package de.sep.sesam.restapi.v2.acls.impl;

import de.sep.sesam.common.json.JsonUtil;
import de.sep.sesam.model.AclUser;
import de.sep.sesam.model.Acls;
import de.sep.sesam.model.core.interfaces.IAclEntity;
import de.sep.sesam.model.core.interfaces.IEntity;
import de.sep.sesam.rest.exceptions.InvalidValueException;
import de.sep.sesam.rest.exceptions.ObjectNotFoundException;
import de.sep.sesam.rest.exceptions.ServiceException;
import de.sep.sesam.restapi.core.acls.dto.AclDto;
import de.sep.sesam.restapi.core.acls.dto.AddAclDto;
import de.sep.sesam.restapi.core.acls.filter.AclsFilter;
import de.sep.sesam.restapi.dao.AclsDao;
import de.sep.sesam.restapi.dao.AclsDaoServer;
import de.sep.sesam.restapi.dao.DefaultsDaoServer;
import de.sep.sesam.restapi.dao.GroupsDaoServer;
import de.sep.sesam.restapi.dao.LocationsDao;
import de.sep.sesam.restapi.v2.acls.AclsServiceServer;
import de.sep.sesam.restapi.v2.acls.model.DefaultAclProvider;
import de.sep.sesam.restapi.v2.base.AbstractWritableRestServiceImpl;
import de.sep.sesam.restapi.v2.groups.GroupsServiceServer;
import de.sep.sesam.restapi.v2.users.UsersServiceServer;
import de.sep.sesam.server.common.acl.AclObjectUtil;
import de.sep.sesam.server.utils.SpringUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:de/sep/sesam/restapi/v2/acls/impl/AclsServiceImpl.class */
public final class AclsServiceImpl extends AbstractWritableRestServiceImpl<Acls, Long> implements AclsServiceServer {
    private final AclsDao aclsDao;

    public AclsServiceImpl(AclsDao aclsDao) {
        this.aclsDao = aclsDao;
    }

    @Override // de.sep.sesam.restapi.core.interfaces.IReadableRestService
    public Long pkFromString(String str) throws ServiceException {
        return this.aclsDao.pkFromString(str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // de.sep.sesam.restapi.core.interfaces.IReadableRestService
    public Acls get(Long l) throws ServiceException {
        return (Acls) this.aclsDao.get(l);
    }

    @Override // de.sep.sesam.restapi.core.interfaces.IReadableRestService
    public List<Acls> getAll() throws ServiceException {
        return this.aclsDao.getAll();
    }

    @Override // de.sep.sesam.restapi.core.interfaces.IWritableRestService, de.sep.sesam.restapi.dao.AccountsDao
    public Acls create(Acls acls) throws ServiceException {
        return this.aclsDao.create(acls);
    }

    @Override // de.sep.sesam.restapi.core.interfaces.IReadableRestService
    public Class<Acls> getEntityClass() {
        return Acls.class;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // de.sep.sesam.restapi.core.interfaces.IWritableRestService
    public Long delete(Long l) throws ServiceException {
        return this.aclsDao.remove(l);
    }

    @Override // de.sep.sesam.restapi.core.interfaces.IWritableRestService, de.sep.sesam.restapi.dao.AccountsDao
    public Acls update(Acls acls) throws ServiceException {
        return this.aclsDao.update(acls);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService, de.sep.sesam.restapi.core.interfaces.ISearchableRestService
    public List<Acls> find(AclsFilter aclsFilter) throws ServiceException {
        return this.aclsDao.filter(aclsFilter);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public String check(AclDto aclDto) throws ServiceException {
        return this.aclsDao.check(aclDto);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public <T extends IAclEntity<?>> List<Acls> getAcls(T t, String str, Boolean bool) throws ServiceException {
        return this.aclsDao.getAcls(t, str, Boolean.valueOf(Boolean.TRUE.equals(bool)));
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public <T extends IAclEntity<?>> Boolean canRead(T t, String str) throws ServiceException {
        return this.aclsDao.canRead(t, str);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public <T extends IAclEntity<?>> Boolean canWrite(T t, String str) throws ServiceException {
        return this.aclsDao.canWrite(t, str);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public <T extends IAclEntity<?>> Boolean canExecute(T t, String str) throws ServiceException {
        return this.aclsDao.canExecute(t, str);
    }

    private void normalizeOrigin(AddAclDto addAclDto) throws ServiceException {
        if (addAclDto == null || !StringUtils.isNotBlank(addAclDto.getOrigin())) {
            return;
        }
        String parseOrigin = AclObjectUtil.parseOrigin(addAclDto.getOrigin());
        if (StringUtils.equals(StringUtils.lowerCase(parseOrigin), SpringUtils.normalizeBeanName(StringUtils.lowerCase(parseOrigin)))) {
            throw new InvalidValueException("'" + addAclDto.getOrigin() + "' is not a valid object origin.");
        }
        addAclDto.setOrigin(SpringUtils.normalizeBeanName(parseOrigin));
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public Acls addAcl(AddAclDto addAclDto) throws ServiceException {
        Acls doCreateAcl;
        if (addAclDto == null || StringUtils.isBlank(addAclDto.getObject()) || StringUtils.isBlank(addAclDto.getOrigin())) {
            return null;
        }
        normalizeOrigin(addAclDto);
        if (addAclDto.getUser() != null && addAclDto.getUser().getType() != null) {
            if (StringUtils.equalsAnyIgnoreCase(addAclDto.getUser().getType().toString(), "group") && ((GroupsServiceServer) getDaos().getService(GroupsServiceServer.class)).get(Long.valueOf(addAclDto.getUser().getId())) == null) {
                throw new ObjectNotFoundException("group", addAclDto.getUser().getId());
            }
            if (StringUtils.equalsAnyIgnoreCase(addAclDto.getUser().getType().toString(), "user") && ((UsersServiceServer) getDaos().getService(UsersServiceServer.class)).get(Long.valueOf(addAclDto.getUser().getId())) == null) {
                throw new ObjectNotFoundException("user", addAclDto.getUser().getId());
            }
        }
        List list = (List) getAll().stream().filter(acls -> {
            return StringUtils.equals(addAclDto.getObject(), acls.getObject()) && StringUtils.equals(addAclDto.getOrigin(), acls.getOrigin());
        }).collect(Collectors.toList());
        if (CollectionUtils.isNotEmpty(list)) {
            Acls acls2 = new Acls((Acls) list.get(0));
            if (Boolean.TRUE.equals(addAclDto.getForce())) {
                removePermission(acls2, addAclDto.getUser());
            }
            doCreateAcl = addPermission(acls2, addAclDto.getUser());
        } else {
            Acls acls3 = null;
            Object obj = null;
            try {
                obj = AclObjectUtil.getOrCreateDaoEntity(addAclDto.getObject(), addAclDto.getOrigin());
                if (obj instanceof IAclEntity) {
                    Acls acls4 = null;
                    List<Acls> acls5 = this.aclsDao.getAcls((IAclEntity) obj, addAclDto.getOrigin(), Boolean.TRUE);
                    if (CollectionUtils.isNotEmpty(acls5)) {
                        acls4 = acls5.get(0);
                    } else if (StringUtils.equals(((DefaultsDaoServer) getDaos().getService(DefaultsDaoServer.class)).getSystemDefault("gui.enable.acls.inheritance"), "0")) {
                        acls4 = DefaultAclProvider.getDefaultAclFromDB((AclsDao) getDaos().getService(AclsDaoServer.class), LocationsDao.class.getSimpleName());
                        if (acls4 == null) {
                            acls4 = DefaultAclProvider.getDefaultAcl(DefaultAclProvider.ROOT_LOCATION, ((GroupsDaoServer) getDaos().getService(GroupsDaoServer.class)).getAll(), true);
                        }
                    }
                    if (acls4 != null) {
                        acls3 = new Acls(acls4);
                        removePermission(acls3, addAclDto.getUser());
                    }
                }
            } catch (ServiceException e) {
            }
            if (acls3 != null) {
                acls3.setObject(addAclDto.getObject());
                acls3.setOrigin(addAclDto.getOrigin());
                acls3.setId(null);
                doCreateAcl = addPermission(acls3, addAclDto.getUser());
            } else {
                doCreateAcl = doCreateAcl(obj instanceof IEntity ? (IEntity) obj : null, addAclDto);
            }
        }
        return persist((AclsServiceImpl) doCreateAcl);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public Acls removeAcl(AddAclDto addAclDto) throws ServiceException {
        if (addAclDto == null || StringUtils.isBlank(addAclDto.getObject()) || StringUtils.isBlank(addAclDto.getOrigin())) {
            return null;
        }
        normalizeOrigin(addAclDto);
        List list = (List) getAll().stream().filter(acls -> {
            return StringUtils.equals(addAclDto.getObject(), acls.getObject()) && StringUtils.equals(addAclDto.getOrigin(), acls.getOrigin());
        }).collect(Collectors.toList());
        if (!CollectionUtils.isNotEmpty(list)) {
            throw new ObjectNotFoundException("ACL with object \"" + addAclDto.getObject() + "\" and origin \"" + addAclDto.getOrigin() + "\"", null);
        }
        Acls acls2 = (Acls) list.get(0);
        if (addAclDto.getUser() != null && addAclDto.getUser().getId() == null && addAclDto.getUser().getType() == null && acls2 != null) {
            delete(acls2.getId());
            return acls2;
        }
        Acls removePermission = removePermission(acls2, addAclDto.getUser());
        List list2 = null;
        if (StringUtils.isNotBlank(removePermission.getValue())) {
            try {
                list2 = JsonUtil.readList(removePermission.getValue(), AclUser.class);
            } catch (IOException e) {
            }
        }
        if (!CollectionUtils.isEmpty(list2) && (list2.size() != 1 || ((AclUser) list2.get(0)).getId() != null)) {
            return persist((AclsServiceImpl) removePermission);
        }
        delete(removePermission.getId());
        return null;
    }

    private Acls doCreateAcl(IEntity<?> iEntity, AddAclDto addAclDto) throws ServiceException {
        if (iEntity == null || addAclDto == null || StringUtils.isBlank(addAclDto.getObject()) || StringUtils.isBlank(addAclDto.getOrigin())) {
            return null;
        }
        Acls defaultAclFromDB = DefaultAclProvider.getDefaultAclFromDB((AclsDao) getDaos().getService(AclsDaoServer.class), LocationsDao.class.getSimpleName());
        if (defaultAclFromDB == null) {
            defaultAclFromDB = DefaultAclProvider.getDefaultAcl(iEntity, ((GroupsDaoServer) getDaos().getService(GroupsDaoServer.class)).getAll(), true);
        }
        if (defaultAclFromDB == null) {
            return null;
        }
        Acls acls = new Acls(defaultAclFromDB);
        acls.setId(null);
        acls.setObject(addAclDto.getObject());
        acls.setOrigin(addAclDto.getOrigin());
        List<AclUser> list = null;
        if (0 == 0 && StringUtils.isNotBlank(acls.getValue())) {
            try {
                list = JsonUtil.readList(acls.getValue(), AclUser.class);
                acls.setUsers(list);
            } catch (IOException e) {
            }
        }
        if (addAclDto.getUser() != null) {
            if (list == null) {
                list = new ArrayList();
                acls.setUsers(list);
            }
            AclUser user = addAclDto.getUser();
            if (Boolean.TRUE.equals(addAclDto.getForce()) && user.getType() != null) {
                list = (List) list.stream().filter(aclUser -> {
                    return (user.getType().equals(aclUser.getType()) && StringUtils.equals(user.getId(), aclUser.getId())) ? false : true;
                }).collect(Collectors.toList());
                acls.setUsers(list);
            }
            list.add(user);
            acls.setValue(JsonUtil.toString(list));
        }
        return acls;
    }

    private Acls addPermission(Acls acls, AclUser aclUser) throws ServiceException {
        if (acls == null || aclUser == null) {
            return acls;
        }
        List<AclUser> list = null;
        if (StringUtils.isNotBlank(acls.getValue())) {
            try {
                list = JsonUtil.readList(acls.getValue(), AclUser.class);
                acls.setUsers(list);
            } catch (IOException e) {
            }
        }
        if (list == null) {
            list = new ArrayList();
            acls.setUsers(list);
        }
        if (CollectionUtils.containsAny(list, aclUser)) {
            throw new InvalidValueException("ACL already exists. If you want to alter it, please use modify command.");
        }
        list.add(aclUser);
        acls.setValue(JsonUtil.toString(list));
        return acls;
    }

    private Acls removePermission(Acls acls, AclUser aclUser) throws ServiceException {
        if (acls == null || aclUser == null) {
            return acls;
        }
        List<AclUser> list = null;
        if (StringUtils.isNotBlank(acls.getValue())) {
            try {
                list = JsonUtil.readList(acls.getValue(), AclUser.class);
                acls.setUsers(list);
            } catch (IOException e) {
            }
        }
        if (CollectionUtils.isNotEmpty(list) && aclUser != null && aclUser.getType() != null) {
            List<AclUser> list2 = (List) list.stream().filter(aclUser2 -> {
                return (aclUser.getType().equals(aclUser2.getType()) && StringUtils.equals(aclUser.getId(), aclUser2.getId())) ? false : true;
            }).collect(Collectors.toList());
            acls.setUsers(list2);
            acls.setValue(JsonUtil.toString(list2));
        }
        return acls;
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public /* bridge */ /* synthetic */ Long deleteByEntity(Acls acls) throws ServiceException {
        return (Long) super.deleteByEntity((AclsServiceImpl) acls);
    }

    @Override // de.sep.sesam.restapi.v2.acls.AclsService
    public /* bridge */ /* synthetic */ Acls persist(Acls acls) throws ServiceException {
        return (Acls) super.persist((AclsServiceImpl) acls);
    }
}
