package org.eclipse.stardust.ui.web.viewscommon.common.spi.user.impl;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.namespace.QName;
import org.eclipse.core.internal.boot.PlatformURLHandler;
import org.eclipse.stardust.common.CollectionUtils;
import org.eclipse.stardust.common.CompareHelper;
import org.eclipse.stardust.engine.api.model.ModelParticipant;
import org.eclipse.stardust.engine.api.model.ModelParticipantInfo;
import org.eclipse.stardust.engine.api.model.Organization;
import org.eclipse.stardust.engine.api.model.QualifiedModelParticipantInfo;
import org.eclipse.stardust.engine.api.runtime.AdministrationService;
import org.eclipse.stardust.engine.api.runtime.Grant;
import org.eclipse.stardust.engine.core.runtime.utils.ExecutionPermission;
import org.eclipse.stardust.engine.core.runtime.utils.PermissionHelper;
import org.eclipse.stardust.ui.web.common.log.LogManager;
import org.eclipse.stardust.ui.web.common.log.Logger;
import org.eclipse.stardust.ui.web.common.spi.user.User;
import org.eclipse.stardust.ui.web.common.util.StringUtils;
import org.eclipse.stardust.ui.web.viewscommon.beans.SessionContext;
import org.eclipse.stardust.ui.web.viewscommon.core.CommonProperties;
import org.eclipse.stardust.ui.web.viewscommon.utils.ModelCache;
import org.eclipse.stardust.ui.web.viewscommon.utils.ServiceFactoryUtils;
import org.eclipse.stardust.ui.web.viewscommon.utils.UserUtils;
import org.eclipse.stardust.ui.web.viewscommon.views.authorization.UiPermissionUtils;

/* loaded from: input_file:lib/ipp-views-common.jar:org/eclipse/stardust/ui/web/viewscommon/common/spi/user/impl/IppUser.class */
public class IppUser implements User {
    private static final long serialVersionUID = 1;
    private static final Logger trace = LogManager.getLogger((Class<?>) IppUser.class);
    private org.eclipse.stardust.engine.api.runtime.User ippUser;
    private PermissionHelper permissionHelper;
    private String uniqueUserId;
    private String displayName;
    private Map<String, Boolean> permissionsCache;
    private Map<String, Boolean> uiPermissionsCache;

    public IppUser() {
        this(SessionContext.findSessionContext().getUser());
    }

    public IppUser(org.eclipse.stardust.engine.api.runtime.User user) {
        this.permissionHelper = null;
        this.displayName = null;
        this.ippUser = user;
        if (user == null) {
            throw new IllegalStateException("User can not be Null");
        }
        this.uniqueUserId = StringUtils.join(PlatformURLHandler.PROTOCOL_SEPARATOR, user.getPartitionId(), String.valueOf(user.getOID()), user.getId());
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public boolean isInRole(String str) {
        if (this.ippUser == null) {
            return false;
        }
        if (CommonProperties.ADMINISTRATOR.equals(str)) {
            return this.ippUser.isAdministrator();
        }
        QName valueOf = QName.valueOf(str);
        String namespaceURI = valueOf.getNamespaceURI();
        String localPart = valueOf.getLocalPart();
        for (Grant grant : this.ippUser.getAllGrants()) {
            if (namespaceURI == null || CompareHelper.areEqual(namespaceURI, grant.getNamespace())) {
                if (CompareHelper.areEqual(grant.getId(), localPart)) {
                    return true;
                }
            }
        }
        return false;
    }

    public PermissionHelper getPermissionHelper() {
        if (this.permissionHelper == null) {
            this.permissionHelper = new PermissionHelper(this.ippUser, (Set) null);
        }
        return this.permissionHelper;
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public boolean isAdministrator() {
        return this.ippUser.isAdministrator();
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public String getFirstName() {
        return this.ippUser.getFirstName();
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public String getLastName() {
        return this.ippUser.getLastName();
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public String getLoginName() {
        return this.ippUser.getAccount();
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public String getUID() {
        return this.uniqueUserId;
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public String getDisplayName() {
        if (null == this.displayName) {
            this.displayName = UserUtils.getUserDisplayLabel(this.ippUser);
        }
        return this.displayName;
    }

    public boolean hasPermission(ExecutionPermission.Id id) {
        return hasPermission(id.toString());
    }

    public boolean hasPermission(String str) {
        if (null == this.permissionsCache) {
            this.permissionsCache = new HashMap();
        }
        if (!this.permissionsCache.containsKey(str)) {
            this.permissionsCache.put(str, Boolean.valueOf(_hasPermission(str)));
        }
        return this.permissionsCache.get(str).booleanValue();
    }

    private boolean _hasPermission(String str) {
        AdministrationService administrationService;
        boolean z = false;
        try {
            administrationService = ServiceFactoryUtils.getAdministrationService();
            if (administrationService.getGlobalPermissions().hasAllGrant(str)) {
                z = true;
            }
        } catch (Exception e) {
            trace.warn("Unable to determine permission for " + str, e);
        }
        if (!z) {
            Iterator it = administrationService.getGlobalPermissions().getGrants(str).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                QualifiedModelParticipantInfo qualifiedModelParticipantInfo = (ModelParticipantInfo) it.next();
                if (qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo) {
                    if (isInRole(qualifiedModelParticipantInfo.getQualifiedId())) {
                        z = true;
                        break;
                    }
                } else if (isInRole(qualifiedModelParticipantInfo.getId())) {
                    z = true;
                    break;
                }
                trace.warn("Unable to determine permission for " + str, e);
                return z;
            }
        }
        Iterator it2 = administrationService.getGlobalPermissions().getDeniedGrants(str).iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            QualifiedModelParticipantInfo qualifiedModelParticipantInfo2 = (ModelParticipantInfo) it2.next();
            if ((qualifiedModelParticipantInfo2 instanceof QualifiedModelParticipantInfo) && isInRole(qualifiedModelParticipantInfo2.getQualifiedId())) {
                z = false;
                break;
            }
        }
        return z;
    }

    public Boolean hasUiPermission(String str) {
        if (null == this.uiPermissionsCache) {
            this.uiPermissionsCache = new HashMap();
            Map<String, List<String>> allPermissions = UiPermissionUtils.getAllPermissions(ServiceFactoryUtils.getAdministrationService(), true);
            HashMap hashMap = new HashMap();
            for (Map.Entry<String, List<String>> entry : allPermissions.entrySet()) {
                Set<ModelParticipantInfo> externalize = UiPermissionUtils.externalize(entry.getValue());
                if (entry.getKey().endsWith(UiPermissionUtils.SUFFIX_ALLOW)) {
                    this.uiPermissionsCache.put(UiPermissionUtils.getPortalPermissionId(entry.getKey()), isInRoles(externalize));
                } else {
                    hashMap.put(entry.getKey(), entry.getValue());
                }
            }
            for (Map.Entry entry2 : hashMap.entrySet()) {
                Set<ModelParticipantInfo> externalize2 = UiPermissionUtils.externalize((List) entry2.getValue());
                String portalPermissionId = UiPermissionUtils.getPortalPermissionId((String) entry2.getKey());
                if (!this.uiPermissionsCache.containsKey(portalPermissionId) || this.uiPermissionsCache.get(portalPermissionId).booleanValue()) {
                    this.uiPermissionsCache.put(UiPermissionUtils.getPortalPermissionId((String) entry2.getKey()), isInRoles(externalize2) == null ? null : Boolean.valueOf(!isInRoles(externalize2).booleanValue()));
                }
            }
        }
        return this.uiPermissionsCache.get(str);
    }

    private Boolean isInRoles(Set<ModelParticipantInfo> set) {
        if (!CollectionUtils.isNotEmpty(set)) {
            return null;
        }
        if (set.contains("__carnot_internal_all_permissions__")) {
            return true;
        }
        Iterator<ModelParticipantInfo> it = set.iterator();
        while (it.hasNext()) {
            QualifiedModelParticipantInfo qualifiedModelParticipantInfo = (ModelParticipantInfo) it.next();
            if (qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo) {
                if (isInRole(qualifiedModelParticipantInfo.getQualifiedId())) {
                    return true;
                }
            } else if (isInRole(qualifiedModelParticipantInfo.getId())) {
                return true;
            }
        }
        return false;
    }

    @Override // org.eclipse.stardust.ui.web.common.spi.user.User
    public boolean isInOrganization(String str) {
        for (ModelParticipant modelParticipant : getHierarchicalGrants()) {
            if (CommonProperties.ADMINISTRATOR.equals(str)) {
                return this.ippUser.isAdministrator();
            }
            if (modelParticipant.getQualifiedId().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public Set<ModelParticipant> getHierarchicalGrants() {
        HashSet hashSet = new HashSet();
        Iterator it = this.ippUser.getAllGrants().iterator();
        while (it.hasNext()) {
            ModelParticipant modelParticipant = (ModelParticipant) ModelCache.findModelCache().getParticipant(((Grant) it.next()).getId());
            hashSet.add(modelParticipant);
            getHierarchicalGrants_(modelParticipant, hashSet);
        }
        return hashSet;
    }

    private void getHierarchicalGrants_(ModelParticipant modelParticipant, Set<ModelParticipant> set) {
        for (Organization organization : modelParticipant.getAllSuperOrganizations()) {
            set.add(organization);
            getHierarchicalGrants_(organization, set);
        }
    }
}
