFUser.getProfileID() != null) {
                        StageAccessInfo hasAccessGroup = hasAccessGroup(iDIFUser.getProfile(), entity, str);
                        if (hasAccessGroup.hasAccess()) {
                            hasAccessPublic = hasAccessGroup;
                        }
                    }
                    if (!hasAccessPublic.hasAccess() || hasAccessPublic.isReadonlyAccess()) {
                        Iterator<IDIFGroup> it2 = iDIFUser.getGroups().values().iterator();
                        while (it2.hasNext()) {
                            StageAccessInfo hasAccessGroup2 = hasAccessGroup(it2.next(), entity, str);
                            if (hasAccessGroup2.hasAccess() && (!hasAccessPublic.hasAccess() || !hasAccessGroup2.isReadonlyAccess())) {
                                hasAccessPublic = hasAccessGroup2;
                                break;
                            }
                        }
                    }
                }
            }
            return hasAccessPublic;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("The identity manager can't be accessed to check user access privileges!", e);
        }
    }

    protected StageAccessInfo checkGroupDirectAccess(IDIFGroup iDIFGroup, Entity entity, String str) throws AuthorizationManagerException {
        StageAccessInfo stageAccessInfo = StageAccessInfo.NO_ACCESS;
        if (getGroupAccessControlList().containsKey(iDIFGroup.getID())) {
            Iterator<ACLEntry> it2 = getGroupAccessControlList().get(iDIFGroup.getID()).iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                ACLEntry next = it2.next();
                if (next.getEntityType().equals(entity) && next.getEntityID().equals(str) && next.isEnabled()) {
                    stageAccessInfo = new StageAccessInfo(true, next.isReadonlyAccess());
                    break;
                }
            }
        }
        return stageAccessInfo;
    }

    protected StageAccessInfo checkUserDirectAccess(IDIFUser iDIFUser, Entity entity, String str) throws AuthorizationManagerException {
        StageAccessInfo stageAccessInfo = StageAccessInfo.NO_ACCESS;
        if (getUserAccessControlList().containsKey(iDIFUser.getID())) {
            Iterator<ACLEntry> it2 = getUserAccessControlList().get(iDIFUser.getID()).iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                ACLEntry next = it2.next();
                if (str.equals(next.getEntityID()) && entity == next.getEntityType() && next.isEnabled()) {
                    stageAccessInfo = new StageAccessInfo(true, next.isReadonlyAccess());
                    break;
                }
            }
        }
        return stageAccessInfo;
    }

    private List<ACLEntry> collectACLEntriesForEntityID(String str, Map<String, Set<ACLEntry>> map) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it2 = map.keySet().iterator();
        while (it2.hasNext()) {
            arrayList.addAll(collectACLEntriesForEntityID(str, map.get(it2.next())));
        }
        return arrayList;
    }

    private List<ACLEntry> collectACLEntriesForEntityID(String str, Set<ACLEntry> set) {
        ArrayList arrayList = new ArrayList();
        String lowerCase = StringUtils.lowerCase(str);
        for (ACLEntry aCLEntry : set) {
            if (aCLEntry.getEntityID().equals(lowerCase) && !arrayList.contains(aCLEntry)) {
                arrayList.add(aCLEntry);
            }
        }
        return arrayList;
    }

    private List<ACLEntry> collectACLEntriesForEntityIDSimpleMap(String str, Map<String, ACLEntry> map) {
        ArrayList arrayList = new ArrayList();
        String lowerCase = StringUtils.lowerCase(str);
        for (ACLEntry aCLEntry : map.values()) {
            if (aCLEntry.getEntityID() != null && aCLEntry.getEntityID().equals(lowerCase) && !arrayList.contains(aCLEntry)) {
                arrayList.add(aCLEntry);
            }
        }
        return arrayList;
    }

    protected ACLEntry createGroupACLEntry(String str, String str2, Entity entity, boolean z) {
        ACLEntry aCLEntry = new ACLEntry();
        aCLEntry.setEntityID(StringUtils.lowerCase(str2));
        aCLEntry.setEntityType(entity);
        aCLEntry.setGroupID(str);
        aCLEntry.setReadonlyAccess(z);
        return aCLEntry;
    }

    protected ACLEntry createPublicACLEntry(String str, Entity entity, boolean z) {
        ACLEntry aCLEntry = new ACLEntry();
        aCLEntry.setEntityID(str == null ? str : str.toLowerCase());
        aCLEntry.setEntityType(entity);
        aCLEntry.setPublicAccess();
        aCLEntry.setReadonlyAccess(z);
        return aCLEntry;
    }

    protected ACLEntry createUserACLEntry(String str, String str2, Entity entity, boolean z) {
        ACLEntry aCLEntry = new ACLEntry();
        aCLEntry.setEntityID(StringUtils.lowerCase(str2));
        aCLEntry.setEntityType(entity);
        aCLEntry.setUserID(str);
        aCLEntry.setReadonlyAccess(z);
        return aCLEntry;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean deleteGroup(String str, ACLEntry aCLEntry) {
        return getGroupAccessControlList().get(str).remove(aCLEntry);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean disableGroup(String str, ACLEntry aCLEntry, ACLEntry aCLEntry2) {
        getGroupAccessControlList().get(str).remove(aCLEntry);
        aCLEntry2.setEnabled(false);
        return getGroupAccessControlList().get(str).add(aCLEntry2);
    }

    protected List<ACLEntry> doFindACLEntriesByUserInherited(String str, IDIFGroup iDIFGroup) throws IdentityManagerException {
        ArrayList arrayList = new ArrayList();
        if (iDIFGroup != null) {
            Iterator<IDIFGroup> it2 = this.identityManager.getGroupGroups(iDIFGroup.getID()).values().iterator();
            while (it2.hasNext()) {
                arrayList.addAll(doFindACLEntriesByUserInherited(str, it2.next()));
            }
            arrayList.addAll(findACLEntriesByGroup(iDIFGroup.getID()));
        }
        return arrayList;
    }

    protected StageAccessInfo doHasAccessPublic(Entity entity, String str) {
        ACLEntry aCLEntry = getPublicAccessControlList().get(str);
        if (aCLEntry != null && str.equals(aCLEntry.getEntityID()) && entity == aCLEntry.getEntityType() && aCLEntry.isEnabled()) {
            ArrayList arrayList = new ArrayList();
            for (ACLEntry aCLEntry2 : findACLEntriesByEntity(entity, str)) {
                if (!aCLEntry2.isPublicAccess() && aCLEntry2.isEnabled()) {
                    arrayList.add(aCLEntry2);
                }
            }
            if (arrayList.isEmpty()) {
                DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method: doHasAccessPublic(Entity entityType, String entityID)  | EntityType: " + entity.toString() + " | entityID: " + str + " | Result: True");
                return new StageAccessInfo(true, aCLEntry.isReadonlyAccess());
            }
        }
        DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method: doHasAccessPublic(Entity entityType, String entityID)  | EntityType: " + entity.toString() + " | entityID: " + str + " | Result: False");
        return StageAccessInfo.NO_ACCESS;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByApplication(String str) {
        return findACLEntryByEntity(str);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByEntity(Entity entity, String str) {
        return findACLEntryByEntity(str);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByGroup(String str) {
        Set<ACLEntry> set = getGroupAccessControlList().get(str);
        return set != null ? new ArrayList(set) : new ArrayList();
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByProvider(String str) {
        return findACLEntryByEntity(str);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByService(String str) {
        return findACLEntryByEntity(str);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByStage(String str) {
        return findACLEntryByEntity(str);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByUser(String str) {
        ArrayList arrayList = new ArrayList();
        if (getUserAccessControlList().containsKey(str)) {
            arrayList.addAll(getUserAccessControlList().get(str));
        }
        return arrayList;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findACLEntriesByUserInherited(String str) throws AuthorizationManagerException {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator<IDIFGroup> it2 = this.identityManager.getUserGroups(str).values().iterator();
            while (it2.hasNext()) {
                arrayList.addAll(doFindACLEntriesByUserInherited(str, it2.next()));
            }
            arrayList.addAll(findACLEntriesByUser(str));
            return arrayList;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException(e);
        }
    }

    private List<ACLEntry> findACLEntryByEntity(String str) {
        String lowerCase = StringUtils.lowerCase(str);
        List<ACLEntry> collectACLEntriesForEntityID = collectACLEntriesForEntityID(lowerCase, getUserAccessControlList());
        collectACLEntriesForEntityID.addAll(collectACLEntriesForEntityID(lowerCase, getGroupAccessControlList()));
        collectACLEntriesForEntityID.addAll(collectACLEntriesForEntityIDSimpleMap(lowerCase, getPublicAccessControlList()));
        return collectACLEntriesForEntityID;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public List<ACLEntry> findPublicACLEntries() {
        ArrayList arrayList = new ArrayList();
        Iterator<ACLEntry> it2 = getPublicAccessControlList().values().iterator();
        while (it2.hasNext()) {
            arrayList.add(it2.next());
        }
        return arrayList;
    }

    public Map<String, Set<ACLEntry>> getGroupAccessControlList() {
        return this.groupAccessControlList;
    }

    public Map<String, ACLEntry> getPublicAccessControlList() {
        return this.publicAccessControlList;
    }

    public Map<String, Set<ACLEntry>> getUserAccessControlList() {
        return this.userAccessControlList;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantAccessToGroup(String str, Entity entity, String str2, boolean z) throws AuthorizationManagerException {
        ACLEntry createGroupACLEntry = createGroupACLEntry(str, str2, entity, z);
        if (getGroupAccessControlList().get(str) != null) {
            for (ACLEntry aCLEntry : getGroupAccessControlList().get(str)) {
                if (aCLEntry.getGroupID().equals(createGroupACLEntry.getGroupID()) && aCLEntry.getEntityType().equals(createGroupACLEntry.getEntityType()) && aCLEntry.getEntityID().equals(createGroupACLEntry.getEntityID())) {
                    createGroupACLEntry = aCLEntry;
                    if (createGroupACLEntry.isEnabled() && z == createGroupACLEntry.isReadonlyAccess()) {
                        return true;
                    }
                    createGroupACLEntry.setEnabled(true);
                    createGroupACLEntry.setReadonlyAccess(z);
                }
            }
        }
        return addACLEntryToGroup(createGroupACLEntry, true);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantAccessToPublic(Entity entity, String str, boolean z) throws AuthorizationManagerException {
        return addACLEntryToPublic(createPublicACLEntry(str, entity, z));
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantAccessToUser(String str, Entity entity, String str2, boolean z) throws AuthorizationManagerException {
        return addACLEntryToUser(createUserACLEntry(str, str2, entity, z));
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantDefaultAccessToGroup(String str, Entity entity, String str2, boolean z) throws AuthorizationManagerException {
        ACLEntry createGroupACLEntry = createGroupACLEntry(str, str2, entity, z);
        createGroupACLEntry.setDefault(true);
        return addACLEntryToGroup(createGroupACLEntry, false);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantDefaultAccessToUser(String str, Entity entity, String str2, boolean z) throws AuthorizationManagerException {
        ACLEntry createUserACLEntry = createUserACLEntry(str, str2, entity, z);
        createUserACLEntry.setDefault(true);
        return addACLEntryToUser(createUserACLEntry);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean grantDefaultPublicAccess(Entity entity, String str, boolean z) throws AuthorizationManagerException {
        if (hasAccessPublic(entity, str).hasAccess()) {
            return true;
        }
        ACLEntry createPublicACLEntry = createPublicACLEntry(str, entity, z);
        createPublicACLEntry.setDefault(true);
        return addACLEntryToPublic(createPublicACLEntry);
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessGroup(IDIFGroup iDIFGroup, Entity entity, String str) throws AuthorizationManagerException {
        return Entity.APPLICATION.equals(entity) ? hasAccessGroup(iDIFGroup, this.demManager.getApplication(str)) : Entity.SERVICE.equals(entity) ? hasAccessGroup(iDIFGroup, this.demManager.getService(str)) : Entity.STAGE.equals(entity) ? hasAccessGroup(iDIFGroup, this.demManager.getStage(str)) : Entity.FEATURE.equals(entity) ? checkAccessToGroup(iDIFGroup, entity, str) : StageAccessInfo.NO_ACCESS;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessGroup(IDIFGroup iDIFGroup, IApplication iApplication) throws AuthorizationManagerException {
        return iApplication == null ? StageAccessInfo.NO_ACCESS : checkAccessToGroup(iDIFGroup, Entity.APPLICATION, iApplication.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessGroup(IDIFGroup iDIFGroup, IService iService) throws AuthorizationManagerException {
        if (iService == null) {
            DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method:  hasAccessGroup(IDIFGroup group, IService service)  | group: " + (iDIFGroup != null ? iDIFGroup.getID() : "null") + " | service: null | Result: False");
            return StageAccessInfo.NO_ACCESS;
        }
        StageAccessInfo hasAccessGroup = doHasAccessPublic(Entity.SERVICE, iService.getID()).hasAccess() ? hasAccessGroup(iDIFGroup, iService.getApplication()) : checkAccessToGroup(iDIFGroup, Entity.SERVICE, iService.getID());
        DIFLogger.getLogger().debug("Class: " + AbstractAuthorizationManagerImpl.class.getName() + " | Method:  hasAccessGroup(IDIFGroup group, IService service)  | group: " + (iDIFGroup != null ? iDIFGroup.getID() : "null") + " | service: " + iService.getID() + " | Result: " + hasAccessGroup);
        return hasAccessGroup;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessGroup(IDIFGroup iDIFGroup, IStage iStage) throws AuthorizationManagerException {
        return iStage == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.STAGE, iStage.getID()).hasAccess() ? hasAccessGroup(iDIFGroup, iStage.getService()) : checkAccessToGroup(iDIFGroup, Entity.STAGE, iStage.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessPublic(Entity entity, String str) {
        return Entity.APPLICATION.equals(entity) ? hasAccessPublic(this.demManager.getApplication(str)) : Entity.SERVICE.equals(entity) ? hasAccessPublic(this.demManager.getService(str)) : Entity.STAGE.equals(entity) ? hasAccessPublic(this.demManager.getStage(str)) : Entity.FEATURE.equals(entity) ? doHasAccessPublic(Entity.FEATURE, str) : StageAccessInfo.NO_ACCESS;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessPublic(IApplication iApplication) {
        return iApplication == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.APPLICATION, iApplication.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessPublic(IService iService) {
        return iService == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.SERVICE, iService.getID()).and(doHasAccessPublic(Entity.APPLICATION, iService.getApplication().getID()));
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessPublic(IStage iStage) {
        return iStage == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.STAGE, iStage.getID()).and(doHasAccessPublic(Entity.SERVICE, iStage.getService().getID()).and(doHasAccessPublic(Entity.APPLICATION, iStage.getService().getApplication().getID())));
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessUser(IDIFUser iDIFUser, Entity entity, String str) throws AuthorizationManagerException {
        return Entity.APPLICATION.equals(entity) ? hasAccessUser(iDIFUser, this.demManager.getApplication(str)) : Entity.SERVICE.equals(entity) ? hasAccessUser(iDIFUser, this.demManager.getService(str)) : Entity.STAGE.equals(entity) ? hasAccessUser(iDIFUser, this.demManager.getStage(str)) : Entity.FEATURE.equals(entity) ? checkAccessUser(iDIFUser, entity, str) : StageAccessInfo.NO_ACCESS;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessUser(IDIFUser iDIFUser, IApplication iApplication) throws AuthorizationManagerException {
        return iApplication == null ? StageAccessInfo.NO_ACCESS : checkAccessUser(iDIFUser, Entity.APPLICATION, iApplication.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public StageAccessInfo hasAccessUser(IDIFUser iDIFUser, IService iService) throws AuthorizationManagerException {
        return iService == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.SERVICE, iService.getID()).hasAccess() ? hasAccessUser(iDIFUser, iService.getApplication()) : checkAccessUser(iDIFUser, Entity.SERVICE, iService.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public final StageAccessInfo hasAccessUser(IDIFUser iDIFUser, IStage iStage) throws AuthorizationManagerException {
        return iStage == null ? StageAccessInfo.NO_ACCESS : doHasAccessPublic(Entity.STAGE, iStage.getID()).hasAccess() ? hasAccessUser(iDIFUser, iStage.getService()) : checkAccessUser(iDIFUser, Entity.STAGE, iStage.getID());
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeACLEntry(ACLEntry aCLEntry) {
        if (aCLEntry.isUserACL()) {
            return revokeAccessFromUser(aCLEntry.getUserID(), aCLEntry.getEntityType(), aCLEntry.getEntityID());
        }
        if (aCLEntry.isGroupACL()) {
            return revokeAccessFromGroup(aCLEntry.getGroupID(), aCLEntry.getEntityType(), aCLEntry.getEntityID());
        }
        if (aCLEntry.isPublicAccess()) {
            return revokeAccessFromPublic(aCLEntry.getEntityType(), aCLEntry.getEntityID());
        }
        return false;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeAccessFromGroup(String str, Entity entity, String str2) {
        if (!getGroupAccessControlList().containsKey(str)) {
            return false;
        }
        ACLEntry createGroupACLEntry = createGroupACLEntry(str, str2, entity, false);
        for (ACLEntry aCLEntry : getGroupAccessControlList().get(str)) {
            if (aCLEntry.getGroupID().equals(createGroupACLEntry.getGroupID()) && aCLEntry.getEntityType().equals(createGroupACLEntry.getEntityType()) && aCLEntry.getEntityID().equals(createGroupACLEntry.getEntityID())) {
                if (!aCLEntry.isDefault()) {
                    return deleteGroup(str, aCLEntry);
                }
                for (ACLEntry aCLEntry2 : getGroupAccessControlList().get(str)) {
                    if (aCLEntry.equals(aCLEntry2)) {
                        return disableGroup(str, aCLEntry, aCLEntry2);
                    }
                }
            }
        }
        return false;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeAccessFromPublic(Entity entity, String str) {
        String lowerCase = StringUtils.lowerCase(str);
        if (!getPublicAccessControlList().containsKey(lowerCase)) {
            return false;
        }
        if (!getPublicAccessControlList().get(lowerCase).getEntityID().equals(lowerCase) || !getPublicAccessControlList().get(lowerCase).getEntityType().equals(entity)) {
            return true;
        }
        if (getPublicAccessControlList().get(lowerCase).isDefault()) {
            getPublicAccessControlList().get(lowerCase).setEnabled(false);
            return true;
        }
        getPublicAccessControlList().remove(lowerCase);
        return true;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeAccessFromUser(String str, Entity entity, String str2) {
        if (!getUserAccessControlList().containsKey(str)) {
            return false;
        }
        ACLEntry createUserACLEntry = createUserACLEntry(str, str2, entity, false);
        for (ACLEntry aCLEntry : getUserAccessControlList().get(str)) {
            if (aCLEntry.getUserID().equals(createUserACLEntry.getUserID()) && aCLEntry.getEntityType().equals(createUserACLEntry.getEntityType()) && aCLEntry.getEntityID().equals(createUserACLEntry.getEntityID())) {
                if (getUserAccessControlList().get(str).contains(aCLEntry) && !aCLEntry.isDefault()) {
                    boolean remove = getUserAccessControlList().get(str).remove(aCLEntry);
                    if (getUserAccessControlList().get(str).size() == 0) {
                        getUserAccessControlList().remove(str);
                        remove = true;
                    }
                    return remove;
                }
                for (ACLEntry aCLEntry2 : getUserAccessControlList().get(str)) {
                    if (aCLEntry.equals(aCLEntry2)) {
                        getUserAccessControlList().get(str).remove(aCLEntry);
                        aCLEntry2.setEnabled(false);
                        return getUserAccessControlList().get(str).add(aCLEntry2);
                    }
                }
            }
        }
        return false;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeAllAccessFromGroup(String str) {
        if (!getGroupAccessControlList().containsKey(str)) {
            return false;
        }
        getGroupAccessControlList().remove(str);
        return true;
    }

    @Override // pt.digitalis.dif.controller.security.managers.IAuthorizationManager
    public boolean revokeAllAccessFromUser(String str) {
        if (!getUserAccessControlList().containsKey(str)) {
            return false;
        }
        getUserAccessControlList().remove(str);
        return true;
    }

    @Override // pt.digitalis.dif.utils.IObjectFormatter
    public ObjectFormatter toObjectFormatter(ObjectFormatter.Format format, List<Object> list) {
        ObjectFormatter objectFormatter = new ObjectFormatter(format, list);
        objectFormatter.addItem("User ACLs", this.userAccessControlList);
        objectFormatter.addItem("Group ACLs", this.groupAccessControlList);
        return objectFormatter;
    }

    public String toString() {
        return toObjectFormatter(ObjectFormatter.Format.TEXT, null).getFormatedObject();
    }
}
