package pl.psnc.synat.wrdz.zu.permission;

import java.util.ArrayList;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import pl.psnc.synat.wrdz.common.dao.QueryFilter;
import pl.psnc.synat.wrdz.common.exception.WrdzRuntimeException;
import pl.psnc.synat.wrdz.zu.dao.permission.GroupManagementPermissionDao;
import pl.psnc.synat.wrdz.zu.dao.permission.GroupManagementPermissionFilterFactory;
import pl.psnc.synat.wrdz.zu.dao.user.GroupAuthenticationDao;
import pl.psnc.synat.wrdz.zu.dao.user.GroupAuthenticationFilterFactory;
import pl.psnc.synat.wrdz.zu.dao.user.UserDao;
import pl.psnc.synat.wrdz.zu.entity.permission.GroupManagementPermission;
import pl.psnc.synat.wrdz.zu.entity.user.GroupAuthentication;
import pl.psnc.synat.wrdz.zu.entity.user.User;
import pl.psnc.synat.wrdz.zu.exceptions.NotAuthorizedException;
import pl.psnc.synat.wrdz.zu.types.ManagementPermissionType;

@Stateless
/* loaded from: input_file:wrdz-zu-business-0.0.10.jar:pl/psnc/synat/wrdz/zu/permission/GroupManagementPermissionManagerBean.class */
public class GroupManagementPermissionManagerBean implements GroupManagementPermissionManager {
    private static final long serialVersionUID = 1810204486963092536L;

    @EJB
    private GroupManagementPermissionDao groupManagementPermissionDao;

    @EJB
    private GroupAuthenticationDao groupAuthenticationDao;

    @EJB
    private UserDao userDao;

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public List<Long> fetchWithPermission(String str, ManagementPermissionType managementPermissionType) {
        User user = getUser(str);
        if (user == null) {
            return Collections.emptyList();
        }
        List<GroupAuthentication> groups = user.getUserData().getGroups();
        ArrayList arrayList = new ArrayList();
        Iterator<GroupAuthentication> it = groups.iterator();
        while (it.hasNext()) {
            arrayList.add(Long.valueOf(it.next().getId()));
        }
        return this.groupManagementPermissionDao.findGroupsWithPermission(arrayList, managementPermissionType);
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public boolean hasPermission(String str, Long l, ManagementPermissionType managementPermissionType) {
        if (str == null || managementPermissionType == null) {
            throw new WrdzRuntimeException("Authorization check cannot be performed for null user or permissionType parameter.");
        }
        User user = getUser(str);
        if (user == null) {
            return false;
        }
        if (user.isAdmin()) {
            return true;
        }
        List<GroupAuthentication> groups = user.getUserData().getGroups();
        ArrayList arrayList = new ArrayList();
        Iterator<GroupAuthentication> it = groups.iterator();
        while (it.hasNext()) {
            arrayList.add(Long.valueOf(it.next().getId()));
        }
        GroupManagementPermissionFilterFactory queryFilterFactory = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        return this.groupManagementPermissionDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupIn(arrayList), queryFilterFactory.byPermissionType(managementPermissionType), queryFilterFactory.byResourceId(l))) != null;
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void checkPermission(String str, Long l, ManagementPermissionType managementPermissionType) throws NotAuthorizedException {
        if (!hasPermission(str, l, managementPermissionType)) {
            throw new NotAuthorizedException("Permission check failed for [" + str + "; " + l + "; " + managementPermissionType + "]");
        }
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void setOwnerPermissions(String str, long j) {
        setPermissions(str, true, Long.valueOf(j), EnumSet.of(ManagementPermissionType.GRANT, ManagementPermissionType.READ, ManagementPermissionType.UPDATE));
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public Map<String, Set<ManagementPermissionType>> getUserPermissions(long j) {
        return getPermissions(true, j);
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void setUserPermissions(String str, long j, Set<ManagementPermissionType> set) {
        setPermissions(str, true, Long.valueOf(j), set);
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public Map<String, Set<ManagementPermissionType>> getGroupPermissions(long j) {
        return getPermissions(false, j);
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void setGroupPermissions(String str, long j, Set<ManagementPermissionType> set) {
        setPermissions(str, false, Long.valueOf(j), set);
    }

    private Map<String, Set<ManagementPermissionType>> getPermissions(boolean z, long j) {
        GroupManagementPermissionFilterFactory queryFilterFactory = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        List<GroupManagementPermission> findBy = this.groupManagementPermissionDao.findBy((QueryFilter) queryFilterFactory.and(queryFilterFactory.byGroupSingleUser(z), queryFilterFactory.byResourceId(Long.valueOf(j)), new QueryFilter[0]), true);
        HashMap hashMap = new HashMap();
        for (GroupManagementPermission groupManagementPermission : findBy) {
            String groupname = groupManagementPermission.getGroup().getGroupname();
            if (!hashMap.containsKey(groupname)) {
                hashMap.put(groupname, EnumSet.noneOf(ManagementPermissionType.class));
            }
            ((Set) hashMap.get(groupname)).add(groupManagementPermission.getPermission());
        }
        return hashMap;
    }

    private void setPermissions(String str, boolean z, Long l, Set<ManagementPermissionType> set) {
        GroupAuthenticationFilterFactory queryFilterFactory = this.groupAuthenticationDao.createQueryModifier().getQueryFilterFactory();
        GroupAuthentication findFirstResultBy = this.groupAuthenticationDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupName(str), queryFilterFactory.bySingleUser(z), new QueryFilter[0]));
        if (findFirstResultBy == null) {
            return;
        }
        GroupManagementPermissionFilterFactory queryFilterFactory2 = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        for (GroupManagementPermission groupManagementPermission : this.groupManagementPermissionDao.findBy((QueryFilter) queryFilterFactory2.and(queryFilterFactory2.byGroupIn(Collections.singletonList(Long.valueOf(findFirstResultBy.getId()))), queryFilterFactory2.byResourceId(l), new QueryFilter[0]), true)) {
            if (set.contains(groupManagementPermission.getPermission())) {
                set.remove(groupManagementPermission.getPermission());
            } else {
                this.groupManagementPermissionDao.delete(groupManagementPermission);
            }
        }
        for (ManagementPermissionType managementPermissionType : set) {
            GroupManagementPermission groupManagementPermission2 = new GroupManagementPermission();
            groupManagementPermission2.setGroup(findFirstResultBy);
            groupManagementPermission2.setPermission(managementPermissionType);
            groupManagementPermission2.setResourceId(l);
            this.groupManagementPermissionDao.persist(groupManagementPermission2);
        }
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public boolean getUserCreatePermission(String str) {
        GroupAuthentication group = getGroup(str, true);
        if (group == null) {
            return false;
        }
        GroupManagementPermissionFilterFactory queryFilterFactory = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        return this.groupManagementPermissionDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupId(Long.valueOf(group.getId())), queryFilterFactory.byPermissionType(ManagementPermissionType.CREATE), queryFilterFactory.byResourceId(null))) != null;
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void setUserCreatePermission(String str, boolean z) {
        setPermissions(str, true, null, z ? EnumSet.of(ManagementPermissionType.CREATE) : EnumSet.noneOf(ManagementPermissionType.class));
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public boolean getGroupCreatePermission(String str) {
        GroupAuthentication group = getGroup(str, false);
        if (group == null) {
            return false;
        }
        GroupManagementPermissionFilterFactory queryFilterFactory = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        return this.groupManagementPermissionDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupId(Long.valueOf(group.getId())), queryFilterFactory.byPermissionType(ManagementPermissionType.CREATE), queryFilterFactory.byResourceId(null))) != null;
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void setGroupCreatePermission(String str, boolean z) {
        setPermissions(str, false, null, z ? EnumSet.of(ManagementPermissionType.CREATE) : EnumSet.noneOf(ManagementPermissionType.class));
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void removePermissions(long j) {
        Iterator<GroupManagementPermission> it = this.groupManagementPermissionDao.findBy((QueryFilter) this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory().byResourceId(Long.valueOf(j)), true).iterator();
        while (it.hasNext()) {
            this.groupManagementPermissionDao.delete(it.next());
        }
    }

    @Override // pl.psnc.synat.wrdz.zu.permission.PermissionManager
    public void removePermissionsForGroup(long j) {
        Iterator<GroupManagementPermission> it = this.groupManagementPermissionDao.findBy((QueryFilter) this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory().byGroupId(Long.valueOf(j)), true).iterator();
        while (it.hasNext()) {
            this.groupManagementPermissionDao.delete(it.next());
        }
    }

    private void removeCreatePermission(String str, boolean z) {
        GroupAuthenticationFilterFactory queryFilterFactory = this.groupAuthenticationDao.createQueryModifier().getQueryFilterFactory();
        GroupAuthentication findFirstResultBy = this.groupAuthenticationDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupName(str), queryFilterFactory.bySingleUser(z), new QueryFilter[0]));
        if (findFirstResultBy == null) {
            return;
        }
        GroupManagementPermissionFilterFactory queryFilterFactory2 = this.groupManagementPermissionDao.createQueryModifier().getQueryFilterFactory();
        GroupManagementPermission findFirstResultBy2 = this.groupManagementPermissionDao.findFirstResultBy(queryFilterFactory2.and(queryFilterFactory2.byGroupId(Long.valueOf(findFirstResultBy.getId())), queryFilterFactory2.byPermissionType(ManagementPermissionType.CREATE), new QueryFilter[0]));
        if (findFirstResultBy2 != null) {
            this.groupManagementPermissionDao.delete(findFirstResultBy2);
        }
    }

    private User getUser(String str) {
        return this.userDao.findFirstResultBy(this.userDao.createQueryModifier().getQueryFilterFactory().byUsername(str));
    }

    private GroupAuthentication getGroup(String str, boolean z) {
        GroupAuthenticationFilterFactory queryFilterFactory = this.groupAuthenticationDao.createQueryModifier().getQueryFilterFactory();
        return this.groupAuthenticationDao.findFirstResultBy(queryFilterFactory.and(queryFilterFactory.byGroupName(str), queryFilterFactory.bySingleUser(z), new QueryFilter[0]));
    }
}
