package pt.digitalis.dif.model.authorization;

import com.google.inject.Inject;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.hibernate.Session;
import org.hibernate.Transaction;
import pt.digitalis.dif.controller.security.managers.IIdentityManager;
import pt.digitalis.dif.controller.security.managers.impl.AbstractAuthorizationManagerImpl;
import pt.digitalis.dif.controller.security.objects.ACLEntry;
import pt.digitalis.dif.controller.security.objects.IDIFGroup;
import pt.digitalis.dif.controller.security.objects.IDIFUser;
import pt.digitalis.dif.dem.Entity;
import pt.digitalis.dif.dem.managers.IDEMManager;
import pt.digitalis.dif.exception.security.AuthorizationManagerException;
import pt.digitalis.dif.exception.security.IdentityManagerException;
import pt.digitalis.dif.ioc.DIFIoCRegistry;
import pt.digitalis.dif.model.authorization.dao.IAclDAO;
import pt.digitalis.dif.model.authorization.data.Acl;

/* loaded from: input_file:pt/digitalis/dif/model/authorization/AuthorizationManagerDataBaseImpl.class */
public class AuthorizationManagerDataBaseImpl extends AbstractAuthorizationManagerImpl {
    IAclDAO aclDao;

    private static Acl convertACLEntryToAcl(ACLEntry aCLEntry, Integer num) {
        Acl acl = new Acl();
        if (aCLEntry.getUserID() != null) {
            acl.setUserId(aCLEntry.getUserID());
        }
        if (aCLEntry.getGroupID() != null) {
            acl.setGroupId(aCLEntry.getGroupID());
        }
        if (aCLEntry.getEntityType() != null) {
            acl.setEntityType(aCLEntry.getEntityType().toString());
        }
        if (aCLEntry.getEntityID() != null) {
            acl.setEntityId(aCLEntry.getEntityID());
        }
        acl.setPublicAccess(Boolean.valueOf(aCLEntry.isPublicAccess()));
        acl.setIsEnabled(Boolean.valueOf(aCLEntry.isEnabled()));
        acl.setIsDefault(Boolean.valueOf(aCLEntry.isDefault()));
        if (num != null) {
            acl.setId(num);
        }
        return acl;
    }

    private static List<ACLEntry> convertAclListToACLEntryList(List<Acl> list) {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<Acl> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(convertAclToACLEntry(it.next()));
        }
        return arrayList;
    }

    private static ACLEntry convertAclToACLEntry(Acl acl) {
        ACLEntry aCLEntry = new ACLEntry();
        if (acl.getUserId() != null) {
            aCLEntry.setUserID(acl.getUserId());
        }
        if (acl.getGroupId() != null) {
            aCLEntry.setGroupID(acl.getGroupId());
        }
        if (acl.getEntityType() != null) {
            aCLEntry.setEntityType(Entity.valueOf(acl.getEntityType()));
        }
        if (acl.getEntityId() != null) {
            aCLEntry.setEntityID(acl.getEntityId());
        }
        if (acl.getPublicAccess().booleanValue()) {
            aCLEntry.setPublicAccess();
        }
        aCLEntry.setEnabled(acl.getIsEnabled().booleanValue());
        aCLEntry.setDefault(acl.getIsDefault().booleanValue());
        return aCLEntry;
    }

    private static Integer findEntryIdOnACL(List<Acl> list, ACLEntry aCLEntry) {
        Integer num = null;
        Iterator<Acl> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Acl next = it.next();
            if (convertAclToACLEntry(next).equals(aCLEntry)) {
                num = next.getId();
                break;
            }
        }
        return num;
    }

    @Inject
    public AuthorizationManagerDataBaseImpl(IIdentityManager iIdentityManager, IDEMManager iDEMManager) {
        super(iIdentityManager, iDEMManager);
        this.aclDao = ((IAuthorizationService) DIFIoCRegistry.getRegistry().getImplementation(IAuthorizationService.class, "Database")).getAclDAO();
    }

    private boolean aclContainsEntity(List<Acl> list, Entity entity, String str, boolean z) {
        if (list.isEmpty()) {
            return false;
        }
        for (Acl acl : list) {
            if (acl.getEntityId().equals(str) && acl.getEntityType().equals(entity.toString())) {
                return !z || acl.getIsEnabled().booleanValue();
            }
        }
        return false;
    }

    protected boolean addACLEntryToGroup(ACLEntry aCLEntry) throws AuthorizationManagerException {
        try {
            if (!this.identityManager.groupExists(aCLEntry.getGroupID())) {
                return false;
            }
            Session session = authorizationFactory.getSession();
            session.beginTransaction();
            List<Acl> findByGroupId = this.aclDao.findByGroupId(aCLEntry.getGroupID());
            if (findByGroupId.isEmpty()) {
                persistACLEntry(aCLEntry, null);
            } else {
                updateACLEntry(aCLEntry, findEntryIdOnACL(findByGroupId, aCLEntry));
            }
            session.getTransaction().commit();
            return true;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("Could not access the identity manager to verify group existance!", e);
        }
    }

    protected boolean addACLEntryToPublic(ACLEntry aCLEntry) {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByPublicAccess = this.aclDao.findByPublicAccess(true);
        boolean z = false;
        Iterator<Acl> it = findByPublicAccess.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Acl next = it.next();
            if (next.getEntityId().equals(aCLEntry.getEntityID()) && next.getEntityType().equals(aCLEntry.getEntityType().toString())) {
                z = true;
                break;
            }
        }
        if (z) {
            updateACLEntry(aCLEntry, findEntryIdOnACL(findByPublicAccess, aCLEntry));
        } else {
            persistACLEntry(aCLEntry, null);
        }
        session.getTransaction().commit();
        return true;
    }

    protected boolean addACLEntryToUser(ACLEntry aCLEntry) throws AuthorizationManagerException {
        try {
            if (!this.identityManager.userExists(aCLEntry.getUserID())) {
                return false;
            }
            Session session = authorizationFactory.getSession();
            session.beginTransaction();
            List<Acl> findByUserId = this.aclDao.findByUserId(aCLEntry.getUserID());
            if (findByUserId.isEmpty()) {
                persistACLEntry(aCLEntry, null);
            } else {
                updateACLEntry(aCLEntry, findEntryIdOnACL(findByUserId, aCLEntry));
            }
            session.getTransaction().commit();
            return true;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("Could not access the identity manager to verify user existance!", e);
        }
    }

    protected boolean doHasAccessGroup(IDIFGroup iDIFGroup, Entity entity, String str) throws AuthorizationManagerException {
        try {
            boolean hasAccessPublic = hasAccessPublic(entity, str);
            if (!hasAccessPublic) {
                if (iDIFGroup == null) {
                    return false;
                }
                Session session = authorizationFactory.getSession();
                session.beginTransaction();
                Acl acl = new Acl();
                acl.setGroupId(iDIFGroup.getID());
                acl.setEntityId(str);
                acl.setEntityType(entity.toString());
                acl.setIsEnabled(true);
                hasAccessPublic = !this.aclDao.findByExample(acl).isEmpty();
                session.getTransaction().commit();
                if (!hasAccessPublic) {
                    IDIFGroup parentGroup = iDIFGroup.getParentGroup();
                    if (parentGroup != null && parentGroup.getID() != null) {
                        while (!hasAccessPublic) {
                            if (hasAccessGroup(parentGroup, entity, str)) {
                                hasAccessPublic = true;
                            }
                            parentGroup = parentGroup.getParentGroup();
                        }
                    }
                }
            }
            return hasAccessPublic;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("Could not access identity manager to check if group with ID " + iDIFGroup.getID() + " exists!", e);
        }
    }

    protected boolean doHasAccessPublic(Entity entity, String str) {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByPublicAccess = this.aclDao.findByPublicAccess(true);
        session.getTransaction().commit();
        return aclContainsEntity(findByPublicAccess, entity, str, false);
    }

    public boolean doHasAccessUser(IDIFUser iDIFUser, Entity entity, String str) throws AuthorizationManagerException {
        try {
            boolean hasAccessPublic = hasAccessPublic(entity, str);
            if (!hasAccessPublic) {
                if (iDIFUser == null) {
                    return false;
                }
                Session session = authorizationFactory.getSession();
                session.beginTransaction();
                Acl acl = new Acl();
                acl.setUserId(iDIFUser.getID());
                acl.setEntityId(str);
                acl.setEntityType(entity.toString());
                acl.setIsEnabled(true);
                hasAccessPublic = !this.aclDao.findByExample(acl).isEmpty();
                session.getTransaction().commit();
                if (!hasAccessPublic) {
                    if (iDIFUser.getProfile() != null && hasAccessGroup(iDIFUser.getProfile(), entity, str)) {
                        hasAccessPublic = true;
                    }
                    if (!hasAccessPublic) {
                        Iterator it = iDIFUser.getGroups().values().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            if (hasAccessGroup((IDIFGroup) it.next(), entity, str)) {
                                hasAccessPublic = true;
                                break;
                            }
                        }
                    }
                }
            }
            return hasAccessPublic;
        } catch (IdentityManagerException e) {
            throw new AuthorizationManagerException("The identity manager can't be accessed to check user access privileges!", e);
        }
    }

    public List<ACLEntry> findACLEntriesByApplication(String str) {
        return findACLEntriesByEntity(str);
    }

    private List<ACLEntry> findACLEntriesByEntity(String str) {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByFieldParcial = this.aclDao.findByFieldParcial(Acl.Fields.ENTITYID, str);
        session.getTransaction().commit();
        return convertAclListToACLEntryList(findByFieldParcial);
    }

    public List<ACLEntry> findACLEntriesByGroup(String str) {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByGroupId = this.aclDao.findByGroupId(str);
        session.getTransaction().commit();
        return convertAclListToACLEntryList(findByGroupId);
    }

    public List<ACLEntry> findACLEntriesByProvider(String str) {
        return findACLEntriesByEntity(str);
    }

    public List<ACLEntry> findACLEntriesByService(String str) {
        return findACLEntriesByEntity(str);
    }

    public List<ACLEntry> findACLEntriesByStage(String str) {
        return findACLEntriesByEntity(str);
    }

    public List<ACLEntry> findACLEntriesByUser(String str) {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByUserId = this.aclDao.findByUserId(str);
        session.getTransaction().commit();
        return convertAclListToACLEntryList(findByUserId);
    }

    public List<ACLEntry> findPublicACLEntries() {
        Session session = authorizationFactory.getSession();
        session.beginTransaction();
        List<Acl> findByPublicAccess = this.aclDao.findByPublicAccess(true);
        session.getTransaction().commit();
        return convertAclListToACLEntryList(findByPublicAccess);
    }

    private void persistACLEntry(ACLEntry aCLEntry, Integer num) {
        this.aclDao.persist(convertACLEntryToAcl(aCLEntry, num));
    }

    public boolean revokeAccessFromGroup(String str, Entity entity, String str2) {
        Transaction beginTransaction = authorizationFactory.getSession().beginTransaction();
        boolean deleteGroupAccess = this.aclDao.deleteGroupAccess(str, entity.toString(), str2);
        beginTransaction.commit();
        return deleteGroupAccess;
    }

    public boolean revokeAccessFromPublic(Entity entity, String str) {
        Transaction beginTransaction = authorizationFactory.getSession().beginTransaction();
        boolean deletePublicAccess = this.aclDao.deletePublicAccess(entity.toString(), str);
        beginTransaction.commit();
        return deletePublicAccess;
    }

    public boolean revokeAccessFromUser(String str, Entity entity, String str2) {
        Transaction beginTransaction = authorizationFactory.getSession().beginTransaction();
        boolean deleteUserAccess = this.aclDao.deleteUserAccess(str, entity.toString(), str2);
        beginTransaction.commit();
        return deleteUserAccess;
    }

    public boolean revokeAllAccessFromGroup(String str) {
        Transaction beginTransaction = authorizationFactory.getSession().beginTransaction();
        boolean deleteAllGroupAccess = this.aclDao.deleteAllGroupAccess(str);
        beginTransaction.commit();
        return deleteAllGroupAccess;
    }

    public boolean revokeAllAccessFromUser(String str) {
        Transaction beginTransaction = authorizationFactory.getSession().beginTransaction();
        boolean deleteAllUserAccess = this.aclDao.deleteAllUserAccess(str);
        beginTransaction.commit();
        return deleteAllUserAccess;
    }

    private void updateACLEntry(ACLEntry aCLEntry, Integer num) {
        this.aclDao.merge(convertACLEntryToAcl(aCLEntry, num));
    }
}
