package org.eclipse.stardust.ui.web.rest.component.service;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.TreeSet;
import javax.annotation.Resource;
import org.apache.commons.jxpath.servlet.Constants;
import org.eclipse.stardust.common.CollectionUtils;
import org.eclipse.stardust.engine.api.model.ModelParticipantInfo;
import org.eclipse.stardust.engine.api.model.QualifiedModelParticipantInfo;
import org.eclipse.stardust.engine.api.runtime.AdministrationService;
import org.eclipse.stardust.engine.api.runtime.DeployedModel;
import org.eclipse.stardust.engine.api.runtime.RuntimePermissions;
import org.eclipse.stardust.engine.core.runtime.utils.ParticipantInfoUtil;
import org.eclipse.stardust.ui.web.common.IPerspectiveDefinition;
import org.eclipse.stardust.ui.web.common.LaunchPanel;
import org.eclipse.stardust.ui.web.common.PerspectiveDefinition;
import org.eclipse.stardust.ui.web.common.UiElement;
import org.eclipse.stardust.ui.web.common.ViewDefinition;
import org.eclipse.stardust.ui.web.common.app.PortalUiController;
import org.eclipse.stardust.ui.web.rest.component.util.ServiceFactoryUtils;
import org.eclipse.stardust.ui.web.rest.dto.response.PermissionDTO;
import org.eclipse.stardust.ui.web.viewscommon.messages.MessagesViewsCommonBean;
import org.eclipse.stardust.ui.web.viewscommon.utils.I18nUtils;
import org.eclipse.stardust.ui.web.viewscommon.utils.ModelCache;
import org.eclipse.stardust.ui.web.viewscommon.utils.ModelUtils;
import org.eclipse.stardust.ui.web.viewscommon.utils.StringUtils;
import org.eclipse.stardust.ui.web.viewscommon.views.authorization.PermissionsDetails;
import org.eclipse.stardust.ui.web.viewscommon.views.authorization.UiPermissionUtils;
import org.springframework.context.annotation.Scope;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.stereotype.Component;

@Scope(value = Constants.SESSION_SCOPE, proxyMode = ScopedProxyMode.TARGET_CLASS)
@Component
/* loaded from: input_file:lib/stardust-portal-rest-common.jar:org/eclipse/stardust/ui/web/rest/component/service/AuthorizationManagerService.class */
public class AuthorizationManagerService {
    private static final ModelParticipantComparator MODEL_PARTICIPANT_COMPARATOR = new ModelParticipantComparator();
    private static final String PROPERTY_KEY_PREFIX = "views.authorizationManagerView.permission.model.";

    @Resource
    private ServiceFactoryUtils serviceFactoryUtils;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/stardust-portal-rest-common.jar:org/eclipse/stardust/ui/web/rest/component/service/AuthorizationManagerService$PermissionType.class */
    public enum PermissionType {
        general,
        perspectives,
        launchPanels,
        views,
        processDefinitions,
        activities,
        data,
        globalExtensions
    }

    public Map<String, Set<PermissionDTO>> fetchPermissions() {
        PermissionsDetails permissionDetails = getPermissionDetails(true);
        TreeMap treeMap = new TreeMap();
        treeMap.putAll(buildGeneralAndModelPermissions(permissionDetails));
        treeMap.putAll(buildUiPermissions(permissionDetails));
        return treeMap;
    }

    public Set<PermissionDTO> updatePermissions(Set<String> set, Set<String> set2, Set<String> set3, boolean z) {
        PermissionsDetails permissionDetails = getPermissionDetails(true);
        HashSet<String> hashSet = new HashSet();
        if (set != null) {
            hashSet.addAll(set);
            updateGrants(set, set3, permissionDetails, z);
        }
        if (set2 != null) {
            hashSet.addAll(set2);
            updateDeniedGrants(set2, set3, permissionDetails, z);
        }
        savePermissions(permissionDetails);
        PermissionsDetails permissionDetails2 = getPermissionDetails(true);
        TreeSet treeSet = new TreeSet();
        for (String str : hashSet) {
            PermissionDTO permissionDTO = new PermissionDTO(str, str);
            populateGrants(permissionDTO, permissionDetails2);
            treeSet.add(permissionDTO);
        }
        return treeSet;
    }

    public Map<String, Set<PermissionDTO>> cloneParticipant(Set<String> set, Set<String> set2) {
        PermissionsDetails permissionDetails = getPermissionDetails(true);
        Collection<PermissionDTO.ParticipantDTO> fetchPermissionsForParticipants = fetchPermissionsForParticipants(set, permissionDetails);
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        for (PermissionDTO.ParticipantDTO participantDTO : fetchPermissionsForParticipants) {
            hashSet.addAll(participantDTO.allow);
            hashSet2.addAll(participantDTO.deny);
        }
        updateGrants(hashSet, set2, permissionDetails, false);
        updateDeniedGrants(hashSet2, set2, permissionDetails, false);
        savePermissions(permissionDetails);
        return fetchPermissions();
    }

    public Map<String, Set<PermissionDTO>> restoreParticipants(Set<String> set) {
        PermissionsDetails permissionDetails = getPermissionDetails(false);
        if (CollectionUtils.isEmpty(set)) {
        }
        ArrayList<String> arrayList = new ArrayList(permissionDetails.getGeneralPermission().getAllPermissionIds());
        Iterator<String> it = permissionDetails.getUIPermissionMap().keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(StringUtils.substringBeforeLast(it.next(), "."));
        }
        for (String str : arrayList) {
            Set<ModelParticipantInfo> grants2 = permissionDetails.getGrants2(str);
            restoreParticipant(set, grants2);
            permissionDetails.setGrants2(str, grants2);
            Set<ModelParticipantInfo> deniedGrants = permissionDetails.getDeniedGrants(str);
            restoreParticipant(set, deniedGrants);
            permissionDetails.setDeniedGrants(str, deniedGrants);
        }
        savePermissions(permissionDetails);
        return fetchPermissions();
    }

    private Collection<PermissionDTO.ParticipantDTO> fetchPermissionsForParticipants(Set<String> set, PermissionsDetails permissionsDetails) {
        TreeMap treeMap = new TreeMap();
        if (CollectionUtils.isEmpty(set)) {
            return treeMap.values();
        }
        ArrayList<String> arrayList = new ArrayList(permissionsDetails.getGeneralPermission().getAllPermissionIds());
        Iterator<String> it = permissionsDetails.getUIPermissionMap().keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(StringUtils.substringBeforeLast(it.next(), "."));
        }
        for (String str : arrayList) {
            updatePermissions(set, treeMap, permissionsDetails.getGrants2(str), str, true);
            updatePermissions(set, treeMap, permissionsDetails.getDeniedGrants(str), str, false);
        }
        return treeMap.values();
    }

    private void restoreParticipant(Set<String> set, Set<ModelParticipantInfo> set2) {
        ModelParticipantInfo modelParticipantInfo = null;
        if (set2 == null) {
            return;
        }
        Iterator<ModelParticipantInfo> it = set2.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            ModelParticipantInfo next = it.next();
            if (next instanceof QualifiedModelParticipantInfo) {
                if (set.contains(next.getQualifiedId())) {
                    modelParticipantInfo = next;
                    break;
                }
            } else if (set.contains(next.getId())) {
                modelParticipantInfo = next;
                break;
            }
        }
        set2.remove(modelParticipantInfo);
    }

    private void updatePermissions(Set<String> set, Map<String, PermissionDTO.ParticipantDTO> map, Set<ModelParticipantInfo> set2, String str, boolean z) {
        PermissionDTO.ParticipantDTO participantDTO;
        PermissionDTO.ParticipantDTO participantDTO2;
        if (set2 == null) {
            return;
        }
        Iterator<ModelParticipantInfo> it = set2.iterator();
        while (it.hasNext()) {
            QualifiedModelParticipantInfo qualifiedModelParticipantInfo = (ModelParticipantInfo) it.next();
            if (qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo) {
                if (set.contains(qualifiedModelParticipantInfo.getQualifiedId())) {
                    if (map.containsKey(qualifiedModelParticipantInfo.getQualifiedId())) {
                        participantDTO = map.get(qualifiedModelParticipantInfo.getQualifiedId());
                    } else {
                        participantDTO = new PermissionDTO.ParticipantDTO(qualifiedModelParticipantInfo.getQualifiedId(), I18nUtils.getParticipantName(ModelCache.findModelCache().getActiveModel(ModelUtils.extractModelId(qualifiedModelParticipantInfo.getQualifiedId())).getParticipant(qualifiedModelParticipantInfo.getId())));
                        participantDTO.allow = new HashSet();
                        participantDTO.deny = new HashSet();
                        map.put(qualifiedModelParticipantInfo.getQualifiedId(), participantDTO);
                    }
                    if (z) {
                        participantDTO.allow.add(str);
                    } else {
                        participantDTO.deny.add(str);
                    }
                }
            } else if (set.contains(qualifiedModelParticipantInfo.getId())) {
                if (map.containsKey(qualifiedModelParticipantInfo.getId())) {
                    participantDTO2 = map.get(qualifiedModelParticipantInfo.getId());
                } else {
                    participantDTO2 = new PermissionDTO.ParticipantDTO(qualifiedModelParticipantInfo.getId(), I18nUtils.getParticipantName(ModelCache.findModelCache().getParticipant(qualifiedModelParticipantInfo.getId())));
                    participantDTO2.allow = new HashSet();
                    participantDTO2.deny = new HashSet();
                    map.put(qualifiedModelParticipantInfo.getId(), participantDTO2);
                }
                if (z) {
                    participantDTO2.allow.add(str);
                } else {
                    participantDTO2.deny.add(str);
                }
            }
        }
    }

    private void savePermissions(PermissionsDetails permissionsDetails) {
        AdministrationService administrationService = this.serviceFactoryUtils.getAdministrationService();
        administrationService.setGlobalPermissions(permissionsDetails.getGeneralPermission());
        UiPermissionUtils.savePreferences(administrationService, permissionsDetails.getUIPermissionMap());
    }

    private PermissionsDetails getPermissionDetails(boolean z) {
        AdministrationService administrationService = this.serviceFactoryUtils.getAdministrationService();
        PermissionsDetails permissionsDetails = new PermissionsDetails(UiPermissionUtils.getAllPermissions(administrationService, z));
        permissionsDetails.setGeneralPermission(administrationService.getGlobalPermissions());
        return permissionsDetails;
    }

    private void updateGrants(Set<String> set, Set<String> set2, PermissionsDetails permissionsDetails, boolean z) {
        for (String str : set) {
            Set<ModelParticipantInfo> grants2 = permissionsDetails.getGrants2(str);
            if (z) {
                grants2.clear();
            }
            for (String str2 : set2) {
                boolean z2 = false;
                Iterator<ModelParticipantInfo> it = grants2.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    QualifiedModelParticipantInfo qualifiedModelParticipantInfo = (ModelParticipantInfo) it.next();
                    if (!(qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo)) {
                        if (qualifiedModelParticipantInfo.getId().equals(str2)) {
                            z2 = true;
                            break;
                        }
                    } else {
                        if (qualifiedModelParticipantInfo.getQualifiedId().equals(str2)) {
                            z2 = true;
                            break;
                        }
                    }
                }
                if (!z2) {
                    grants2.add(ParticipantInfoUtil.newModelParticipantInfo(str2));
                }
            }
            permissionsDetails.setGrants2(str, grants2);
        }
    }

    private void updateDeniedGrants(Set<String> set, Set<String> set2, PermissionsDetails permissionsDetails, boolean z) {
        for (String str : set) {
            Set<ModelParticipantInfo> deniedGrants = permissionsDetails.getDeniedGrants(str);
            if (z) {
                deniedGrants.clear();
            }
            for (String str2 : set2) {
                boolean z2 = false;
                Iterator<ModelParticipantInfo> it = deniedGrants.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    QualifiedModelParticipantInfo qualifiedModelParticipantInfo = (ModelParticipantInfo) it.next();
                    if (!(qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo)) {
                        if (qualifiedModelParticipantInfo.getId().equals(str2)) {
                            z2 = true;
                            break;
                        }
                    } else {
                        if (qualifiedModelParticipantInfo.getQualifiedId().equals(str2)) {
                            z2 = true;
                            break;
                        }
                    }
                }
                if (!z2) {
                    deniedGrants.add(ParticipantInfoUtil.newModelParticipantInfo(str2));
                }
            }
            permissionsDetails.setDeniedGrants(str, deniedGrants);
        }
    }

    private Map<String, Set<PermissionDTO>> buildGeneralAndModelPermissions(PermissionsDetails permissionsDetails) {
        TreeMap treeMap = new TreeMap();
        RuntimePermissions generalPermission = permissionsDetails.getGeneralPermission();
        TreeSet treeSet = new TreeSet();
        treeMap.put(PermissionType.general.name(), treeSet);
        TreeSet treeSet2 = new TreeSet();
        treeMap.put(PermissionType.processDefinitions.name(), treeSet2);
        TreeSet treeSet3 = new TreeSet();
        treeMap.put(PermissionType.activities.name(), treeSet3);
        TreeSet treeSet4 = new TreeSet();
        treeMap.put(PermissionType.data.name(), treeSet4);
        for (String str : new ArrayList(generalPermission.getAllPermissionIds())) {
            if (UiPermissionUtils.isGeneralPermissionId(str)) {
                PermissionDTO permissionDTO = new PermissionDTO(str, MessagesViewsCommonBean.getInstance().getString(PROPERTY_KEY_PREFIX + str));
                populateGrants(permissionDTO, permissionsDetails);
                treeSet.add(permissionDTO);
            } else {
                PermissionDTO permissionDTO2 = new PermissionDTO(str, MessagesViewsCommonBean.getInstance().getString(PROPERTY_KEY_PREFIX + str));
                populateGrants(permissionDTO2, permissionsDetails);
                if (UiPermissionUtils.isProcessPermissionId(str)) {
                    treeSet2.add(permissionDTO2);
                } else if (UiPermissionUtils.isActivityPermissionId(str)) {
                    treeSet3.add(permissionDTO2);
                } else {
                    treeSet4.add(permissionDTO2);
                }
            }
        }
        return treeMap;
    }

    private Map<String, Set<PermissionDTO>> buildUiPermissions(PermissionsDetails permissionsDetails) {
        Map<String, PerspectiveDefinition> systemPerspectives = PortalUiController.getInstance().getSystemPerspectives();
        ArrayList<IPerspectiveDefinition> arrayList = new ArrayList();
        Iterator<PerspectiveDefinition> it = systemPerspectives.values().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        Collections.sort(arrayList, new Comparator<IPerspectiveDefinition>() { // from class: org.eclipse.stardust.ui.web.rest.component.service.AuthorizationManagerService.1
            @Override // java.util.Comparator
            public int compare(IPerspectiveDefinition iPerspectiveDefinition, IPerspectiveDefinition iPerspectiveDefinition2) {
                return iPerspectiveDefinition.getLabel().compareTo(iPerspectiveDefinition2.getLabel());
            }
        });
        TreeMap treeMap = new TreeMap();
        TreeMap treeMap2 = new TreeMap();
        TreeSet treeSet = new TreeSet();
        treeMap.put(PermissionType.perspectives.name(), treeSet);
        TreeSet treeSet2 = new TreeSet();
        treeMap.put(PermissionType.globalExtensions.name(), treeSet2);
        for (IPerspectiveDefinition iPerspectiveDefinition : arrayList) {
            PermissionDTO permissionDTO = new PermissionDTO(UiPermissionUtils.getPermissionId(iPerspectiveDefinition.getName()), iPerspectiveDefinition.getLabel());
            treeSet.add(permissionDTO);
            populateGrants(permissionDTO, permissionsDetails);
            permissionDTO.launchPanels = new TreeSet();
            for (LaunchPanel launchPanel : iPerspectiveDefinition.getLaunchPanels()) {
                if (launchPanel.isGlobal()) {
                    if (!treeMap2.containsKey(launchPanel.getDefinedIn())) {
                        PermissionDTO permissionDTO2 = new PermissionDTO(UiPermissionUtils.getPermissionId(iPerspectiveDefinition.getName()), iPerspectiveDefinition.getLabel());
                        treeSet2.add(permissionDTO2);
                        treeMap2.put(launchPanel.getDefinedIn(), permissionDTO2);
                    }
                    if (((PermissionDTO) treeMap2.get(launchPanel.getDefinedIn())).launchPanels == null) {
                        ((PermissionDTO) treeMap2.get(launchPanel.getDefinedIn())).launchPanels = new TreeSet();
                    }
                    PermissionDTO permissionDTO3 = new PermissionDTO(UiPermissionUtils.getPermissionId(launchPanel.getName()), getUiElementLabel(launchPanel));
                    populateGrants(permissionDTO3, permissionsDetails);
                    ((PermissionDTO) treeMap2.get(launchPanel.getDefinedIn())).launchPanels.add(permissionDTO3);
                } else {
                    PermissionDTO permissionDTO4 = new PermissionDTO(UiPermissionUtils.getPermissionId(launchPanel.getName()), getUiElementLabel(launchPanel));
                    populateGrants(permissionDTO4, permissionsDetails);
                    permissionDTO.launchPanels.add(permissionDTO4);
                }
            }
            permissionDTO.views = new TreeSet();
            for (ViewDefinition viewDefinition : iPerspectiveDefinition.getViews()) {
                if (viewDefinition.isGlobal()) {
                    String definedIn = viewDefinition.getDefinedIn();
                    if (!treeMap2.containsKey(definedIn)) {
                        PermissionDTO permissionDTO5 = new PermissionDTO(UiPermissionUtils.getPermissionId(definedIn), UiPermissionUtils.getPermisionLabel(definedIn));
                        treeSet2.add(permissionDTO5);
                        treeMap2.put(viewDefinition.getDefinedIn(), permissionDTO5);
                    }
                    if (((PermissionDTO) treeMap2.get(viewDefinition.getDefinedIn())).views == null) {
                        ((PermissionDTO) treeMap2.get(viewDefinition.getDefinedIn())).views = new TreeSet();
                    }
                    PermissionDTO permissionDTO6 = new PermissionDTO(UiPermissionUtils.getPermissionId(viewDefinition.getName()), getUiElementLabel(viewDefinition));
                    populateGrants(permissionDTO6, permissionsDetails);
                    ((PermissionDTO) treeMap2.get(viewDefinition.getDefinedIn())).views.add(permissionDTO6);
                } else {
                    PermissionDTO permissionDTO7 = new PermissionDTO(UiPermissionUtils.getPermissionId(viewDefinition.getName()), getUiElementLabel(viewDefinition));
                    populateGrants(permissionDTO7, permissionsDetails);
                    permissionDTO.views.add(permissionDTO7);
                }
            }
        }
        return treeMap;
    }

    private void populateGrants(PermissionDTO permissionDTO, PermissionsDetails permissionsDetails) {
        permissionDTO.allow = new TreeSet();
        permissionDTO.deny = new TreeSet();
        if (permissionsDetails.hasAllGrant2(permissionDTO.id)) {
            permissionDTO.allow.add(PermissionDTO.ParticipantDTO.ALL);
        }
        permissionDTO.allow.addAll(transformGrantsToDTO(permissionsDetails.getGrants2(permissionDTO.id)));
        permissionDTO.deny.addAll(transformGrantsToDTO(permissionsDetails.getDeniedGrants(permissionDTO.id)));
    }

    private static String getUiElementLabel(UiElement uiElement) {
        return UiPermissionUtils.getUiElementLabel(uiElement);
    }

    private List<PermissionDTO.ParticipantDTO> transformGrantsToDTO(Set<ModelParticipantInfo> set) {
        PermissionDTO.ParticipantDTO participantDTO;
        ArrayList arrayList = new ArrayList();
        ArrayList<QualifiedModelParticipantInfo> arrayList2 = new ArrayList(set);
        Collections.sort(arrayList2, MODEL_PARTICIPANT_COMPARATOR);
        for (QualifiedModelParticipantInfo qualifiedModelParticipantInfo : arrayList2) {
            if (qualifiedModelParticipantInfo instanceof QualifiedModelParticipantInfo) {
                DeployedModel activeModel = ModelCache.findModelCache().getActiveModel(ModelUtils.extractModelId(qualifiedModelParticipantInfo.getQualifiedId()));
                participantDTO = new PermissionDTO.ParticipantDTO(qualifiedModelParticipantInfo.getQualifiedId(), activeModel != null ? I18nUtils.getParticipantName(activeModel.getParticipant(qualifiedModelParticipantInfo.getId())) : qualifiedModelParticipantInfo.getName());
            } else {
                participantDTO = new PermissionDTO.ParticipantDTO(qualifiedModelParticipantInfo.getId(), "__carnot_internal_owner_permission__".equals(qualifiedModelParticipantInfo.getQualifiedId()) ? MessagesViewsCommonBean.getInstance().getString("views.authorizationManagerView.permission.model.participant.owner") : I18nUtils.getParticipantName(ModelCache.findModelCache().getParticipant(qualifiedModelParticipantInfo.getId())));
            }
            arrayList.add(participantDTO);
        }
        Collections.sort(arrayList);
        return arrayList;
    }
}
