package de.ingrid.mdek.services.security;

import de.ingrid.mdek.EnumUtil;
import de.ingrid.mdek.MdekError;
import de.ingrid.mdek.MdekUtils;
import de.ingrid.mdek.MdekUtilsSecurity;
import de.ingrid.mdek.job.MdekException;
import de.ingrid.mdek.services.persistence.db.DaoFactory;
import de.ingrid.mdek.services.persistence.db.IEntity;
import de.ingrid.mdek.services.persistence.db.IGenericDao;
import de.ingrid.mdek.services.persistence.db.dao.IAddressNodeDao;
import de.ingrid.mdek.services.persistence.db.dao.IIdcGroupDao;
import de.ingrid.mdek.services.persistence.db.dao.IIdcUserDao;
import de.ingrid.mdek.services.persistence.db.dao.IObjectNodeDao;
import de.ingrid.mdek.services.persistence.db.dao.IPermissionDao;
import de.ingrid.mdek.services.persistence.db.model.AddressNode;
import de.ingrid.mdek.services.persistence.db.model.IdcGroup;
import de.ingrid.mdek.services.persistence.db.model.IdcUser;
import de.ingrid.mdek.services.persistence.db.model.IdcUserGroup;
import de.ingrid.mdek.services.persistence.db.model.IdcUserPermission;
import de.ingrid.mdek.services.persistence.db.model.ObjectNode;
import de.ingrid.mdek.services.persistence.db.model.Permission;
import de.ingrid.mdek.services.persistence.db.model.PermissionAddr;
import de.ingrid.mdek.services.persistence.db.model.PermissionObj;
import de.ingrid.mdek.services.persistence.hdd.HddPersistenceService;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:ingrid-iplug-ige-6.2.1/lib/ingrid-mdek-services-6.2.1.jar:de/ingrid/mdek/services/security/DefaultPermissionService.class */
public class DefaultPermissionService implements IPermissionService {
    private static final Logger LOG = LogManager.getLogger((Class<?>) HddPersistenceService.class);
    protected IPermissionDao permissionDao;
    protected IGenericDao<IEntity> permissionObjDao;
    protected IGenericDao<IEntity> permissionAddrDao;
    protected IGenericDao<IEntity> idcUserPermissionDao;
    protected IIdcUserDao idcUserDao;
    protected IIdcGroupDao idcGroupDao;
    protected IObjectNodeDao objectNodeDao;
    protected IAddressNodeDao addressNodeDao;

    @Autowired
    public DefaultPermissionService(DaoFactory daoFactory) {
        this.permissionDao = daoFactory.getPermissionDao();
        this.permissionObjDao = daoFactory.getDao(PermissionObj.class);
        this.permissionAddrDao = daoFactory.getDao(PermissionAddr.class);
        this.idcUserPermissionDao = daoFactory.getDao(IdcUserPermission.class);
        this.idcUserDao = daoFactory.getIdcUserDao();
        this.idcGroupDao = daoFactory.getIdcGroupDao();
        this.objectNodeDao = daoFactory.getObjectNodeDao();
        this.addressNodeDao = daoFactory.getAddressNodeDao();
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean hasPermissionForAddress(String str, EntityPermission entityPermission, Long l) {
        Iterator<Permission> it2 = this.permissionDao.getAddressPermissions(str, entityPermission.getUuid(), l).iterator();
        while (it2.hasNext()) {
            if (isEqualPermission(it2.next(), entityPermission.getPermission())) {
                return true;
            }
        }
        return false;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean hasInheritedPermissionForAddress(String str, EntityPermission entityPermission, Long l) {
        if (MdekUtils.AddressType.getIGEUserParentUuid().equals(entityPermission.getUuid())) {
            return false;
        }
        EntityPermission entityPermission2 = new EntityPermission(entityPermission.permission, entityPermission.getUuid());
        while (!hasPermissionForAddress(str, entityPermission2, l)) {
            AddressNode loadByUuid = this.addressNodeDao.loadByUuid(entityPermission2.getUuid(), null);
            if (loadByUuid == null) {
                throw new MdekException(new MdekError(MdekError.MdekErrorType.ENTITY_NOT_FOUND));
            }
            entityPermission2.setUuid(loadByUuid.getFkAddrUuid());
            if (!MdekUtils.isValidUuid(entityPermission2.getUuid())) {
                return false;
            }
        }
        return true;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean hasPermissionForObject(String str, EntityPermission entityPermission, Long l) {
        Iterator<Permission> it2 = this.permissionDao.getObjectPermissions(str, entityPermission.getUuid(), l).iterator();
        while (it2.hasNext()) {
            if (isEqualPermission(it2.next(), entityPermission.getPermission())) {
                return true;
            }
        }
        return false;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean hasInheritedPermissionForObject(String str, EntityPermission entityPermission, Long l) {
        EntityPermission entityPermission2 = new EntityPermission(entityPermission.getPermission(), entityPermission.getUuid());
        while (!hasPermissionForObject(str, entityPermission2, l)) {
            ObjectNode loadByUuid = this.objectNodeDao.loadByUuid(entityPermission2.getUuid(), null);
            if (loadByUuid == null) {
                throw new MdekException(new MdekError(MdekError.MdekErrorType.ENTITY_NOT_FOUND));
            }
            entityPermission2.setUuid(loadByUuid.getFkObjUuid());
            if (entityPermission2.getUuid() == null) {
                return false;
            }
        }
        return true;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean hasUserPermission(String str, Permission permission, Long l) {
        Iterator<Permission> it2 = this.permissionDao.getUserPermissions(str, l).iterator();
        while (it2.hasNext()) {
            if (isEqualPermission(it2.next(), permission)) {
                return true;
            }
        }
        return false;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void grantAddressPermission(String str, EntityPermission entityPermission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(entityPermission.getPermission());
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            PermissionAddr permissionAddr = new PermissionAddr();
            permissionAddr.setPermissionId(findUniquePermissionByExample.getId());
            permissionAddr.setIdcGroupId(l);
            permissionAddr.setUuid(entityPermission.getUuid());
            this.permissionAddrDao.makePersistent(permissionAddr);
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void grantObjectPermission(String str, EntityPermission entityPermission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(entityPermission.getPermission());
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            PermissionObj permissionObj = new PermissionObj();
            permissionObj.setPermissionId(findUniquePermissionByExample.getId());
            permissionObj.setIdcGroupId(l);
            permissionObj.setUuid(entityPermission.getUuid());
            this.permissionObjDao.makePersistent(permissionObj);
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void grantUserPermission(String str, Permission permission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(permission);
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            IdcUserPermission idcUserPermission = new IdcUserPermission();
            idcUserPermission.setPermissionId(findUniquePermissionByExample.getId());
            idcUserPermission.setIdcGroupId(l);
            this.idcUserPermissionDao.makePersistent(idcUserPermission);
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void revokeAddressPermission(String str, EntityPermission entityPermission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(entityPermission.getPermission());
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            PermissionAddr permissionAddr = new PermissionAddr();
            permissionAddr.setPermissionId(findUniquePermissionByExample.getId());
            permissionAddr.setIdcGroupId(l);
            permissionAddr.setUuid(entityPermission.getUuid());
            Iterator<IEntity> it2 = this.permissionAddrDao.findByExample(permissionAddr).iterator();
            while (it2.hasNext()) {
                this.permissionAddrDao.makeTransient(it2.next());
            }
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void revokeObjectPermission(String str, EntityPermission entityPermission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(entityPermission.getPermission());
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            PermissionObj permissionObj = new PermissionObj();
            permissionObj.setPermissionId(findUniquePermissionByExample.getId());
            permissionObj.setIdcGroupId(l);
            permissionObj.setUuid(entityPermission.getUuid());
            Iterator<IEntity> it2 = this.permissionObjDao.findByExample(permissionObj).iterator();
            while (it2.hasNext()) {
                this.permissionObjDao.makeTransient(it2.next());
            }
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public void revokeUserPermission(String str, Permission permission, List<Long> list) {
        Permission findUniquePermissionByExample = findUniquePermissionByExample(permission);
        if (list == null) {
            list = getGroupIdsOfUser(getUserByAddrUuid(str));
        }
        for (Long l : list) {
            IdcUserPermission idcUserPermission = new IdcUserPermission();
            idcUserPermission.setPermissionId(findUniquePermissionByExample.getId());
            idcUserPermission.setIdcGroupId(l);
            Iterator<IEntity> it2 = this.idcUserPermissionDao.findByExample(idcUserPermission).iterator();
            while (it2.hasNext()) {
                this.idcUserPermissionDao.makeTransient(it2.next());
            }
        }
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public List<Long> getGroupIdsContainingUserPermission(String str, Permission permission) {
        return this.idcGroupDao.getGroupIdsContainingUserPermission(str, findUniquePermissionByExample(permission).getId());
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public List<Long> getGroupIdsContainingObjectPermission(String str, EntityPermission entityPermission) {
        return this.idcGroupDao.getGroupIdsContainingObjectPermission(str, findUniquePermissionByExample(entityPermission.getPermission()).getId(), entityPermission.getUuid());
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public List<Long> getGroupIdsContainingAddressPermission(String str, EntityPermission entityPermission) {
        return this.idcGroupDao.getGroupIdsContainingAddressPermission(str, findUniquePermissionByExample(entityPermission.getPermission()).getId(), entityPermission.getUuid());
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public Permission getPermissionByPermIdClient(String str) {
        MdekUtilsSecurity.IdcPermission idcPermission = (MdekUtilsSecurity.IdcPermission) EnumUtil.mapDatabaseToEnumConst(MdekUtilsSecurity.IdcPermission.class, str);
        Permission permission = null;
        if (MdekUtilsSecurity.IdcPermission.WRITE_SINGLE == idcPermission) {
            permission = PermissionFactory.getPermissionTemplateSingle();
        } else if (MdekUtilsSecurity.IdcPermission.WRITE_TREE == idcPermission) {
            permission = PermissionFactory.getPermissionTemplateTree();
        } else if (MdekUtilsSecurity.IdcPermission.WRITE_SUBNODE == idcPermission) {
            permission = PermissionFactory.getPermissionTemplateSubNode();
        } else if (MdekUtilsSecurity.IdcPermission.CREATE_ROOT == idcPermission) {
            permission = PermissionFactory.getPermissionTemplateCreateRoot();
        } else if (MdekUtilsSecurity.IdcPermission.QUALITY_ASSURANCE == idcPermission) {
            permission = PermissionFactory.getPermissionTemplateQA();
        }
        return findUniquePermissionByExample(permission);
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public String getPermIdClientByPermission(Permission permission) {
        String str = null;
        if (isEqualPermission(permission, PermissionFactory.getPermissionTemplateSingle())) {
            str = MdekUtilsSecurity.IdcPermission.WRITE_SINGLE.getDbValue();
        } else if (isEqualPermission(permission, PermissionFactory.getPermissionTemplateTree())) {
            str = MdekUtilsSecurity.IdcPermission.WRITE_TREE.getDbValue();
        } else if (isEqualPermission(permission, PermissionFactory.getPermissionTemplateCreateRoot())) {
            str = MdekUtilsSecurity.IdcPermission.CREATE_ROOT.getDbValue();
        } else if (isEqualPermission(permission, PermissionFactory.getPermissionTemplateQA())) {
            str = MdekUtilsSecurity.IdcPermission.QUALITY_ASSURANCE.getDbValue();
        } else if (isEqualPermission(permission, PermissionFactory.getPermissionTemplateSubNode())) {
            str = MdekUtilsSecurity.IdcPermission.WRITE_SUBNODE.getDbValue();
        } else if (isEqualPermission(permission, PermissionFactory.getDummyPermissionSubTree())) {
            str = MdekUtilsSecurity.IdcPermission.DUMMY_WRITE_SUBTREE.getDbValue();
        }
        return str;
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean isEqualPermission(Permission permission, Permission permission2) {
        return permission != null && permission2 != null && permission.getAction().equals(permission2.getAction()) && permission.getClassName().equals(permission2.getClassName()) && permission.getName().equals(permission2.getName());
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public IdcUser getCatalogAdminUser() {
        return this.idcUserDao.getCatalogAdmin();
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public IdcGroup getCatalogAdminGroup() {
        return this.idcGroupDao.loadByName(MdekUtilsSecurity.GROUP_NAME_ADMINISTRATORS);
    }

    @Override // de.ingrid.mdek.services.security.IPermissionService
    public boolean isCatalogAdmin(String str) {
        return getCatalogAdminUser().getAddrUuid().equals(str);
    }

    private Permission findUniquePermissionByExample(Permission permission) {
        return this.permissionDao.findUniqueByExample(permission);
    }

    private IdcUser getUserByAddrUuid(String str) {
        return this.idcUserDao.getIdcUserByAddrUuid(str);
    }

    private List<Long> getGroupIdsOfUser(IdcUser idcUser) {
        ArrayList arrayList = new ArrayList();
        Iterator it2 = idcUser.getIdcUserGroups().iterator();
        while (it2.hasNext()) {
            arrayList.add(((IdcUserGroup) it2.next()).getIdcGroupId());
        }
        return arrayList;
    }
}
