package pt.digitalis.dif.rgpd.api;

import java.io.IOException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringEscapeUtils;
import pt.digitalis.dif.dem.managers.impl.model.IRGPDService;
import pt.digitalis.dif.dem.managers.impl.model.data.DataConsent;
import pt.digitalis.dif.dem.managers.impl.model.data.DataConsentTrans;
import pt.digitalis.dif.dem.managers.impl.model.data.UserDataConsent;
import pt.digitalis.dif.ioc.DIFIoCRegistry;
import pt.digitalis.dif.model.dataset.DataSetException;
import pt.digitalis.dif.model.dataset.JoinType;
import pt.digitalis.dif.model.dataset.SortMode;
import pt.digitalis.dif.persistentactions.pool.mail.MailPersistentPool;
import pt.digitalis.dif.presentation.views.jsp.taglibs.TagLibUtils;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDCannotDetermineUserEmail;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDConsentRequiresProofException;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDDisabledConsentException;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDException;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDInvalidConsentException;
import pt.digitalis.dif.rgpd.api.exceptions.RGPDInvalidUserConsentException;
import pt.digitalis.dif.rgpd.utils.RGPDEntities;
import pt.digitalis.dif.rgpd.utils.RGPDUtils;
import pt.digitalis.dif.utils.extensions.document.DocumentRepositoryEntry;
import pt.digitalis.dif.utils.extensions.document.DocumentRepositoryException;
import pt.digitalis.dif.utils.extensions.document.IDocumentRepositoryManager;
import pt.digitalis.dif.utils.http.HttpUtils;
import pt.digitalis.dif.utils.logging.DIFLogger;
import pt.digitalis.dif.utils.mail.MailAction;
import pt.digitalis.dif.utils.mail.MailType;
import pt.digitalis.dif.utils.templates.TemplateUtils;
import pt.digitalis.utils.common.StringUtils;
import pt.digitalis.utils.config.IConfigurations;
import pt.digitalis.utils.crypto.exeption.CryptoException;
import pt.digitalis.utils.crypto.impl.EncryptorBase64Impl;

/* loaded from: input_file:pt/digitalis/dif/rgpd/api/RGPDManager.class */
public class RGPDManager {
    private static RGPDManager instance;
    private static final String SECURITY_SEED = "RGPD Seed key generator";
    private IRGPDService rgpdDB = (IRGPDService) DIFIoCRegistry.getRegistry().getImplementation(IRGPDService.class);

    public static synchronized RGPDManager getInstance() throws RGPDException {
        if (instance == null) {
            instance = new RGPDManager();
            instance.initialize();
        }
        return instance;
    }

    private RGPDManager() {
    }

    public void addConsentDefinition(ConsentDefinition consentDefinition) throws DataSetException, IOException, DocumentRepositoryException {
        if (this.rgpdDB.getDataConsentDataSet().query().equals("configId", RGPDConfiguration.getInstance().getConfigurationID()).equals("businessId", consentDefinition.getBusinessId()).singleValue() == null) {
            DataConsent dataConsent = new DataConsent();
            dataConsent.setConfigId(RGPDConfiguration.getInstance().getConfigurationID());
            dataConsent.setBusinessId(consentDefinition.getBusinessId());
            dataConsent.setDescription(consentDefinition.getDescription());
            dataConsent.setIsEnabled(consentDefinition.isEnabled());
            dataConsent.setIsMandatory(consentDefinition.isMandatory());
            dataConsent.setIsMustConfirmBymail(consentDefinition.isMustConfirmBymail());
            dataConsent.setIsMustUploadProof(consentDefinition.isMustUploadProof());
            dataConsent.setIsProtected(true);
            dataConsent.setProfileId(consentDefinition.getProfileId());
            dataConsent.setTitle(consentDefinition.getTitle());
            if (StringUtils.isNotBlank(consentDefinition.getTemplatePath())) {
                IDocumentRepositoryManager iDocumentRepositoryManager = (IDocumentRepositoryManager) DIFIoCRegistry.getRegistry().getImplementation(IDocumentRepositoryManager.class);
                DocumentRepositoryEntry documentRepositoryEntry = new DocumentRepositoryEntry();
                documentRepositoryEntry.setCreatorID((String) null);
                documentRepositoryEntry.setCreationDate(new Date());
                documentRepositoryEntry.setFileName("template.pdf");
                documentRepositoryEntry.setName("Template for consent: " + consentDefinition.getTitle());
                documentRepositoryEntry.setMimeType("pdf");
                documentRepositoryEntry.setBytes(IOUtils.toByteArray(TemplateUtils.getTemplateStream(consentDefinition.getTemplatePath())));
                dataConsent.setTemplateDocumentId(iDocumentRepositoryManager.addDocument(documentRepositoryEntry).getId());
            }
            DataConsent insert = this.rgpdDB.getDataConsentDataSet().insert(dataConsent);
            for (String str : consentDefinition.getTranslationLanguages()) {
                TranslationData translation = consentDefinition.getTranslation(str);
                DataConsentTrans dataConsentTrans = new DataConsentTrans();
                dataConsentTrans.setDataConsent(insert);
                dataConsentTrans.setLanguageId(str);
                dataConsentTrans.setTitle(translation.getTitle());
                dataConsentTrans.setDescription(translation.getDescription());
                this.rgpdDB.getDataConsentTransDataSet().insert(dataConsentTrans);
            }
        }
    }

    public String decodeValidationCode(String str) throws CryptoException {
        EncryptorBase64Impl encryptorBase64Impl = new EncryptorBase64Impl();
        encryptorBase64Impl.setSeed(SECURITY_SEED);
        return encryptorBase64Impl.decrypt(StringEscapeUtils.unescapeHtml(str));
    }

    public List<ActionResult> deletePersonalData(String str) {
        ArrayList arrayList = new ArrayList();
        Iterator it = DIFIoCRegistry.getRegistry().getImplementations(IRGPDApplicationSpecific.class).iterator();
        while (it.hasNext()) {
            ActionResult deletePersonalData = ((IRGPDApplicationSpecific) it.next()).deletePersonalData(str);
            if (deletePersonalData != null) {
                arrayList.add(deletePersonalData);
            }
        }
        return arrayList;
    }

    public String encodeValidationCode(String str) throws CryptoException {
        EncryptorBase64Impl encryptorBase64Impl = new EncryptorBase64Impl();
        encryptorBase64Impl.setSeed(SECURITY_SEED);
        return StringEscapeUtils.escapeHtml(encryptorBase64Impl.encrypt(str));
    }

    public TranslationData getConsentTranslation(DataConsent dataConsent, String str) throws RGPDInvalidConsentException, DataSetException {
        if (dataConsent == null) {
            throw new RGPDInvalidConsentException("");
        }
        DataConsentTrans singleValue = this.rgpdDB.getDataConsentTransDataSet().query().equals(DataConsentTrans.FK().dataConsent().CONFIGID(), RGPDConfiguration.getInstance().getConfigurationID()).equals("languageId", str).singleValue();
        return singleValue == null ? new TranslationData(dataConsent.getTitle(), dataConsent.getDescription()) : new TranslationData(singleValue.getTitle(), singleValue.getDescription());
    }

    public TranslationData getConsentTranslation(String str, String str2) throws DataSetException, RGPDInvalidConsentException {
        DataConsent dataConsent = getDataConsent(str);
        if (dataConsent == null) {
            throw new RGPDInvalidConsentException(str);
        }
        return getConsentTranslation(dataConsent, str2);
    }

    public DataConsent getDataConsent(String str) throws DataSetException {
        return this.rgpdDB.getDataConsentDataSet().query().equals("configId", RGPDConfiguration.getInstance().getConfigurationID()).equals("businessId", str).singleValue();
    }

    public UserDataConsent getUserDataConsent(String str, String str2) throws DataSetException {
        return this.rgpdDB.getUserDataConsentDataSet().query().equals(UserDataConsent.FK().dataConsent().CONFIGID(), RGPDConfiguration.getInstance().getConfigurationID()).equals(UserDataConsent.FK().dataConsent().BUSINESSID(), str2).equals("userId", str).addJoin(UserDataConsent.FK().dataConsent(), JoinType.NORMAL).sortBy("id", SortMode.DESCENDING).singleValue();
    }

    public ActionResult giveConsent(String str, String str2, DocumentRepositoryEntry documentRepositoryEntry, String str3) throws DataSetException, RGPDException, DocumentRepositoryException, IOException {
        boolean z;
        UserDataConsent userDataConsent = getUserDataConsent(str, str2);
        DataConsent dataConsent = getDataConsent(str2);
        MailAction mailAction = null;
        if (userDataConsent == null) {
            if (dataConsent == null) {
                return new ActionResult(false, (Exception) new RGPDInvalidConsentException(str2));
            }
            if (!dataConsent.isIsEnabled()) {
                return new ActionResult(false, (Exception) new RGPDDisabledConsentException(dataConsent));
            }
            z = true;
        } else {
            if (UserConsentStates.isActive(userDataConsent)) {
                String str4 = "The consent '" + str2 + "' was already given by the user '" + str + "'.";
                DIFLogger.getLogger().info(str4);
                return new ActionResult(true, str4);
            }
            if ("P".equals(userDataConsent.getState())) {
                return validateUserConsent(userDataConsent, documentRepositoryEntry);
            }
            if (!dataConsent.isIsEnabled()) {
                return new ActionResult(false, (Exception) new RGPDDisabledConsentException(dataConsent));
            }
            z = true;
        }
        if (!z) {
            throw new RGPDException("Unhandled exception. Should have been reported some problem or been granted the consent. Review logic for the consent '" + str2 + "' for the user '" + str + "'");
        }
        if (dataConsent.isIsMustUploadProof() && documentRepositoryEntry == null) {
            return new ActionResult(false, (Exception) new RGPDConsentRequiresProofException(str2));
        }
        UserDataConsent userDataConsent2 = new UserDataConsent();
        userDataConsent2.setDataConsent(dataConsent);
        userDataConsent2.setUserId(str);
        userDataConsent2.setDateGiven(new Timestamp(System.currentTimeMillis()));
        if (documentRepositoryEntry != null) {
            if (documentRepositoryEntry.getId() == null) {
                documentRepositoryEntry = ((IDocumentRepositoryManager) DIFIoCRegistry.getRegistry().getImplementation(IDocumentRepositoryManager.class)).addDocument(documentRepositoryEntry);
            }
            userDataConsent2.setProofDocumentId(documentRepositoryEntry.getId());
        }
        if (dataConsent.isIsMustConfirmBymail()) {
            String str5 = "The user '" + str + "' has not email and the consent '" + str2 + "' requires it";
            try {
                String userEMail = ((IRGPDApplicationBehaviour) DIFIoCRegistry.getRegistry().getImplementation(IRGPDApplicationBehaviour.class)).getUserEMail(str);
                if (StringUtils.isBlank(userEMail)) {
                    return new ActionResult(false, str5);
                }
                userDataConsent2.setState("P");
                mailAction = new MailAction();
                mailAction.setAddressTo(userEMail);
            } catch (RGPDCannotDetermineUserEmail e) {
                return new ActionResult(false, str5, e);
            }
        } else {
            userDataConsent2.setState(UserConsentStates.ACTIVE);
        }
        UserDataConsent insert = this.rgpdDB.getUserDataConsentDataSet().insert(userDataConsent2);
        if (mailAction != null) {
            Map<String, String> rGPDMessages = RGPDUtils.getRGPDMessages(str3);
            HashMap hashMap = new HashMap();
            TranslationData consentTranslation = getConsentTranslation(dataConsent, str3);
            hashMap.put("appName", HttpUtils.getApplicationTag());
            hashMap.put("consentTitle", consentTranslation.getTitle());
            hashMap.put("consentDescription", consentTranslation.getDescription());
            try {
                hashMap.put("validationURL", TagLibUtils.getStageLinkWithParameters(RGPDEntities.RGPD_CONSENT_VALIDATION_STAGE_ID, "validationCode=" + encodeValidationCode(insert.getId().toString())));
                String parseTemplateLine = TemplateUtils.parseTemplateLine(rGPDMessages.get("validationMailTitle"), hashMap);
                String stringBuffer = TemplateUtils.getTemplateContent("templates/consentValidationMail.html", hashMap).toString();
                mailAction.setType(MailType.HTML);
                mailAction.setSubject(parseTemplateLine);
                mailAction.setBody(stringBuffer);
                MailPersistentPool.getPool().addActionWaitIfEmpty(mailAction);
            } catch (CryptoException e2) {
                return new ActionResult(false, "Error sending validation mail. The consent '" + dataConsent.getBusinessId() + "' request for the user '" + str + "' will stay pending until it is handled by the administrator.", e2);
            }
        }
        return new ActionResult(true);
    }

    public boolean hasGivenConsent(String str, String str2) throws DataSetException {
        return UserConsentStates.isActive(getUserDataConsent(str, str2));
    }

    private void initialize() throws RGPDException {
        IRGPDApplicationBehaviour iRGPDApplicationBehaviour = (IRGPDApplicationBehaviour) DIFIoCRegistry.getRegistry().getImplementation(IRGPDApplicationBehaviour.class);
        if (StringUtils.isBlank(RGPDConfiguration.getInstance().getConfigurationID())) {
            RGPDConfiguration.getInstance().setConfigurationID(iRGPDApplicationBehaviour.getConfigurationsDefaultID());
            try {
                ((IConfigurations) DIFIoCRegistry.getRegistry().getImplementation(IConfigurations.class)).writeConfiguration(RGPDConfiguration.getInstance());
            } catch (Exception e) {
                throw new RGPDException("Error wrinting the RGPD configuration", e);
            }
        }
        for (IRGPDApplicationSpecific iRGPDApplicationSpecific : DIFIoCRegistry.getRegistry().getImplementations(IRGPDApplicationSpecific.class)) {
            try {
                iRGPDApplicationSpecific.declareConsents(instance);
            } catch (Exception e2) {
                throw new RGPDException("Error initializing the consents from '" + iRGPDApplicationSpecific.getClass().getSimpleName() + "' application contribution", e2);
            }
        }
    }

    public ActionResult revokeConsent(String str, String str2) throws DataSetException, RGPDInvalidUserConsentException {
        UserDataConsent userDataConsent = getUserDataConsent(str, str2);
        if (userDataConsent != null) {
            return revokeConsent(userDataConsent);
        }
        if (getDataConsent(str2) == null) {
            return new ActionResult(false, (Exception) new RGPDInvalidConsentException(str2));
        }
        String str3 = "The user '" + str + "' has not given consent '" + str2 + "' so we can not revoke it";
        DIFLogger.getLogger().warn(str3);
        return new ActionResult(false, str3);
    }

    public ActionResult revokeConsent(UserDataConsent userDataConsent) throws DataSetException, RGPDInvalidUserConsentException {
        if (userDataConsent == null) {
            return new ActionResult(false, (Exception) new RGPDInvalidUserConsentException());
        }
        if (UserConsentStates.REVOKED.equals(userDataConsent.getState())) {
            String str = "The user '" + userDataConsent.getUserId() + "' has already revoked the consent '" + userDataConsent.getDataConsent().getBusinessId() + "'";
            DIFLogger.getLogger().warn(str);
            return new ActionResult(false, str);
        }
        userDataConsent.setState(UserConsentStates.REVOKED);
        userDataConsent.setDateRevoked(new Timestamp(System.currentTimeMillis()));
        this.rgpdDB.getUserDataConsentDataSet().update(userDataConsent);
        return new ActionResult(true);
    }

    public ActionResult validateUserConsent(String str, String str2, DocumentRepositoryEntry documentRepositoryEntry) throws DataSetException, RGPDException, DocumentRepositoryException {
        UserDataConsent userDataConsent = getUserDataConsent(str, str2);
        return userDataConsent == null ? new ActionResult(false, (Exception) new RGPDInvalidUserConsentException(str, str2)) : validateUserConsent(userDataConsent, documentRepositoryEntry);
    }

    public ActionResult validateUserConsent(UserDataConsent userDataConsent, DocumentRepositoryEntry documentRepositoryEntry) throws RGPDException, DataSetException, DocumentRepositoryException {
        if (userDataConsent == null) {
            return new ActionResult(false, (Exception) new RGPDInvalidUserConsentException());
        }
        if (!"P".equals(userDataConsent.getState())) {
            return new ActionResult(false, "The user consent '" + userDataConsent.getDataConsent().getBusinessId() + "' is not pending for the user '" + userDataConsent.getUserId() + "'.");
        }
        if (userDataConsent.getDataConsent().isIsMustUploadProof() && userDataConsent.getProofDocumentId() == null && documentRepositoryEntry == null) {
            return new ActionResult(false, (Exception) new RGPDConsentRequiresProofException(userDataConsent.getDataConsent().getBusinessId()));
        }
        userDataConsent.setState(UserConsentStates.ACTIVE);
        userDataConsent.setDateConfirmed(new Timestamp(System.currentTimeMillis()));
        if (documentRepositoryEntry != null) {
            if (documentRepositoryEntry.getId() == null) {
                documentRepositoryEntry = ((IDocumentRepositoryManager) DIFIoCRegistry.getRegistry().getImplementation(IDocumentRepositoryManager.class)).addDocument(documentRepositoryEntry);
            }
            userDataConsent.setProofDocumentId(documentRepositoryEntry.getId());
        }
        return new ActionResult(true);
    }
}
