package de.sep.sesam.restapi.v2.acls.model;

import de.sep.sesam.common.json.JsonUtil;
import de.sep.sesam.model.AclPermission;
import de.sep.sesam.model.AclUser;
import de.sep.sesam.model.Acls;
import de.sep.sesam.model.Groups;
import de.sep.sesam.model.Locations;
import de.sep.sesam.model.MediaPools;
import de.sep.sesam.model.Schedules;
import de.sep.sesam.model.TaskGroups;
import de.sep.sesam.model.core.defaults.DefaultGroupNames;
import de.sep.sesam.model.core.interfaces.IEntity;
import de.sep.sesam.model.type.AclGrantType;
import de.sep.sesam.model.type.AclPermissionType;
import de.sep.sesam.model.type.AclUserType;
import de.sep.sesam.rest.exceptions.ServiceException;
import de.sep.sesam.restapi.core.acls.filter.AclsFilter;
import de.sep.sesam.restapi.dao.AclsDao;
import de.sep.sesam.restapi.dao.LocationsDao;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.message.StructuredDataId;

/* loaded from: input_file:de/sep/sesam/restapi/v2/acls/model/DefaultAclProvider.class */
public final class DefaultAclProvider {
    public static final Locations ROOT_LOCATION;
    private static final Acls DEFAULT_ACL;
    private static boolean whiteList;
    private static final AclPermission ALLOW_PERMISSION;
    private static final AclPermission DENY_PERMISSION;
    private static final AclUser aclEverybodyUser;
    static final /* synthetic */ boolean $assertionsDisabled;

    private DefaultAclProvider() {
    }

    public static AclUser getAclEverybodyUser() {
        return aclEverybodyUser;
    }

    public static void initialize(boolean z) {
        if (whiteList == z) {
            return;
        }
        whiteList = z;
        ArrayList arrayList = new ArrayList();
        arrayList.add(z ? DENY_PERMISSION : ALLOW_PERMISSION);
        aclEverybodyUser.setPermissionsList(arrayList);
        String str = null;
        if (!$assertionsDisabled && !CollectionUtils.isNotEmpty(DEFAULT_ACL.getUsers())) {
            throw new AssertionError();
        }
        str = JsonUtil.getString(DEFAULT_ACL.getUsers());
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        DEFAULT_ACL.setValue(str);
    }

    public static Acls getDefaultAclFromDB(AclsDao aclsDao, String str) {
        if (!$assertionsDisabled && aclsDao == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        Acls acls = null;
        try {
            AclsFilter aclsFilter = new AclsFilter();
            aclsFilter.setObject(StructuredDataId.RESERVED);
            aclsFilter.setOrigin(str);
            List<Acls> filter = aclsDao.filter(aclsFilter);
            if (filter != null && filter.size() > 0) {
                if (!$assertionsDisabled && filter.size() != 1) {
                    throw new AssertionError();
                }
                acls = filter.get(0);
            }
        } catch (ServiceException e) {
        }
        return acls;
    }

    public static void checkAclsFromDB(AclsDao aclsDao, List<Groups> list) {
        doCheckAclsFromDB(aclsDao, list, whiteList);
    }

    private static void doCheckAclsFromDB(AclsDao aclsDao, List<Groups> list, boolean z) {
        if (!$assertionsDisabled && aclsDao == null) {
            throw new AssertionError();
        }
        if (CollectionUtils.isNotEmpty(list)) {
            String[] strArr = z ? new String[]{DefaultGroupNames.ADMIN, DefaultGroupNames.OPERATOR} : new String[]{DefaultGroupNames.RESTORE, DefaultGroupNames.BACKUP};
            ArrayList arrayList = new ArrayList();
            Acls defaultAclFromDB = getDefaultAclFromDB(aclsDao, LocationsDao.class.getSimpleName());
            if (defaultAclFromDB != null) {
                arrayList.add(defaultAclFromDB);
            }
            try {
                List all = aclsDao.getAll();
                if (CollectionUtils.isNotEmpty(all)) {
                    arrayList.addAll((Collection) all.stream().filter(acls -> {
                        Long l = -1L;
                        return !l.equals(acls.getId());
                    }).collect(Collectors.toList()));
                }
            } catch (ServiceException e) {
            }
            if (CollectionUtils.isNotEmpty(arrayList)) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    Acls acls2 = (Acls) it.next();
                    List<AclUser> users = acls2.getUsers();
                    if (users == null && StringUtils.isNotBlank(acls2.getValue())) {
                        try {
                            users = JsonUtil.readList(acls2.getValue(), AclUser.class);
                            acls2.setUsers(users);
                        } catch (IOException e2) {
                        }
                    }
                    if (CollectionUtils.isEmpty(users)) {
                        return;
                    }
                    Map map = (Map) list.stream().collect(Collectors.toMap((v0) -> {
                        return v0.getId();
                    }, (v0) -> {
                        return v0.getName();
                    }));
                    List list2 = (List) users.stream().peek(aclUser -> {
                        if (StringUtils.isBlank(aclUser.getName()) && aclUser.getId() != null && AclUserType.GROUP.equals(aclUser.getType())) {
                            aclUser.setName((String) map.get(Long.decode(aclUser.getId())));
                        }
                    }).collect(Collectors.toList());
                    Set set = (Set) list.stream().filter(groups -> {
                        return Boolean.TRUE.equals(groups.getEnabled());
                    }).map((v0) -> {
                        return v0.getName();
                    }).collect(Collectors.toSet());
                    List<AclUser> list3 = (List) list2.stream().filter(aclUser2 -> {
                        return aclUser2.getId() == null || !AclUserType.GROUP.equals(aclUser2.getType()) || set.contains(aclUser2.getName());
                    }).collect(Collectors.toList());
                    Set set2 = (Set) list3.stream().filter(aclUser3 -> {
                        return AclUserType.GROUP.equals(aclUser3.getType()) && StringUtils.isNotBlank(aclUser3.getName());
                    }).map((v0) -> {
                        return v0.getName();
                    }).collect(Collectors.toSet());
                    Set set3 = (Set) set.stream().filter(str -> {
                        return !set2.contains(str) && (DefaultGroupNames.isCustomGroup(str) || (acls2.equals(defaultAclFromDB) && StringUtils.equalsAny(str, strArr)));
                    }).collect(Collectors.toSet());
                    list3.addAll((Set) list.stream().filter(groups2 -> {
                        return set3.contains(groups2.getName());
                    }).map(groups3 -> {
                        AclUser aclUser4 = new AclUser();
                        aclUser4.setName(groups3.getName());
                        aclUser4.setType(AclUserType.GROUP);
                        if (!$assertionsDisabled && groups3.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser4.setId(groups3.getId().toString());
                        aclUser4.setCanDelete(false);
                        aclUser4.setCanEdit(true);
                        ArrayList arrayList2 = new ArrayList();
                        arrayList2.add(z ? ALLOW_PERMISSION : DENY_PERMISSION);
                        aclUser4.setPermissionsList(arrayList2);
                        return aclUser4;
                    }).collect(Collectors.toSet()));
                    if (!acls2.equals(defaultAclFromDB)) {
                        Collection<?> collection = (Set) list3.stream().filter(aclUser4 -> {
                            return AclUserType.GROUP.equals(aclUser4.getType()) && aclUser4.getId() != null && DefaultGroupNames.isCustomGroup(aclUser4.getName()) && !set3.contains(aclUser4.getName());
                        }).filter(aclUser5 -> {
                            AclUser aclUser5 = null;
                            if (CollectionUtils.isNotEmpty(defaultAclFromDB.getUsers())) {
                                Iterator<AclUser> it2 = defaultAclFromDB.getUsers().iterator();
                                while (true) {
                                    if (!it2.hasNext()) {
                                        break;
                                    }
                                    AclUser next = it2.next();
                                    if (StringUtils.equals(next.getId(), aclUser5.getId()) && AclUserType.GROUP.equals(next.getType())) {
                                        aclUser5 = next;
                                        break;
                                    }
                                }
                            }
                            return aclUser5 == null || CollectionUtils.isEqualCollection(aclUser5.getPermissionsList(), aclUser5.getPermissionsList());
                        }).collect(Collectors.toSet());
                        if (CollectionUtils.isNotEmpty(collection)) {
                            list3.removeAll(collection);
                        }
                    }
                    acls2.setUsers(list3);
                    try {
                        String string = JsonUtil.getString(list3);
                        if (!DEFAULT_ACL.getValue().equals(string)) {
                            if (acls2.getValue() == null || !acls2.getValue().equals(string)) {
                                acls2.setValue(string);
                            }
                            aclsDao.persist(acls2);
                        } else if (acls2.getId() != null) {
                            aclsDao.remove(acls2.getId());
                        }
                    } catch (ServiceException | IOException e3) {
                    }
                }
            }
        }
    }

    public static Acls getDefaultAcl(IEntity<?> iEntity, List<Groups> list, boolean z) {
        if (iEntity == null) {
            return null;
        }
        if (iEntity instanceof Locations) {
            if (((Locations) iEntity).getParentId() == null) {
                return getRootAclForClass(Locations.class, list);
            }
        } else if ((iEntity instanceof MediaPools) || (iEntity instanceof TaskGroups) || (iEntity instanceof Schedules)) {
            return getRootAclForClass(iEntity.getClass(), list);
        }
        if (z) {
            return new Acls(DEFAULT_ACL);
        }
        return null;
    }

    private static Acls getRootAclForClass(Class<?> cls, List<Groups> list) {
        return whiteList ? doCalculateRootAclForClassWhiteList(cls, list) : doCalculateRootAclForClassBlackList(cls, list);
    }

    private static Acls doCalculateRootAclForClassBlackList(Class<?> cls, List<Groups> list) {
        if (!$assertionsDisabled && cls == null) {
            throw new AssertionError();
        }
        Acls acls = new Acls(DEFAULT_ACL);
        if (!$assertionsDisabled && acls == null) {
            throw new AssertionError();
        }
        AclUser aclUser = new AclUser();
        aclUser.setName(DefaultGroupNames.RESTORE);
        aclUser.setType(AclUserType.GROUP);
        aclUser.setId(String.valueOf(3));
        aclUser.setCanDelete(false);
        aclUser.setCanEdit(true);
        ArrayList arrayList = new ArrayList();
        arrayList.add(MediaPools.class.equals(cls) ? ALLOW_PERMISSION : DENY_PERMISSION);
        aclUser.setPermissionsList(arrayList);
        List<AclUser> users = acls.getUsers();
        if (users == null) {
            users = new ArrayList();
        }
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (!users.contains(aclUser)) {
            users.add(aclUser);
        }
        AclUser aclUser2 = new AclUser();
        aclUser2.setName(DefaultGroupNames.BACKUP);
        aclUser2.setType(AclUserType.GROUP);
        aclUser2.setId(String.valueOf(4));
        aclUser2.setCanDelete(false);
        aclUser2.setCanEdit(true);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(DENY_PERMISSION);
        aclUser2.setPermissionsList(arrayList2);
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (!users.contains(aclUser2)) {
            users.add(aclUser2);
        }
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (CollectionUtils.isNotEmpty(list)) {
            for (Groups groups : list) {
                if (Boolean.TRUE.equals(groups.getEnabled())) {
                    if (StringUtils.equals(DefaultGroupNames.RESTORE, groups.getName())) {
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser.setId(groups.getId().toString());
                    } else if (StringUtils.equals(DefaultGroupNames.BACKUP, groups.getName())) {
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser2.setId(groups.getId().toString());
                    } else if (DefaultGroupNames.isCustomGroup(groups.getName())) {
                        AclUser aclUser3 = new AclUser();
                        aclUser3.setName(groups.getName());
                        aclUser3.setType(AclUserType.GROUP);
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser3.setId(groups.getId().toString());
                        aclUser3.setCanDelete(false);
                        aclUser3.setCanEdit(true);
                        ArrayList arrayList3 = new ArrayList();
                        arrayList3.add(DENY_PERMISSION);
                        aclUser3.setPermissionsList(arrayList3);
                        if (!users.contains(aclUser3)) {
                            users.add(aclUser3);
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        acls.setUsers(users);
        String str = null;
        try {
            str = JsonUtil.getString(users);
        } catch (IOException e) {
        }
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        acls.setValue(str);
        return acls;
    }

    private static Acls doCalculateRootAclForClassWhiteList(Class<?> cls, List<Groups> list) {
        if (!$assertionsDisabled && cls == null) {
            throw new AssertionError();
        }
        Acls acls = new Acls(DEFAULT_ACL);
        if (!$assertionsDisabled && acls == null) {
            throw new AssertionError();
        }
        AclUser aclUser = new AclUser();
        aclUser.setName(DefaultGroupNames.ADMIN);
        aclUser.setType(AclUserType.GROUP);
        aclUser.setId(String.valueOf(1));
        aclUser.setCanDelete(false);
        aclUser.setCanEdit(true);
        ArrayList arrayList = new ArrayList();
        arrayList.add(ALLOW_PERMISSION);
        aclUser.setPermissionsList(arrayList);
        List<AclUser> users = acls.getUsers();
        if (users == null) {
            users = new ArrayList();
        }
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (!users.contains(aclUser)) {
            users.add(aclUser);
        }
        AclUser aclUser2 = new AclUser();
        aclUser2.setName(DefaultGroupNames.OPERATOR);
        aclUser2.setType(AclUserType.GROUP);
        aclUser2.setId(String.valueOf(2));
        aclUser2.setCanDelete(false);
        aclUser2.setCanEdit(true);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(ALLOW_PERMISSION);
        aclUser2.setPermissionsList(arrayList2);
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (!users.contains(aclUser2)) {
            users.add(aclUser2);
        }
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        AclUser aclUser3 = new AclUser();
        aclUser3.setName(DefaultGroupNames.RESTORE);
        aclUser3.setType(AclUserType.GROUP);
        aclUser3.setId(String.valueOf(3));
        aclUser3.setCanDelete(false);
        aclUser3.setCanEdit(true);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(ALLOW_PERMISSION);
        aclUser3.setPermissionsList(arrayList3);
        if (MediaPools.class.equals(cls) && !users.contains(aclUser3)) {
            users.add(aclUser3);
        }
        if (!$assertionsDisabled && users == null) {
            throw new AssertionError();
        }
        if (CollectionUtils.isNotEmpty(list)) {
            for (Groups groups : list) {
                if (Boolean.TRUE.equals(groups.getEnabled())) {
                    if (StringUtils.equals(DefaultGroupNames.ADMIN, groups.getName())) {
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser.setId(groups.getId().toString());
                    } else if (StringUtils.equals(DefaultGroupNames.OPERATOR, groups.getName())) {
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser2.setId(groups.getId().toString());
                    } else if (!StringUtils.equals(DefaultGroupNames.RESTORE, groups.getName())) {
                        continue;
                    } else {
                        if (!$assertionsDisabled && groups.getId() == null) {
                            throw new AssertionError();
                        }
                        aclUser3.setId(groups.getId().toString());
                    }
                }
            }
        }
        acls.setUsers(users);
        String str = null;
        try {
            str = JsonUtil.getString(users);
        } catch (IOException e) {
        }
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        acls.setValue(str);
        return acls;
    }

    static {
        $assertionsDisabled = !DefaultAclProvider.class.desiredAssertionStatus();
        ROOT_LOCATION = new Locations((Long) (-1L));
        DEFAULT_ACL = new Acls();
        whiteList = false;
        aclEverybodyUser = new AclUser();
        aclEverybodyUser.setName(AclUser.getLabelEverybodyUser());
        aclEverybodyUser.setType(AclUserType.GROUP);
        aclEverybodyUser.setCanDelete(false);
        aclEverybodyUser.setCanEdit(false);
        ALLOW_PERMISSION = new AclPermission();
        ALLOW_PERMISSION.setGrantType(AclGrantType.ALLOW);
        ALLOW_PERMISSION.setType(AclPermissionType.FULL_CONTROL);
        DENY_PERMISSION = new AclPermission();
        DENY_PERMISSION.setGrantType(AclGrantType.DENY);
        DENY_PERMISSION.setType(AclPermissionType.FULL_CONTROL);
        ArrayList arrayList = new ArrayList();
        arrayList.add(ALLOW_PERMISSION);
        aclEverybodyUser.setPermissionsList(arrayList);
        DEFAULT_ACL.setId(-1L);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(getAclEverybodyUser());
        DEFAULT_ACL.setUsers(arrayList2);
        String str = null;
        try {
            str = JsonUtil.getString(arrayList2);
        } catch (IOException e) {
        }
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        DEFAULT_ACL.setValue(str);
    }
}
