package de.sep.sesam.restapi.dao.impl;

import de.sep.sesam.model.Credentials;
import de.sep.sesam.model.core.defaults.DefaultRoleNames;
import de.sep.sesam.model.filter.core.AbstractFilter;
import de.sep.sesam.rest.exceptions.IllegalParameterException;
import de.sep.sesam.rest.exceptions.InsufficientPermissionsException;
import de.sep.sesam.rest.exceptions.ServiceException;
import de.sep.sesam.restapi.core.filter.CredentialsFilter;
import de.sep.sesam.restapi.dao.CredentialsDaoServer;
import de.sep.sesam.restapi.dao.GenericLongDao;
import de.sep.sesam.restapi.dao.cache.CacheFactory;
import de.sep.sesam.restapi.dao.cache.EntityCache;
import de.sep.sesam.restapi.dao.sql.DynamicSqlPropertiesProvider;
import de.sep.sesam.restapi.mapper.CredentialsMapper;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;

@Service("credentialsDao")
/* loaded from: input_file:de/sep/sesam/restapi/dao/impl/CredentialsDaoImpl.class */
public class CredentialsDaoImpl extends GenericLongDao<Credentials, CredentialsMapper> implements CredentialsDaoServer {
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // de.sep.sesam.restapi.dao.AbstractAclEnabledDao, de.sep.sesam.restapi.dao.GenericDao, de.sep.sesam.restapi.core.interfaces.IReadableRestService
    public List<Credentials> getAll() throws ServiceException {
        return !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) ? filter(null) : super.getAll();
    }

    @Override // de.sep.sesam.restapi.dao.CredentialsDaoServer
    public List<Credentials> internalGetAll() throws ServiceException {
        return super.getAll();
    }

    @Override // de.sep.sesam.restapi.dao.GenericLongDao, de.sep.sesam.restapi.dao.AbstractAclEnabledDao, de.sep.sesam.restapi.dao.GenericDao, de.sep.sesam.restapi.core.interfaces.IWritableRestService, de.sep.sesam.restapi.dao.AccountsDao
    public Credentials create(Credentials credentials) throws ServiceException {
        if (!$assertionsDisabled && credentials == null) {
            throw new AssertionError();
        }
        if (getByName(credentials.getName()) != null) {
            throw new IllegalParameterException(IllegalParameterException.IPEMessage.CONSTRAINT_DUPLICATE, credentials.getName());
        }
        if (!hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && !StringUtils.equals(credentials.getType(), "Generic")) {
            throw new InsufficientPermissionsException("create credentials of type '" + credentials.getType() + "'");
        }
        if (hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && StringUtils.equalsAny(credentials.getType(), "LDAP", "AD")) {
            throw new InsufficientPermissionsException("create credentials of type '" + credentials.getType() + "'");
        }
        return (Credentials) super.create((CredentialsDaoImpl) credentials);
    }

    @Override // de.sep.sesam.restapi.dao.AbstractAclEnabledDao, de.sep.sesam.restapi.dao.GenericDao, de.sep.sesam.restapi.core.interfaces.IWritableRestService, de.sep.sesam.restapi.dao.AccountsDao
    public Credentials update(Credentials credentials) throws ServiceException {
        if (!$assertionsDisabled && credentials == null) {
            throw new AssertionError();
        }
        if (!hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && !StringUtils.equals(credentials.getType(), "Generic")) {
            throw new InsufficientPermissionsException("update credentials of type '" + credentials.getType() + "'");
        }
        if (hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && StringUtils.equalsAny(credentials.getType(), "LDAP", "AD")) {
            throw new InsufficientPermissionsException("update credentials of type '" + credentials.getType() + "'");
        }
        return (Credentials) super.update((CredentialsDaoImpl) credentials);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // de.sep.sesam.restapi.dao.AbstractAclEnabledDao, de.sep.sesam.restapi.dao.GenericDao, de.sep.sesam.restapi.dao.IGenericDao, de.sep.sesam.restapi.dao.AccountsDao
    public Long remove(Long l) throws ServiceException {
        if (!$assertionsDisabled && l == null) {
            throw new AssertionError();
        }
        Credentials credentials = (Credentials) get((CredentialsDaoImpl) l);
        if (credentials != null) {
            if (!hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && !StringUtils.equals(credentials.getType(), "Generic")) {
                throw new InsufficientPermissionsException("delete credentials of type '" + credentials.getType() + "'");
            }
            if (hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && StringUtils.equalsAny(credentials.getType(), "LDAP", "AD")) {
                throw new InsufficientPermissionsException("delete credentials of type '" + credentials.getType() + "'");
            }
        }
        return (Long) super.remove((CredentialsDaoImpl) l);
    }

    @Override // de.sep.sesam.restapi.dao.CredentialsDaoServer
    public Credentials getByName(String str) throws ServiceException {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        Credentials credentials = null;
        Iterator<Credentials> it = getAll().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Credentials next = it.next();
            if (StringUtils.equals(next.getName(), str)) {
                credentials = next;
                break;
            }
        }
        return credentials;
    }

    @Override // de.sep.sesam.restapi.dao.AbstractAclEnabledDao, de.sep.sesam.restapi.dao.GenericDao, de.sep.sesam.restapi.dao.IGenericDao
    public List<Credentials> filter(AbstractFilter abstractFilter) throws ServiceException {
        CredentialsFilter credentialsFilter = abstractFilter instanceof CredentialsFilter ? (CredentialsFilter) abstractFilter : null;
        if (!hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE)) {
            if (credentialsFilter == null) {
                credentialsFilter = new CredentialsFilter();
            }
            credentialsFilter.setType("Generic");
        }
        List<Credentials> filter = super.filter(credentialsFilter);
        if (hasAnyRole(DefaultRoleNames.ALL_ROLE) && !hasAnyRole(DefaultRoleNames.SUPERUSER_ROLE) && CollectionUtils.isNotEmpty(filter)) {
            filter = (List) filter.stream().filter(credentials -> {
                return !StringUtils.equalsAny(credentials.getType(), "LDAP", "AD");
            }).collect(Collectors.toList());
        }
        return filter;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.sep.sesam.restapi.dao.GenericDao
    public void postProcessFilterQuery(AbstractFilter abstractFilter, DynamicSqlPropertiesProvider dynamicSqlPropertiesProvider) {
        if (!$assertionsDisabled && dynamicSqlPropertiesProvider == null) {
            throw new AssertionError();
        }
        dynamicSqlPropertiesProvider.getWhereClause().andCondition("type <> 'Sesam'");
    }

    @Override // de.sep.sesam.restapi.dao.CredentialsDao
    public /* bridge */ /* synthetic */ Credentials persist(Credentials credentials) throws ServiceException {
        return (Credentials) super.persist((CredentialsDaoImpl) credentials);
    }

    static {
        $assertionsDisabled = !CredentialsDaoImpl.class.desiredAssertionStatus();
        CacheFactory.add(Credentials.class, new EntityCache(CredentialsDaoServer.class, "credentials"));
    }
}
